| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC reagiert merkwürdig- Delta Search öffnet sich im BrowserWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.07.2013, 11:24
| #1 |
 |  PC reagiert merkwürdig- Delta Search öffnet sich im Browser Hallo, kurz zum Hintergrund: erst vor kurzer Zeit hatte ich wegen einem Problem hier gepostet mit dem System Care Antivirus. Darauf hatte ich den PC komplett neu formatiert und verschiedene Benutzerkonten angelegt "Gast", "Standardbenutzer", "Administrator", damit so etwas nicht wieder passieren kann und das ganze System befallen wird. Nun hatte ich ein Programm installiert "SplitCam" (da Skype und Live Messenger die Meldung ausgaben die Cam sei schon in Verwendung). Daraufhin sind die ganzen Probleme aufgetreten. 1) Plötzlich, wenn ich den PC hochgefahren und den Standardbenutzer ausgewählt hatte, kam gleich die Meldung falsches Kennwort usw. Obwohl ich erst einen Buchstaben getippt hatte oder nur mit der Maus ins Eingabefeld reingeklickt hatte. Erst beim zweiten Anmelden funktionierte es. 2) Einmal gingen plötzlich ganz wild vermehrt Tabs auf in Firefox, obwohl ich nur für die Uni auf der Bibliotheksseite etwas recherchiert habe. Ich konnte dies gar nicht mehr unter Kontrolle bringen. 3) Gestern, als ich den Firefox geöffnet habe, öffnete sich selbstständig die Seite "delta-search" WOT gab mir da ne Warnung. Hab darauf Deltasearch aus den Programmen deinstalliert und beim Firefox die Startseite in den Einstellungen wieder auf Standard gesetzt. Da bemerkte ich dann noch ein Programm in der Liste, welches ich nicht intslliert hatte, foxy deals oder so ähnlich. Dieses habe ich auch deinstalliert. Was mich vollkommen verwundert hat. Das im Benutzerkonto vom Administrator sich Delta Search in Chrome selbstständig öffnet, es aber nicht in den Programmen ist. Im Firefox und IE ist es nicht vorhanden. Den Account Admin benutze ich sonst nie. Im Gastkonto habe ich das noch nicht überprüft. Werde ich noch machen. So das war nun ein langer Text. Sorry. Ich hoffe jemand hat Zeit mir weiterzuhelfen. Nochmal formatieren möchte ich nicht, da ich schon so viele Programme neu installieren musste und die Programme für meine Abschlussarbeit nicht wieder neu konfigurieren möchte  Edit: einen QuickScan mit Malwarebytes habe ich durchgeführt, der hat da nichts gefunden. |
|
03.07.2013, 11:50
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PC reagiert merkwürdig- Delta Search öffnet sich im Browser Hallo,
__________________herzlichen Glückwunsch, du hast bei einer Softwareinstallation bestimmt nicht richtig aufgepasst und immer schön weiter weiter weiter geklickt ohne drauf zu achten was da noch an Schund mitinstalliert wird  JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ |
|
03.07.2013, 15:33
| #3 |
| | PC reagiert merkwürdig- Delta Search öffnet sich im Browser So ich habe die ersten beiden Schritte durchgeführt.
__________________Dabei ist mir aufgefallen, dass ich nach dem Scan von JRT aufeimal im Admin Benutzerkonto gelandet bin? Ist das richtig so. Ich war nämlich beim Scan nicht dabei. Hier die Logdatei: adwcleaner log: Code:
ATTFilter # AdwCleaner v2.303 - Datei am 03/07/2013 um 14:25:02 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : ***_2 - ***-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\f55df8cb73aef41
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16618
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Google Chrome v27.0.1453.110
Datei : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
Datei : C:\Users\***_2\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.279] : homepage = "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=DC1E944452E827D3&affID=120667&tsp=4[...]
Gelöscht [l.336] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=DC1E944452E8[...]
*************************
AdwCleaner[S1].txt - [2519 octets] - [03/07/2013 14:25:02]
########## EOF - \AdwCleaner[S1].txt - [2579 octets] ##########
In Firefox öffnet sich immer noch deltasearch. Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Ameise_2 on 03.07.2013 at 16:36:41,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.07.2013 at 16:40:45,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
03.07.2013, 16:25
| #4 |
| | PC reagiert merkwürdig- Delta Search öffnet sich im Browser OTL logfile war zu lang, deshalb habe ich die Dateien angehängt. |
|
03.07.2013, 16:36
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC reagiert merkwürdig- Delta Search öffnet sich im Browser Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
 Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
03.07.2013, 18:16
| #6 |
| | PC reagiert merkwürdig- Delta Search öffnet sich im Browser GMER Logfile: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-07-03 18:53:15
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD15 rev.51.0 1397,27GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\***\AppData\Local\Temp\kwriqpod.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075e91401 2 bytes JMP 000000010679a47b
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075e91419 2 bytes JMP 000000010679a493
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075e91431 2 bytes JMP 000000010679a4ab
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075e9144a 2 bytes JMP 0000000075f5fcc4
.text ... * 9
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075e914dd 2 bytes JMP 000000010679a557
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075e914f5 2 bytes JMP 000000010679a56f
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075e9150d 2 bytes JMP 000000010679a587
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075e91525 2 bytes JMP 000000010679a59f
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075e9153d 2 bytes JMP 000000010679a5b7
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075e91555 2 bytes JMP 000000010679a5cf
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075e9156d 2 bytes JMP 000000010679a5e7
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075e91585 2 bytes JMP 000000010679a5ff
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075e9159d 2 bytes JMP 000000010679a617
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075e915b5 2 bytes JMP 000000010679a62f
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075e915cd 2 bytes JMP 000000015c37ce47
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075e916b2 2 bytes JMP 000000010679a72c
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075e916bd 2 bytes JMP 000000010679a737
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075e91401 2 bytes JMP 000000010679a47b
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075e91419 2 bytes JMP 000000010679a493
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075e91431 2 bytes JMP 000000010679a4ab
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075e9144a 2 bytes JMP 0000000075f5fcc4
.text ... * 9
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075e914dd 2 bytes JMP 000000010679a557
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075e914f5 2 bytes JMP 000000010679a56f
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075e9150d 2 bytes JMP 000000010679a587
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075e91525 2 bytes JMP 000000010679a59f
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075e9153d 2 bytes JMP 000000010679a5b7
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075e91555 2 bytes JMP 000000010679a5cf
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075e9156d 2 bytes JMP 000000010679a5e7
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075e91585 2 bytes JMP 000000010679a5ff
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075e9159d 2 bytes JMP 000000010679a617
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075e915b5 2 bytes JMP 000000010679a62f
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075e915cd 2 bytes JMP 000000015c37ce47
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075e916b2 2 bytes JMP 000000010679a72c
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075e916bd 2 bytes JMP 000000010679a737
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3580] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 0000000077e2000c 1 byte [C3]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3580] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 0000000077eaf85a 5 bytes JMP 0000000177e5d571
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075e91401 2 bytes JMP 000000010679a47b
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075e91419 2 bytes JMP 000000010679a493
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075e91431 2 bytes JMP 000000010679a4ab
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075e9144a 2 bytes JMP 0000000075f5fcc4
.text ... * 9
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075e914dd 2 bytes JMP 000000010679a557
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075e914f5 2 bytes JMP 000000010679a56f
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075e9150d 2 bytes JMP 000000010679a587
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075e91525 2 bytes JMP 000000010679a59f
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075e9153d 2 bytes JMP 000000010679a5b7
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075e91555 2 bytes JMP 000000010679a5cf
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075e9156d 2 bytes JMP 000000010679a5e7
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075e91585 2 bytes JMP 000000010679a5ff
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075e9159d 2 bytes JMP 000000010679a617
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075e915b5 2 bytes JMP 000000010679a62f
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075e915cd 2 bytes JMP 000000015c37ce47
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075e916b2 2 bytes JMP 000000010679a72c
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075e916bd 2 bytes JMP 000000010679a737
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075e91401 2 bytes JMP 000000010679a47b
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075e91419 2 bytes JMP 000000010679a493
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075e91431 2 bytes JMP 000000010679a4ab
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075e9144a 2 bytes JMP 0000000075f5fcc4
.text ... * 9
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075e914dd 2 bytes JMP 000000010679a557
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075e914f5 2 bytes JMP 000000010679a56f
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075e9150d 2 bytes JMP 000000010679a587
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075e91525 2 bytes JMP 000000010679a59f
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075e9153d 2 bytes JMP 000000010679a5b7
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075e91555 2 bytes JMP 000000010679a5cf
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075e9156d 2 bytes JMP 000000010679a5e7
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075e91585 2 bytes JMP 000000010679a5ff
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075e9159d 2 bytes JMP 000000010679a617
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075e915b5 2 bytes JMP 000000010679a62f
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075e915cd 2 bytes JMP 000000015c37ce47
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075e916b2 2 bytes JMP 000000010679a72c
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[3908] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075e916bd 2 bytes JMP 000000010679a737
---- EOF - GMER 2.1 ----
Ein Cleanup sei nicht nötig laut Programm. Die erstellte Logfile ist hier: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org
Database version: v2013.07.03.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
*** :: ***-PC [administrator]
03.07.2013 19:01:05
mbar-log-2013-07-03 (19-01-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 291423
Time elapsed: 12 minute(s), 9 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
03.07.2013, 23:01
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC reagiert merkwürdig- Delta Search öffnet sich im Browser aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2013, 08:42
| #8 |
| | PC reagiert merkwürdig- Delta Search öffnet sich im Browser Hier sind die erstellten Logs: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-04 08:43:59
-----------------------------
08:43:59.324 OS Version: Windows x64 6.1.7601 Service Pack 1
08:43:59.324 Number of processors: 4 586 0x2A07
08:43:59.324 ComputerName: *** UserName: ***
08:44:00.510 Initialize success
08:45:05.776 AVAST engine defs: 13070301
08:46:03.512 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:46:03.512 Disk 0 Vendor: WDC_WD15 51.0 Size: 1430799MB BusType: 3
08:46:03.621 Disk 0 MBR read successfully
08:46:03.621 Disk 0 MBR scan
08:46:03.621 Disk 0 Windows 7 default MBR code
08:46:03.637 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 25600 MB offset 2048
08:46:03.637 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 52430848
08:46:03.652 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 702548 MB offset 52635648
08:46:03.683 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 702549 MB offset 1491453952
08:46:03.715 Disk 0 scanning C:\Windows\system32\drivers
08:46:09.237 Service scanning
08:46:23.152 Modules scanning
08:46:23.152 Disk 0 trace - called modules:
08:46:23.168 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
08:46:23.168 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009644060]
08:46:23.168 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007724050]
08:46:24.525 AVAST engine scan C:\Windows
08:46:26.662 AVAST engine scan C:\Windows\system32
08:48:12.945 AVAST engine scan C:\Windows\system32\drivers
08:48:20.028 AVAST engine scan C:\Users\Ameise_2
08:49:08.435 AVAST engine scan C:\ProgramData
08:49:52.988 Scan finished successfully
09:07:08.622 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
09:07:08.637 The log file has been saved successfully to "C:\aswMBR.txt"
Code:
ATTFilter 09:30:28.0103 5708 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:30:28.0290 5708 ============================================================
09:30:28.0290 5708 Current date / time: 2013/07/04 09:30:28.0290
09:30:28.0290 5708 SystemInfo:
09:30:28.0290 5708
09:30:28.0290 5708 OS Version: 6.1.7601 ServicePack: 1.0
09:30:28.0290 5708 Product type: Workstation
09:30:28.0290 5708 ComputerName: ***
09:30:28.0290 5708 UserName: ***
09:30:28.0290 5708 Windows directory: C:\Windows
09:30:28.0290 5708 System windows directory: C:\Windows
09:30:28.0290 5708 Running under WOW64
09:30:28.0290 5708 Processor architecture: Intel x64
09:30:28.0290 5708 Number of processors: 4
09:30:28.0290 5708 Page size: 0x1000
09:30:28.0290 5708 Boot type: Normal boot
09:30:28.0290 5708 ============================================================
09:30:28.0836 5708 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:30:28.0836 5708 ============================================================
09:30:28.0836 5708 \Device\Harddisk0\DR0:
09:30:28.0836 5708 MBR partitions:
09:30:28.0836 5708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x32000
09:30:28.0836 5708 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3232800, BlocksNum 0x55C2A000
09:30:28.0836 5708 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x58E5C800, BlocksNum 0x55C2A800
09:30:28.0836 5708 ============================================================
09:30:28.0867 5708 C: <-> \Device\Harddisk0\DR0\Partition2
09:30:28.0898 5708 D: <-> \Device\Harddisk0\DR0\Partition3
09:30:28.0898 5708 ============================================================
09:30:28.0898 5708 Initialize success
09:30:28.0898 5708 ============================================================
09:31:44.0111 2148 ============================================================
09:31:44.0111 2148 Scan started
09:31:44.0111 2148 Mode: Manual; SigCheck; TDLFS;
09:31:44.0111 2148 ============================================================
09:31:44.0455 2148 ================ Scan system memory ========================
09:31:44.0455 2148 System memory - ok
09:31:44.0455 2148 ================ Scan services =============================
09:31:44.0595 2148 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:31:44.0689 2148 1394ohci - ok
09:31:44.0704 2148 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:31:44.0720 2148 ACPI - ok
09:31:44.0720 2148 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:31:44.0782 2148 AcpiPmi - ok
09:31:44.0891 2148 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
09:31:44.0907 2148 AdobeActiveFileMonitor9.0 - ok
09:31:44.0969 2148 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:31:44.0969 2148 AdobeARMservice - ok
09:31:45.0079 2148 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:31:45.0094 2148 AdobeFlashPlayerUpdateSvc - ok
09:31:45.0110 2148 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:31:45.0141 2148 adp94xx - ok
09:31:45.0157 2148 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:31:45.0172 2148 adpahci - ok
09:31:45.0203 2148 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:31:45.0219 2148 adpu320 - ok
09:31:45.0235 2148 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:31:45.0359 2148 AeLookupSvc - ok
09:31:45.0391 2148 Afc - ok
09:31:45.0453 2148 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:31:45.0500 2148 AFD - ok
09:31:45.0500 2148 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:31:45.0515 2148 agp440 - ok
09:31:45.0515 2148 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:31:45.0578 2148 ALG - ok
09:31:45.0578 2148 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:31:45.0593 2148 aliide - ok
09:31:45.0593 2148 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:31:45.0593 2148 amdide - ok
09:31:45.0593 2148 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:31:45.0625 2148 AmdK8 - ok
09:31:45.0625 2148 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:31:45.0640 2148 AmdPPM - ok
09:31:45.0656 2148 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:31:45.0671 2148 amdsata - ok
09:31:45.0687 2148 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:31:45.0703 2148 amdsbs - ok
09:31:45.0718 2148 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:31:45.0734 2148 amdxata - ok
09:31:45.0843 2148 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:31:45.0859 2148 AntiVirSchedulerService - ok
09:31:45.0874 2148 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:31:45.0890 2148 AntiVirService - ok
09:31:45.0905 2148 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:31:46.0046 2148 AppID - ok
09:31:46.0046 2148 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:31:46.0124 2148 AppIDSvc - ok
09:31:46.0155 2148 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
09:31:46.0186 2148 Appinfo - ok
09:31:46.0186 2148 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:31:46.0202 2148 arc - ok
09:31:46.0202 2148 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:31:46.0217 2148 arcsas - ok
09:31:46.0483 2148 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:31:46.0498 2148 aspnet_state - ok
09:31:46.0514 2148 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:31:46.0561 2148 AsyncMac - ok
09:31:46.0592 2148 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:31:46.0592 2148 atapi - ok
09:31:46.0623 2148 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:31:46.0670 2148 AudioEndpointBuilder - ok
09:31:46.0685 2148 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:31:46.0717 2148 AudioSrv - ok
09:31:46.0763 2148 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
09:31:46.0810 2148 avgntflt - ok
09:31:46.0826 2148 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
09:31:46.0841 2148 avipbb - ok
09:31:46.0857 2148 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
09:31:46.0873 2148 avkmgr - ok
09:31:46.0919 2148 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:31:46.0966 2148 AxInstSV - ok
09:31:46.0997 2148 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:31:47.0060 2148 b06bdrv - ok
09:31:47.0060 2148 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:31:47.0091 2148 b57nd60a - ok
09:31:47.0200 2148 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
09:31:47.0216 2148 BBSvc - ok
09:31:47.0263 2148 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
09:31:47.0278 2148 BBUpdate - ok
09:31:47.0278 2148 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:31:47.0325 2148 BDESVC - ok
09:31:47.0325 2148 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:31:47.0372 2148 Beep - ok
09:31:47.0403 2148 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:31:47.0450 2148 BFE - ok
09:31:47.0481 2148 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:31:47.0543 2148 BITS - ok
09:31:47.0559 2148 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:31:47.0559 2148 blbdrive - ok
09:31:47.0621 2148 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:31:47.0653 2148 bowser - ok
09:31:47.0653 2148 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:31:47.0668 2148 BrFiltLo - ok
09:31:47.0668 2148 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:31:47.0684 2148 BrFiltUp - ok
09:31:47.0715 2148 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:31:47.0746 2148 Browser - ok
09:31:47.0777 2148 [ 63A00CDBEB300522C49EC7CA77324060 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
09:31:47.0793 2148 BrSerIb - ok
09:31:47.0824 2148 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:31:47.0855 2148 Brserid - ok
09:31:47.0871 2148 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:31:47.0902 2148 BrSerWdm - ok
09:31:47.0902 2148 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:31:47.0918 2148 BrUsbMdm - ok
09:31:47.0918 2148 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:31:47.0933 2148 BrUsbSer - ok
09:31:47.0949 2148 [ BBCFD6C6EF66449F55AF1BFDB08C9B12 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
09:31:47.0949 2148 BrUsbSIb - ok
09:31:47.0965 2148 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:31:47.0965 2148 BTHMODEM - ok
09:31:47.0980 2148 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:31:47.0996 2148 bthserv - ok
09:31:48.0043 2148 [ DC22832C7A65054129DEFE8BC0C6E2B6 ] camfilt2 C:\Windows\system32\DRIVERS\camfilt2.sys
09:31:48.0043 2148 camfilt2 ( UnsignedFile.Multi.Generic ) - warning
09:31:48.0043 2148 camfilt2 - detected UnsignedFile.Multi.Generic (1)
09:31:48.0043 2148 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:31:48.0074 2148 cdfs - ok
09:31:48.0089 2148 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:31:48.0089 2148 cdrom - ok
09:31:48.0105 2148 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:31:48.0121 2148 CertPropSvc - ok
09:31:48.0136 2148 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:31:48.0152 2148 circlass - ok
09:31:48.0152 2148 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:31:48.0167 2148 CLFS - ok
09:31:48.0323 2148 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:31:48.0339 2148 clr_optimization_v2.0.50727_32 - ok
09:31:48.0355 2148 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:31:48.0370 2148 clr_optimization_v2.0.50727_64 - ok
09:31:48.0542 2148 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:31:48.0557 2148 clr_optimization_v4.0.30319_32 - ok
09:31:48.0573 2148 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:31:48.0589 2148 clr_optimization_v4.0.30319_64 - ok
09:31:48.0604 2148 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:31:48.0620 2148 CmBatt - ok
09:31:48.0635 2148 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:31:48.0635 2148 cmdide - ok
09:31:48.0698 2148 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:31:48.0729 2148 CNG - ok
09:31:48.0729 2148 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:31:48.0745 2148 Compbatt - ok
09:31:48.0776 2148 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:31:48.0807 2148 CompositeBus - ok
09:31:48.0807 2148 COMSysApp - ok
09:31:48.0807 2148 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:31:48.0823 2148 crcdisk - ok
09:31:48.0838 2148 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:31:48.0869 2148 CryptSvc - ok
09:31:48.0979 2148 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:31:49.0010 2148 cvhsvc - ok
09:31:49.0057 2148 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:31:49.0103 2148 DcomLaunch - ok
09:31:49.0119 2148 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:31:49.0150 2148 defragsvc - ok
09:31:49.0166 2148 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:31:49.0197 2148 DfsC - ok
09:31:49.0197 2148 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:31:49.0244 2148 Dhcp - ok
09:31:49.0244 2148 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:31:49.0259 2148 discache - ok
09:31:49.0275 2148 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:31:49.0275 2148 Disk - ok
09:31:49.0291 2148 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:31:49.0322 2148 Dnscache - ok
09:31:49.0353 2148 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:31:49.0400 2148 dot3svc - ok
09:31:49.0400 2148 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:31:49.0431 2148 DPS - ok
09:31:49.0431 2148 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:31:49.0462 2148 drmkaud - ok
09:31:49.0493 2148 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:31:49.0525 2148 DXGKrnl - ok
09:31:49.0603 2148 [ 1BEF2C2E229452EC49FFE5A27283341D ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
09:31:49.0618 2148 e1cexpress - ok
09:31:49.0634 2148 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:31:49.0665 2148 EapHost - ok
09:31:49.0727 2148 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:31:49.0790 2148 ebdrv - ok
09:31:49.0837 2148 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:31:49.0868 2148 EFS - ok
09:31:49.0946 2148 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:31:49.0993 2148 ehRecvr - ok
09:31:50.0024 2148 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:31:50.0039 2148 ehSched - ok
09:31:50.0039 2148 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:31:50.0071 2148 elxstor - ok
09:31:50.0071 2148 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:31:50.0086 2148 ErrDev - ok
09:31:50.0117 2148 [ CFBA28FAB72E6A39ADD71D958F219648 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
09:31:50.0149 2148 EtronHub3 - ok
09:31:50.0180 2148 [ 0241CE183139FF15CEA7234058CCF995 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
09:31:50.0195 2148 EtronXHCI - ok
09:31:50.0195 2148 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:31:50.0242 2148 EventSystem - ok
09:31:50.0273 2148 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:31:50.0305 2148 exfat - ok
09:31:50.0305 2148 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:31:50.0336 2148 fastfat - ok
09:31:50.0367 2148 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:31:50.0383 2148 Fax - ok
09:31:50.0383 2148 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:31:50.0414 2148 fdc - ok
09:31:50.0429 2148 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:31:50.0461 2148 fdPHost - ok
09:31:50.0461 2148 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:31:50.0492 2148 FDResPub - ok
09:31:50.0492 2148 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:31:50.0507 2148 FileInfo - ok
09:31:50.0507 2148 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:31:50.0523 2148 Filetrace - ok
09:31:50.0523 2148 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:31:50.0539 2148 flpydisk - ok
09:31:50.0539 2148 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:31:50.0554 2148 FltMgr - ok
09:31:50.0617 2148 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
09:31:50.0648 2148 FontCache - ok
09:31:50.0695 2148 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:31:50.0710 2148 FontCache3.0.0.0 - ok
09:31:50.0710 2148 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:31:50.0726 2148 FsDepends - ok
09:31:50.0741 2148 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:31:50.0757 2148 Fs_Rec - ok
09:31:50.0804 2148 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:31:50.0819 2148 fvevol - ok
09:31:50.0835 2148 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:31:50.0851 2148 gagp30kx - ok
09:31:50.0929 2148 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:31:50.0944 2148 GamesAppService - ok
09:31:50.0975 2148 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:31:51.0038 2148 gpsvc - ok
09:31:51.0085 2148 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
09:31:51.0100 2148 GREGService - ok
09:31:51.0116 2148 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:31:51.0147 2148 hcw85cir - ok
09:31:51.0163 2148 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:31:51.0256 2148 HdAudAddService - ok
09:31:51.0272 2148 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:31:51.0303 2148 HDAudBus - ok
09:31:51.0303 2148 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:31:51.0319 2148 HidBatt - ok
09:31:51.0334 2148 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:31:51.0350 2148 HidBth - ok
09:31:51.0365 2148 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:31:51.0381 2148 HidIr - ok
09:31:51.0381 2148 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:31:51.0412 2148 hidserv - ok
09:31:51.0428 2148 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:31:51.0428 2148 HidUsb - ok
09:31:51.0459 2148 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:31:51.0490 2148 hkmsvc - ok
09:31:51.0490 2148 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:31:51.0506 2148 HomeGroupListener - ok
09:31:51.0537 2148 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:31:51.0553 2148 HomeGroupProvider - ok
09:31:51.0553 2148 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:31:51.0568 2148 HpSAMD - ok
09:31:51.0584 2148 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:31:51.0631 2148 HTTP - ok
09:31:51.0646 2148 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:31:51.0646 2148 hwpolicy - ok
09:31:51.0662 2148 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:31:51.0677 2148 i8042prt - ok
09:31:51.0693 2148 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:31:51.0724 2148 iaStor - ok
09:31:51.0880 2148 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:31:51.0896 2148 IAStorDataMgrSvc - ok
09:31:51.0911 2148 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:31:51.0943 2148 iaStorV - ok
09:31:51.0974 2148 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:31:52.0005 2148 idsvc - ok
09:31:52.0021 2148 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:31:52.0036 2148 iirsp - ok
09:31:52.0083 2148 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:31:52.0145 2148 IKEEXT - ok
09:31:52.0239 2148 [ 82D0C8C47F6A52B695F405661D1DF50E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:31:52.0301 2148 IntcAzAudAddService - ok
09:31:52.0301 2148 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:31:52.0317 2148 intelide - ok
09:31:52.0333 2148 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:31:52.0364 2148 intelppm - ok
09:31:52.0364 2148 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:31:52.0411 2148 IPBusEnum - ok
09:31:52.0426 2148 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:31:52.0457 2148 IpFilterDriver - ok
09:31:52.0473 2148 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:31:52.0520 2148 iphlpsvc - ok
09:31:52.0535 2148 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:31:52.0551 2148 IPMIDRV - ok
09:31:52.0551 2148 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:31:52.0613 2148 IPNAT - ok
09:31:52.0629 2148 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:31:52.0645 2148 IRENUM - ok
09:31:52.0645 2148 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:31:52.0660 2148 isapnp - ok
09:31:52.0676 2148 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:31:52.0707 2148 iScsiPrt - ok
09:31:52.0707 2148 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:31:52.0723 2148 kbdclass - ok
09:31:52.0723 2148 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:31:52.0754 2148 kbdhid - ok
09:31:52.0785 2148 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:31:52.0801 2148 KeyIso - ok
09:31:52.0832 2148 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:31:52.0832 2148 KSecDD - ok
09:31:52.0847 2148 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:31:52.0863 2148 KSecPkg - ok
09:31:52.0879 2148 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:31:52.0925 2148 ksthunk - ok
09:31:52.0957 2148 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:31:53.0003 2148 KtmRm - ok
09:31:53.0050 2148 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:31:53.0097 2148 LanmanServer - ok
09:31:53.0113 2148 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:31:53.0159 2148 LanmanWorkstation - ok
09:31:53.0222 2148 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
09:31:53.0237 2148 Live Updater Service - ok
09:31:53.0237 2148 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:31:53.0269 2148 lltdio - ok
09:31:53.0300 2148 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:31:53.0362 2148 lltdsvc - ok
09:31:53.0378 2148 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:31:53.0425 2148 lmhosts - ok
09:31:53.0456 2148 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:31:53.0487 2148 LMS - ok
09:31:53.0518 2148 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:31:53.0534 2148 LSI_FC - ok
09:31:53.0534 2148 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:31:53.0549 2148 LSI_SAS - ok
09:31:53.0549 2148 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:31:53.0565 2148 LSI_SAS2 - ok
09:31:53.0581 2148 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:31:53.0581 2148 LSI_SCSI - ok
09:31:53.0581 2148 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:31:53.0627 2148 luafv - ok
09:31:53.0643 2148 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:31:53.0659 2148 Mcx2Svc - ok
09:31:53.0659 2148 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:31:53.0674 2148 megasas - ok
09:31:53.0674 2148 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:31:53.0690 2148 MegaSR - ok
09:31:53.0705 2148 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:31:53.0721 2148 MEIx64 - ok
09:31:53.0721 2148 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:31:53.0768 2148 MMCSS - ok
09:31:53.0768 2148 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:31:53.0783 2148 Modem - ok
09:31:53.0799 2148 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:31:53.0815 2148 monitor - ok
09:31:53.0830 2148 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:31:53.0846 2148 mouclass - ok
09:31:53.0846 2148 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:31:53.0877 2148 mouhid - ok
09:31:53.0877 2148 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:31:53.0893 2148 mountmgr - ok
09:31:53.0939 2148 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:31:53.0955 2148 MozillaMaintenance - ok
09:31:53.0971 2148 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:31:53.0986 2148 mpio - ok
09:31:54.0002 2148 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:31:54.0033 2148 mpsdrv - ok
09:31:54.0033 2148 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:31:54.0064 2148 MpsSvc - ok
09:31:54.0080 2148 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:31:54.0080 2148 MRxDAV - ok
09:31:54.0236 2148 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:31:54.0267 2148 mrxsmb - ok
09:31:54.0283 2148 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:31:54.0298 2148 mrxsmb10 - ok
09:31:54.0314 2148 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:31:54.0314 2148 mrxsmb20 - ok
09:31:54.0314 2148 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:31:54.0329 2148 msahci - ok
09:31:54.0329 2148 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:31:54.0345 2148 msdsm - ok
09:31:54.0361 2148 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:31:54.0376 2148 MSDTC - ok
09:31:54.0376 2148 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:31:54.0423 2148 Msfs - ok
09:31:54.0439 2148 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:31:54.0470 2148 mshidkmdf - ok
09:31:54.0470 2148 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:31:54.0470 2148 msisadrv - ok
09:31:54.0501 2148 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:31:54.0532 2148 MSiSCSI - ok
09:31:54.0532 2148 msiserver - ok
09:31:54.0548 2148 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:31:54.0595 2148 MSKSSRV - ok
09:31:54.0595 2148 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:31:54.0626 2148 MSPCLOCK - ok
09:31:54.0626 2148 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:31:54.0641 2148 MSPQM - ok
09:31:54.0657 2148 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:31:54.0657 2148 MsRPC - ok
09:31:54.0673 2148 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:31:54.0673 2148 mssmbios - ok
09:31:54.0688 2148 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:31:54.0704 2148 MSTEE - ok
09:31:54.0704 2148 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:31:54.0719 2148 MTConfig - ok
09:31:54.0719 2148 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:31:54.0719 2148 Mup - ok
09:31:54.0751 2148 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:31:54.0797 2148 napagent - ok
09:31:54.0813 2148 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:31:54.0969 2148 NativeWifiP - ok
09:31:55.0016 2148 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
09:31:55.0031 2148 NAUpdate - ok
09:31:55.0078 2148 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:31:55.0109 2148 NDIS - ok
09:31:55.0109 2148 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:31:55.0156 2148 NdisCap - ok
09:31:55.0172 2148 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:31:55.0219 2148 NdisTapi - ok
09:31:55.0234 2148 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:31:55.0281 2148 Ndisuio - ok
09:31:55.0281 2148 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:31:55.0312 2148 NdisWan - ok
09:31:55.0312 2148 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:31:55.0343 2148 NDProxy - ok
09:31:55.0343 2148 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:31:55.0375 2148 NetBIOS - ok
09:31:55.0375 2148 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:31:55.0390 2148 NetBT - ok
09:31:55.0406 2148 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:31:55.0421 2148 Netlogon - ok
09:31:55.0453 2148 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:31:55.0499 2148 Netman - ok
09:31:55.0546 2148 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:31:55.0546 2148 NetMsmqActivator - ok
09:31:55.0562 2148 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:31:55.0577 2148 NetPipeActivator - ok
09:31:55.0577 2148 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:31:55.0640 2148 netprofm - ok
09:31:55.0671 2148 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:31:55.0671 2148 NetTcpActivator - ok
09:31:55.0671 2148 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:31:55.0687 2148 NetTcpPortSharing - ok
09:31:55.0702 2148 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:31:55.0702 2148 nfrd960 - ok
09:31:55.0733 2148 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:31:55.0749 2148 NlaSvc - ok
09:31:55.0749 2148 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:31:55.0796 2148 Npfs - ok
09:31:55.0796 2148 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:31:55.0843 2148 nsi - ok
09:31:55.0858 2148 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:31:55.0874 2148 nsiproxy - ok
09:31:55.0921 2148 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:31:55.0983 2148 Ntfs - ok
09:31:55.0983 2148 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:31:56.0014 2148 Null - ok
09:31:56.0045 2148 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:31:56.0061 2148 NVHDA - ok
09:31:56.0311 2148 [ 9CE8977440293D56641E17B0A3F0C2EB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:31:56.0498 2148 nvlddmkm - ok
09:31:56.0498 2148 [ 5686A0B878B05563DA9012C4F200553F ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
09:31:56.0529 2148 nvpciflt - ok
09:31:56.0560 2148 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:31:56.0576 2148 nvraid - ok
09:31:56.0607 2148 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:31:56.0623 2148 nvstor - ok
09:31:56.0669 2148 [ 03AF3264E58C6E3402FBA2A5D470A6B5 ] NVSvc C:\Windows\system32\nvvsvc.exe
09:31:56.0701 2148 NVSvc ( UnsignedFile.Multi.Generic ) - warning
09:31:56.0701 2148 NVSvc - detected UnsignedFile.Multi.Generic (1)
09:31:56.0716 2148 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:31:56.0716 2148 nv_agp - ok
09:31:56.0732 2148 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:31:56.0732 2148 ohci1394 - ok
09:31:56.0779 2148 [ FA5D730CE3F3A3BD21C1040E212230D4 ] OM0530 C:\Windows\system32\Drivers\ov530vx.sys
09:31:56.0779 2148 OM0530 ( UnsignedFile.Multi.Generic ) - warning
09:31:56.0779 2148 OM0530 - detected UnsignedFile.Multi.Generic (1)
09:31:56.0841 2148 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:31:56.0857 2148 ose - ok
09:31:56.0997 2148 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:31:57.0122 2148 osppsvc - ok
09:31:57.0153 2148 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:31:57.0200 2148 p2pimsvc - ok
09:31:57.0231 2148 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:31:57.0247 2148 p2psvc - ok
09:31:57.0262 2148 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:31:57.0262 2148 Parport - ok
09:31:57.0293 2148 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:31:57.0293 2148 partmgr - ok
09:31:57.0309 2148 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:31:57.0309 2148 PcaSvc - ok
09:31:57.0325 2148 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:31:57.0340 2148 pci - ok
09:31:57.0340 2148 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:31:57.0356 2148 pciide - ok
09:31:57.0371 2148 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:31:57.0387 2148 pcmcia - ok
09:31:57.0387 2148 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:31:57.0403 2148 pcw - ok
09:31:57.0418 2148 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:31:57.0449 2148 PEAUTH - ok
09:31:57.0512 2148 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:31:57.0543 2148 PerfHost - ok
09:31:57.0574 2148 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:31:57.0652 2148 pla - ok
09:31:57.0699 2148 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:31:57.0746 2148 PlugPlay - ok
09:31:57.0746 2148 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:31:57.0777 2148 PNRPAutoReg - ok
09:31:57.0793 2148 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:31:57.0808 2148 PNRPsvc - ok
09:31:57.0839 2148 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:31:57.0871 2148 PolicyAgent - ok
09:31:57.0902 2148 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:31:57.0964 2148 Power - ok
09:31:57.0964 2148 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:31:58.0011 2148 PptpMiniport - ok
09:31:58.0011 2148 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:31:58.0027 2148 Processor - ok
09:31:58.0042 2148 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:31:58.0058 2148 ProfSvc - ok
09:31:58.0073 2148 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:31:58.0089 2148 ProtectedStorage - ok
09:31:58.0105 2148 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:31:58.0151 2148 Psched - ok
09:31:58.0198 2148 [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
09:31:58.0214 2148 PSI - ok
09:31:58.0245 2148 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:31:58.0261 2148 PxHlpa64 - ok
09:31:58.0307 2148 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:31:58.0370 2148 ql2300 - ok
09:31:58.0370 2148 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:31:58.0370 2148 ql40xx - ok
09:31:58.0401 2148 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:31:58.0432 2148 QWAVE - ok
09:31:58.0432 2148 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:31:58.0448 2148 QWAVEdrv - ok
09:31:58.0448 2148 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:31:58.0479 2148 RasAcd - ok
09:31:58.0510 2148 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:31:58.0526 2148 RasAgileVpn - ok
09:31:58.0541 2148 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:31:58.0573 2148 RasAuto - ok
09:31:58.0573 2148 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:31:58.0604 2148 Rasl2tp - ok
09:31:58.0604 2148 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:31:58.0635 2148 RasMan - ok
09:31:58.0635 2148 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:31:58.0666 2148 RasPppoe - ok
09:31:58.0666 2148 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:31:58.0697 2148 RasSstp - ok
09:31:58.0697 2148 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:31:58.0729 2148 rdbss - ok
09:31:58.0729 2148 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:31:58.0744 2148 rdpbus - ok
09:31:58.0760 2148 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:31:58.0775 2148 RDPCDD - ok
09:31:58.0775 2148 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:31:58.0807 2148 RDPENCDD - ok
09:31:58.0807 2148 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:31:58.0838 2148 RDPREFMP - ok
09:31:58.0853 2148 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:31:58.0869 2148 RDPWD - ok
09:31:58.0869 2148 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:31:58.0885 2148 rdyboost - ok
09:31:58.0916 2148 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:31:58.0963 2148 RemoteAccess - ok
09:31:58.0963 2148 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:31:58.0994 2148 RemoteRegistry - ok
09:31:59.0009 2148 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:31:59.0025 2148 RpcEptMapper - ok
09:31:59.0041 2148 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:31:59.0056 2148 RpcLocator - ok
09:31:59.0072 2148 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:31:59.0103 2148 RpcSs - ok
09:31:59.0119 2148 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:31:59.0150 2148 rspndr - ok
09:31:59.0181 2148 [ 3C85058541D55BFCEFD9177A68A507C6 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
09:31:59.0212 2148 RTL8192su - ok
09:31:59.0212 2148 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:31:59.0228 2148 SamSs - ok
09:31:59.0290 2148 [ CCBF62280DAF6D94A4C73E391CDAC68C ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
09:31:59.0321 2148 SbieDrv - ok
09:31:59.0368 2148 [ 8A1F63C6EC01C56C9EC4C681E593FE34 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
09:31:59.0384 2148 SbieSvc - ok
09:31:59.0399 2148 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:31:59.0399 2148 sbp2port - ok
09:31:59.0415 2148 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:31:59.0462 2148 SCardSvr - ok
09:31:59.0462 2148 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:31:59.0493 2148 scfilter - ok
09:31:59.0524 2148 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:31:59.0555 2148 Schedule - ok
09:31:59.0571 2148 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:31:59.0618 2148 SCPolicySvc - ok
09:31:59.0633 2148 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:31:59.0665 2148 SDRSVC - ok
09:31:59.0665 2148 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:31:59.0711 2148 secdrv - ok
09:31:59.0711 2148 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:31:59.0758 2148 seclogon - ok
09:31:59.0883 2148 [ 86C9FD4982D0BEAEDF0C8BBF02AA148B ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
09:31:59.0914 2148 Secunia PSI Agent - ok
09:31:59.0961 2148 [ 808E07BBD5C68BEB844F46F164F8509E ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
09:31:59.0992 2148 Secunia Update Agent - ok
09:31:59.0992 2148 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:32:00.0039 2148 SENS - ok
09:32:00.0055 2148 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:32:00.0086 2148 SensrSvc - ok
09:32:00.0101 2148 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:32:00.0117 2148 Serenum - ok
09:32:00.0117 2148 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:32:00.0133 2148 Serial - ok
09:32:00.0148 2148 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:32:00.0164 2148 sermouse - ok
09:32:00.0179 2148 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:32:00.0226 2148 SessionEnv - ok
09:32:00.0226 2148 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:32:00.0242 2148 sffdisk - ok
09:32:00.0242 2148 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:32:00.0273 2148 sffp_mmc - ok
09:32:00.0273 2148 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:32:00.0289 2148 sffp_sd - ok
09:32:00.0289 2148 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:32:00.0289 2148 sfloppy - ok
09:32:00.0335 2148 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
09:32:00.0351 2148 Sftfs - ok
09:32:00.0398 2148 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:32:00.0413 2148 sftlist - ok
09:32:00.0429 2148 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:32:00.0429 2148 Sftplay - ok
09:32:00.0445 2148 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:32:00.0445 2148 Sftredir - ok
09:32:00.0445 2148 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
09:32:00.0460 2148 Sftvol - ok
09:32:00.0476 2148 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:32:00.0491 2148 sftvsa - ok
09:32:00.0507 2148 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:32:00.0569 2148 SharedAccess - ok
09:32:00.0585 2148 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:32:00.0601 2148 ShellHWDetection - ok
09:32:00.0601 2148 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:32:00.0616 2148 SiSRaid2 - ok
09:32:00.0616 2148 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:32:00.0616 2148 SiSRaid4 - ok
09:32:00.0632 2148 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:32:00.0647 2148 Smb - ok
09:32:00.0694 2148 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:32:00.0725 2148 SNMPTRAP - ok
09:32:00.0725 2148 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:32:00.0741 2148 spldr - ok
09:32:00.0772 2148 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:32:00.0788 2148 Spooler - ok
09:32:00.0866 2148 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:32:00.0913 2148 sppsvc - ok
09:32:00.0928 2148 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:32:00.0944 2148 sppuinotify - ok
09:32:00.0975 2148 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:32:00.0991 2148 srv - ok
09:32:00.0991 2148 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:32:01.0022 2148 srv2 - ok
09:32:01.0037 2148 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:32:01.0053 2148 srvnet - ok
09:32:01.0053 2148 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:32:01.0100 2148 SSDPSRV - ok
09:32:01.0115 2148 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:32:01.0162 2148 SstpSvc - ok
09:32:01.0209 2148 [ B824FD4A65D810B1FE01E207539666AF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:32:01.0225 2148 Stereo Service - ok
09:32:01.0240 2148 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:32:01.0256 2148 stexstor - ok
09:32:01.0287 2148 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:32:01.0318 2148 stisvc - ok
09:32:01.0334 2148 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:32:01.0349 2148 swenum - ok
09:32:01.0349 2148 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:32:01.0427 2148 swprv - ok
09:32:01.0474 2148 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:32:01.0552 2148 SysMain - ok
09:32:01.0552 2148 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:32:01.0583 2148 TabletInputService - ok
09:32:01.0583 2148 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:32:01.0630 2148 TapiSrv - ok
09:32:01.0661 2148 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:32:01.0708 2148 TBS - ok
09:32:01.0755 2148 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:32:01.0817 2148 Tcpip - ok
09:32:01.0864 2148 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:32:01.0911 2148 TCPIP6 - ok
09:32:01.0927 2148 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:32:01.0942 2148 tcpipreg - ok
09:32:01.0942 2148 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:32:01.0973 2148 TDPIPE - ok
09:32:02.0005 2148 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:32:02.0020 2148 TDTCP - ok
09:32:02.0020 2148 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:32:02.0083 2148 tdx - ok
09:32:02.0098 2148 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:32:02.0098 2148 TermDD - ok
09:32:02.0114 2148 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:32:02.0145 2148 TermService - ok
09:32:02.0145 2148 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:32:02.0161 2148 Themes - ok
09:32:02.0176 2148 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:32:02.0207 2148 THREADORDER - ok
09:32:02.0207 2148 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:32:02.0239 2148 TrkWks - ok
09:32:02.0270 2148 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:32:02.0317 2148 TrustedInstaller - ok
09:32:02.0332 2148 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:32:02.0363 2148 tssecsrv - ok
09:32:02.0379 2148 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:32:02.0395 2148 TsUsbFlt - ok
09:32:02.0410 2148 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:32:02.0426 2148 TsUsbGD - ok
09:32:02.0426 2148 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:32:02.0441 2148 tunnel - ok
09:32:02.0441 2148 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:32:02.0457 2148 uagp35 - ok
09:32:02.0457 2148 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:32:02.0488 2148 udfs - ok
09:32:02.0488 2148 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:32:02.0504 2148 UI0Detect - ok
09:32:02.0519 2148 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:32:02.0519 2148 uliagpkx - ok
09:32:02.0535 2148 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:32:02.0551 2148 umbus - ok
09:32:02.0566 2148 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:32:02.0582 2148 UmPass - ok
09:32:02.0691 2148 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:32:02.0769 2148 UNS - ok
09:32:02.0800 2148 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:32:02.0987 2148 upnphost - ok
09:32:03.0034 2148 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:32:03.0065 2148 usbaudio - ok
09:32:03.0097 2148 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:32:03.0128 2148 usbccgp - ok
09:32:03.0128 2148 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:32:03.0159 2148 usbcir - ok
09:32:03.0175 2148 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:32:03.0206 2148 usbehci - ok
09:32:03.0221 2148 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:32:03.0268 2148 usbhub - ok
09:32:03.0268 2148 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:32:03.0284 2148 usbohci - ok
09:32:03.0315 2148 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:32:03.0346 2148 usbprint - ok
09:32:03.0362 2148 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:32:03.0393 2148 usbscan - ok
09:32:03.0409 2148 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:32:03.0424 2148 USBSTOR - ok
09:32:03.0424 2148 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:32:03.0455 2148 usbuhci - ok
09:32:03.0471 2148 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:32:03.0502 2148 UxSms - ok
09:32:03.0518 2148 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:32:03.0533 2148 VaultSvc - ok
09:32:03.0533 2148 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:32:03.0549 2148 vdrvroot - ok
09:32:03.0565 2148 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:32:03.0627 2148 vds - ok
09:32:03.0627 2148 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:32:03.0643 2148 vga - ok
09:32:03.0658 2148 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:32:03.0689 2148 VgaSave - ok
09:32:03.0705 2148 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:32:03.0705 2148 vhdmp - ok
09:32:03.0705 2148 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:32:03.0721 2148 viaide - ok
09:32:03.0721 2148 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:32:03.0721 2148 volmgr - ok
09:32:03.0736 2148 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:32:03.0736 2148 volmgrx - ok
09:32:03.0752 2148 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:32:03.0767 2148 volsnap - ok
09:32:03.0767 2148 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:32:03.0783 2148 vsmraid - ok
09:32:03.0799 2148 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:32:03.0861 2148 VSS - ok
09:32:03.0861 2148 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:32:03.0877 2148 vwifibus - ok
09:32:03.0877 2148 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:32:03.0877 2148 vwififlt - ok
09:32:03.0892 2148 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:32:03.0923 2148 W32Time - ok
09:32:03.0923 2148 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:32:03.0923 2148 WacomPen - ok
09:32:03.0939 2148 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:32:03.0955 2148 WANARP - ok
09:32:03.0955 2148 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:32:03.0986 2148 Wanarpv6 - ok
09:32:04.0001 2148 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:32:04.0048 2148 wbengine - ok
09:32:04.0064 2148 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:32:04.0079 2148 WbioSrvc - ok
09:32:04.0079 2148 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:32:04.0095 2148 wcncsvc - ok
09:32:04.0095 2148 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:32:04.0126 2148 WcsPlugInService - ok
09:32:04.0126 2148 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:32:04.0142 2148 Wd - ok
09:32:04.0173 2148 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:32:04.0204 2148 Wdf01000 - ok
09:32:04.0204 2148 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:32:04.0267 2148 WdiServiceHost - ok
09:32:04.0282 2148 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:32:04.0298 2148 WdiSystemHost - ok
09:32:04.0313 2148 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:32:04.0329 2148 WebClient - ok
09:32:04.0345 2148 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:32:04.0376 2148 Wecsvc - ok
09:32:04.0391 2148 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:32:04.0407 2148 wercplsupport - ok
09:32:04.0407 2148 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:32:04.0438 2148 WerSvc - ok
09:32:04.0438 2148 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:32:04.0454 2148 WfpLwf - ok
09:32:04.0454 2148 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:32:04.0469 2148 WIMMount - ok
09:32:04.0485 2148 WinDefend - ok
09:32:04.0485 2148 WinHttpAutoProxySvc - ok
09:32:04.0532 2148 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:32:04.0579 2148 Winmgmt - ok
09:32:04.0625 2148 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:32:04.0719 2148 WinRM - ok
09:32:04.0735 2148 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:32:04.0750 2148 WinUsb - ok
09:32:04.0750 2148 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:32:04.0781 2148 Wlansvc - ok
09:32:04.0828 2148 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:32:04.0844 2148 wlcrasvc - ok
09:32:04.0906 2148 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:32:04.0969 2148 wlidsvc - ok
09:32:04.0969 2148 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:32:04.0984 2148 WmiAcpi - ok
09:32:05.0015 2148 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:32:05.0047 2148 wmiApSrv - ok
09:32:05.0062 2148 WMPNetworkSvc - ok
09:32:05.0078 2148 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:32:05.0093 2148 WPCSvc - ok
09:32:05.0093 2148 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:32:05.0109 2148 WPDBusEnum - ok
09:32:05.0125 2148 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:32:05.0140 2148 ws2ifsl - ok
09:32:05.0140 2148 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:32:05.0156 2148 wscsvc - ok
09:32:05.0156 2148 WSearch - ok
09:32:05.0218 2148 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:32:05.0296 2148 wuauserv - ok
09:32:05.0327 2148 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:32:05.0343 2148 WudfPf - ok
09:32:05.0343 2148 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:32:05.0374 2148 WUDFRd - ok
09:32:05.0405 2148 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:32:05.0437 2148 wudfsvc - ok
09:32:05.0468 2148 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
09:32:05.0515 2148 WwanSvc - ok
09:32:05.0515 2148 ================ Scan global ===============================
09:32:05.0530 2148 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:32:05.0577 2148 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:32:05.0577 2148 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:32:05.0593 2148 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:32:05.0639 2148 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:32:05.0639 2148 [Global] - ok
09:32:05.0639 2148 ================ Scan MBR ==================================
09:32:05.0639 2148 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:32:05.0920 2148 \Device\Harddisk0\DR0 - ok
09:32:05.0920 2148 ================ Scan VBR ==================================
09:32:05.0920 2148 [ 2CD24B616113171DFAB9F891A9AC10B7 ] \Device\Harddisk0\DR0\Partition1
09:32:05.0920 2148 \Device\Harddisk0\DR0\Partition1 - ok
09:32:05.0951 2148 [ AA28FDDADFE2DCAEDFB4E5340215B570 ] \Device\Harddisk0\DR0\Partition2
09:32:05.0951 2148 \Device\Harddisk0\DR0\Partition2 - ok
09:32:05.0983 2148 [ 23521CF50B53B992725C1FB862CBE41D ] \Device\Harddisk0\DR0\Partition3
09:32:05.0983 2148 \Device\Harddisk0\DR0\Partition3 - ok
09:32:05.0983 2148 ============================================================
09:32:05.0983 2148 Scan finished
09:32:05.0983 2148 ============================================================
09:32:05.0998 5384 Detected object count: 3
09:32:05.0998 5384 Actual detected object count: 3
09:34:44.0042 5384 camfilt2 ( UnsignedFile.Multi.Generic ) - skipped by user
09:34:44.0042 5384 camfilt2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:34:44.0042 5384 NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:34:44.0042 5384 NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:34:44.0042 5384 OM0530 ( UnsignedFile.Multi.Generic ) - skipped by user
09:34:44.0042 5384 OM0530 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:34:59.0800 5492 Deinitialize success
Liegt das daran, dass ich auf dem Admin Benutzerkonto den Firefox nicht installiert habe, sondern nur im Standardbenutzer? |
|
04.07.2013, 11:29
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC reagiert merkwürdig- Delta Search öffnet sich im BrowserZitat:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2013, 17:31
| #10 |
| | PC reagiert merkwürdig- Delta Search öffnet sich im Browser Ich hab mir die Logs angeschaut. Da sind so viele Einträge bei den Dateien die innerhalb der letzten Zeit erstellt worden sind, die mir total spanisch vorkommen. Und der Firefox kommt hier wieder nicht im Scan bei den Browsern vor. Was soll ich denn nun machen? Die Logs habe ich im Anhang weil sie zu groß waren. |
|
04.07.2013, 20:13
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC reagiert merkwürdig- Delta Search öffnet sich im Browser Ich hab da nur zweimal delta gesehen... Scan mit SystemLook (x64) Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop. SystemLook (64 bit)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.07.2013, 08:43
| #12 |
| | PC reagiert merkwürdig- Delta Search öffnet sich im BrowserCode:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 09:34 on 05/07/2013 by Admin
Administrator - Elevation successful
========== filefind ==========
Searching for "*conduit*"
C:\Users\Admin\AppData\Local\Temp\CT3282495\conduit.xml --a---- 785 bytes [10:32 22/05/2013] [10:32 22/05/2013] 6ACD8B6E740CB1E9A9FA43F2087592C6
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\extensions\{a87cb3e3-4db9-439d-b96b-576f5ae8459d}\chrome\CT3282495\content\ConduitAbstractionLayer.js --a---- 33740 bytes [07:34 05/06/2013] [07:34 05/06/2013] 5FC561C92DA9D2EA8CD652D341C69583
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\extensions\{a87cb3e3-4db9-439d-b96b-576f5ae8459d}\chrome\CT3282495\content\ConduitAbstractionLayerBack.js --a---- 33740 bytes [07:34 05/06/2013] [07:34 05/06/2013] 5FC561C92DA9D2EA8CD652D341C69583
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\extensions\{a87cb3e3-4db9-439d-b96b-576f5ae8459d}\chrome\CT3282495\content\ConduitAbstractionLayerFront.js --a---- 33740 bytes [07:34 05/06/2013] [07:34 05/06/2013] 5FC561C92DA9D2EA8CD652D341C69583
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\extensions\{a87cb3e3-4db9-439d-b96b-576f5ae8459d}\chrome\CT3282495\content\tb\al\aboutBox\images\conduit-logo-OLD.png --a---- 1305 bytes [07:34 05/06/2013] [07:34 05/06/2013] 5F8EF9A0B050532B90B2645E9627E3F9
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\extensions\{a87cb3e3-4db9-439d-b96b-576f5ae8459d}\chrome\CT3282495\content\tb\al\aboutBox\images\conduit-logo.png --a---- 3926 bytes [07:34 05/06/2013] [07:34 05/06/2013] 04EC2FEFD3A417F86E983508778A00DD
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\extensions\{a87cb3e3-4db9-439d-b96b-576f5ae8459d}\chrome\CT3282495\content\tb\al\options\images\conduit-logo.png --a---- 3926 bytes [07:34 05/06/2013] [07:34 05/06/2013] 04EC2FEFD3A417F86E983508778A00DD
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\extensions\{a87cb3e3-4db9-439d-b96b-576f5ae8459d}\lib\log4conduit.jsm --a---- 760 bytes [07:34 05/06/2013] [07:34 05/06/2013] 93898FE6A232C5FCD838D8168F65D802
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\extensions\{a87cb3e3-4db9-439d-b96b-576f5ae8459d}\Plugins\npConduitFirefoxPlugin.dll --a---- 207136 bytes [07:34 05/06/2013] [07:34 05/06/2013] 01A35E0291AB94F0E9E5150439B0F3B1
Searching for "*softonic*"
No files found.
Searching for "*quickstore*"
No files found.
Searching for "*yontoo*"
No files found.
Searching for "*FunMood*"
No files found.
Searching for "*tarma*"
No files found.
Searching for "*asktool*"
No files found.
Searching for "*delta*"
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HNME1DA3\DeltaTB[1].zpb --a---- 1651588 bytes [19:24 02/07/2013] [19:24 02/07/2013] 55F0F674C7B7D914E79FD8640045489C
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TD1VJ0NX\bab138.deltatb_dmn[1].zpb --a---- 253 bytes [19:24 02/07/2013] [19:24 02/07/2013] A90F63627EE6641C7BADE8DA1DEE7451
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYYHWLOY\DeltaChromeTB_1001[1].zpb --a---- 105433 bytes [19:24 02/07/2013] [19:24 02/07/2013] B71A63B45654213F13D5DD1ABECC51E7
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYYHWLOY\DeltaTB[1].exe --a---- 785904 bytes [19:24 02/07/2013] [19:24 02/07/2013] EB2764885565B6C01CB32E5F51F213B3
C:\Users\Admin\AppData\Local\Temp\50F579F8-BAB0-7891-8B36-CCBB1813F899\Latest\bab138.deltatb_dmn.dat --a---- 222 bytes [10:59 18/04/2013] [10:59 18/04/2013] AF572DB097A49B94D2A39B3529C844FE
C:\Users\Admin\AppData\Local\Temp\50F579F8-BAB0-7891-8B36-CCBB1813F899\Latest\bab138.deltatb_dmn.zpb --a---- 253 bytes [19:24 02/07/2013] [19:24 02/07/2013] A90F63627EE6641C7BADE8DA1DEE7451
C:\Users\Admin\AppData\Local\Temp\50F579F8-BAB0-7891-8B36-CCBB1813F899\Latest\Delta.crx --a---- 16913 bytes [10:15 23/05/2013] [10:15 23/05/2013] 7732BEF52DEF6B441309A2B203CB62D0
C:\Users\Admin\AppData\Local\Temp\50F579F8-BAB0-7891-8B36-CCBB1813F899\Latest\Delta.ico --a---- 5430 bytes [15:25 23/04/2013] [15:25 23/04/2013] 97EE720DD3678F23D02D166E522402AC
C:\Users\Admin\AppData\Local\Temp\50F579F8-BAB0-7891-8B36-CCBB1813F899\Latest\DeltaChromeTB_1001.zpb --a---- 105433 bytes [19:24 02/07/2013] [19:24 02/07/2013] B71A63B45654213F13D5DD1ABECC51E7
C:\Users\Admin\AppData\Local\Temp\50F579F8-BAB0-7891-8B36-CCBB1813F899\Latest\DeltaTB.zpb --a---- 1651588 bytes [19:24 02/07/2013] [19:24 02/07/2013] 55F0F674C7B7D914E79FD8640045489C
C:\Users\Admin\AppData\Local\Temp\50F579F8-BAB0-7891-8B36-CCBB1813F899\Latest\MyDeltaTB.exe --a---- 1769152 bytes [08:44 04/06/2013] [08:44 04/06/2013] 0E8F2F37A37C95DF90D462C93A648B0E
C:\Windows\System32\msdelta.dll --a---- 451584 bytes [23:22 13/07/2009] [01:41 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\SysWOW64\msdelta.dll --a---- 305152 bytes [23:12 13/07/2009] [01:15 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_9c2159bf9f702069\msdelta.dll --a---- 451584 bytes [23:22 13/07/2009] [01:41 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7600.16385_none_655452efe0fb810b\msdelta.dll --a---- 451584 bytes [02:55 14/07/2009] [02:55 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17514_none_678566b7ddea04a5\msdelta.dll --a---- 451584 bytes [02:55 14/07/2009] [02:55 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\msdelta.dll --a---- 451584 bytes [02:55 14/07/2009] [02:55 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\FileMaps\$$_media_delta_0f36d7d9b4f7293c.cdf-ms --a---- 2436 bytes [02:59 14/07/2009] [05:32 14/07/2009] 0ED4291DC068EB860AC15A6E5360224C
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_9c2159bf9f702069.manifest --a---- 2888 bytes [02:33 14/07/2009] [02:21 14/07/2009] 6B7D6AD4FA771B7D532B7AD67D396853
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_c8049b9e4ba7658c.manifest --a---- 2461 bytes [03:17 21/11/2010] [03:17 21/11/2010] 8A388670A7B189FE5CE192B81E6F7401
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-s..l-soundthemes-delta_31bf3856ad364e35_6.1.7600.16385_none_fbf7e0678b64a4b8.manifest --a---- 27794 bytes [02:17 14/07/2009] [02:18 14/07/2009] 2D159244CBBD3875345AFDD9C34B444B
C:\Windows\winsxs\Manifests\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_4002be3be712af33.manifest --a---- 2886 bytes [02:33 14/07/2009] [01:54 14/07/2009] 110D843CC1C2B3A02A46D4AD962C04B6
C:\Windows\winsxs\Manifests\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_6be6001a9349f456.manifest --a---- 2459 bytes [03:17 21/11/2010] [03:17 21/11/2010] 771093D6028BE8C764993524B6392E70
C:\Windows\winsxs\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_4002be3be712af33\msdelta.dll --a---- 305152 bytes [23:12 13/07/2009] [01:15 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7600.16385_none_0935b76c289e0fd5\msdelta.dll --a---- 305152 bytes [02:43 14/07/2009] [02:43 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17514_none_0b66cb34258c936f\msdelta.dll --a---- 305152 bytes [02:43 14/07/2009] [02:43 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\msdelta.dll --a---- 305152 bytes [02:43 14/07/2009] [02:43 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
========== folderfind ==========
Searching for "*conduit*"
No folders found.
Searching for "*softonic*"
No folders found.
Searching for "*quickstore*"
No folders found.
Searching for "*yontoo*"
No folders found.
Searching for "*FunMood*"
No folders found.
Searching for "*tarma*"
No folders found.
Searching for "*asktool*"
No folders found.
Searching for "*delta*"
C:\Users\Admin\AppData\Local\Temp\mt_ffx\Delta d------ [19:24 02/07/2013]
C:\Users\Admin\AppData\Local\Temp\mt_ffx\Delta\delta d------ [19:24 02/07/2013]
C:\Windows\Media\Delta dr--s-- [03:20 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_9c2159bf9f702069 d------ [03:20 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_c8049b9e4ba7658c d------ [03:24 21/11/2010]
C:\Windows\winsxs\amd64_microsoft-windows-s..l-soundthemes-delta_31bf3856ad364e35_6.1.7600.16385_none_fbf7e0678b64a4b8 d------ [05:30 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_4002be3be712af33 d------ [03:20 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_6be6001a9349f456 d------ [03:24 21/11/2010]
========== regfind ==========
Searching for "conduit"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\Software\Conduit]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\Software\NCH Software\Components\conduit]
Searching for "softonic"
No data found.
Searching for "quickstore"
No data found.
Searching for "yontoo*"
No data found.
Searching for "FunMood"
No data found.
Searching for "tarma"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mml\OpenWithProgIDs]
"soffice.StarMathDocument.6"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.sxm]
@="soffice.StarMathDocument.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.sxm\OpenWithProgIDs]
"soffice.StarMathDocument.6"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\soffice.StarMathDocument]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\soffice.StarMathDocument\CurVer]
@="soffice.StarMathDocument.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\soffice.StarMathDocument.6]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\ProgID]
@="soffice.StarMathDocument.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\VersionIndependentProgID]
@="soffice.StarMathDocument.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\OpenOffice.org\OpenOffice.org\3.4.1\Capabilities\FileAssociations]
".mml"="soffice.StarMathDocument.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\OpenOffice.org\OpenOffice.org\3.4.1\Capabilities\FileAssociations]
".sxm"="soffice.StarMathDocument.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\The Document Foundation\LibreOffice\4.0\Capabilities\FileAssociations]
".mml"="soffice.StarMathDocument.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\The Document Foundation\LibreOffice\4.0\Capabilities\FileAssociations]
".sxm"="soffice.StarMathDocument.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\ProgID]
@="soffice.StarMathDocument.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\VersionIndependentProgID]
@="soffice.StarMathDocument.6"
Searching for "asktool"
No data found.
Searching for "delta"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\.Default\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\.Default\Delta]
@="C:\Windows\Media\Delta\Windows Ding.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Critical.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Insert.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Remove.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Fail.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Low.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
@="C:\Windows\Media\Delta\Windows Print complete.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
@="C:\Windows\Media\Delta\Windows Error.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
@="C:\Windows\Media\Delta\Windows Exclamation.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemExit\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
@="C:\Windows\Media\Delta\Windows Critical Stop.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
@="C:\Windows\Media\Delta\Windows Balloon.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
@="C:\Windows\Media\Delta\Windows Logoff Sound.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
@="C:\Windows\Media\Delta\Windows User Account Control.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
@="C:\Windows\Media\Delta\Windows Pop-up Blocked.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FaxError\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FaxLineRings\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FaxSent\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
@="C:\Windows\Media\Delta\Windows Feed Discovered.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
@="C:\Windows\Media\Delta\Windows Navigation Start.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
@="C:\Windows\Media\Delta\Windows Information Bar.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\DisNumbersSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\HubOffSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\HubOnSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\HubSleepSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\PanelSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Names\Delta]
[HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Namespace]
"LocalDelta"="C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Namespace]
"RemoteDelta"="C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Document]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Email]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Music]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Music]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Picture]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Picture]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Video]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Video]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Appointment]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Appointment]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Contact]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Contact]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Schedule.Meeting]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Schedule.Meeting]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Record\{8F6D68FF-81A4-3F8A-AD32-8E8DDDA7FC41}\2.0.0.0]
"Class"="System.Diagnostics.SymbolStore.SymbolLineDelta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Record\{8F6D68FF-81A4-3F8A-AD32-8E8DDDA7FC41}\4.0.0.0]
"Class"="System.Diagnostics.SymbolStore.SymbolLineDelta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.msg]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.msg]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_none_9afd56f432219a2e]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_none_0a20a2633b1984ad]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..l-soundthemes-delta_31bf3856ad364e35_none_f2cfa9dc6d3f5297]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_none_3edebb7079c428f8]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_none_ae0206df82bc1377]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\Half SD]
"WinSAT_CPU Delta"="-1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\HD Default]
"WinSAT_CPU Delta"="2.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MP4]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MPG-ISO]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MPG-TTS]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD Default]
"WinSAT_CPU Delta"="0.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD WMV]
"WinSAT_CPU Delta"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the percentage of time that the processor spends executing the idle thread and then subtracting that value from 100%. (Each processor has an idle thread tha
[HKEY_LOCAL_MACHINE\SOFTWARE\Realtek\AECBF\icrcAudioProcessingDemo\GSCBeamformer\PostFiltering]
"delta"="0.000100"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Adobe\Shockwave 12\uicontrol\sw3dbaddriverlist1]
@="*2k*savage/ix!^5.12.01.7012139x=stbnvidiatnt16mb!=4.10.01.9131$o2k=diamondstealthiiis530!=5.12.01.8007-8.30.24$72k=m!=5.00.2180.3711$***=atigraphicsproturbopci(atim64-gx)!^9999.0.0.0$ont=nvidiageforce256!=4.00.1381.0327$****virge!^9999.0.0.0$*9x=ibmthinkpad(cyber9397dvd)!=4.10.01.2173$79x=mach64:ragepro!=4.11.2560$*2k=m!^5.12.01.1200$o9x=intel(r)82810graphicscontroller!=4.12.01.2656$o**=m!^5.12.01.1509$o2k=3dfxvoodooseries!=5.00.2195.0197$ont=3dfxvoodooseries!=4.00.1381.0229$o2k=diamondstealthiiis540!=5.12.01.8007-8.30.24$*9x*permedia2!^4.10.01.2359$****mystique!^9999.0.0.0$*9x*g400!^4.12.1.1710$***=2164w!^9999.0.0.0$*9x=mach64:ragepro!^4.10.1720$ont*3dblasterriva!^4.03.00.2100$ont*nvidia!^4.00.1381.0508$79x*nvidia!^4.12.01.0513$o9x*diamondviperv770!^4.11.01.0402$****g100!^9999.0.0.0$59x*nvidiariva128!=4.10.1713$ont*radeon!^4.3.3109$o2k*voodoobanshee!=5.00.2195.2b$o***permedia3!^4.12.01.2107$o***ragefury!^4.3.139$o**
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\14.0\CVH\Connect\{90140011-0066-0407-0000-0000000FF1CE}]
"deltaCacheFolderName"="140066.deu-90140011-66-407"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\Half SD]
"WinSAT_CPU Delta"="-1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\HD Default]
"WinSAT_CPU Delta"="2.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MP4]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MPG-ISO]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MPG-TTS]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD Default]
"WinSAT_CPU Delta"="0.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD WMV]
"WinSAT_CPU Delta"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the percentage of time that the processor spends executing the idle thread and then subtracting that value from 100%. (Each processor has an idl
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\.Default\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\.Default\Delta]
@="C:\Windows\Media\Delta\Windows Ding.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Critical.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Insert.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Remove.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Fail.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Low.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
@="C:\Windows\Media\Delta\Windows Print complete.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
@="C:\Windows\Media\Delta\Windows Error.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
@="C:\Windows\Media\Delta\Windows Exclamation.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemExit\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
@="C:\Windows\Media\Delta\Windows Critical Stop.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
@="C:\Windows\Media\Delta\Windows Balloon.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
@="C:\Windows\Media\Delta\Windows Logoff Sound.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
@="C:\Windows\Media\Delta\Windows User Account Control.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
@="C:\Windows\Media\Delta\Windows Pop-up Blocked.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FaxError\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FaxLineRings\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FaxSent\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
@="C:\Windows\Media\Delta\Windows Feed Discovered.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
@="C:\Windows\Media\Delta\Windows Navigation Start.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
@="C:\Windows\Media\Delta\Windows Information Bar.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\DisNumbersSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\HubOffSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\HubOnSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\HubSleepSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\PanelSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Names\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\.Default\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\.Default\Delta]
@="C:\Windows\Media\Delta\Windows Ding.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Critical.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Insert.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Remove.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Fail.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Low.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
@="C:\Windows\Media\Delta\Windows Print complete.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
@="C:\Windows\Media\Delta\Windows Error.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
@="C:\Windows\Media\Delta\Windows Exclamation.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemExit\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
@="C:\Windows\Media\Delta\Windows Critical Stop.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
@="C:\Windows\Media\Delta\Windows Balloon.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
@="C:\Windows\Media\Delta\Windows Logoff Sound.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
@="C:\Windows\Media\Delta\Windows User Account Control.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
@="C:\Windows\Media\Delta\Windows Pop-up Blocked.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FaxError\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FaxLineRings\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FaxSent\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
@="C:\Windows\Media\Delta\Windows Feed Discovered.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
@="C:\Windows\Media\Delta\Windows Navigation Start.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
@="C:\Windows\Media\Delta\Windows Information Bar.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\DisNumbersSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\HubOffSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\HubOnSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\HubSleepSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\PanelSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Names\Delta]
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\Namespace]
"LocalDelta"="C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\Namespace]
"RemoteDelta"="C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\.Default\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\.Default\Delta]
@="C:\Windows\Media\Delta\Windows Ding.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Critical.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Insert.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Remove.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Fail.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Low.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
@="C:\Windows\Media\Delta\Windows Print complete.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
@="C:\Windows\Media\Delta\Windows Error.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
@="C:\Windows\Media\Delta\Windows Exclamation.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\SystemExit\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
@="C:\Windows\Media\Delta\Windows Critical Stop.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
@="C:\Windows\Media\Delta\Windows Balloon.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
@="C:\Windows\Media\Delta\Windows Logoff Sound.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
@="C:\Windows\Media\Delta\Windows User Account Control.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
@="C:\Windows\Media\Delta\Windows Pop-up Blocked.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\FaxError\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\FaxLineRings\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\FaxSent\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
@="C:\Windows\Media\Delta\Windows Feed Discovered.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
@="C:\Windows\Media\Delta\Windows Navigation Start.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
@="C:\Windows\Media\Delta\Windows Information Bar.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\sapisvr\DisNumbersSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\sapisvr\HubOffSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\sapisvr\HubOnSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\sapisvr\HubSleepSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Apps\sapisvr\PanelSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\AppEvents\Schemes\Names\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\Software\Microsoft\Windows Media\WMSDK\Namespace]
"LocalDelta"="C:\Users\Ameise\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1001\Software\Microsoft\Windows Media\WMSDK\Namespace]
"RemoteDelta"="C:\Users\Ameise\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\.Default\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\.Default\Delta]
@="C:\Windows\Media\Delta\Windows Ding.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Critical.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Insert.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Remove.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Fail.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Low.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
@="C:\Windows\Media\Delta\Windows Print complete.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
@="C:\Windows\Media\Delta\Windows Error.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
@="C:\Windows\Media\Delta\Windows Exclamation.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\SystemExit\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
@="C:\Windows\Media\Delta\Windows Critical Stop.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
@="C:\Windows\Media\Delta\Windows Balloon.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
@="C:\Windows\Media\Delta\Windows Logoff Sound.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
@="C:\Windows\Media\Delta\Windows User Account Control.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
@="C:\Windows\Media\Delta\Windows Pop-up Blocked.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\FaxError\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\FaxLineRings\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\FaxSent\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
@="C:\Windows\Media\Delta\Windows Feed Discovered.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
@="C:\Windows\Media\Delta\Windows Navigation Start.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
@="C:\Windows\Media\Delta\Windows Information Bar.wav"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\sapisvr\DisNumbersSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\sapisvr\HubOffSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\sapisvr\HubOnSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\sapisvr\HubSleepSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Apps\sapisvr\PanelSound\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\AppEvents\Schemes\Names\Delta]
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\Software\Microsoft\Windows Media\WMSDK\Namespace]
"LocalDelta"="C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML"
[HKEY_USERS\S-1-5-21-3328769054-3450429841-4157860995-1002\Software\Microsoft\Windows Media\WMSDK\Namespace]
"RemoteDelta"="C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML"
-= EOF =-
So kann das System doch gar nicht gereinigt werden, oder? Soll ich den Standardbenutzer zum Administrator machen und den Administrator account löschen und alle Schritte nocheinmal durchführen? |
|
05.07.2013, 09:04
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC reagiert merkwürdig- Delta Search öffnet sich im Browser Mach die gleiche Suche mit Systemlook nochmal im Standarduser
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.07.2013, 11:27
| #14 |
| | PC reagiert merkwürdig- Delta Search öffnet sich im Browser Das Problem ist, ich habe den Scan im Standarduser gemacht und trotzdem werden diese Ordner nicht durchsucht. Wenn ich das Programm starte, muss ich mein Admin Passwort eingeben, da es anscheinend nur als Administrator ausgeführt werden kann. Liegt es daran, dass das Programm auf einmal nur im Admin Konto sucht. Dies war jetzt bei allen Programmen bzw. Scans der Fall. Sobald ich als Admin das Programm ausführe, werden die Orner im Standarduser nicht gescannt. Wenn ein Programm jedoch ohne Admin Rechte gestartet wird, werden plötzlich alle User durchsucht (bei JRT und FRST war das z.B.der Fall).  |
|
05.07.2013, 11:42
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC reagiert merkwürdig- Delta Search öffnet sich im Browser Hat dein Standard-User jetzt nun Admin-Rechte oder nicht?`Wenn ja, sollte es reichen wenn du Systemlook einfach per Doppelklick startest
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu PC reagiert merkwürdig- Delta Search öffnet sich im Browser |
| administrator, anmelden, benutzerkonten, benutzerkonto, browser, delta search, einstellungen, firefox, formatieren, foxydeals, hintergrund, konfigurieren, live, maus, meldung, messenger, neu, nicht mehr, plötzlich, problem, probleme, programm, programme, reagiert, splitcam, startseite, system, system care, öffnet |
Linear-Darstellung
