|
Log-Analyse und Auswertung: Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.12.2013, 07:06 | #1 |
| Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7 Hallo Trojaner Board Community, seit heute Morgen bekomme ich von Windows angezeigt, dass ich doch bitte Avast Antivirus aktivieren solle. Bisher lief dieses immer im Hintergrund und verrichtete gute Dienste. Aus anderen Postings in diesem Forum mit ähnlichem Problem vermute auch ich einen Trojaner. Symptome: Internetverbindung bricht öfters ab. Google lässt sich ab und an nicht aufrufen (vielleicht hängt dies mit oberem Symptom zusammen) Bisher ist der PC einmal unaufgefordert in Sleep gegangen. Was mich verwundert ist, dass ich avast nach wievor ausführen kann um einen Virenscann durchzuführen. Auch kann Avast neue Daten abrufen und sich auch updaten. Die Meldung bleibt aber bestehen. Dennoch bin ich etwas verstörrt . Meine Logs sind im Anhang. Sie sind leider zu lange für das Textfeld. Ansonsten wünsche ich euch schöne Weihnachten und erholsame Tage VG Teras |
24.12.2013, 10:04 | #2 |
/// the machine /// TB-Ausbilder | Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7 Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
24.12.2013, 15:15 | #3 |
| Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7 Hallo schrauber,
__________________na dann schau ich mal ob ich die Logs alle hier reinbekomm. Wollte nur nicht noch einen Post machen. OTL: Code:
ATTFilter OTL Extras logfile created on: 24.12.2013 06:15:23 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Arbeit\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,90 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 46,52% Memory free 7,80 Gb Paging File | 5,76 Gb Available in Paging File | 73,75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284,99 Gb Total Space | 122,91 Gb Free Space | 43,13% Space Free | Partition Type: NTFS Drive G: | 3,69 Gb Total Space | 3,68 Gb Free Space | 99,94% Space Free | Partition Type: FAT32 Computer Name: JAKOBLAPTOP | User Name: Arbeit | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2414150100-1524001657-1069558630-1007\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02C5EAEC-8778-4733-8819-9DBA1E423AC0}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | "{0993E08D-4A69-4634-8708-4185CB49D8B1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1CCAECB6-2227-4554-B54B-11B0B92E4651}" = lport=10243 | protocol=6 | dir=in | app=system | "{2BF1E4B4-85DF-45EE-B8B3-B7B6C0624271}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{2DD764E4-74FA-431E-BDDD-4D77ED8FE7A7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{32F526C4-F02B-41BB-B76E-6D856475BB46}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{34273D06-1600-418B-973F-7B9201A746D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3BD7B850-B124-4402-8BF3-AF7ED0C0509A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5866798B-FFA6-45D6-AFA3-2B568733F410}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5B517CCD-7691-4127-96B9-89FCB4B42529}" = rport=10243 | protocol=6 | dir=out | app=system | "{676B419C-540C-4284-82F0-74B3CF15FDC2}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | "{6DF5233E-ECD2-4FEF-81E5-A33A00737203}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{7373F3B8-BCBD-4343-8190-1B1D2E1FFAE2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7EA9E9B4-2034-497B-BB8D-F002B48191E0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A5595871-F487-4972-83EA-C61ADA52EE0C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{B8C59B6E-93E9-4334-BC2A-94184705D88A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BA84CD0E-C29B-4106-B420-4FCDE369AE2A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C681248C-BC5D-464A-B0C9-E5839D3B427A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CAD16B36-6ECA-42D6-8533-54FF4AF54977}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{CC88BFAF-9FC0-4CF9-8D3B-D5F3CCBABC40}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D021A577-2D3E-4049-9311-02BC630C9F4F}" = lport=2869 | protocol=6 | dir=in | app=system | "{D9A75C1B-8A92-4846-B20B-04B71C1BFAA3}" = lport=2869 | protocol=6 | dir=in | app=system | "{E0A6170C-1961-42A7-9CB3-D8235919077A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E3B29D7B-B1C3-4909-9991-9F37BEC4CDD9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06ABC5DF-F16A-4E06-ADA7-60486BACD875}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{06E650D7-5A10-40F3-9E05-472F77E45937}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{08E65F46-3E2E-40A1-8439-E85E4882D316}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | "{0A9E8EDB-ACB6-4BDF-89B6-473B2BE852AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{10986957-79D7-4A05-B58F-DDD76E220A2D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{1E74E6C0-D945-4114-8065-53D5D7AEB819}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech touch mouse server\itouch-server-win.exe | "{2234278F-A115-4488-A0D2-F76DBBA2C14E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{2B6F6E84-D259-4D99-AE1B-D39D990B2686}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{2EB780CA-22EF-429D-854A-D8CFDA05EB4E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{31AE6051-4E5A-465F-9A83-5295DA088921}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3933C978-DBDA-4C32-A2CA-8C5F0CB30E8C}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{3C7FBC65-B0D7-4E25-B3D6-F615C03FEA34}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{3E6AEBA1-9DCE-450B-A10B-D7AB590969EF}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{425473EC-A154-48DA-BE74-AAFF7D4DB53D}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{432B4099-2F35-4972-8DAD-C61AAC32B545}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{434F6C3E-2159-4A7D-B2A9-14EBD22CA0D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{44A7093F-7EC6-4AD6-A29E-6878CC7D8979}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{44C0A63C-2A42-4A48-979D-86461B8311EF}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{452F5922-392E-4303-93EC-18B3D69D46DC}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech touch mouse server\itouch-server-win.exe | "{4652549C-16D0-4CA3-86DD-5A43FE37F6EE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe | "{48145791-38CD-48E3-876F-007DFAE83AB9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{4A65B1E4-5D26-48E7-98F6-C13F9E6CCA66}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{4F08CF52-B016-4A68-944C-1304C9C0BE35}" = protocol=6 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe | "{52E22F29-9D41-4407-ADF6-4632C4346114}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{541BE59E-4550-4077-992A-F42E3403B76B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{5C89A1F9-0533-41AF-9BB0-39F0A2740F62}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{5C9CA22B-4D3D-47E7-AD76-2E31FF264568}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{5E34C598-BE40-4A87-8FA7-0AC387A2F267}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | "{64AF6C1B-01EC-41EB-B1E3-2F716ABB47BC}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{69311897-609C-45D5-BBCC-153C1DA2A9AB}" = protocol=6 | dir=in | app=c:\program files (x86)\national instruments\shared\mdns responder\nimdnsresponder.exe | "{6C7A4601-1678-4661-8524-83B930F1BAF7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{743B371A-C41B-466C-A154-397624087941}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{79FFEEAD-0FF9-41C2-A80B-790C8F08AB23}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{7C24B011-9ED6-4761-9FEB-8955D3C2F2CB}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{7CA6E009-06FA-409C-96C1-C543C84FDDBE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{7DF34EE3-F94D-447B-B6F7-9CBBF938B9C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | "{8B525300-4876-49E0-9DF7-2E21A415F22C}" = protocol=6 | dir=out | app=system | "{8C62C77E-EF66-41D6-B2BD-71C8BA2FD81B}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | "{92BF3F0C-898C-4868-94A8-1B5BFE8C3536}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe | "{958E0530-1088-4FD8-B51A-3F0F707C9083}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{95BF821C-2EEF-4A51-A7B0-6D6012EE1EAB}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{9916927A-C398-4D03-8BD6-5A7198339BD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9D2709A7-3232-4215-A5A4-89F5A4A8423F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9DF75402-FAAB-4EAD-9B86-3E7218DFD14B}" = protocol=17 | dir=in | app=c:\users\jz\appdata\roaming\spotify\spotify.exe | "{9EFA6BC7-F805-4640-B40D-BDA63BAFA464}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9F2AFF33-41A5-4A60-9348-093BD2F5DAAF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{A26B65BA-EEEA-460F-8DF9-E3DE90519D09}" = protocol=6 | dir=in | app=c:\users\jz\appdata\roaming\spotify\spotify.exe | "{AA4F42C7-09B9-4D85-BBDD-66FC77B3F1C2}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{AABB4876-E59C-484B-8942-E031DDD99343}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{ABA793A1-94C3-4A08-811B-409253950894}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{ABE2975A-AA01-4376-84EA-3F04919E24A4}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{AE592583-DDAD-436E-93E8-BFFEA23505A2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{AECB95A2-DC29-4ADC-85AE-63EEE2B33D84}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{AECF5CCA-8A5A-49D2-A0A5-3819A9967523}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{B07F1F7A-C618-4CDE-862B-03208C06F883}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{B0910AB2-491D-4E95-877D-94E0514781F1}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | "{B363287D-2BF9-4047-BB0F-AF1D4CD01579}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B8511453-2662-4BFD-9288-D62B4A22ED83}" = protocol=17 | dir=in | app=c:\program files (x86)\national instruments\shared\mdns responder\nimdnsresponder.exe | "{B9EEDAF8-FD6B-4060-8CB3-F22DEC770330}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{C229CA86-D1D2-4089-A45B-2E31E803BAF1}" = protocol=17 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe | "{C25A6010-A630-4E87-AA51-17E0D4B96433}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{CA3CB06F-80B0-4F8B-AE76-02BB35BEC824}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | "{CCCCE3B6-BEFC-4771-8C5B-5ECE9660EBCA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{CD4A55A3-AC69-4910-B11D-11764353D2A1}" = protocol=17 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe | "{CF122CEC-2B43-405A-A066-7BDDEFBC4747}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D348FF61-2520-41BA-AE51-84BF2F4514AE}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe | "{D7681021-DEEE-48EC-B875-52A19506E19C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | "{D79EDB70-2AF3-4D5F-9A2F-72D9ABC6B053}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DAFBEE3C-7C1B-41AB-B781-16AA0BED5DC9}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{DC75C6C3-F9B5-47AB-827E-642C6AA05F3A}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | "{DDEA3DE7-7720-40C3-9BE3-4DB60475ACB0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{E22075A1-5E28-48E6-89E7-4DDDCFE41B46}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E420B457-D2E1-4652-ADDB-1A5D6565B4C4}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{E66543BD-838E-4D09-BC0A-FEF4948B7AB6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E80A9CEC-719B-4987-B7D3-5F61AA493CD1}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{E8AF79ED-E8DC-43F3-A438-B19CAD29891E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{E9DF3C7F-2AB7-47EA-94C9-82A60CC9A9CA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}" = protocol=6 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe | "{EE30B736-64EF-431A-A030-FC5026CFD86A}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{EFE32645-F8C9-46F2-B011-ACEBE9380687}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{F008BC78-CC6C-440C-B71D-1C4A76281D3A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{F0F38695-F5B7-4A30-AA3E-AC8071E14C16}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe | "{F22F81E7-C2E6-404C-8BD3-239522C8C079}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{F5DE5913-4EAA-4FB0-8CCD-02538DF50D51}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{FD2896A7-62D0-455D-9995-DD8FEF2A49E8}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "TCP Query User{10FAF266-19F7-4B01-8B97-6B6C9F73EB96}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe | "TCP Query User{18EBB2B5-03A9-4F7F-858A-3EC9474A579F}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe | "TCP Query User{1C293E00-071C-4DAF-8B82-638D5B681CFC}C:\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\eclipse\eclipse.exe | "TCP Query User{2141C088-5AF7-4075-8E18-0305E2CF093C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{2ADEB70A-5B6A-40F2-B36B-4BC9E98BE7F7}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "TCP Query User{2B2316E5-CA84-481C-8347-16F131B6407E}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe | "TCP Query User{2C11EBB9-7DEE-4FFF-AF2E-09FFB5A60A13}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe | "TCP Query User{41DA7763-B2F7-43CD-AA3F-E199600BC27A}C:\users\jz\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\jz\appdata\roaming\spotify\spotify.exe | "TCP Query User{4948EE36-D2AF-443A-8602-768E6ED57D50}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{58F42E29-3A02-47BF-9E68-320CBF5BBCFA}C:\program files (x86)\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\trillian.exe | "TCP Query User{6B43BAEA-6504-45C9-ACBF-73CBDF22D385}C:\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\eclipse\eclipse.exe | "TCP Query User{8C3F8A5B-C3D5-42F1-B119-40698D4D2DC9}C:\orcad\orcad_15.7_demo\tools\bin\cdsmsgserver.exe" = protocol=6 | dir=in | app=c:\orcad\orcad_15.7_demo\tools\bin\cdsmsgserver.exe | "TCP Query User{93C4B54C-F89D-4925-8FE6-AA1DC80305DD}C:\program files (x86)\microsoft games\freelancer\exe\freelancer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\freelancer\exe\freelancer.exe | "TCP Query User{9F0EB362-A602-4A34-8955-E129AE8027DC}C:\program files (x86)\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\trillian.exe | "TCP Query User{A2368706-6B3D-4045-B5B4-301428039CB0}C:\users\jz\desktop\starcraft_2_eu_de-de.exe" = protocol=6 | dir=in | app=c:\users\jz\desktop\starcraft_2_eu_de-de.exe | "TCP Query User{B2BF2933-0FE4-4AB8-B6DF-6F69547D2000}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{E6F6B512-81CD-4A94-A308-C6868858B3C2}C:\users\jz\desktop\starcraft_2_eu_de-de.exe" = protocol=6 | dir=in | app=c:\users\jz\desktop\starcraft_2_eu_de-de.exe | "TCP Query User{EB1693A5-55CD-4787-B699-84DBD35F72A1}C:\program files (x86)\logitech touch mouse server\itouch-server-win.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech touch mouse server\itouch-server-win.exe | "TCP Query User{EE6B15A7-D46A-4D11-968F-3DC9E5EE67FE}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{EF787860-57E7-4ADF-9CA3-977A5D6AF5EC}C:\orcad\orcad_15.7_demo\tools\bin\cdsnameserver.exe" = protocol=6 | dir=in | app=c:\orcad\orcad_15.7_demo\tools\bin\cdsnameserver.exe | "TCP Query User{F20B4F04-4221-4A0B-A9B6-B765ACC2DAE1}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "TCP Query User{F6AAB7CD-127F-4DE5-A270-5CB919512537}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe | "TCP Query User{F790D888-78C1-4A99-8430-E84F3F4D1FF2}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{F8CAC721-7642-4ECA-94CD-D8CB46DF82F1}C:\users\administrator\desktop\blobby\volley.exe" = protocol=6 | dir=in | app=c:\users\administrator\desktop\blobby\volley.exe | "TCP Query User{FBF8A786-C011-4765-AED7-812A7B2EEE04}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe | "UDP Query User{03F79990-F2BC-4934-940D-CD65431173B1}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{14A89144-0737-4F18-ABE4-296BA04122C6}C:\program files (x86)\logitech touch mouse server\itouch-server-win.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech touch mouse server\itouch-server-win.exe | "UDP Query User{15FE155A-E919-4B53-802B-60DB8EF43259}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe | "UDP Query User{22FAA2E6-B151-4E8E-A48B-9EED7DB740D0}C:\orcad\orcad_15.7_demo\tools\bin\cdsnameserver.exe" = protocol=17 | dir=in | app=c:\orcad\orcad_15.7_demo\tools\bin\cdsnameserver.exe | "UDP Query User{2AF01D9A-652C-455A-894C-190BD6BC9928}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe | "UDP Query User{31042004-6E2A-45AD-BDC3-90CE830452E6}C:\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\eclipse\eclipse.exe | "UDP Query User{3510B9FA-EB85-4046-B15C-DDE9CA73E52A}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe | "UDP Query User{4A5CAE74-D7B9-4B62-9E71-5F4E51AD72E7}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe | "UDP Query User{4D9B168F-349E-4C32-9777-3878377D6939}C:\program files (x86)\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\trillian.exe | "UDP Query User{55F3FB87-5A1D-4E85-BEE6-E23C8F1FD65D}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "UDP Query User{5AFFE598-EAF2-474E-8A8E-86C1865464C8}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{5C6CEAE2-DFE6-4836-B2E3-92E6C1BA9715}C:\program files (x86)\microsoft games\freelancer\exe\freelancer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\freelancer\exe\freelancer.exe | "UDP Query User{5DC37EDE-BC0F-4A1F-885F-84911545789C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{739CE7D9-BFAE-4440-A900-3F4D6F3C3F79}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{77880DF8-F0B5-409E-8065-F17473DADD8A}C:\users\administrator\desktop\blobby\volley.exe" = protocol=17 | dir=in | app=c:\users\administrator\desktop\blobby\volley.exe | "UDP Query User{7900B945-0F59-4686-B4C4-7D0F6849F0DA}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe | "UDP Query User{7AA8CC39-5AA3-4C8F-98AC-E30C7B011FE2}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe | "UDP Query User{838AEC54-E3C0-4DA2-8A7C-195B8B9317CB}C:\users\jz\desktop\starcraft_2_eu_de-de.exe" = protocol=17 | dir=in | app=c:\users\jz\desktop\starcraft_2_eu_de-de.exe | "UDP Query User{937E6C06-6028-462F-9D25-993A001FB1D4}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "UDP Query User{A760CF45-00A0-4871-8C66-C496562CC229}C:\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\eclipse\eclipse.exe | "UDP Query User{BB78318A-8F11-4293-8809-DA82A9154009}C:\program files (x86)\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\trillian.exe | "UDP Query User{DAC84BE9-605B-4442-B44B-64E91B793685}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{E42C4434-4167-4E8A-8AF6-47AA7870E77C}C:\users\jz\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\jz\appdata\roaming\spotify\spotify.exe | "UDP Query User{EA5FAEB1-3794-4FB5-965C-8EAB7BF3A7BC}C:\users\jz\desktop\starcraft_2_eu_de-de.exe" = protocol=17 | dir=in | app=c:\users\jz\desktop\starcraft_2_eu_de-de.exe | "UDP Query User{F0769027-D3C5-4C2D-9C9B-5E636ABF8E1B}C:\orcad\orcad_15.7_demo\tools\bin\cdsmsgserver.exe" = protocol=17 | dir=in | app=c:\orcad\orcad_15.7_demo\tools\bin\cdsmsgserver.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}" = Shutdown Timer "{0B7AFE8D-1265-4025-AD23-3624CEAD4F3C}" = NI Xalan Delay Load 1.10.1 64-bit "{0CADBEE0-59CA-4382-9A67-BA5CB07B6EFC}" = NI Xerces Delay Load 2.7.1 64-bit "{1C4F2A17-1B60-4575-8CB1-1555CF0D5206}" = NI-RPC 4.2.0f0 for 64 Bit Windows "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}" = Microsoft SQL Server VSS Writer "{21903252-3854-48D6-8F0C-F648CFA818C9}" = NI Help Assistant (64bit) "{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit) "{29D1842C-8761-4B62-BD63-8F8037EED45C}" = NI TDMS (64-bit) "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support "{3328DCD6-B311-4E61-8435-7F13AE9B4029}" = NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 1.7.5 "{373934DC-C16C-4CB5-83E2-1E5498CF99EC}" = Shutdown Timer "{382C8A75-9A2B-444D-A649-F28C3E331B3A}" = NI Portable Configuration for 64 Bit Windows 4.7.0 "{3B68641B-4EBD-4EBE-917D-6E91DB1E5636}" = NI System State Publisher (64-bit) "{3D59804B-BF69-4088-9793-A2F9775DB5A5}" = NI System Web Server Base 1.0 (64-bit) "{412FF2A0-2E34-436B-8A0A-9E4EF32E913E}" = Option WWAN Driver 5.0.32.0 Installer "{4195A254-DE24-48B7-B07A-98F12FDD8C49}" = NI System API Windows 64-bit 1.1.0 "{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290 "{48F51087-D7F3-44A9-AB97-4C13C4BB1090}" = NI Logos64 XT Support "{4EBBC187-6988-4B10-A846-E1DBD2AD2B8D}" = NI Math Kernel Libraries (64-bit) "{4EE0B022-366F-432B-98C6-4EB27C87774E}" = NI Math Kernel Libraries (64-bit) "{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10 "{535CDE4E-70A7-4A40-9F9B-27058C21F7D0}" = NI MXS 4.7.0 for 64 Bit Windows "{595A0146-87E6-4B62-9B57-7EEED7A07253}" = NI System Configuration 1.1.0 for Windows 64-bit "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter "{64A3A4F4-B792-11D6-A78A-00B0D0170090}" = Java SE Development Kit 7 Update 9 (64-bit) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{6F11F8FE-35DE-4CAE-9D73-2C394DCFD889}" = NI Authentication 1.0 (64-bit) "{6FE94DF3-C78D-4F1D-9781-5058BBC0A849}" = NI USI 1.8.0 64-Bit "{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud "{727E94E5-584F-4463-B4F5-93D3779C610B}_x" = Option WWAN Driver 5.0.32.0 Installer "{749B0CBD-781F-4231-B356-7D79A110AFE7}" = NI MAX Support for 64 Bit Windows "{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes "{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile-Gerätecenter: Treiberupdate "{945CF655-4A32-4667-B085-70A9D53C5A86}" = NI VC2008MSMs x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{986365BA-F43B-44CC-9117-6019DD8F9F6A}" = NI Variable Engine (64-bit) "{9E3B041A-3151-4C51-9ABC-25D9DEAFB421}" = NI Trace Engine (64-bit) "{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109 "{ACEE65EF-99E2-41C2-A013-DDE7BBFB21D5}" = NI mDNS Responder 1.3 for Windows 64-bit "{B092C4EE-F80B-48DD-B57D-C42B66543BE0}" = NI VC2005MSMs x64 "{B2855A2D-9CEE-4D9F-B6D9-8C1D5914A45E}" = NI MAX Remote Configuration 64-bit Installer 4.7 "{B45EAADF-545B-40B5-9F9F-78981FCD0DF1}" = NI SSL Support (64-bit) "{B9254715-D10D-4B4B-B002-54CBA61E6F64}" = NI LabVIEW Broker (64 bit) "{C3E00BDD-2811-4720-A6BC-3B8232CD5BA3}" = FileOpen Client (x64) "{C8A67716-90BB-401A-B755-9CDAF6566821}" = NI DataSocket 4.8 (64-bit) "{C91B24F6-1629-11E2-B696-21676188709B}" = PDF Split And Merge Basic "{CCC79B52-19CF-4A50-BE60-AEE3DE96B3EA}" = NI Web Pipeline 2.0.1 64-bit support "{CE6FCE02-28C7-42BD-B1F6-15B7B15058BD}" = NI Curl 1.0 (64-bit) "{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud "{DBEC8940-AEB3-4e20-99C2-6B9E38D5C285}_is1" = IXXAT VCI 3.5.1.3826 "{DD358747-BDE7-4041-A91B-982519694DA0}" = NI Assistant Framework 64-bit "{EB2A2B03-37D0-4625-9E98-5EE3899C3DC2}" = NI Web Application Server 1.0 (64-bit) "{F7B62B13-5E47-4511-B317-4F9FBA627BA6}" = NI Logos64 5.2.0 "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) "CNXT_AUDIO_HDA" = Conexant HD Audio "GIMP-2_is1" = GIMP 2.8.6 "HDMI" = Intel(R) Graphics Media Accelerator Driver "ImageMagick 6.6.8 Q16_is1" = ImageMagick 6.6.8-5 Q16 (2011-04-01) "McAfee Security Scan" = McAfee Security Scan Plus "SynTPDeinstKey" = Synaptics Pointing Device Driver "TeraCopy_is1" = TeraCopy 2.27 "WinRAR archiver" = WinRAR "ZTE USB Driver" = ZTE USB Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01CF3725-EE33-4308-BBF9-90BF6AC43814}" = NI Logos 5.2.0 "{01EDE5EB-64AB-4C69-83C7-A4E40C791B3E}" = NI LabVIEW 2010 Simulation "{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{03148858-69DC-4143-8CA0-12972E5922F8}" = NI LabVIEW 2010 "{03FECA97-52A3-4079-937E-7840EE4FF52C}" = NI Web Application Server 1.0 "{04576912-94A0-11D3-97A3-000000000000}" = Motorola Embedded SDK for DSP56800 "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{06E94DFA-ECCE-4A6D-BDCA-1F00D030B0C0}" = NI LabVIEW Merge Utility 10.0.0 "{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) "{078A5D0D-BF50-4BB1-89FB-1018391E9F06}" = NI LabVIEW 2010 "{08133ED0-B6EB-49CD-B0EF-60502E41D15E}" = NI Xerces Delay Load 2.7.1 "{09860281-0D72-418B-B691-CADCE0AF2192}" = NI Assistant Framework LabVIEW 2010 Support "{0AAB121C-8EA7-49F5-B37C-DF117FB46771}" = NI LabVIEW Run-Time Engine 2009 SP1 "{0B9E27C7-9ECD-4362-B311-030EA48F8E72}" = Crystal XI "{0CF669FF-D168-4CA3-8D9B-E5B74C192E88}" = NI Variable Engine LabVIEW 2010 Support "{0D3F2D86-F2F2-4B05-BB46-83C15DC88CD1}" = NI LabVIEW 2010 Real-Time Error Dialog "{0FCE0BA9-8AD4-4622-9ADF-EFF0355EEAE7}" = NI LabVIEW Run-Time Engine Interop 2009 "{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1 "{112FE5D5-EB7A-4795-B906-79FB08E936C6}" = NI-RPC 4.2.0f0 for Phar Lap ETS "{1296CAF3-F007-4813-A95F-AD153F978DF1}" = AVRStudio4 "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR "{15B05C75-6B0C-4969-BD33-C9B8FBEFA251}" = NI LabVIEW 2010 License "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{19F59734-0740-49E6-818D-53C1CA6B4ABE}" = NI System State Publisher "{1E5C217C-FEE5-4A54-8A07-F6308D112CB3}" = NI MXS 4.7.0 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{21EF2C48-A06F-4001-8E0B-72DCA779860F}" = NI DataSocket 4.8 "{2254CBFE-56BB-47BD-9958-5103AA58C5F7}" = NI System Web Server Base 1.0 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2BC9B2CE-D569-4ADC-A8A0-170F2FD57139}" = NI LabVIEW 2010 Real-Time NBFifo "{2C13B0F2-1EB6-4704-BE23-EDBC6270CECB}" = NI LabVIEW 2010 "{2C751795-11E7-41B4-8E42-DC361717DBCB}" = NI Software Provider for MAX 4.7.0 "{301B07CC-A82B-451F-B25D-4D5336B24EF9}" = GO Contact Sync Mod "{30FC5877-BBA0-41C4-8A1D-ED914194610E}" = NI LabVIEW 2010 "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{33049789-BE8F-4037-BB02-51FFD4837DA5}" = NI LabVIEW 2010 "{3AC465DB-700E-4A68-9AC9-33F61A2E7ABA}" = NI Trace Engine "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3CEF952C-2808-4A93-BEB0-5744F48EBD5B}" = NI Curl 1.0 "{3D5943AB-1469-4168-A913-83A9856C3AAE}" = AWR Design Environment 2009 (9.01.4875.3) "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{3F1D557E-B8ED-41C9-ADFD-C4563A37B1AA}" = Tina 9 - Demo "{4027672A-3560-4B71-973F-B348DF175E3E}" = NI LabVIEW 2010 "{4058873D-3915-449A-9879-17149E06EA2F}" = NI SSL Support "{41313B23-25A9-4CDF-BA6E-F721FAE53664}" = NI Update Service "{4159DD60-49C1-4323-A1A5-FB060CBA35C5}" = NI Measurement Studio Recipe Processor "{416B50BB-64CE-46C5-81A6-7F842CC35CDC}" = NI LabVIEW MAX XML "{41A0986C-CED7-4C93-AFF2-DC8566253B7B}" = NI MetaSuite Installer "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{44CD79C3-375F-41C8-977E-97BB3E520B30}" = NI Assistant Framework "{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite MFC-7320 "{471CCC3B-22EE-4775-87AD-A6E3EE0FF135}" = Silicon Laboratories CP210x VCP Drivers for Windows 7 "{49C6FE81-CE63-4B49-A295-7A10B96D36CD}" = NI LabVIEW 2010 Deployable License "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A6F12CD-3AF0-48E0-BC55-22313248381C}" = NI LabVIEW 2010 Search "{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in "{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2 "{4CFE677E-1256-4B27-B91E-5450F9E1FEAE}" = NI LabVIEW 2010 "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9 "{4E97AAFD-E743-43FE-B876-CD29D40AEA29}" = NI Measurement & Automation Explorer 4.7.0 "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{55AF38A4-B9BB-4052-86D8-F6C3A2D5DB78}" = NI Portable Configuration 4.7.0 "{56C9725B-CA13-4FAE-8CDB-E70906AFAEE3}" = NI LabWindows/CVI 2009 Code Generator "{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive "{59A4D1C4-BB47-4AB5-9851-372BD1643EFD}" = NI Instrument IO Assistant for LabVIEW 2010 32-bit "{59B7E8FF-7BE3-4C91-A8E9-0D998D578329}" = NI OPC Support "{5C0BBD9F-2D3F-4093-AD7B-3F7377E0EDCA}" = NI LabVIEW Real-Time NBFifo "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8 "{6052FD3A-E988-4302-983F-642197DBDA8D}" = NI Assistant Framework LabVIEW Code Generator 2010 "{63E19B33-DD24-4EAB-9E77-6735C2171CE4}" = NI VC2005MSMs x86 "{673E0ADC-0F04-420F-B250-3AE72B2A78E4}" = NI Logos LabVIEW 2010 Support "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package "{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}" = Garmin WebUpdater "{6CD33838-7432-4BD3-93FE-A5C40A068BBB}" = NI MAX Remote Configuration Installer 4.7 "{6F7D11DC-DE87-45C8-A37E-A35B724FC771}" = NI Help Assistant "{70A52556-0994-49A6-B5DD-50AEEF93B0BB}" = CodeWarrior for Motorola 56F800 Demo Board "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{731AB8A7-59A8-BD7D-FF79-E044CEB65E05}" = Unify "{73661C77-DB65-416D-9B7A-543AC88EA846}" = NI LabVIEW 2010 Manuals "{7424809B-AA4A-4B2F-88A8-865F15F778B6}" = Equalify v2.1.2 (admin setup) "{74C9CAE2-7D42-40C2-A0CC-15393E12AABC}" = NI LabVIEW 2010 Web Server "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7C62B54A-E524-4F3D-83E7-0F2ABAFC978A}" = NI Xalan Delay Load 1.10.1 "{7F5571D1-1FFD-4961-99D5-97A621D69506}" = NI Uninstaller "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.0.0 "{8327309A-62EA-44CF-B708-B9D98963EF42}" = NI LabVIEW 2010 Help "{8695FC18-0685-4F47-B8C4-E09BC03935C6}" = NI LabVIEW Compare Utility 10.0.0 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87CE002F-33CD-4C3A-95CA-6EC98DC1A6C3}" = calibre "{8875F085-4F00-4462-B52F-507E568EB75F}" = NI SSL LabVIEW 2010 Support "{89FC36E5-5C62-499B-8207-9014C484F65C}" = NI-RPC 4.2.0f0 "{8DA7D661-2184-4B78-8220-73F9878E9992}" = NI USI 1.8.0 "{8DC9CDD4-9569-46A2-BEB8-7DBF9A519193}" = Mobile Broadband Generic Drivers "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007 "{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007 "{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007 "{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{94748C43-8C0A-410E-9C84-AD718C494307}" = NI LabVIEW 2010 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C1794A9-4514-4D81-91BB-570CCE1F1F0C}" = NI LabVIEW 2010 "{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™ "{9F4ACDF5-D186-4C61-BAE3-80DDEAB4CE6F}" = NI LabVIEW Run-Time Engine Interop 2010 "{A27F9884-D0F7-4788-B016-CC55FA3015D3}" = NI Logos XT Support "{A5B57591-4E0C-4EF0-8954-11781BC5CCA1}" = NI Remote PXI Provider for MAX 4.7.0 "{A8BE8637-98A7-4CFA-B064-44253A96DD69}" = NI mDNS Responder 1.3.0 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{A999B934-1EBA-415F-BA5B-5036E0811956}" = NI Example Finder 10.0 "{A9F87795-BD95-4C25-97A7-027B2117EF41}" = Ansoft Designer 2.2 SV "{AB55A100-AAC9-43EA-845E-2DCDC0D4D2B8}" = NI Math Kernel Libraries "{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI "{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource "{B02DF253-C315-4869-BB65-0054B0C2A0A4}" = NI LabVIEW 2010 Help File "{B100DDC0-58F7-4FE2-A32C-10B18779AE71}" = Vector CANoe 7.2 "{B1CFB647-2185-4AB9-BF38-FDD5D9B5F53B}" = NI TDMS "{B4D09BE5-59C1-434C-85D9-DBF135A44CB6}" = NI Authentication 1.0 "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B937AF41-B4B5-44FF-8670-46110C2EFCDE}" = NI DN 2.0 SP1 installer "{B9F41D01-DB28-4595-B93C-2732A54CBEA2}_is1" = AVR Burn-O-Mat 2.1.2 "{BBE45D37-2D2E-426F-8EF6-5075CE4D382B}" = Microsoft Visual J# 2.0 Redistributable Language Pack - DEU "{BD7905FA-8134-4B25-88D0-0A944B5BA4F7}" = NI Remote Provider for MAX 4.7.0 "{BF903074-1312-47E4-8845-267BCA9586C2}" = NI MDF Support "{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Süß & Schrecklich Ergänzungs-Pack "{C1C8BDB9-8FBA-4200-B5D4-18EB27850916}" = NI-DAQmx/LabVIEW shared documentation 1.7.5 "{C2AD80E1-9484-42F4-BA13-B3B045723ACB}" = NI Variable Engine 2.4.0 "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{C77D7C5C-613E-4A4B-B654-CF416A0E97AB}" = NI System Configuration 1.1.0 "{CA30E58F-D4AA-43B9-B740-29D358357B2F}" = NI LabVIEW 2010 Deployment Framework "{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1 "{CFA85017-6556-4FBA-B6C8-6C831DDA87CF}" = NI System API Windows 32-bit 1.1.0 "{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.160.210 "{D361B9E5-E918-48CB-BEC3-8E44A5F6E624}" = NI LabVIEW 2009 SP1 Run-Time Engine Web Services "{D581FB60-4827-4AB0-9BF0-A1159C1D0579}" = NI License Manager "{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVRStudio4 "{DAA922C9-D005-4F98-8543-D94DD103F491}" = NI LabVIEW 2010 "{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries "{DB68B420-5382-48EE-9A2A-CB984FEBB192}" = NI LabVIEW Web Server for Run-Time Engine "{DCA3D701-664B-4C87-9C31-2DBD47BACC2F}" = NI EULA Depot "{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7 "{DEC25D81-2317-47F6-8B26-D54A939DA1EE}" = NI LabVIEW C Interface "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E0C32607-2DD4-4124-9A74-351D135FAD4B}" = NI Distributed System Manager 2010 "{E1D60C68-016C-4951-8C1F-52E24DFE7836}" = NI CodeSignAPI "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E4DA55EF-5374-4E3D-B3A7-9DA930E25414}" = NI LabVIEW Web Services Runtime "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E69A31C9-F24F-4A1A-BEAD-B1AA255760C1}" = NI Registration Wizard "{E6C0EA48-8AF1-4A1C-9383-8F0706F22431}" = NI LabWindows/CVI DLL Builder for LabVIEW "{E9A1C394-7F4D-4548-920C-6665C5E5EF5F}" = NI System Web Server 1.0 "{EC8BF669-EFEA-40D9-8894-9074E407FC07}" = NI VC2008MSMs x86 "{ECA841EF-06B7-42F2-973E-A4D3E30EC2FA}" = NI LabVIEW 2010 MeasAppChm File "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EF367060-8B96-4290-BB4D-13D435408C89}" = NI LabVIEW Run-Time Engine 2010 "{F055B0A4-8F75-4F85-B6FF-1C5BE10A72DC}" = NI LabWindows/CVI 9.0 Run-Time Engine "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F10528D1-6478-4F67-A393-CCAC1DB958C1}_is1" = IMG to ISO "{F37CC885-1E37-4F2A-93F3-7F1E1EEBBEBB}" = NI LabVIEW Broker "{F444664E-87EE-43D1-B829-0F78D3F20C79}" = NI TDM Excel Add-In 3.2 "{F7A7C15E-EA7C-47E9-870C-6ABFF1D19EC2}" = NI Web Interface Framework 1.0 "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{F934D447-1831-4D39-BD7E-CB86DE4C6125}" = NI Update Service Full "{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine "{FF9E31CF-F433-48FD-989E-A6E9A3FCFC01}" = Vector CANoe/CANalyzer Redistributables 1.0 "5513-1208-7298-9440" = JDownloader 0.9 "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54 "AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts "AnyToISO_is1" = AnyToISO "avast" = avast! Free Antivirus "BeCyPDFMetaEdit" = BeCyPDFMetaEdit "Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2 "com.adobe.nm.unify" = Unify "Creatures Exodus" = Creatures Exodus "DVDFab 9_is1" = DVDFab 9.0.1.6 (14/12/2012) Qt "EAGLE 5.11.0" = EAGLE 5.11.0 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Everything" = Everything 1.2.1.371 "FileZilla Client" = FileZilla Client 3.7.3 "Freeciv-2.3.2-gtk2" = Freeciv 2.3.2 (GTK+ client) "Genie Timeline" = Genie Timeline "Google Calendar Sync" = Google Calendar Sync "Google Chrome" = Google Chrome "HotspotShield" = Hotspot Shield 2.83 "HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.22.19.00 "Identity Card" = Identity Card "Inkscape" = Inkscape 0.48.1 "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8 "Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC17 (remove only) "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.6.0 "LManager" = Launch Manager "Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0 "LTspice IV" = LTspice IV "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Microsoft Visual J# 2.0 Redistributable Language Pack - DEU" = Microsoft Visual J# 2.0 Redistributable Language Pack - DEU "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package "mikroC PRO for dsPIC" = mikroC PRO for dsPIC (remove only) "mikroProg Suite For PIC" = mikroProg Suite For PIC (remove only) "MiKTeX 2.9" = MiKTeX 2.9 "Mozilla Firefox 26.0 (x86 de)" = Mozilla Firefox 26.0 (x86 de) "Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MPLAB C18 v3.35 Lite" = MPLAB C18 v3.35 Lite "NewsLeecher_is1" = NewsLeecher v4.0 Final "NI Uninstaller" = National Instruments - Software "Notepad++" = Notepad++ "OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch "OpenPandora" = OpenPandora 0.7.0.6 "Origin" = Origin "PageshotsPro_is1" = PageshotsPro 1.0.0 "Papillon ParaTrainer_is1" = Papillon ParaTrainer 4.41 "Party Pack for Pocket Tanks Deluxe_is1" = Party Pack for Pocket Tanks Deluxe "PDF Blender" = PDF Blender "PICC 9.70PL0" = HI-TECH C Compiler for the PIC10/12/16 MCUs V9.70PL0 "PICC 9.80" = HI-TECH C Compiler for the PIC10/12/16 MCUs V9.80PL0 "PSpice Student" = PSpice Student 9.1 "pstoedit and importps_is1" = pstoedit and importps 3.50 "QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.2.0 "ReplayMusic5.45" = Replay Music 5 "SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) "StarCraft II" = StarCraft II "Steam App 42910" = Magicka "Steam App 620" = Portal 2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1 "TeXstudio_is1" = TeXstudio 2.5.2 "TreeSize Free_is1" = TreeSize Free V2.7 "Trillian" = Trillian "TrueCrypt" = TrueCrypt "uTorrent" = µTorrent "uTorrentBar_DE Toolbar" = uTorrentBar_DE Toolbar "Vector CANcaseXL log Configuration" = Vector CANcaseXL log Configuration "VLC media player" = VLC media player 1.1.4 "WinAVR-20090313" = WinAVR 20090313 (remove only) "WinLiveSuite_Wave3" = Windows Live Essentials "Winload Toolbar" = Winload Toolbar "WinMerge_is1" = WinMerge 2.12.4 "XviD4PSP60" = XviD4PSP 6.0 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 24.12.2013 01:49:40 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error - 24.12.2013 01:49:46 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error - 24.12.2013 01:49:51 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error - 24.12.2013 01:49:57 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error - 24.12.2013 01:50:02 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error - 24.12.2013 01:50:08 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error - 24.12.2013 01:50:14 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error - 24.12.2013 01:50:19 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error - 24.12.2013 01:50:25 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error - 24.12.2013 01:50:31 | Computer Name = JakobLaptop | Source = XatDevService | ID = 110 Description = Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. [ Media Center Events ] Error - 09.01.2011 12:49:31 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 17:49:29 - Fehler beim Herstellen der Internetverbindung. 17:49:29 - Serververbindung konnte nicht hergestellt werden.. Error - 16.01.2011 13:15:04 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 18:15:04 - Fehler beim Herstellen der Internetverbindung. 18:15:04 - Serververbindung konnte nicht hergestellt werden.. Error - 16.01.2011 13:15:18 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 18:15:10 - Fehler beim Herstellen der Internetverbindung. 18:15:10 - Serververbindung konnte nicht hergestellt werden.. Error - 16.01.2011 14:15:23 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 19:15:23 - Fehler beim Herstellen der Internetverbindung. 19:15:23 - Serververbindung konnte nicht hergestellt werden.. Error - 16.01.2011 14:15:29 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 19:15:28 - Fehler beim Herstellen der Internetverbindung. 19:15:28 - Serververbindung konnte nicht hergestellt werden.. Error - 25.01.2011 11:45:03 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 16:45:03 - Fehler beim Herstellen der Internetverbindung. 16:45:03 - Serververbindung konnte nicht hergestellt werden.. Error - 25.01.2011 11:45:17 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 16:45:09 - Fehler beim Herstellen der Internetverbindung. 16:45:09 - Serververbindung konnte nicht hergestellt werden.. Error - 30.01.2011 12:02:23 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 17:02:23 - Fehler beim Herstellen der Internetverbindung. 17:02:23 - Serververbindung konnte nicht hergestellt werden.. Error - 30.01.2011 12:02:32 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 17:02:28 - Fehler beim Herstellen der Internetverbindung. 17:02:28 - Serververbindung konnte nicht hergestellt werden.. Error - 31.01.2011 13:44:37 | Computer Name = JakobLaptop | Source = MCUpdate | ID = 0 Description = 18:44:34 - Fehler beim Herstellen der Internetverbindung. 18:44:34 - Serververbindung konnte nicht hergestellt werden.. [ OSession Events ] Error - 05.01.2013 05:11:53 | Computer Name = JakobLaptop | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 21.12.2013 05:09:00 | Computer Name = JakobLaptop | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht. Error - 22.12.2013 02:10:31 | Computer Name = JakobLaptop | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error - 22.12.2013 08:09:10 | Computer Name = JakobLaptop | Source = Service Control Manager | ID = 7000 Description = Der Dienst "MAC_MOT" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 22.12.2013 08:09:33 | Computer Name = JakobLaptop | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Remote Bus Driver" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 22.12.2013 08:09:33 | Computer Name = JakobLaptop | Source = Service Control Manager | ID = 7000 Description = Der Dienst "WinDriver" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 22.12.2013 08:13:30 | Computer Name = JakobLaptop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Kumulatives Sicherheitsupdate für Internet Explorer 10 unter Windows 7 Service Pack 1 für x64-basierte Systeme (KB2898785) Error - 22.12.2013 14:08:44 | Computer Name = JakobLaptop | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error - 23.12.2013 11:54:15 | Computer Name = JakobLaptop | Source = Service Control Manager | ID = 7000 Description = Der Dienst "MAC_MOT" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 23.12.2013 11:54:29 | Computer Name = JakobLaptop | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Remote Bus Driver" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 23.12.2013 11:54:29 | Computer Name = JakobLaptop | Source = Service Control Manager | ID = 7000 Description = Der Dienst "WinDriver" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 < End of report > |
24.12.2013, 15:28 | #4 |
| Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7 Und hier das zweite Log von TDSSKILLER Code:
ATTFilter 06:11:52.0153 0x1a74 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50 06:11:57.0068 0x1a74 ============================================================ 06:11:57.0068 0x1a74 Current date / time: 2013/12/24 06:11:57.0068 06:11:57.0068 0x1a74 SystemInfo: 06:11:57.0068 0x1a74 06:11:57.0068 0x1a74 OS Version: 6.1.7601 ServicePack: 1.0 06:11:57.0068 0x1a74 Product type: Workstation 06:11:57.0069 0x1a74 ComputerName: JAKOBLAPTOP 06:11:57.0069 0x1a74 UserName: Arbeit 06:11:57.0069 0x1a74 Windows directory: C:\Windows 06:11:57.0069 0x1a74 System windows directory: C:\Windows 06:11:57.0069 0x1a74 Running under WOW64 06:11:57.0069 0x1a74 Processor architecture: Intel x64 06:11:57.0069 0x1a74 Number of processors: 2 06:11:57.0069 0x1a74 Page size: 0x1000 06:11:57.0069 0x1a74 Boot type: Normal boot 06:11:57.0069 0x1a74 ============================================================ 06:11:57.0698 0x1a74 KLMD registered as C:\Windows\system32\drivers\44140152.sys 06:11:57.0887 0x1a74 System UUID: {1B27528B-407A-CFB4-0AFD-31F11267B76C} 06:11:58.0699 0x1a74 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 06:11:58.0729 0x1a74 Drive \Device\Harddisk1\DR1 - Size: 0xEC580000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 06:11:58.0742 0x1a74 ============================================================ 06:11:58.0742 0x1a74 \Device\Harddisk0\DR0: 06:11:58.0743 0x1a74 MBR partitions: 06:11:58.0743 0x1a74 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000 06:11:58.0743 0x1a74 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800 06:11:58.0743 0x1a74 \Device\Harddisk1\DR1: 06:11:58.0744 0x1a74 MBR partitions: 06:11:58.0744 0x1a74 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00 06:11:58.0744 0x1a74 ============================================================ 06:11:58.0800 0x1a74 C: <-> \Device\Harddisk0\DR0\Partition2 06:11:58.0801 0x1a74 ============================================================ 06:11:58.0801 0x1a74 Initialize success 06:11:58.0801 0x1a74 ============================================================ 06:12:13.0898 0x11e4 ============================================================ 06:12:13.0898 0x11e4 Scan started 06:12:13.0898 0x11e4 Mode: Manual; 06:12:13.0898 0x11e4 ============================================================ 06:12:13.0899 0x11e4 KSN ping started 06:12:17.0087 0x11e4 KSN ping finished: true 06:12:18.0042 0x11e4 ================ Scan system memory ======================== 06:12:18.0042 0x11e4 System memory - ok 06:12:18.0042 0x11e4 ================ Scan services ============================= 06:12:18.0361 0x11e4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 06:12:18.0368 0x11e4 1394ohci - ok 06:12:18.0497 0x11e4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 06:12:18.0542 0x11e4 ACPI - ok 06:12:18.0651 0x11e4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 06:12:18.0659 0x11e4 AcpiPmi - ok 06:12:18.0905 0x11e4 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 06:12:18.0914 0x11e4 AdobeFlashPlayerUpdateSvc - ok 06:12:19.0012 0x11e4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 06:12:19.0053 0x11e4 adp94xx - ok 06:12:19.0160 0x11e4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 06:12:19.0182 0x11e4 adpahci - ok 06:12:19.0273 0x11e4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 06:12:19.0282 0x11e4 adpu320 - ok 06:12:19.0382 0x11e4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 06:12:19.0386 0x11e4 AeLookupSvc - ok 06:12:19.0509 0x11e4 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys 06:12:19.0566 0x11e4 AFD - ok 06:12:19.0676 0x11e4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 06:12:19.0680 0x11e4 agp440 - ok 06:12:19.0747 0x11e4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 06:12:19.0752 0x11e4 ALG - ok 06:12:19.0889 0x11e4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 06:12:19.0892 0x11e4 aliide - ok 06:12:19.0932 0x11e4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 06:12:19.0939 0x11e4 amdide - ok 06:12:19.0979 0x11e4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 06:12:19.0982 0x11e4 AmdK8 - ok 06:12:20.0009 0x11e4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 06:12:20.0012 0x11e4 AmdPPM - ok 06:12:20.0097 0x11e4 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys 06:12:20.0101 0x11e4 amdsata - ok 06:12:20.0212 0x11e4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 06:12:20.0235 0x11e4 amdsbs - ok 06:12:20.0259 0x11e4 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys 06:12:20.0283 0x11e4 amdxata - ok 06:12:20.0376 0x11e4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 06:12:20.0380 0x11e4 AppID - ok 06:12:20.0488 0x11e4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 06:12:20.0491 0x11e4 AppIDSvc - ok 06:12:20.0559 0x11e4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 06:12:20.0564 0x11e4 Appinfo - ok 06:12:20.0940 0x11e4 [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 06:12:20.0946 0x11e4 Apple Mobile Device - ok 06:12:20.0986 0x11e4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys 06:12:20.0991 0x11e4 arc - ok 06:12:21.0016 0x11e4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 06:12:21.0022 0x11e4 arcsas - ok 06:12:21.0197 0x11e4 [ 36949EB7E71C5779C5163AF6AFB2A161, 2661829B771E7ADFFC15FA4B4BB317AEB52CA264762D8B9A2892BB5B2D3B8C9C ] aswKbd C:\Windows\system32\drivers\aswKbd.sys 06:12:21.0198 0x11e4 aswKbd - ok 06:12:21.0286 0x11e4 [ 9C2BEA3957EFFD45F352F0938DFB3721, 7006CC604C480CF512A29AD03BA17FFA564FDDF34CE768ACBD805611503D5012 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 06:12:21.0291 0x11e4 aswMonFlt - ok 06:12:21.0436 0x11e4 [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys 06:12:21.0440 0x11e4 aswRdr - ok 06:12:21.0602 0x11e4 [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 06:12:21.0605 0x11e4 aswRvrt - ok 06:12:21.0822 0x11e4 [ 52B5F8FAF7E78C02D26B0B6E3A05F596, 7C45BA507529F822D4397BD5F001EC861C85E9CBB1F75927E48843B15D5C0B8E ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 06:12:21.0869 0x11e4 aswSnx - ok 06:12:22.0004 0x11e4 [ 251360C2FCA22BAFE0583314B3262F98, 1EB1B4620E3AFA8ACDDE5F1A6EC4AAEDD40AE2FC5C013AF1B13B03C4B60F6CEB ] aswSP C:\Windows\system32\drivers\aswSP.sys 06:12:22.0039 0x11e4 aswSP - ok 06:12:22.0162 0x11e4 [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 06:12:22.0191 0x11e4 aswVmm - ok 06:12:22.0239 0x11e4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 06:12:22.0241 0x11e4 AsyncMac - ok 06:12:22.0314 0x11e4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 06:12:22.0348 0x11e4 atapi - ok 06:12:22.0512 0x11e4 [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr C:\Windows\system32\DRIVERS\athrx.sys 06:12:22.0609 0x11e4 athr - ok 06:12:22.0740 0x11e4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 06:12:22.0796 0x11e4 AudioEndpointBuilder - ok 06:12:22.0822 0x11e4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll 06:12:22.0835 0x11e4 AudioSrv - ok 06:12:23.0195 0x11e4 [ 9330941C8F6DF417F6DBBE998DB6687E, 28BC051D7C74721BAF85BE2AAB97EAE44152779106C5BDA1FDA07B9C049E2FDC ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 06:12:23.0199 0x11e4 avast! Antivirus - ok 06:12:23.0355 0x11e4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 06:12:23.0360 0x11e4 AxInstSV - ok 06:12:23.0454 0x11e4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 06:12:23.0468 0x11e4 b06bdrv - ok 06:12:23.0534 0x11e4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 06:12:23.0554 0x11e4 b57nd60a - ok 06:12:23.0659 0x11e4 [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 06:12:23.0663 0x11e4 BcmSqlStartupSvc - ok 06:12:23.0797 0x11e4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 06:12:23.0801 0x11e4 BDESVC - ok 06:12:23.0845 0x11e4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 06:12:23.0846 0x11e4 Beep - ok 06:12:23.0954 0x11e4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 06:12:24.0000 0x11e4 BFE - ok 06:12:24.0117 0x11e4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 06:12:24.0258 0x11e4 BITS - ok 06:12:24.0403 0x11e4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 06:12:24.0408 0x11e4 blbdrive - ok 06:12:24.0597 0x11e4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 06:12:24.0639 0x11e4 Bonjour Service - ok 06:12:24.0720 0x11e4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 06:12:24.0728 0x11e4 bowser - ok 06:12:24.0787 0x11e4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 06:12:24.0789 0x11e4 BrFiltLo - ok 06:12:25.0132 0x11e4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 06:12:25.0136 0x11e4 BrFiltUp - ok 06:12:25.0241 0x11e4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 06:12:25.0249 0x11e4 Browser - ok 06:12:25.0329 0x11e4 [ E5E9B1625A767CEB6F319C12D33EAB78, F49FF610C0712FAE4B69BD300C78D7DEA7C72DFC076323295779272D1E23D7CE ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys 06:12:25.0338 0x11e4 BrSerIb - ok 06:12:25.0374 0x11e4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 06:12:25.0383 0x11e4 Brserid - ok 06:12:25.0425 0x11e4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 06:12:25.0428 0x11e4 BrSerWdm - ok 06:12:25.0509 0x11e4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 06:12:25.0529 0x11e4 BrUsbMdm - ok 06:12:25.0541 0x11e4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 06:12:25.0542 0x11e4 BrUsbSer - ok 06:12:25.0634 0x11e4 [ D9F6B30AD93CBD165EC71FADF51DF25E, 9E38846451650F4F320CB1DEA9C010653A54D7419591719936BF53BEE269F1A8 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys 06:12:25.0636 0x11e4 BrUsbSIb - ok 06:12:25.0773 0x11e4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 06:12:25.0776 0x11e4 BthEnum - ok 06:12:25.0832 0x11e4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 06:12:25.0836 0x11e4 BTHMODEM - ok 06:12:25.0920 0x11e4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 06:12:25.0925 0x11e4 BthPan - ok 06:12:26.0061 0x11e4 [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 06:12:26.0090 0x11e4 BTHPORT - ok 06:12:26.0154 0x11e4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 06:12:26.0175 0x11e4 bthserv - ok 06:12:26.0235 0x11e4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 06:12:26.0239 0x11e4 BTHUSB - ok 06:12:26.0328 0x11e4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 06:12:26.0332 0x11e4 cdfs - ok 06:12:26.0458 0x11e4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 06:12:26.0463 0x11e4 cdrom - ok 06:12:26.0584 0x11e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 06:12:26.0588 0x11e4 CertPropSvc - ok 06:12:26.0706 0x11e4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 06:12:26.0709 0x11e4 circlass - ok 06:12:26.0829 0x11e4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 06:12:26.0855 0x11e4 CLFS - ok 06:12:27.0060 0x11e4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 06:12:27.0066 0x11e4 clr_optimization_v2.0.50727_32 - ok 06:12:27.0148 0x11e4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 06:12:27.0154 0x11e4 clr_optimization_v2.0.50727_64 - ok 06:12:27.0312 0x11e4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 06:12:27.0315 0x11e4 CmBatt - ok 06:12:27.0392 0x11e4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 06:12:27.0395 0x11e4 cmdide - ok 06:12:27.0503 0x11e4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 06:12:27.0573 0x11e4 CNG - ok 06:12:27.0643 0x11e4 [ 20F3F8674D7DEE5D90A352B775D5D5BA, 3D51276C77183652533A882F6C766075C7F5981DD116888567DC8E7FF3CF0D2D ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys 06:12:27.0735 0x11e4 CnxtHdAudService - ok 06:12:27.0807 0x11e4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 06:12:27.0809 0x11e4 Compbatt - ok 06:12:27.0891 0x11e4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 06:12:27.0895 0x11e4 CompositeBus - ok 06:12:27.0914 0x11e4 COMSysApp - ok 06:12:27.0988 0x11e4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 06:12:27.0991 0x11e4 crcdisk - ok 06:12:28.0075 0x11e4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll 06:12:28.0081 0x11e4 CryptSvc - ok 06:12:28.0171 0x11e4 [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys 06:12:28.0173 0x11e4 CVirtA - ok 06:12:28.0417 0x11e4 [ 66257CB4E4FB69887CDDC71663741435, A072C2868EC3CB773F1C512C9E07D152920794969E302199E8265CFFFD3EFC2D ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe 06:12:28.0508 0x11e4 CVPND - ok 06:12:28.0671 0x11e4 [ CC8E52DAA9826064BA464DBE531F2BB5, 28150B5DDB4DB42839EBB4F3672EB575373046B1676938111904290DFF6DEC8E ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys 06:12:28.0699 0x11e4 CVPNDRVA - ok 06:12:28.0811 0x11e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 06:12:28.0879 0x11e4 DcomLaunch - ok 06:12:28.0997 0x11e4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 06:12:29.0006 0x11e4 defragsvc - ok 06:12:29.0114 0x11e4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 06:12:29.0120 0x11e4 DfsC - ok 06:12:29.0377 0x11e4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 06:12:29.0389 0x11e4 Dhcp - ok 06:12:29.0456 0x11e4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 06:12:29.0459 0x11e4 discache - ok 06:12:29.0532 0x11e4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys 06:12:29.0536 0x11e4 Disk - ok 06:12:29.0709 0x11e4 [ D5BCB77BE83CF99F508943945D46343D, 00C5624CE970A05075A19168643BF6E8FA60C764333ECEC088D7FFCA10547833 ] DKbFltr C:\Windows\SysWOW64\Drivers\DKbFltr.sys 06:12:29.0713 0x11e4 DKbFltr - ok 06:12:29.0829 0x11e4 [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE C:\Windows\system32\DRIVERS\dne64x.sys 06:12:29.0876 0x11e4 DNE - ok 06:12:29.0979 0x11e4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 06:12:30.0001 0x11e4 Dnscache - ok 06:12:30.0106 0x11e4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 06:12:30.0129 0x11e4 dot3svc - ok 06:12:30.0238 0x11e4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 06:12:30.0248 0x11e4 DPS - ok 06:12:30.0384 0x11e4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 06:12:30.0386 0x11e4 drmkaud - ok 06:12:30.0526 0x11e4 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 06:12:30.0591 0x11e4 DXGKrnl - ok 06:12:30.0654 0x11e4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 06:12:30.0662 0x11e4 EapHost - ok 06:12:30.0944 0x11e4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 06:12:31.0111 0x11e4 ebdrv - ok 06:12:31.0162 0x11e4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe 06:12:31.0166 0x11e4 EFS - ok 06:12:31.0262 0x11e4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 06:12:31.0292 0x11e4 ehRecvr - ok 06:12:31.0345 0x11e4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 06:12:31.0349 0x11e4 ehSched - ok 06:12:31.0429 0x11e4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 06:12:31.0472 0x11e4 elxstor - ok 06:12:31.0548 0x11e4 [ D3FA244EF742B359093F8596011CB815, 98FE79170BDD2AB2B50A1E1361AAB9821C26BAE15388476D93DD0C05BB731A91 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe 06:12:31.0616 0x11e4 ePowerSvc - ok 06:12:31.0640 0x11e4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 06:12:31.0642 0x11e4 ErrDev - ok 06:12:31.0810 0x11e4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 06:12:31.0868 0x11e4 EventSystem - ok 06:12:31.0917 0x11e4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 06:12:31.0928 0x11e4 exfat - ok 06:12:31.0969 0x11e4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 06:12:31.0991 0x11e4 fastfat - ok 06:12:32.0134 0x11e4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 06:12:32.0179 0x11e4 Fax - ok 06:12:32.0219 0x11e4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys 06:12:32.0221 0x11e4 fdc - ok 06:12:32.0256 0x11e4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 06:12:32.0270 0x11e4 fdPHost - ok 06:12:32.0320 0x11e4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 06:12:32.0323 0x11e4 FDResPub - ok 06:12:32.0437 0x11e4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 06:12:32.0441 0x11e4 FileInfo - ok 06:12:32.0523 0x11e4 [ A779ACEA28277D480F46799C29D13FFA, 009DC2F112F9EE652CDB36B557D824D90CC30488E2D0A9A586E9203E8CDAE770 ] FileOpenManagerService C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe 06:12:32.0545 0x11e4 FileOpenManagerService - ok 06:12:32.0584 0x11e4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 06:12:32.0587 0x11e4 Filetrace - ok 06:12:32.0766 0x11e4 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 06:12:32.0833 0x11e4 FLEXnet Licensing Service - ok 06:12:32.0963 0x11e4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 06:12:32.0966 0x11e4 flpydisk - ok 06:12:33.0075 0x11e4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 06:12:33.0131 0x11e4 FltMgr - ok 06:12:33.0252 0x11e4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 06:12:33.0320 0x11e4 FontCache - ok 06:12:33.0428 0x11e4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 06:12:33.0435 0x11e4 FontCache3.0.0.0 - ok 06:12:33.0469 0x11e4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 06:12:33.0472 0x11e4 FsDepends - ok 06:12:33.0618 0x11e4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 06:12:33.0621 0x11e4 Fs_Rec - ok 06:12:33.0793 0x11e4 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 06:12:33.0837 0x11e4 fvevol - ok 06:12:33.0913 0x11e4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 06:12:33.0917 0x11e4 gagp30kx - ok 06:12:34.0015 0x11e4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 06:12:34.0019 0x11e4 GEARAspiWDM - ok 06:12:34.0256 0x11e4 [ 7A711F8038E0B128AE6B90522F985528, D540E2049C980FA13956B0D1D7D72C5A15ACB23410B21DFAF178E60FDD7FAE0C ] GenieTimelineService C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe 06:12:34.0322 0x11e4 GenieTimelineService - ok 06:12:34.0474 0x11e4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 06:12:34.0534 0x11e4 gpsvc - ok 06:12:34.0693 0x11e4 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe 06:12:34.0720 0x11e4 GREGService - ok 06:12:35.0002 0x11e4 [ 6D68DF200E0C7FE5DAB51F8F52DB35C1, EF0D9E94D8035288B4D3DE426A07CCF6466862F0152CA8417C375228A6600C24 ] GtDetectSc C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe 06:12:35.0071 0x11e4 GtDetectSc - ok 06:12:35.0294 0x11e4 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 06:12:35.0302 0x11e4 gupdate - ok 06:12:35.0405 0x11e4 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 06:12:35.0411 0x11e4 gupdatem - ok 06:12:35.0553 0x11e4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 06:12:35.0563 0x11e4 gusvc - ok 06:12:35.0667 0x11e4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 06:12:35.0671 0x11e4 hcw85cir - ok 06:12:35.0809 0x11e4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 06:12:35.0832 0x11e4 HdAudAddService - ok 06:12:35.0988 0x11e4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 06:12:35.0992 0x11e4 HDAudBus - ok 06:12:36.0134 0x11e4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 06:12:36.0137 0x11e4 HidBatt - ok 06:12:36.0187 0x11e4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 06:12:36.0194 0x11e4 HidBth - ok 06:12:36.0232 0x11e4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 06:12:36.0236 0x11e4 HidIr - ok 06:12:36.0350 0x11e4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 06:12:36.0356 0x11e4 hidserv - ok 06:12:36.0514 0x11e4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys 06:12:36.0635 0x11e4 HidUsb - ok 06:12:36.0760 0x11e4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 06:12:36.0768 0x11e4 hkmsvc - ok 06:12:37.0015 0x11e4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 06:12:37.0052 0x11e4 HomeGroupListener - ok 06:12:37.0149 0x11e4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 06:12:37.0171 0x11e4 HomeGroupProvider - ok 06:12:37.0251 0x11e4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 06:12:37.0254 0x11e4 HpSAMD - ok 06:12:37.0484 0x11e4 [ 945B827B4D7238FB1E18D574231765DB, 5DAD38A1A538EF15406776783C5BE20C6B181E27E86EF4ADEC2EEBACDF34766F ] hshld C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe 06:12:37.0512 0x11e4 hshld - ok 06:12:37.0662 0x11e4 [ 7C10E21AE8AF5D5547150F4E762C4E7E, F18AE0BEAF9AB5253F05411C696F26934ED783480F16FD5F2BF70A8F702952E9 ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys 06:12:37.0666 0x11e4 HssDRV6 - ok 06:12:37.0759 0x11e4 [ 509B8010AE0464FB2F69CADFBB26E8DA, 39BB4AD1AD13712EA6D0E1E20F77EF38567664F62D60955C28AEDE8C66A0FAF2 ] HssSrv C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe 06:12:37.0804 0x11e4 HssSrv - ok 06:12:37.0894 0x11e4 [ 9D280EE83E657889BA5F112E4CF6F520, 0D7957BDC2E51ABE21FD6645BFBB6065C70F06F003F371F8B4B1E210CA486953 ] HssTrayService C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE 06:12:37.0899 0x11e4 HssTrayService - ok 06:12:38.0138 0x11e4 [ 65603557909D7E9AC21153455A2BA92A, E914A78DD3CB45F6B22E739DBFF3F6F1259F8FC046C5D3EBF951A687557BFD6D ] HssWd C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe 06:12:38.0168 0x11e4 HssWd - ok 06:12:38.0268 0x11e4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 06:12:38.0337 0x11e4 HTTP - ok 06:12:38.0422 0x11e4 [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys 06:12:38.0428 0x11e4 huawei_enumerator - ok 06:12:38.0574 0x11e4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 06:12:38.0577 0x11e4 hwpolicy - ok 06:12:38.0761 0x11e4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 06:12:38.0768 0x11e4 i8042prt - ok 06:12:38.0829 0x11e4 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe 06:12:38.0849 0x11e4 IAANTMON - ok 06:12:38.0917 0x11e4 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 06:12:38.0927 0x11e4 iaStor - ok 06:12:39.0076 0x11e4 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 06:12:39.0124 0x11e4 iaStorV - ok 06:12:39.0246 0x11e4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 06:12:39.0324 0x11e4 idsvc - ok 06:12:39.0392 0x11e4 IEEtwCollectorService - ok 06:12:39.0738 0x11e4 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7, 4AC6425F6D1921ED7975A0450D536B2675964574E40D86099410423E72D70D88 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 06:12:40.0052 0x11e4 igfx - ok 06:12:40.0137 0x11e4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 06:12:40.0140 0x11e4 iirsp - ok 06:12:40.0270 0x11e4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 06:12:40.0342 0x11e4 IKEEXT - ok 06:12:40.0383 0x11e4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 06:12:40.0385 0x11e4 intelide - ok 06:12:40.0435 0x11e4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 06:12:40.0438 0x11e4 intelppm - ok 06:12:40.0546 0x11e4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 06:12:40.0555 0x11e4 IPBusEnum - ok 06:12:40.0603 0x11e4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 06:12:40.0607 0x11e4 IpFilterDriver - ok 06:12:40.0725 0x11e4 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 06:12:40.0802 0x11e4 iphlpsvc - ok 06:12:40.0917 0x11e4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 06:12:40.0921 0x11e4 IPMIDRV - ok 06:12:40.0976 0x11e4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 06:12:40.0980 0x11e4 IPNAT - ok 06:12:41.0165 0x11e4 [ 0FF335D687C85097725A53458160E81E, BF8BB3C8AF1822BEB5FF5F8008614B982F277D862B16B6516CA91F73D336E9D4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 06:12:41.0289 0x11e4 iPod Service - ok 06:12:41.0349 0x11e4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 06:12:41.0351 0x11e4 IRENUM - ok 06:12:41.0472 0x11e4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 06:12:41.0475 0x11e4 isapnp - ok 06:12:41.0539 0x11e4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 06:12:41.0559 0x11e4 iScsiPrt - ok 06:12:41.0675 0x11e4 [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe 06:12:41.0679 0x11e4 IviRegMgr - ok 06:12:41.0709 0x11e4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 06:12:41.0713 0x11e4 kbdclass - ok 06:12:41.0751 0x11e4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 06:12:41.0754 0x11e4 kbdhid - ok 06:12:41.0791 0x11e4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe 06:12:41.0795 0x11e4 KeyIso - ok 06:12:41.0856 0x11e4 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 06:12:41.0861 0x11e4 KSecDD - ok 06:12:41.0877 0x11e4 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 06:12:41.0883 0x11e4 KSecPkg - ok 06:12:41.0909 0x11e4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 06:12:41.0911 0x11e4 ksthunk - ok 06:12:42.0007 0x11e4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 06:12:42.0029 0x11e4 KtmRm - ok 06:12:42.0146 0x11e4 [ 9C46A5421DE9D116C47155317CABB522, 276ECDAA08EADF2F2B572415637A58FC33097ED6A026580DAA1868AAC90064A7 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 06:12:42.0151 0x11e4 L1C - ok 06:12:42.0296 0x11e4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 06:12:42.0312 0x11e4 LanmanServer - ok 06:12:42.0392 0x11e4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 06:12:42.0405 0x11e4 LanmanWorkstation - ok 06:12:42.0493 0x11e4 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys 06:12:42.0540 0x11e4 LGBusEnum - ok 06:12:42.0618 0x11e4 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys 06:12:42.0620 0x11e4 LGVirHid - ok 06:12:42.0849 0x11e4 [ 20CDB07017497C94A0BAD253C4BAFCBC, 5633D245525F9B8CAC4E87A95B0E19D1F34839483ED75AC8F7661DA29BC87EE7 ] LkCitadelServer C:\Windows\SysWOW64\lkcitdl.exe 06:12:43.0047 0x11e4 LkCitadelServer - ok 06:12:43.0075 0x11e4 [ 4CF1212843E92442265E61F945FDD7BC, B529B788248067343A4B3F20C29C13ECADA5B956E2795FBBE7F5A0CA34AAEC22 ] lkClassAds C:\Windows\SysWOW64\lkads.exe 06:12:43.0081 0x11e4 lkClassAds - ok 06:12:43.0124 0x11e4 [ 37F285D5645A4B01C2E2C98246436811, A749832074EB969031D16E67C2F3C740B6132E909E98B695CD0BD7394658C54E ] lkTimeSync C:\Windows\SysWOW64\lktsrv.exe 06:12:43.0131 0x11e4 lkTimeSync - ok 06:12:43.0187 0x11e4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 06:12:43.0190 0x11e4 lltdio - ok 06:12:43.0266 0x11e4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 06:12:43.0309 0x11e4 lltdsvc - ok 06:12:43.0340 0x11e4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 06:12:43.0343 0x11e4 lmhosts - ok 06:12:43.0403 0x11e4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 06:12:43.0410 0x11e4 LSI_FC - ok 06:12:43.0450 0x11e4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 06:12:43.0458 0x11e4 LSI_SAS - ok 06:12:43.0489 0x11e4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 06:12:43.0494 0x11e4 LSI_SAS2 - ok 06:12:43.0527 0x11e4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 06:12:43.0533 0x11e4 LSI_SCSI - ok 06:12:43.0601 0x11e4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 06:12:43.0607 0x11e4 luafv - ok 06:12:43.0706 0x11e4 MAC_MOT - ok 06:12:43.0830 0x11e4 [ 035C83CD72E06C47000793D32B1A642D, 38B498D912EB3D0E3EE1266BD559234A5CF463AF81E92D6CBEE83ABECBF5DB74 ] massfilter C:\Windows\system32\drivers\massfilter.sys 06:12:43.0832 0x11e4 massfilter - ok 06:12:43.0885 0x11e4 [ 7AD627CDB12F5F451F24C8A97CA6E175, ECBE9293B62D45D874D01B37FC97E861643C40D7085F5CC3A1375E47C1B39F39 ] massfilter_hs C:\Windows\system32\drivers\massfilter_hs.sys 06:12:43.0888 0x11e4 massfilter_hs - ok 06:12:44.0099 0x11e4 [ 968BFF74AEB683C962960ECE0CAE4135, 3E08B39DE27FE27A27BD3E81486F0FCA1947D4B50BFE0167A0C27CE48DD56793 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe 06:12:44.0132 0x11e4 McComponentHostService - ok 06:12:44.0184 0x11e4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 06:12:44.0193 0x11e4 Mcx2Svc - ok 06:12:44.0252 0x11e4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 06:12:44.0256 0x11e4 megasas - ok 06:12:44.0313 0x11e4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 06:12:44.0334 0x11e4 MegaSR - ok 06:12:44.0511 0x11e4 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 06:12:44.0515 0x11e4 Microsoft Office Groove Audit Service - ok 06:12:44.0573 0x11e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 06:12:44.0580 0x11e4 MMCSS - ok 06:12:44.0642 0x11e4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 06:12:44.0645 0x11e4 Modem - ok 06:12:44.0705 0x11e4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 06:12:44.0708 0x11e4 monitor - ok 06:12:44.0813 0x11e4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 06:12:44.0818 0x11e4 mouclass - ok 06:12:44.0879 0x11e4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 06:12:44.0883 0x11e4 mouhid - ok 06:12:44.0926 0x11e4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 06:12:44.0932 0x11e4 mountmgr - ok 06:12:45.0071 0x11e4 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 06:12:45.0078 0x11e4 MozillaMaintenance - ok 06:12:45.0158 0x11e4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 06:12:45.0166 0x11e4 mpio - ok 06:12:45.0230 0x11e4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 06:12:45.0235 0x11e4 mpsdrv - ok 06:12:45.0334 0x11e4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 06:12:45.0393 0x11e4 MpsSvc - ok 06:12:45.0473 0x11e4 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 06:12:45.0479 0x11e4 MRxDAV - ok 06:12:45.0543 0x11e4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 06:12:45.0549 0x11e4 mrxsmb - ok 06:12:45.0639 0x11e4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 06:12:45.0657 0x11e4 mrxsmb10 - ok 06:12:45.0749 0x11e4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 06:12:45.0755 0x11e4 mrxsmb20 - ok 06:12:45.0858 0x11e4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 06:12:45.0862 0x11e4 msahci - ok 06:12:45.0904 0x11e4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 06:12:45.0911 0x11e4 msdsm - ok 06:12:45.0955 0x11e4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 06:12:45.0964 0x11e4 MSDTC - ok 06:12:45.0999 0x11e4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 06:12:46.0001 0x11e4 Msfs - ok 06:12:46.0052 0x11e4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 06:12:46.0054 0x11e4 mshidkmdf - ok 06:12:46.0129 0x11e4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 06:12:46.0132 0x11e4 msisadrv - ok 06:12:46.0195 0x11e4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 06:12:46.0203 0x11e4 MSiSCSI - ok 06:12:46.0212 0x11e4 msiserver - ok 06:12:46.0259 0x11e4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 06:12:46.0261 0x11e4 MSKSSRV - ok 06:12:46.0306 0x11e4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 06:12:46.0307 0x11e4 MSPCLOCK - ok 06:12:46.0359 0x11e4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 06:12:46.0361 0x11e4 MSPQM - ok 06:12:46.0428 0x11e4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 06:12:46.0475 0x11e4 MsRPC - ok 06:12:46.0568 0x11e4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 06:12:46.0570 0x11e4 mssmbios - ok 06:12:46.0638 0x11e4 MSSQL$MSSMLBIZ - ok 06:12:46.0835 0x11e4 [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe 06:12:46.0840 0x11e4 MSSQLServerADHelper - ok 06:12:46.0886 0x11e4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 06:12:46.0888 0x11e4 MSTEE - ok 06:12:46.0936 0x11e4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 06:12:46.0937 0x11e4 MTConfig - ok 06:12:46.0976 0x11e4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 06:12:46.0980 0x11e4 Mup - ok 06:12:47.0102 0x11e4 [ A3BA8A14490FDBF106939C37A125E82C, 261CADBE9E5C2C533746B6AACC1C10D9CCA1C74208DBA6F04A5A339924B2DAC9 ] mxssvr C:\Program Files (x86)\National Instruments\MAX\nimxs.exe 06:12:47.0104 0x11e4 mxssvr - ok 06:12:47.0207 0x11e4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 06:12:47.0278 0x11e4 napagent - ok 06:12:47.0365 0x11e4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 06:12:47.0399 0x11e4 NativeWifiP - ok 06:12:47.0553 0x11e4 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys 06:12:47.0638 0x11e4 NDIS - ok 06:12:47.0801 0x11e4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 06:12:47.0804 0x11e4 NdisCap - ok 06:12:47.0853 0x11e4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 06:12:47.0855 0x11e4 NdisTapi - ok 06:12:47.0907 0x11e4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 06:12:47.0912 0x11e4 Ndisuio - ok 06:12:47.0997 0x11e4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 06:12:48.0017 0x11e4 NdisWan - ok 06:12:48.0086 0x11e4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 06:12:48.0090 0x11e4 NDProxy - ok 06:12:48.0162 0x11e4 [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 06:12:48.0167 0x11e4 Netaapl - ok 06:12:48.0248 0x11e4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 06:12:48.0251 0x11e4 NetBIOS - ok 06:12:48.0306 0x11e4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 06:12:48.0314 0x11e4 NetBT - ok 06:12:48.0362 0x11e4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe 06:12:48.0369 0x11e4 Netlogon - ok 06:12:48.0413 0x11e4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 06:12:48.0477 0x11e4 Netman - ok 06:12:48.0544 0x11e4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 06:12:48.0635 0x11e4 netprofm - ok 06:12:48.0745 0x11e4 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 06:12:48.0750 0x11e4 NetTcpPortSharing - ok 06:12:49.0121 0x11e4 [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys 06:12:49.0423 0x11e4 NETw5s64 - ok 06:12:49.0757 0x11e4 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys 06:12:50.0004 0x11e4 netw5v64 - ok 06:12:50.0060 0x11e4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 06:12:50.0063 0x11e4 nfrd960 - ok 06:12:50.0174 0x11e4 [ EF5225ED8671D406E4A84769B26147F0, 3FB4CCB9F9380EEFC7F54DC5A03664CBDDF9DF22C89BD1DEE174B87AC242F65C ] NIApplicationWebServer C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe 06:12:50.0178 0x11e4 NIApplicationWebServer - ok 06:12:50.0325 0x11e4 [ DAE7C49B3CDABD1466DDED91B72550AF, 66C9E52DB22CA7C4934B19BF9F808DF43E3D832A58292473E733BF2782CA9045 ] NIApplicationWebServer64 C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe 06:12:50.0328 0x11e4 NIApplicationWebServer64 - ok 06:12:50.0417 0x11e4 [ 159E95CFC105A27A2EC6D7632BB254A8, 4E582BF847D8D1FA8E2C6E149F56BAAF8642A2E1FF221FBE4ED78C86CCA1EEDD ] NIDomainService C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe 06:12:50.0460 0x11e4 NIDomainService - ok 06:12:50.0591 0x11e4 [ B17093B9A2C5F874975C732C1A8BA771, EAF5AF9A5CCBF982D0A4F8ACEDED25588E67981D938FE17A94F1C9B331709FAB ] NILM License Manager C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe 06:12:50.0661 0x11e4 NILM License Manager - ok 06:12:50.0766 0x11e4 [ F0D9FFB575A06FEE410E2A838BE3507B, 4914813B5E6E6238C07A2376C43E30DA595FA4DC7F1652B1D796CDC49C0FDF94 ] nimDNSResponder C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe 06:12:50.0788 0x11e4 nimDNSResponder - ok 06:12:50.0897 0x11e4 [ 617B57046635D3B15634416D68528A8B, 20322BDC840BE0101A44C8B06DCCC28C6B976572ECC44D227EB68DFD66C9B29B ] niSvcLoc C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe 06:12:50.0902 0x11e4 niSvcLoc - ok 06:12:50.0990 0x11e4 [ AD0203C2E2AFAF92BE528E79A38C64B5, EC36B6089CDC8F09CF29C220A389C6E127A88C44E93C4460EBAF81A0E40E8D15 ] NITaggerService C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe 06:12:51.0061 0x11e4 NITaggerService - ok 06:12:51.0111 0x11e4 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll 06:12:51.0132 0x11e4 NlaSvc - ok 06:12:51.0164 0x11e4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 06:12:51.0173 0x11e4 Npfs - ok 06:12:51.0220 0x11e4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 06:12:51.0224 0x11e4 nsi - ok 06:12:51.0282 0x11e4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 06:12:51.0284 0x11e4 nsiproxy - ok 06:12:51.0454 0x11e4 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 06:12:51.0551 0x11e4 Ntfs - ok 06:12:51.0688 0x11e4 [ 15221DD637D9D0FFC60848EBBF1DF538, 72E20DAAC3BF7CA9303DB515A7C93C629D7EEDA04C9A7CE91AFBCBB574F257D4 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe 06:12:51.0693 0x11e4 NTIBackupSvc - ok 06:12:51.0792 0x11e4 [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys 06:12:51.0797 0x11e4 NTIDrvr - ok 06:12:51.0869 0x11e4 [ B5071E15D4C3F5EF5018AFF7E85A85E5, FF3ACAEDD127CC4BB0A6FD2D34B5E4D98478A86122BE31DB84702A12567288E0 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe 06:12:51.0875 0x11e4 NTISchedulerSvc - ok 06:12:51.0906 0x11e4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 06:12:51.0908 0x11e4 Null - ok 06:12:51.0966 0x11e4 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys 06:12:51.0974 0x11e4 nvraid - ok 06:12:52.0031 0x11e4 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys 06:12:52.0040 0x11e4 nvstor - ok 06:12:52.0077 0x11e4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 06:12:52.0081 0x11e4 nv_agp - ok 06:12:52.0129 0x11e4 [ CAC6D16294DBA0170FC540C8694DA0E6, 03A107F5D2B5C667F4481BDB2B6A116799A60B5320B7CE33BCC53998AD991F20 ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys 06:12:52.0142 0x11e4 NWADI - ok 06:12:52.0240 0x11e4 [ 33FD14F3EF7B7F051874D0E55CB30844, 753AF9836D0583961060F8A4E599EB17D2EDB9767DCB0F4D1268F194821C7748 ] NWHelper C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe 06:12:52.0268 0x11e4 NWHelper - ok 06:12:52.0482 0x11e4 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 06:12:52.0535 0x11e4 odserv - ok 06:12:52.0606 0x11e4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 06:12:52.0609 0x11e4 ohci1394 - ok 06:12:52.0807 0x11e4 [ EAE6208900E2986F66F68B30AEF86E4D, 31D70C867DAFB3E93753D12156844394A987859D15C6D0658032D573B3C92A0E ] OpcEnum C:\Windows\SysWOW64\OpcEnum.exe 06:12:52.0812 0x11e4 OpcEnum - ok 06:12:52.0923 0x11e4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 06:12:52.0932 0x11e4 ose - ok 06:12:53.0005 0x11e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 06:12:53.0027 0x11e4 p2pimsvc - ok 06:12:53.0090 0x11e4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 06:12:53.0190 0x11e4 p2psvc - ok 06:12:53.0249 0x11e4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 06:12:53.0255 0x11e4 Parport - ok 06:12:53.0313 0x11e4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 06:12:53.0317 0x11e4 partmgr - ok 06:12:53.0373 0x11e4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 06:12:53.0381 0x11e4 PcaSvc - ok 06:12:53.0430 0x11e4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 06:12:53.0436 0x11e4 pci - ok 06:12:53.0518 0x11e4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 06:12:53.0522 0x11e4 pciide - ok 06:12:53.0597 0x11e4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 06:12:53.0608 0x11e4 pcmcia - ok 06:12:53.0656 0x11e4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 06:12:53.0661 0x11e4 pcw - ok 06:12:53.0729 0x11e4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 06:12:53.0782 0x11e4 PEAUTH - ok 06:12:53.0835 0x11e4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 06:12:53.0839 0x11e4 PerfHost - ok 06:12:53.0976 0x11e4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 06:12:54.0073 0x11e4 pla - ok 06:12:54.0179 0x11e4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 06:12:54.0249 0x11e4 PlugPlay - ok 06:12:54.0320 0x11e4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 06:12:54.0327 0x11e4 PNRPAutoReg - ok 06:12:54.0394 0x11e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 06:12:54.0416 0x11e4 PNRPsvc - ok 06:12:54.0500 0x11e4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 06:12:54.0566 0x11e4 PolicyAgent - ok 06:12:54.0635 0x11e4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 06:12:54.0644 0x11e4 Power - ok 06:12:54.0742 0x11e4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 06:12:54.0749 0x11e4 PptpMiniport - ok 06:12:54.0778 0x11e4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys 06:12:54.0782 0x11e4 Processor - ok 06:12:54.0919 0x11e4 [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc C:\Windows\system32\profsvc.dll 06:12:54.0975 0x11e4 ProfSvc - ok 06:12:55.0013 0x11e4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe 06:12:55.0021 0x11e4 ProtectedStorage - ok 06:12:55.0063 0x11e4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 06:12:55.0070 0x11e4 Psched - ok 06:12:55.0135 0x11e4 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 06:12:55.0144 0x11e4 PSI_SVC_2 - ok 06:12:55.0268 0x11e4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 06:12:55.0326 0x11e4 ql2300 - ok 06:12:55.0444 0x11e4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 06:12:55.0452 0x11e4 ql40xx - ok 06:12:55.0492 0x11e4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 06:12:55.0502 0x11e4 QWAVE - ok 06:12:55.0559 0x11e4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 06:12:55.0562 0x11e4 QWAVEdrv - ok 06:12:55.0902 0x11e4 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 06:12:55.0909 0x11e4 RapiMgr - ok 06:12:55.0935 0x11e4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 06:12:55.0936 0x11e4 RasAcd - ok 06:12:55.0987 0x11e4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 06:12:55.0991 0x11e4 RasAgileVpn - ok 06:12:56.0056 0x11e4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 06:12:56.0066 0x11e4 RasAuto - ok 06:12:56.0086 0x11e4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 06:12:56.0094 0x11e4 Rasl2tp - ok 06:12:56.0151 0x11e4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 06:12:56.0173 0x11e4 RasMan - ok 06:12:56.0200 0x11e4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 06:12:56.0206 0x11e4 RasPppoe - ok 06:12:56.0324 0x11e4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 06:12:56.0329 0x11e4 RasSstp - ok 06:12:56.0365 0x11e4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 06:12:56.0455 0x11e4 rdbss - ok 06:12:56.0506 0x11e4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 06:12:56.0510 0x11e4 rdpbus - ok 06:12:56.0535 0x11e4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 06:12:56.0537 0x11e4 RDPCDD - ok 06:12:56.0585 0x11e4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 06:12:56.0587 0x11e4 RDPENCDD - ok 06:12:56.0634 0x11e4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 06:12:56.0637 0x11e4 RDPREFMP - ok 06:12:56.0707 0x11e4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 06:12:56.0728 0x11e4 RDPWD - ok 06:12:56.0766 0x11e4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 06:12:56.0788 0x11e4 rdyboost - ok 06:12:56.0823 0x11e4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 06:12:56.0832 0x11e4 RemoteAccess - ok 06:12:56.0899 0x11e4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 06:12:56.0933 0x11e4 RemoteRegistry - ok 06:12:57.0022 0x11e4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 06:12:57.0031 0x11e4 RFCOMM - ok 06:12:57.0125 0x11e4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 06:12:57.0135 0x11e4 RpcEptMapper - ok 06:12:57.0192 0x11e4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 06:12:57.0197 0x11e4 RpcLocator - ok 06:12:57.0282 0x11e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 06:12:57.0308 0x11e4 RpcSs - ok 06:12:57.0368 0x11e4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 06:12:57.0373 0x11e4 rspndr - ok 06:12:57.0437 0x11e4 [ A5DF2F732A6C95554E548FCB6932BD31, C86B89CDB42F465329CAD3B601A6A006C4785F0CBF753361A7677D68D558EFC9 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 06:12:57.0470 0x11e4 RSUSBSTOR - ok 06:12:57.0617 0x11e4 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe 06:12:57.0640 0x11e4 RS_Service - ok 06:12:57.0692 0x11e4 RtsUIR - ok 06:12:57.0735 0x11e4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe 06:12:57.0742 0x11e4 SamSs - ok 06:12:57.0804 0x11e4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 06:12:57.0811 0x11e4 sbp2port - ok 06:12:57.0863 0x11e4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 06:12:57.0872 0x11e4 SCardSvr - ok 06:12:57.0956 0x11e4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 06:12:57.0958 0x11e4 scfilter - ok 06:12:58.0041 0x11e4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 06:12:58.0122 0x11e4 Schedule - ok 06:12:58.0173 0x11e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 06:12:58.0177 0x11e4 SCPolicySvc - ok 06:12:58.0247 0x11e4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 06:12:58.0337 0x11e4 SDRSVC - ok 06:12:58.0403 0x11e4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 06:12:58.0407 0x11e4 secdrv - ok 06:12:58.0473 0x11e4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 06:12:58.0482 0x11e4 seclogon - ok 06:12:58.0603 0x11e4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 06:12:58.0612 0x11e4 SENS - ok 06:12:58.0642 0x11e4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 06:12:58.0650 0x11e4 SensrSvc - ok 06:12:58.0702 0x11e4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 06:12:58.0705 0x11e4 Serenum - ok 06:12:58.0766 0x11e4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 06:12:58.0770 0x11e4 Serial - ok 06:12:58.0820 0x11e4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 06:12:58.0823 0x11e4 sermouse - ok 06:12:58.0924 0x11e4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 06:12:58.0933 0x11e4 SessionEnv - ok 06:12:58.0992 0x11e4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 06:12:58.0995 0x11e4 sffdisk - ok 06:12:59.0049 0x11e4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 06:12:59.0051 0x11e4 sffp_mmc - ok 06:12:59.0088 0x11e4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 06:12:59.0091 0x11e4 sffp_sd - ok 06:12:59.0141 0x11e4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 06:12:59.0143 0x11e4 sfloppy - ok 06:12:59.0266 0x11e4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 06:12:59.0367 0x11e4 SharedAccess - ok 06:12:59.0453 0x11e4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 06:12:59.0518 0x11e4 ShellHWDetection - ok 06:12:59.0566 0x11e4 [ 720088AAD691FF1D90BE8EC28727F6CA, 4F266DEFD60FBC3171B2F0F45779CD02AC31644C5F9857E9A16FEB7045040504 ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys 06:12:59.0570 0x11e4 silabenm - ok 06:12:59.0619 0x11e4 [ 3A639FC33AD3D4897C301130214D7FF0, 16B62122B7EDA6E7C53D0E152551B45CE3D463F7129FF370A1EAF97B7F928990 ] silabser C:\Windows\system32\DRIVERS\silabser.sys 06:12:59.0625 0x11e4 silabser - ok 06:12:59.0679 0x11e4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 06:12:59.0684 0x11e4 SiSRaid2 - ok 06:12:59.0737 0x11e4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 06:12:59.0743 0x11e4 SiSRaid4 - ok 06:13:00.0167 0x11e4 [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 06:13:00.0323 0x11e4 Skype C2C Service - ok 06:13:00.0472 0x11e4 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 06:13:00.0482 0x11e4 SkypeUpdate - ok 06:13:00.0602 0x11e4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 06:13:00.0612 0x11e4 Smb - ok 06:13:00.0700 0x11e4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 06:13:00.0706 0x11e4 SNMPTRAP - ok 06:13:00.0774 0x11e4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 06:13:00.0777 0x11e4 spldr - ok 06:13:00.0870 0x11e4 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe 06:13:00.0934 0x11e4 Spooler - ok 06:13:01.0180 0x11e4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 06:13:01.0323 0x11e4 sppsvc - ok 06:13:01.0384 0x11e4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 06:13:01.0394 0x11e4 sppuinotify - ok 06:13:01.0529 0x11e4 [ 51DE15CA5C05BCA46D8B110CD00A02FB, 1ACA132555AF7E492646EED2A9DFAAF378B3996B1570D89CDB2DACAEC4FA43BA ] sptd C:\Windows\system32\Drivers\sptd.sys 06:13:01.0530 0x11e4 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 51DE15CA5C05BCA46D8B110CD00A02FB, sha256: 1ACA132555AF7E492646EED2A9DFAAF378B3996B1570D89CDB2DACAEC4FA43BA 06:13:01.0534 0x11e4 sptd - detected LockedFile.Multi.Generic ( 1 ) 06:13:04.0814 0x11e4 Detect skipped due to KSN trusted 06:13:04.0815 0x11e4 sptd - ok 06:13:04.0980 0x11e4 [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 06:13:04.0987 0x11e4 SQLBrowser - ok 06:13:05.0056 0x11e4 [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 06:13:05.0062 0x11e4 SQLWriter - ok 06:13:05.0128 0x11e4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 06:13:05.0174 0x11e4 srv - ok 06:13:05.0212 0x11e4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 06:13:05.0249 0x11e4 srv2 - ok 06:13:05.0293 0x11e4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 06:13:05.0302 0x11e4 srvnet - ok 06:13:05.0347 0x11e4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 06:13:05.0381 0x11e4 SSDPSRV - ok 06:13:05.0404 0x11e4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 06:13:05.0414 0x11e4 SstpSvc - ok 06:13:05.0468 0x11e4 Steam Client Service - ok 06:13:05.0502 0x11e4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 06:13:05.0506 0x11e4 stexstor - ok 06:13:05.0593 0x11e4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 06:13:05.0647 0x11e4 stisvc - ok 06:13:05.0685 0x11e4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 06:13:05.0687 0x11e4 swenum - ok 06:13:05.0758 0x11e4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 06:13:05.0814 0x11e4 swprv - ok 06:13:05.0891 0x11e4 [ ED6D1424E5B0C21A57B28DD8508D6843, EF3BBBBD376F22520060BC6D637CDF79E2D8B43A95E746FC1463E7CDC407C2D9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 06:13:05.0925 0x11e4 SynTP - ok 06:13:06.0062 0x11e4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 06:13:06.0183 0x11e4 SysMain - ok 06:13:06.0423 0x11e4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 06:13:06.0430 0x11e4 TabletInputService - ok 06:13:06.0625 0x11e4 [ B70DF208E97536CA9F29289E609F5B16, 5D2AF3DE64A6DAF8F0EA8C1F05B13660EA9428450516A6B3FA8AB0C3B3218E2D ] taphss C:\Windows\system32\DRIVERS\taphss.sys 06:13:06.0630 0x11e4 taphss - ok 06:13:06.0749 0x11e4 [ 4C8F3BF064C67F38708CB998D76092E7, B6383101B94C24D62A9B880FA0D17D01AD2487D883F9A41085A0B1451171A963 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys 06:13:06.0753 0x11e4 taphss6 - ok 06:13:06.0951 0x11e4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 06:13:07.0008 0x11e4 TapiSrv - ok 06:13:07.0054 0x11e4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 06:13:07.0060 0x11e4 TBS - ok 06:13:07.0240 0x11e4 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys 06:13:07.0365 0x11e4 Tcpip - ok 06:13:07.0459 0x11e4 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 06:13:07.0508 0x11e4 TCPIP6 - ok 06:13:07.0613 0x11e4 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 06:13:07.0635 0x11e4 tcpipreg - ok 06:13:07.0699 0x11e4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 06:13:07.0702 0x11e4 TDPIPE - ok 06:13:07.0782 0x11e4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 06:13:07.0786 0x11e4 TDTCP - ok 06:13:07.0889 0x11e4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 06:13:07.0896 0x11e4 tdx - ok 06:13:07.0963 0x11e4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 06:13:07.0968 0x11e4 TermDD - ok 06:13:08.0122 0x11e4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll 06:13:08.0144 0x11e4 TermService - ok 06:13:08.0199 0x11e4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 06:13:08.0204 0x11e4 Themes - ok 06:13:08.0275 0x11e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 06:13:08.0285 0x11e4 THREADORDER - ok 06:13:08.0346 0x11e4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 06:13:08.0355 0x11e4 TrkWks - ok 06:13:08.0452 0x11e4 [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys 06:13:08.0460 0x11e4 truecrypt - ok 06:13:08.0562 0x11e4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 06:13:08.0568 0x11e4 TrustedInstaller - ok 06:13:08.0637 0x11e4 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 06:13:08.0641 0x11e4 tssecsrv - ok 06:13:08.0754 0x11e4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 06:13:08.0759 0x11e4 TsUsbFlt - ok 06:13:08.0885 0x11e4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 06:13:08.0892 0x11e4 tunnel - ok 06:13:08.0919 0x11e4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 06:13:08.0924 0x11e4 uagp35 - ok 06:13:08.0988 0x11e4 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys 06:13:08.0991 0x11e4 UBHelper - ok 06:13:09.0067 0x11e4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 06:13:09.0082 0x11e4 udfs - ok 06:13:09.0152 0x11e4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 06:13:09.0161 0x11e4 UI0Detect - ok 06:13:09.0242 0x11e4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 06:13:09.0245 0x11e4 uliagpkx - ok 06:13:09.0376 0x11e4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys 06:13:09.0379 0x11e4 umbus - ok 06:13:09.0417 0x11e4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 06:13:09.0419 0x11e4 UmPass - ok 06:13:09.0558 0x11e4 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 06:13:09.0581 0x11e4 Updater Service - ok 06:13:09.0628 0x11e4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 06:13:09.0684 0x11e4 upnphost - ok 06:13:09.0753 0x11e4 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 06:13:09.0756 0x11e4 USBAAPL64 - ok 06:13:09.0862 0x11e4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 06:13:09.0870 0x11e4 usbaudio - ok 06:13:09.0954 0x11e4 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 06:13:09.0963 0x11e4 usbccgp - ok 06:13:09.0993 0x11e4 USBCCID - ok 06:13:10.0068 0x11e4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 06:13:10.0074 0x11e4 usbcir - ok 06:13:10.0117 0x11e4 [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci C:\Windows\system32\drivers\usbehci.sys 06:13:10.0126 0x11e4 usbehci - ok 06:13:10.0267 0x11e4 [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 06:13:10.0300 0x11e4 usbhub - ok 06:13:10.0377 0x11e4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys 06:13:10.0381 0x11e4 usbohci - ok 06:13:10.0430 0x11e4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 06:13:10.0434 0x11e4 usbprint - ok 06:13:10.0501 0x11e4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 06:13:10.0504 0x11e4 usbscan - ok 06:13:10.0583 0x11e4 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 06:13:10.0587 0x11e4 USBSTOR - ok 06:13:10.0613 0x11e4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 06:13:10.0616 0x11e4 usbuhci - ok 06:13:10.0729 0x11e4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 06:13:10.0739 0x11e4 usbvideo - ok 06:13:10.0771 0x11e4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 06:13:10.0780 0x11e4 UxSms - ok 06:13:10.0844 0x11e4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe 06:13:10.0852 0x11e4 VaultSvc - ok 06:13:10.0912 0x11e4 vbusr - ok 06:13:11.0013 0x11e4 [ 6DF525F61F51843196BA1522AD6AB870, 71FC832378108CB3352DB2A4FE4703AE8BE1ECFC9EED6601947244CF1E9CBE1C ] vcanv C:\Windows\system32\drivers\vcanv.sys 06:13:11.0018 0x11e4 vcanv - ok 06:13:11.0090 0x11e4 [ 447FF3D279D6BFC21351664FB179BFEC, FCF2E2E8B526676DEB8045EF5D94859C25D5EC39AA6350CE48BEC116F235A5DA ] vcasexl C:\Windows\system32\DRIVERS\vcasexl.sys 06:13:11.0202 0x11e4 vcasexl - ok 06:13:11.0359 0x11e4 [ 703789345C9B19BBAC5750D8BCD9B3C2, 685AC35B1BE0898FA2A267FC13E25669DDFFCCFF3CAE282BC4438ED65DC8C903 ] vcisrv C:\Windows\System32\drivers\vcisrv.sys 06:13:11.0375 0x11e4 vcisrv - ok 06:13:11.0412 0x11e4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 06:13:11.0416 0x11e4 vdrvroot - ok 06:13:11.0549 0x11e4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 06:13:11.0601 0x11e4 vds - ok 06:13:11.0693 0x11e4 VEtherMp50 - ok 06:13:11.0704 0x11e4 VEtherSp50 - ok 06:13:11.0752 0x11e4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 06:13:11.0756 0x11e4 vga - ok 06:13:11.0801 0x11e4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 06:13:11.0805 0x11e4 VgaSave - ok 06:13:11.0938 0x11e4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys 06:13:11.0960 0x11e4 vhdmp - ok 06:13:12.0024 0x11e4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 06:13:12.0027 0x11e4 viaide - ok 06:13:12.0052 0x11e4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 06:13:12.0056 0x11e4 volmgr - ok 06:13:12.0128 0x11e4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 06:13:12.0150 0x11e4 volmgrx - ok 06:13:12.0199 0x11e4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 06:13:12.0209 0x11e4 volsnap - ok 06:13:12.0272 0x11e4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 06:13:12.0350 0x11e4 vsmraid - ok 06:13:12.0501 0x11e4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 06:13:12.0636 0x11e4 VSS - ok 06:13:12.0662 0x11e4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 06:13:12.0665 0x11e4 vwifibus - ok 06:13:12.0710 0x11e4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 06:13:12.0715 0x11e4 vwififlt - ok 06:13:12.0818 0x11e4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 06:13:12.0822 0x11e4 vwifimp - ok 06:13:12.0956 0x11e4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 06:13:12.0993 0x11e4 W32Time - ok 06:13:13.0063 0x11e4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 06:13:13.0065 0x11e4 WacomPen - ok 06:13:13.0194 0x11e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 06:13:13.0200 0x11e4 WANARP - ok 06:13:13.0255 0x11e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 06:13:13.0260 0x11e4 Wanarpv6 - ok 06:13:13.0405 0x11e4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 06:13:13.0466 0x11e4 WatAdminSvc - ok 06:13:13.0635 0x11e4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 06:13:13.0724 0x11e4 wbengine - ok 06:13:13.0862 0x11e4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 06:13:13.0919 0x11e4 WbioSrvc - ok 06:13:13.0958 0x11e4 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 06:13:14.0014 0x11e4 WcesComm - ok 06:13:14.0084 0x11e4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 06:13:14.0174 0x11e4 wcncsvc - ok 06:13:14.0232 0x11e4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 06:13:14.0237 0x11e4 WcsPlugInService - ok 06:13:14.0282 0x11e4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys 06:13:14.0286 0x11e4 Wd - ok 06:13:14.0389 0x11e4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 06:13:14.0480 0x11e4 Wdf01000 - ok 06:13:14.0542 0x11e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 06:13:14.0553 0x11e4 WdiServiceHost - ok 06:13:14.0565 0x11e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 06:13:14.0576 0x11e4 WdiSystemHost - ok 06:13:14.0658 0x11e4 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll 06:13:14.0736 0x11e4 WebClient - ok 06:13:14.0783 0x11e4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 06:13:14.0829 0x11e4 Wecsvc - ok 06:13:14.0942 0x11e4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 06:13:14.0953 0x11e4 wercplsupport - ok 06:13:15.0030 0x11e4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 06:13:15.0048 0x11e4 WerSvc - ok 06:13:15.0109 0x11e4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 06:13:15.0111 0x11e4 WfpLwf - ok 06:13:15.0170 0x11e4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 06:13:15.0172 0x11e4 WIMMount - ok 06:13:15.0236 0x11e4 WinDefend - ok 06:13:15.0374 0x11e4 WinDriver - ok 06:13:15.0517 0x11e4 [ 4DE7D61CF51F4C8261D119CFBDB70243, A88BF58108AAF149FF30B93E3C58785AB1F414FD883FE87211F95AD4A91861DE ] WinDriver6 C:\Windows\system32\drivers\windrvr6.sys 06:13:15.0539 0x11e4 WinDriver6 - ok 06:13:15.0559 0x11e4 WinHttpAutoProxySvc - ok 06:13:15.0633 0x11e4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 06:13:15.0677 0x11e4 Winmgmt - ok 06:13:15.0825 0x11e4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 06:13:15.0963 0x11e4 WinRM - ok 06:13:16.0034 0x11e4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB C:\Windows\system32\DRIVERS\WinUsb.sys 06:13:16.0037 0x11e4 WINUSB - ok 06:13:16.0174 0x11e4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 06:13:16.0259 0x11e4 Wlansvc - ok 06:13:16.0390 0x11e4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 06:13:16.0393 0x11e4 WmiAcpi - ok 06:13:16.0455 0x11e4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 06:13:16.0462 0x11e4 wmiApSrv - ok 06:13:16.0537 0x11e4 WMPNetworkSvc - ok 06:13:16.0571 0x11e4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 06:13:16.0576 0x11e4 WPCSvc - ok 06:13:16.0635 0x11e4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 06:13:16.0648 0x11e4 WPDBusEnum - ok 06:13:16.0681 0x11e4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 06:13:16.0683 0x11e4 ws2ifsl - ok 06:13:16.0711 0x11e4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 06:13:16.0718 0x11e4 wscsvc - ok 06:13:16.0724 0x11e4 WSearch - ok 06:13:16.0877 0x11e4 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 06:13:17.0036 0x11e4 wuauserv - ok 06:13:17.0206 0x11e4 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 06:13:17.0210 0x11e4 WudfPf - ok 06:13:17.0312 0x11e4 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 06:13:17.0318 0x11e4 WUDFRd - ok 06:13:17.0348 0x11e4 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 06:13:17.0355 0x11e4 wudfsvc - ok 06:13:17.0496 0x11e4 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll 06:13:17.0542 0x11e4 WwanSvc - ok 06:13:17.0833 0x11e4 [ 4820BDE8E07CA6910ED6B9B187AF866D, 61A1A3C0047129892D7FD1E4D5209C7414904D13F415816A64496251D4374F41 ] XatDevService C:\Program Files\IXXAT\VCI 3.5\DeviceServer\XatDevService.exe 06:13:17.0842 0x11e4 XatDevService - ok 06:13:17.0979 0x11e4 [ B71F6297627ABF1C9CDA451FF3ABE103, 9C049473A94F3C7024D7E1C0080B3C37731FAF2330FC9B6F808358A6A3EF25E9 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys 06:13:17.0987 0x11e4 ZTEusbser6k - ok 06:13:18.0168 0x11e4 ================ Scan global =============================== 06:13:18.0213 0x11e4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 06:13:18.0330 0x11e4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 06:13:18.0376 0x11e4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 06:13:18.0452 0x11e4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 06:13:18.0539 0x11e4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 06:13:18.0600 0x11e4 [ Global ] - ok 06:13:18.0605 0x11e4 ================ Scan MBR ================================== 06:13:18.0616 0x11e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 06:13:18.0965 0x11e4 \Device\Harddisk0\DR0 - ok 06:13:19.0774 0x11e4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 06:13:19.0780 0x11e4 \Device\Harddisk1\DR1 - ok 06:13:19.0780 0x11e4 ================ Scan VBR ================================== 06:13:19.0844 0x11e4 [ 858EABE10D3958735DB6B37A3FB850B9 ] \Device\Harddisk0\DR0\Partition1 06:13:19.0847 0x11e4 \Device\Harddisk0\DR0\Partition1 - ok 06:13:19.0864 0x11e4 [ 83538531C0C94D8B3E36EB0CEACC700D ] \Device\Harddisk0\DR0\Partition2 06:13:19.0867 0x11e4 \Device\Harddisk0\DR0\Partition2 - ok 06:13:19.0880 0x11e4 [ 3E13CF02C3EED95DAE53EA40A4A190B3 ] \Device\Harddisk1\DR1\Partition1 06:13:19.0882 0x11e4 \Device\Harddisk1\DR1\Partition1 - ok 06:13:19.0883 0x11e4 Waiting for KSN requests completion. In queue: 110 06:13:20.0883 0x11e4 Waiting for KSN requests completion. In queue: 110 06:13:21.0883 0x11e4 Waiting for KSN requests completion. In queue: 110 06:13:22.0883 0x11e4 Waiting for KSN requests completion. In queue: 110 06:13:24.0153 0x11e4 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 8.0.1497.376 ), 0x42000 ( disabled : updated ) 06:13:24.0157 0x11e4 FW detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 8.0.1497.376 ), 0x40010 ( disabled ) 06:13:24.0187 0x11e4 Win FW state via NFP2: enabled 06:13:27.0274 0x11e4 ============================================================ 06:13:27.0274 0x11e4 Scan finished 06:13:27.0274 0x11e4 ============================================================ 06:13:27.0294 0x1aac Detected object count: 0 06:13:27.0294 0x1aac Actual detected object count: 0 |
25.12.2013, 14:33 | #5 |
/// the machine /// TB-Ausbilder | Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7 hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
25.12.2013, 16:07 | #6 |
| Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7 Done und danke FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013 Ran by Arbeit (administrator) on JAKOBLAPTOP on 25-12-2013 16:04:11 Running from C:\Users\Arbeit\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe (Genie9) C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (OptionNV) C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Novatel Wireless Inc.) C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (IXXAT Automation GmbH) C:\Program Files\IXXAT\VCI 3.5\DeviceServer\XatDevService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe () C:\Windows\PLFSetI.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files (x86)\Everything\Everything.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Microsoft Corporation) C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Windows\System32\mspaint.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\firefox.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe () C:\Program Files (x86)\TeXstudio\texstudio.exe (MiKTeX.org) C:\Users\Arbeit\Downloads\basic-miktex-2.9.4813.exe (Farbar) C:\Users\Arbeit\Downloads\FRST64(1).exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated) HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated) HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2009-08-09] () HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [FileOpenBroker] - C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1092528 2012-10-17] (FileOpen Systems Inc.) HKLM-x32\...\Run: [Everything] - C:\Program Files (x86)\Everything\Everything.exe [602624 2009-03-13] () HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [220552 2011-04-28] (Geek Software GmbH) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC) MountPoints2: {221e508e-847d-11de-a0bc-806e6f6e6963} - D:\ShelExec.exe Readme.txt HKU\Administrator\...\Run: [Spotify] - C:\Users\JZ\AppData\Roaming\Spotify\spotify.exe [4752384 2013-11-02] (Spotify Ltd) HKU\Administrator\...\Run: [Spotify Web Helper] - C:\Users\JZ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-11-02] (Spotify Ltd) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2009-11-25] () HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2009-11-25] () HKU\JZ\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.) HKU\JZ\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-08] (Google Inc.) HKU\JZ\...\Run: [GoogleContactSync] - C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe [902144 2012-11-09] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET) HKU\JZ\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3456080 2013-06-07] (Electronic Arts) HKU\JZ\...\Run: [Google Update] - C:\Users\JZ\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-07-30] (Google Inc.) HKU\JZ\...\Run: [Spotify] - C:\Users\JZ\AppData\Roaming\Spotify\spotify.exe [4752384 2013-11-02] (Spotify Ltd) HKU\JZ\...\Run: [Spotify Web Helper] - C:\Users\JZ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-11-02] (Spotify Ltd) Startup: C:\Users\JZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk ShortcutTarget: Logitech Touch Mouse Server.lnk -> C:\Program Files (x86)\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.) Startup: C:\Users\JZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OUTLOOK.EXE - Verknüpfung.lnk ShortcutTarget: OUTLOOK.EXE - Verknüpfung.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=extensa_5635z&r=27361010b806l04g3z1l5i6651u224 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=extensa_5635z&r=27361010b806l04g3z1l5i6651u224 URLSearchHook: HKLM-x32 - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin2.dll (Conduit Ltd.) URLSearchHook: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Pageshots for Internet Explorer PRO - {28CF50DA-4A17-4442-BBF9-D916BFDE072C} - C:\ProgramData\PageshotsPro\pageshots_x64.dll No File BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: No Name - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No File BHO-x32: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin2.dll (Conduit Ltd.) BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin2.dll (Conduit Ltd.) Toolbar: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 05 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24280] (National Instruments Corporation) Winsock: Catalog5-x64 05 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26328] (National Instruments Corporation) Tcpip\Parameters: [DhcpNameServer] 213.33.99.70 80.120.17.70 Tcpip\..\Interfaces\{3AD09975-99D7-48CB-980D-F4C585B495F1}: [NameServer]74.207.242.213 FireFox: ======== FF ProfilePath: C:\Users\Arbeit\AppData\Roaming\Mozilla\Firefox\Profiles\z2jxh52r.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchdesktop.xml FF Extension: Adblock Plus - C:\Users\Arbeit\AppData\Roaming\Mozilla\Firefox\Profiles\z2jxh52r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: afurladvisor - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com FF Extension: Pageshots Pro - C:\Program Files (x86)\Mozilla Firefox\extensions\jid0-2rURdEv0oBelly8OSpHSRMwx9OI@jetpack FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\firefox.exe Chrome: ======= CHR HomePage: hxxp://www.google.com CHR RestoreOnStartup: "hxxp://www.google.com" CHR Extension: (Docs) - C:\Users\Arbeit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 CHR HKLM-x32\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.2\facemoods.crx CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\JZ\AppData\Local\Temp\ccex.crx CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\JZ\AppData\Local\Temp\tbch.crx ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 FileOpenManagerService; C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe [335288 2012-10-17] (FileOpen Systems Inc.) R2 GenieTimelineService; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [660056 2012-07-24] (Genie9) R2 GtDetectSc; C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [809984 2009-05-04] (OptionNV) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [533288 2013-01-10] (AnchorFree Inc.) S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-01-10] () R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [389928 2013-01-10] () R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2010-03-05] (National Instruments, Inc.) R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [45168 2010-06-16] (National Instruments Corporation) R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [55416 2010-06-16] (National Instruments Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.) S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2010-06-18] (National Instruments Corporation) R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [47776 2010-06-22] (National Instruments Corporation) S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [63648 2010-06-22] (National Instruments Corporation) R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [360568 2010-06-16] (National Instruments Corporation) S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2010-05-17] (Macrovision Corporation) R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [193712 2010-06-23] (National Instruments Corporation) R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [47768 2010-06-22] (National Instruments Corporation) R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [752304 2010-06-17] (National Instruments Corporation) R2 NWHelper; C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe [271360 2010-12-25] (Novatel Wireless Inc.) R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC) R2 XatDevService; C:\Program Files\IXXAT\VCI 3.5\DeviceServer\XatDevService.exe [155144 2012-08-22] (IXXAT Automation GmbH) ==================== Drivers (Whitelisted) ==================== R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-06] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-24] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-24] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-24] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-24] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-24] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-24] () R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] () R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42696 2013-01-10] (AnchorFree Inc.) S2 MAC_MOT; No ImagePath S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-10-28] () R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42328 2013-01-05] (Anchorfree Inc.) R2 vcanv; C:\Windows\System32\drivers\vcanv.sys [54344 2010-11-25] (Vector Informatik GmbH) S3 vcasexl; C:\Windows\System32\DRIVERS\vcasexl.sys [540160 2010-03-26] (Vector Informatik GmbH) R0 vcisrv; C:\Windows\System32\drivers\vcisrv.sys [288648 2012-08-22] (IXXAT Automation GmbH) S3 VEtherMp50; C:\Windows\SysWow64\Drivers\VEtherMp50.sys [36280 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA)) S3 VEtherSp50; C:\Windows\SysWow64\Drivers\VEtherSp50.sys [35256 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA)) R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254464 2009-09-02] (Jungo) U3 aif7uzf7; C:\Windows\System32\Drivers\aif7uzf7.sys [0 ] (Advanced Micro Devices) U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.) S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x] S2 vbusr; system32\drivers\vbusr.sys [x] S2 WinDriver; \SystemRoot\System32\drivers\WINDRVR.SYS [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-25 16:01 - 2013-12-25 16:02 - 00037633 _____ C:\Users\Arbeit\Downloads\Addition.txt 2013-12-25 16:00 - 2013-12-25 16:00 - 00000000 ____D C:\ProgramData\MiKTeX 2013-12-25 15:57 - 2013-12-25 15:59 - 00000000 ____D C:\Program Files (x86)\MiKTeX 2.9 2013-12-25 15:54 - 2013-12-25 15:54 - 01928716 _____ (Farbar) C:\Users\Arbeit\Downloads\FRST64(1).exe 2013-12-25 15:51 - 2013-12-25 15:56 - 161636104 _____ (MiKTeX.org) C:\Users\Arbeit\Downloads\basic-miktex-2.9.4813.exe 2013-12-25 15:47 - 2013-12-25 15:47 - 00001027 _____ C:\Users\Public\Desktop\TeXstudio.lnk 2013-12-25 15:47 - 2013-12-25 15:47 - 00000000 ____D C:\Program Files (x86)\TeXstudio 2013-12-25 15:44 - 2013-12-25 15:45 - 23426376 _____ (Benito van der Zander ) C:\Users\Arbeit\Downloads\texstudio266_win32.exe 2013-12-25 14:32 - 2013-12-25 15:48 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\texstudio 2013-12-24 15:51 - 2013-12-24 15:51 - 00000000 ___RD C:\Sandbox 2013-12-24 15:46 - 2013-12-25 14:36 - 00001024 _____ C:\Users\Arbeit\Desktop\Sandboxed Web Browser.lnk 2013-12-24 15:46 - 2013-12-25 12:44 - 00002572 _____ C:\Windows\Sandboxie.ini 2013-12-24 15:46 - 2013-12-24 15:46 - 00000000 ____D C:\Program Files\Sandboxie 2013-12-24 15:45 - 2013-12-24 15:45 - 02600648 _____ (Sandboxie Holdings, LLC) C:\Users\Arbeit\Downloads\SandboxieInstall.exe 2013-12-24 15:24 - 2013-12-24 15:24 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything 2013-12-24 15:23 - 2013-12-24 15:23 - 00501970 _____ C:\Users\Arbeit\Downloads\everything12.zip 2013-12-24 07:04 - 2013-12-24 07:04 - 00069618 _____ C:\Users\Arbeit\Desktop\Logs.rar 2013-12-24 07:03 - 2013-12-24 07:03 - 00151436 _____ C:\Users\Arbeit\Desktop\Logs.exe 2013-12-24 06:56 - 2013-12-25 16:04 - 00025254 _____ C:\Users\Arbeit\Downloads\FRST.txt 2013-12-24 06:55 - 2013-12-24 06:55 - 00000000 ____D C:\FRST 2013-12-24 06:53 - 2013-12-24 06:53 - 00136610 _____ C:\Users\Arbeit\Downloads\Extras.Txt 2013-12-24 06:48 - 2013-12-24 06:48 - 00137608 _____ C:\Users\Arbeit\Downloads\OTL.Txt 2013-12-24 06:28 - 2013-12-24 06:28 - 01928604 _____ (Farbar) C:\Users\Arbeit\Downloads\FRST64.exe 2013-12-24 06:28 - 2013-12-24 06:28 - 00377856 _____ C:\Users\Arbeit\Downloads\gmer_2.1.19163.exe 2013-12-24 06:14 - 2013-12-24 06:14 - 00602112 _____ (OldTimer Tools) C:\Users\Arbeit\Downloads\OTL(1).exe 2013-12-24 06:12 - 2013-12-24 06:12 - 00602112 _____ (OldTimer Tools) C:\Users\Arbeit\Downloads\OTL.exe 2013-12-24 06:11 - 2013-12-24 06:11 - 00000000 ____D C:\Users\Arbeit\Downloads\tdsskiller 2013-12-24 06:11 - 2013-12-24 06:11 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\WinRAR 2013-12-24 06:10 - 2013-12-24 06:10 - 04101441 _____ C:\Users\Arbeit\Downloads\tdsskiller.zip 2013-12-24 06:09 - 2013-12-24 06:10 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Arbeit\Downloads\tdsskiller.exe 2013-12-24 06:05 - 2013-12-24 06:05 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2013-12-22 08:51 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-22 08:51 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-22 08:51 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-12-22 08:51 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-22 08:51 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-22 08:51 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-22 08:51 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-22 08:51 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-22 08:51 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-22 08:51 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-22 08:51 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-22 08:51 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-22 08:51 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-22 08:51 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-22 08:51 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-22 08:51 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-22 08:51 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-22 08:51 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-22 08:51 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-22 08:51 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-22 08:51 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-22 08:51 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-22 08:51 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-22 08:51 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-22 08:51 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-22 08:51 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-22 08:51 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-22 08:51 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-22 08:51 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-22 08:51 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-22 08:50 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-22 04:24 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-12-22 04:16 - 2013-12-22 04:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-22 04:16 - 2013-12-22 04:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-22 04:16 - 2013-12-22 04:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-22 04:16 - 2013-12-22 04:16 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-22 04:16 - 2013-12-22 04:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-22 04:16 - 2013-12-22 04:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-22 04:16 - 2013-12-22 04:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-12-22 04:13 - 2013-12-22 04:13 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-12-22 04:13 - 2013-12-22 04:13 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-12-22 04:13 - 2013-12-22 04:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-12-22 04:11 - 2013-12-22 04:24 - 00011363 _____ C:\Windows\IE11_main.log 2013-12-21 22:09 - 2013-12-21 22:09 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Sinvise Systems 2013-12-21 22:08 - 2013-12-21 22:08 - 03270656 _____ C:\Users\Arbeit\Downloads\ShutdownTimer33_64.msi 2013-12-21 22:07 - 2013-12-21 22:07 - 00401768 _____ (Softonic ) C:\Users\Arbeit\Downloads\SoftonicDownloader_fuer_simple-shutdown-timer.exe 2013-12-21 11:02 - 2013-12-21 11:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12 2013-12-21 10:33 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-12-21 10:33 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-12-21 10:33 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-12-21 10:33 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2013-12-21 10:33 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2013-12-21 10:32 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2013-12-21 10:32 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2013-12-21 10:31 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2013-12-21 10:31 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2013-12-21 10:31 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2013-12-21 10:31 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2013-12-21 10:31 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2013-12-21 10:31 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2013-12-21 10:31 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2013-12-21 10:31 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2013-12-02 13:45 - 2013-12-02 13:45 - 00000000 ____D C:\Program Files\PDF Split And Merge Basic 2013-12-02 13:44 - 2013-12-02 13:44 - 16356372 _____ C:\Users\Arbeit\Downloads\pdfsam-x64-v2_2_2.msi 2013-12-02 13:43 - 2013-12-02 13:43 - 16357408 _____ C:\Users\Arbeit\Downloads\pdfsam-x86-v2_2_2.msi 2013-12-02 13:36 - 2013-12-02 13:38 - 00000000 ____D C:\Users\Arbeit\Desktop\Bachelorarbeit ==================== One Month Modified Files and Folders ======= 2013-12-25 16:04 - 2013-12-24 06:56 - 00025254 _____ C:\Users\Arbeit\Downloads\FRST.txt 2013-12-25 16:02 - 2013-12-25 16:01 - 00037633 _____ C:\Users\Arbeit\Downloads\Addition.txt 2013-12-25 16:00 - 2013-12-25 16:00 - 00000000 ____D C:\ProgramData\MiKTeX 2013-12-25 15:59 - 2013-12-25 15:57 - 00000000 ____D C:\Program Files (x86)\MiKTeX 2.9 2013-12-25 15:56 - 2013-12-25 15:51 - 161636104 _____ (MiKTeX.org) C:\Users\Arbeit\Downloads\basic-miktex-2.9.4813.exe 2013-12-25 15:54 - 2013-12-25 15:54 - 01928716 _____ (Farbar) C:\Users\Arbeit\Downloads\FRST64(1).exe 2013-12-25 15:48 - 2013-12-25 14:32 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\texstudio 2013-12-25 15:47 - 2013-12-25 15:47 - 00001027 _____ C:\Users\Public\Desktop\TeXstudio.lnk 2013-12-25 15:47 - 2013-12-25 15:47 - 00000000 ____D C:\Program Files (x86)\TeXstudio 2013-12-25 15:45 - 2013-12-25 15:44 - 23426376 _____ (Benito van der Zander ) C:\Users\Arbeit\Downloads\texstudio266_win32.exe 2013-12-25 15:42 - 2011-04-03 18:26 - 00000000 ____D C:\Program Files (x86)\Everything 2013-12-25 15:38 - 2011-08-14 20:19 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2414150100-1524001657-1069558630-1003UA.job 2013-12-25 15:37 - 2012-10-13 13:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-25 15:32 - 2009-08-09 01:42 - 01553631 _____ C:\Windows\WindowsUpdate.log 2013-12-25 15:17 - 2010-10-16 08:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-25 15:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-12-25 15:05 - 2013-04-11 07:55 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Apple Computer 2013-12-25 14:36 - 2013-12-24 15:46 - 00001024 _____ C:\Users\Arbeit\Desktop\Sandboxed Web Browser.lnk 2013-12-25 14:34 - 2009-08-09 11:34 - 00704346 _____ C:\Windows\system32\perfh007.dat 2013-12-25 14:34 - 2009-08-09 11:34 - 00150930 _____ C:\Windows\system32\perfc007.dat 2013-12-25 14:34 - 2009-07-14 06:13 - 01628234 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-25 12:44 - 2013-12-24 15:46 - 00002572 _____ C:\Windows\Sandboxie.ini 2013-12-25 11:38 - 2011-08-14 20:19 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2414150100-1524001657-1069558630-1003Core.job 2013-12-25 10:17 - 2010-10-16 08:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-25 09:30 - 2009-07-14 05:51 - 00221898 _____ C:\Windows\setupact.log 2013-12-25 07:35 - 2013-01-24 10:33 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-12-24 15:51 - 2013-12-24 15:51 - 00000000 ___RD C:\Sandbox 2013-12-24 15:46 - 2013-12-24 15:46 - 00000000 ____D C:\Program Files\Sandboxie 2013-12-24 15:45 - 2013-12-24 15:45 - 02600648 _____ (Sandboxie Holdings, LLC) C:\Users\Arbeit\Downloads\SandboxieInstall.exe 2013-12-24 15:24 - 2013-12-24 15:24 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything 2013-12-24 15:23 - 2013-12-24 15:23 - 00501970 _____ C:\Users\Arbeit\Downloads\everything12.zip 2013-12-24 15:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-24 15:00 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-12-24 07:04 - 2013-12-24 07:04 - 00069618 _____ C:\Users\Arbeit\Desktop\Logs.rar 2013-12-24 07:03 - 2013-12-24 07:03 - 00151436 _____ C:\Users\Arbeit\Desktop\Logs.exe 2013-12-24 06:55 - 2013-12-24 06:55 - 00000000 ____D C:\FRST 2013-12-24 06:53 - 2013-12-24 06:53 - 00136610 _____ C:\Users\Arbeit\Downloads\Extras.Txt 2013-12-24 06:48 - 2013-12-24 06:48 - 00137608 _____ C:\Users\Arbeit\Downloads\OTL.Txt 2013-12-24 06:28 - 2013-12-24 06:28 - 01928604 _____ (Farbar) C:\Users\Arbeit\Downloads\FRST64.exe 2013-12-24 06:28 - 2013-12-24 06:28 - 00377856 _____ C:\Users\Arbeit\Downloads\gmer_2.1.19163.exe 2013-12-24 06:14 - 2013-12-24 06:14 - 00602112 _____ (OldTimer Tools) C:\Users\Arbeit\Downloads\OTL(1).exe 2013-12-24 06:12 - 2013-12-24 06:12 - 00602112 _____ (OldTimer Tools) C:\Users\Arbeit\Downloads\OTL.exe 2013-12-24 06:11 - 2013-12-24 06:11 - 00000000 ____D C:\Users\Arbeit\Downloads\tdsskiller 2013-12-24 06:11 - 2013-12-24 06:11 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\WinRAR 2013-12-24 06:10 - 2013-12-24 06:10 - 04101441 _____ C:\Users\Arbeit\Downloads\tdsskiller.zip 2013-12-24 06:10 - 2013-12-24 06:09 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Arbeit\Downloads\tdsskiller.exe 2013-12-24 06:05 - 2013-12-24 06:05 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2013-12-24 06:05 - 2013-04-26 05:32 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-12-24 06:05 - 2013-04-26 05:32 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-12-24 06:05 - 2013-02-09 06:14 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-12-24 06:05 - 2013-02-09 06:13 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-12-24 06:05 - 2013-02-09 06:13 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-12-24 06:05 - 2013-01-24 10:33 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-12-24 06:05 - 2013-01-24 10:33 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-12-24 06:04 - 2013-01-24 10:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-12-24 05:59 - 2013-01-24 10:33 - 00000000 ____D C:\ProgramData\AVAST Software 2013-12-24 05:58 - 2013-01-24 10:33 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-12-23 17:01 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-23 17:01 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-22 13:10 - 2013-04-11 07:55 - 00001429 _____ C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-12-22 13:08 - 2009-07-14 05:45 - 00418528 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-22 13:07 - 2012-04-05 13:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-22 13:07 - 2009-08-09 01:39 - 00133460 _____ C:\Windows\PFRO.log 2013-12-22 08:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-12-22 04:24 - 2013-12-22 04:11 - 00011363 _____ C:\Windows\IE11_main.log 2013-12-22 04:16 - 2013-12-22 04:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-22 04:16 - 2013-12-22 04:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-22 04:16 - 2013-12-22 04:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-22 04:16 - 2013-12-22 04:16 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-22 04:16 - 2013-12-22 04:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-22 04:16 - 2013-12-22 04:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-22 04:16 - 2013-12-22 04:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-22 04:16 - 2013-12-22 04:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-22 04:16 - 2013-12-22 04:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-12-22 04:14 - 2013-12-22 04:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-12-22 04:14 - 2013-12-22 04:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-12-22 04:13 - 2013-12-22 04:13 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-12-22 04:13 - 2013-12-22 04:13 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-12-22 04:13 - 2013-12-22 04:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-12-22 04:11 - 2010-04-08 16:01 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-12-22 04:08 - 2013-08-15 02:50 - 00000000 ____D C:\Windows\system32\MRT 2013-12-22 04:04 - 2011-01-08 16:10 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-12-21 22:09 - 2013-12-21 22:09 - 00000000 ____D C:\Users\Arbeit\AppData\Roaming\Sinvise Systems 2013-12-21 22:08 - 2013-12-21 22:08 - 03270656 _____ C:\Users\Arbeit\Downloads\ShutdownTimer33_64.msi 2013-12-21 22:07 - 2013-12-21 22:07 - 00401768 _____ (Softonic ) C:\Users\Arbeit\Downloads\SoftonicDownloader_fuer_simple-shutdown-timer.exe 2013-12-21 11:02 - 2013-12-21 11:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12 2013-12-21 10:12 - 2010-10-16 08:58 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-21 10:12 - 2010-10-16 08:58 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-21 10:10 - 2012-10-13 13:11 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-12-21 10:10 - 2012-05-12 05:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-12-21 10:10 - 2011-12-18 21:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-15 00:52 - 2010-10-16 19:12 - 00000000 ____D C:\Users\JZ\AppData\Roaming\Skype 2013-12-15 00:43 - 2012-05-11 21:34 - 00000000 ____D C:\Users\JZ\AppData\Roaming\Spotify 2013-12-05 14:22 - 2013-01-16 11:25 - 00000000 ____D C:\Program Files (x86)\Origin 2013-12-02 13:45 - 2013-12-02 13:45 - 00000000 ____D C:\Program Files\PDF Split And Merge Basic 2013-12-02 13:44 - 2013-12-02 13:44 - 16356372 _____ C:\Users\Arbeit\Downloads\pdfsam-x64-v2_2_2.msi 2013-12-02 13:43 - 2013-12-02 13:43 - 16357408 _____ C:\Users\Arbeit\Downloads\pdfsam-x86-v2_2_2.msi 2013-12-02 13:38 - 2013-12-02 13:36 - 00000000 ____D C:\Users\Arbeit\Desktop\Bachelorarbeit 2013-11-26 14:38 - 2013-08-13 12:18 - 00000000 ____D C:\Users\JZ\Desktop\Prässi Jakob 2013-11-26 12:54 - 2013-12-22 08:51 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-26 12:25 - 2010-10-19 12:46 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-11-26 11:19 - 2013-12-22 08:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-26 11:18 - 2013-12-22 08:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-26 11:11 - 2013-12-22 08:51 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-26 10:48 - 2013-12-22 08:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-26 10:46 - 2013-12-22 08:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-26 10:41 - 2013-12-22 08:51 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-26 10:29 - 2013-12-22 08:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-26 10:27 - 2013-12-22 08:51 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-26 10:23 - 2013-12-22 08:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-26 10:21 - 2013-12-22 08:51 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-26 10:18 - 2013-12-22 08:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-26 10:18 - 2013-12-22 08:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-26 10:16 - 2013-12-22 08:51 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-26 09:57 - 2013-12-22 08:51 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-26 09:38 - 2013-12-22 08:51 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-26 09:38 - 2013-12-22 08:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-26 09:35 - 2013-12-22 08:50 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-26 09:32 - 2013-12-22 08:51 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-26 09:28 - 2013-12-22 08:51 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-26 09:16 - 2013-12-22 08:51 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-26 09:02 - 2013-12-22 08:51 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-26 08:48 - 2013-12-22 08:51 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-26 08:32 - 2013-12-22 08:51 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-26 08:26 - 2013-12-22 08:51 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-26 08:07 - 2013-12-22 08:51 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-26 07:40 - 2013-12-22 08:51 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-26 07:34 - 2013-12-22 08:51 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-26 07:34 - 2013-12-22 08:51 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-26 07:33 - 2013-12-22 08:51 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-26 07:27 - 2013-12-22 08:51 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll Files to move or delete: ==================== C:\Users\JZ\lang.dat C:\Users\JZ\os.dat C:\Users\JZ\Setup.exe C:\Users\JZ\_ISDel.exe C:\Users\JZ\_Setup.dll Some content of TEMP: ==================== C:\Users\Administrator\AppData\Local\Temp\AskSLib.dll C:\Users\Administrator\AppData\Local\Temp\SkypeSetup.exe C:\Users\JZ\AppData\Local\Temp\AMPing.exe C:\Users\JZ\AppData\Local\Temp\AskSLib.dll C:\Users\JZ\AppData\Local\Temp\Bonjour64Setup.exe C:\Users\JZ\AppData\Local\Temp\cci.exe C:\Users\JZ\AppData\Local\Temp\contentDATs.exe C:\Users\JZ\AppData\Local\Temp\drm_dyndata_7370014.dll C:\Users\JZ\AppData\Local\Temp\ffunzip.exe C:\Users\JZ\AppData\Local\Temp\GLF20DF.tmp.ConduitEngineSetup.exe C:\Users\JZ\AppData\Local\Temp\GLF2A40.tmp.ConduitEngineSetup.exe C:\Users\JZ\AppData\Local\Temp\HotspotShieldToolbarIE.exe C:\Users\JZ\AppData\Local\Temp\InstallManager_BAB_BAB.exe C:\Users\JZ\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\JZ\AppData\Local\Temp\meingutschein.exe C:\Users\JZ\AppData\Local\Temp\pdf24-creator-update.exe C:\Users\JZ\AppData\Local\Temp\pic30-lm.exe C:\Users\JZ\AppData\Local\Temp\prxGLF20DF.tmp.tbWinl.dll C:\Users\JZ\AppData\Local\Temp\prxGLF2A40.tmp.tbWinl.dll C:\Users\JZ\AppData\Local\Temp\redist64.exe C:\Users\JZ\AppData\Local\Temp\SDTimer.exe C:\Users\JZ\AppData\Local\Temp\SearchWithGoogleUpdate.exe C:\Users\JZ\AppData\Local\Temp\SkypeSetup.exe C:\Users\JZ\AppData\Local\Temp\swt-win32-3347.dll C:\Users\JZ\AppData\Local\Temp\swt-win32-3349.dll C:\Users\JZ\AppData\Local\Temp\vpnclient_setup.exe C:\Users\JZ\AppData\Local\Temp\winload_community_tb.exe C:\Users\JZ\AppData\Local\Temp\winping.dll C:\Users\JZ\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-02 14:15 ==================== End Of Log ============================ [/CODE] Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-12-2013 Ran by Arbeit at 2013-12-25 16:05:09 Running from C:\Users\Arbeit\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: avast! Internet Security (Disabled) {131692B0-0864-D491-4E21-3A3A1D8BBB47} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (x32) µTorrent (x32 Version: 3.1.3) Acer Crystal Eye webcam Ver:1.1.160.210 (x32 Version: 1.1.160.210) Acer ePower Management (x32 Version: 4.05.3007) Acer eRecovery Management (x32 Version: 4.05.3011) Acer Registration (x32 Version: 1.03.3002) Acer ScreenSaver (x32 Version: 1.11.1209) Acer Updater (x32 Version: 1.02.3001) Acer VCM (x32 Version: 4.05.3002) Acrobat.com (x32 Version: 1.6.65) Adobe AIR (x32 Version: 3.4.0.2540) Adobe Flash Player 10 ActiveX (x32 Version: 10.0.45.2) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170) Adobe Reader 9.1 MUI (x32 Version: 9.1.0) AFPL Ghostscript 8.54 (x32) AFPL Ghostscript Fonts (x32) Ansoft Designer 2.2 SV (x32) AnyToISO (x32 Version: 3.4) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.17) avast! Free Antivirus (x32 Version: 9.0.2011) AVR Burn-O-Mat 2.1.2 (x32) AVRStudio4 (x32 Version: 4.18.684) AWR Design Environment 2009 (9.01.4875.3) (x32 Version: 9.01.4875.3) BeCyPDFMetaEdit (x32 Version: 2.37.0) Bonjour (Version: 3.0.0.10) Brother MFL-Pro Suite MFC-7320 (x32 Version: 1.0.1.0) Business Contact Manager für Outlook 2007 SP2 (x32 Version: 3.0.8619.1) calibre (x32 Version: 0.9.21) Camtasia Studio 7 (x32 Version: 7.0.1) Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7) CodeWarrior for Motorola 56F800 Demo Board (x32) Conexant HD Audio (Version: 4.98.9.0) Creatures Exodus (x32) Crystal XI (x32 Version: 1.0.0.0) DVDFab 9.0.1.6 (14/12/2012) Qt (x32) EAGLE 5.11.0 (x32 Version: 5.11.0) eBay Worldwide (x32 Version: 2.1.0901) Equalify v2.1.2 (admin setup) (x32 Version: 2.1.2.3) eSobi v2 (x32 Version: 2.0.4.000274) Everything 1.2.1.371 (x32) FileOpen Client (x64) (Version: 3.0.89.925) FileZilla Client 3.7.3 (x32 Version: 3.7.3) Freeciv 2.3.2 (GTK+ client) (x32) Garmin MapSource (x32 Version: 6.16.3) Garmin USB Drivers (x32 Version: 2.3.0.0) Garmin WebUpdater (x32 Version: 2.5.5) Genie Timeline (x32 Version: 3.0) GIMP 2.8.6 (Version: 2.8.6) GO Contact Sync Mod (x32 Version: 3.5.20) Google Calendar Sync (x32) Google Chrome (x32 Version: 31.0.1650.63) Google Drive (x32 Version: 1.13.5782.599) Google Earth Plug-in (x32 Version: 7.1.2.2041) Google Talk Plugin (x32 Version: 4.9.1.16010) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54) Google Update Helper (x32 Version: 1.3.22.3) HI-TECH C Compiler for the PIC10/12/16 MCUs V9.70PL0 (x32 Version: 9.70) HI-TECH C Compiler for the PIC10/12/16 MCUs V9.80PL0 (x32 Version: 9.80) Hotspot Shield 2.83 (x32 Version: 2.83) HUAWEI DataCard Driver 4.22.19.00 (x32 Version: 4.22.19.00) iCloud (Version: 2.1.1.3) iCloud (Version: 2.1.2.8) Identity Card (x32 Version: 1.00.3003) ImageMagick 6.6.8-5 Q16 (2011-04-01) (Version: 6.6.8) IMG to ISO (x32) Inkscape 0.48.1 (x32 Version: 0.48.1) Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1892) Intel® Matrix Storage Manager InterVideo WinDVD 8 (x32 Version: 8.5.10.75) iTunes (Version: 11.0.4.4) IXXAT VCI 3.5.1.3826 (Version: 3.5.1.3826) Java 7 Update 7 (x32 Version: 7.0.70) Java 7 Update 9 (64-bit) (Version: 7.0.90) Java Auto Updater (x32 Version: 2.1.9.0) Java SE Development Kit 7 Update 9 (64-bit) (Version: 1.7.0.90) Java(TM) 6 Update 22 (x32 Version: 6.0.220) JDownloader 0.9 (x32 Version: 0.9) Junk Mail filter update (x32 Version: 14.0.8089.726) K-Lite Mega Codec Pack 8.6.0 (x32 Version: 8.6.0) Launch Manager (x32 Version: 3.0.04) Logitech GamePanel Software 3.06.109 (Version: 3.06.109) Logitech Touch Mouse Server 1.0 (x32 Version: 1.0) LTspice IV (x32) Magicka (x32) McAfee Security Scan Plus (Version: 3.8.130.10) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft Game Studios Common Redistributables Pack 1 (x32 Version: 1.0.0) Microsoft Office 2003 Web Components (x32 Version: 11.0.8003.0) Microsoft Office 2007 Primary Interop Assemblies (x32 Version: 12.0.4518.1014) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000) Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32) Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Small Business Connectivity Components (x32 Version: 2.0.7024.0) Microsoft Office Suite Activation Assistant (x32 Version: 2.9) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SQL Server 2005 (x32) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (x32 Version: 9.4.5000.00) Microsoft SQL Server Native Client (Version: 9.00.5000.00) Microsoft SQL Server VSS Writer (Version: 9.00.5000.00) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual J# 2.0 Redistributable Language Pack - DEU (x32 Version: 2.0.50727) Microsoft Visual J# 2.0 Redistributable Language Pack - DEU (x32) Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727) Microsoft Visual J# 2.0 Redistributable Package (x32) Microsoft XML Parser (x32 Version: 8.20.8730.4) Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0) mikroC PRO for dsPIC (remove only) (x32) mikroProg Suite For PIC (remove only) (x32) Mobile Broadband Generic Drivers (x32 Version: 2.03.34.002.25) Motorola Embedded SDK for DSP56800 (x32 Version: 2.5.0000) Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0) Mozilla Maintenance Service (x32 Version: 26.0) Mozilla Thunderbird 17.0 (x86 de) (x32 Version: 17.0) MPLAB C18 v3.35 Lite (x32) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) National Instruments - Software (x32 Version: ) NewsLeecher v4.0 Final (x32) NI Assistant Framework (x32 Version: 7.0.192.0) NI Assistant Framework 64-bit (Version: 7.0.77.0) NI Assistant Framework LabVIEW 2010 Support (x32 Version: 7.0.34.0) NI Assistant Framework LabVIEW Code Generator 2010 (x32 Version: 7.0.152.0) NI Authentication 1.0 (64-bit) (Version: 1.0.58.0) NI Authentication 1.0 (x32 Version: 1.0.73.0) NI CodeSignAPI (x32 Version: 2.70.346) NI Curl 1.0 (64-bit) (Version: 1.0.82.0) NI Curl 1.0 (x32 Version: 1.0.82.0) NI DataSocket 4.8 (64-bit) (Version: 4.8.23.0) NI DataSocket 4.8 (x32 Version: 4.8.20.0) NI Distributed System Manager 2010 (x32 Version: 10.0.238.0) NI DN 2.0 SP1 installer (x32 Version: 2.10.49152) NI EULA Depot (x32 Version: 2.80.295) NI Example Finder 10.0 (x32 Version: 10.0.213.0) NI Help Assistant (64bit) (Version: 1.0.10) NI Help Assistant (x32 Version: 1.0.10) NI Instrument IO Assistant for LabVIEW 2010 32-bit (x32 Version: 1.0.13.0) NI LabVIEW 2009 SP1 Run-Time Engine Web Services (x32 Version: 9.0.234.0) NI LabVIEW 2010 (x32 Version: 10.0.250.0) NI LabVIEW 2010 (x32 Version: 10.0.251.0) NI LabVIEW 2010 (x32 Version: 10.0.252.0) NI LabVIEW 2010 (x32 Version: 10.0.254.0) NI LabVIEW 2010 (x32 Version: 10.0.255.0) NI LabVIEW 2010 (x32 Version: 10.0.73.0) NI LabVIEW 2010 Deployable License (x32 Version: 10.0.236.0) NI LabVIEW 2010 Deployment Framework (x32 Version: 10.0.36.0) NI LabVIEW 2010 Help (x32 Version: 10.0.247.0) NI LabVIEW 2010 Help File (x32 Version: 10.0.233.0) NI LabVIEW 2010 License (x32 Version: 10.0.238.0) NI LabVIEW 2010 Manuals (x32 Version: 10.0.239.0) NI LabVIEW 2010 MeasAppChm File (x32 Version: 10.0.234.0) NI LabVIEW 2010 Real-Time Error Dialog (x32 Version: 10.0.85.0) NI LabVIEW 2010 Real-Time NBFifo (x32 Version: 10.0.214.0) NI LabVIEW 2010 Search (x32 Version: 10.0.41.0) NI LabVIEW 2010 Simulation (x32 Version: 10.0.239.0) NI LabVIEW 2010 Web Server (x32 Version: 10.0.234.0) NI LabVIEW Broker (64 bit) (Version: 6.8.10.0) NI LabVIEW Broker (x32 Version: 6.8.10.0) NI LabVIEW C Interface (x32 Version: 1.0.1) NI LabVIEW Compare Utility 10.0.0 (x32 Version: 10.0.10.0) NI LabVIEW MAX XML (x32 Version: 9.0.6.0) NI LabVIEW Merge Utility 10.0.0 (x32 Version: 10.0.10.0) NI LabVIEW Real-Time NBFifo (x32 Version: 9.0.319.0) NI LabVIEW Run-Time Engine 2009 SP1 (x32 Version: 9.0.1074.0) NI LabVIEW Run-Time Engine 2010 (x32 Version: 10.0.240.0) NI LabVIEW Run-Time Engine Interop 2009 (x32 Version: 9.0.146.0) NI LabVIEW Run-Time Engine Interop 2010 (x32 Version: 10.0.243.0) NI LabVIEW Web Server for Run-Time Engine (x32 Version: 10.0.235.0) NI LabVIEW Web Server for Run-Time Engine (x32 Version: 9.0.185.0) NI LabVIEW Web Services Runtime (x32 Version: 10.0.235.0) NI LabWindows/CVI 2009 Code Generator (x32 Version: 9.1.0427) NI LabWindows/CVI 9.0 Run-Time Engine (x32 Version: 9.0.0356) NI LabWindows/CVI DLL Builder for LabVIEW (x32 Version: 9.0.1380) NI License Manager (x32 Version: 3.5.23) NI Logos 5.2.0 (x32 Version: 5.2.25.0) NI Logos LabVIEW 2010 Support (x32 Version: 10.0.229.0) NI Logos XT Support (x32 Version: 5.2.21.0) NI Logos64 5.2.0 (Version: 5.2.25.0) NI Logos64 XT Support (Version: 5.2.21.0) NI Math Kernel Libraries (64-bit) (Version: 1.0.14.0) NI Math Kernel Libraries (64-bit) (Version: 1.0.15.0) NI Math Kernel Libraries (x32 Version: 1.0.25.0) NI Math Kernel Libraries (x32 Version: 1.0.28.0) NI Math Kernel Libraries (x32 Version: 1.0.861.0) NI MAX Remote Configuration 64-bit Installer 4.7 (Version: 4.70.49153) NI MAX Remote Configuration Installer 4.7 (x32 Version: 4.70.49153) NI MAX Support for 64 Bit Windows (Version: 4.70.49156) NI MDF Support (x32 Version: 2.80.295) NI mDNS Responder 1.3 for Windows 64-bit (Version: 1.30.49157) NI mDNS Responder 1.3.0 (x32 Version: 1.30.49157) NI Measurement & Automation Explorer 4.7.0 (x32 Version: 4.70.49156) NI Measurement Studio Recipe Processor (x32 Version: 8.0.0101) NI MetaSuite Installer (x32 Version: 2.71.130) NI MXS 4.7.0 (x32 Version: 4.70.49152) NI MXS 4.7.0 for 64 Bit Windows (Version: 4.70.49152) NI OPC Support (x32 Version: 10.0.158.0) NI Portable Configuration 4.7.0 (x32 Version: 4.70.49152) NI Portable Configuration for 64 Bit Windows 4.7.0 (Version: 4.70.49152) NI Registration Wizard (x32 Version: 1.3.87.0) NI Remote Provider for MAX 4.7.0 (x32 Version: 4.70.49153) NI Remote PXI Provider for MAX 4.7.0 (x32 Version: 4.70.49152) NI Software Provider for MAX 4.7.0 (x32 Version: 4.70.49152) NI SSL LabVIEW 2010 Support (x32 Version: 10.0.208.0) NI SSL Support (64-bit) (Version: 10.0.22.0) NI SSL Support (x32 Version: 10.0.22.0) NI System API Windows 32-bit 1.1.0 (x32 Version: 1.10.554.0) NI System API Windows 64-bit 1.1.0 (Version: 1.10.551.0) NI System Configuration 1.1.0 (x32 Version: 1.10.335.0) NI System Configuration 1.1.0 for Windows 64-bit (Version: 1.10.337.0) NI System State Publisher (64-bit) (Version: 10.0.84.0) NI System State Publisher (x32 Version: 10.0.84.0) NI System Web Server 1.0 (x32 Version: 10.0.278.0) NI System Web Server Base 1.0 (64-bit) (Version: 1.0.59.0) NI System Web Server Base 1.0 (x32 Version: 1.0.104.0) NI TDM Excel Add-In 3.2 (x32 Version: 3.2.63.0) NI TDMS (64-bit) (Version: 2.0.350.0) NI TDMS (x32 Version: 2.0.350.0) NI Trace Engine (64-bit) (Version: 10.0.237.0) NI Trace Engine (x32 Version: 10.0.237.0) NI Uninstaller (x32 Version: 2.80.295) NI Update Service (x32 Version: 1.10.65.0) NI Update Service Full (x32 Version: 1.10.65.0) NI USI 1.8.0 (x32 Version: 1.8.04177) NI USI 1.8.0 64-Bit (Version: 1.8.04177) NI Variable Engine (64-bit) (Version: 2.4.158.0) NI Variable Engine 2.4.0 (x32 Version: 2.4.159.0) NI Variable Engine LabVIEW 2010 Support (x32 Version: 10.0.239.0) NI VC2005MSMs x64 (Version: 8.02.0) NI VC2005MSMs x86 (x32 Version: 8.02.0) NI VC2008MSMs x64 (Version: 9.0.201) NI VC2008MSMs x86 (x32 Version: 9.0.201) NI Web Application Server 1.0 (64-bit) (Version: 1.0.59.0) NI Web Application Server 1.0 (x32 Version: 1.0.109.0) NI Web Interface Framework 1.0 (x32 Version: 1.0.114.0) NI Web Pipeline 2.0.1 (x32 Version: 2.0.128.0) NI Web Pipeline 2.0.1 64-bit support (Version: 2.0.122.0) NI Xalan Delay Load 1.10.1 (x32 Version: 1.10.46.0) NI Xalan Delay Load 1.10.1 64-bit (Version: 1.10.47.0) NI Xerces Delay Load 2.7.1 (x32 Version: 2.7.123.0) NI Xerces Delay Load 2.7.1 64-bit (Version: 2.7.128.0) NI-DAQmx/LabVIEW shared documentation 1.7.5 (x32 Version: 1.75.49152) NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 1.7.5 (Version: 1.75.49152) NI-RPC 4.2.0f0 (x32 Version: 4.20.49152) NI-RPC 4.2.0f0 for 64 Bit Windows (Version: 4.20.49152) NI-RPC 4.2.0f0 for Phar Lap ETS (x32 Version: 4.20.49152) Norton Online Backup (x32 Version: 1.2.0.36) Notepad++ (x32 Version: 5.9.1) NTI Backup Now 5 (x32 Version: 5.1.2.628) NTI Backup Now Standard (x32 Version: 5.1.2.628) NTI Media Maker 8 (x32 Version: 8.0.12.6630) OpenPandora 0.7.0.6 (x32 Version: 0.7.0.6) Option WWAN Driver 5.0.32.0 Installer (Version: 3.5.0.1158) Option WWAN Driver 5.0.32.0 Installer (Version: 3.5.0.1158) Origin (x32 Version: 9.1.10.2728) PageshotsPro 1.0.0 (x32 Version: 1.0.0) Paint.NET v3.5.10 (Version: 3.60.0) Pando Media Booster (x32 Version: 2.6.0.7) Papillon ParaTrainer 4.41 (x32) Party Pack for Pocket Tanks Deluxe (x32 Version: 1.1) PDF Blender (x32) PDF Split And Merge Basic (Version: 2.2.2) PDF24 Creator 3.0.0 (x32) Portal 2 (x32) PSpice Student 9.1 (x32) pstoedit and importps 3.50 (x32 Version: 3.50) QuickStores-Toolbar 1.2.0 (x32 Version: 1.2.0) <==== ATTENTION QuickTime (x32 Version: 7.74.80.86) RAR Password Recovery v1.1 RC17 (remove only) (x32) Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30094) Replay Music 5 (x32 Version: 5.45) Sandboxie 4.06 (64-bit) (Version: 4.06) Shutdown Timer (Version: 3.0) Shutdown Timer (Version: 3.3.4) Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (x32) Silicon Laboratories CP210x VCP Drivers for Windows 7 (x32 Version: 5.40.24) Skype Click to Call (x32 Version: 6.3.11079) Skype™ 6.9 (x32 Version: 6.9.106) SPORE™ (x32 Version: 1.02.0000) SPORE™ Süß & Schrecklich Ergänzungs-Pack (x32 Version: 1.00.0000) StarCraft II (x32 Version: 1.3.4.18701) Steam (x32 Version: 1.0.0.0) Synaptics Pointing Device Driver (Version: 14.0.6.0) TeamSpeak 3 Client (x32) TeraCopy 2.27 TeXstudio 2.6.6 (x32 Version: 2.6.6) Tina 9 - Demo (x32 Version: 9.00.000) TreeSize Free V2.7 (x32 Version: 2.7) Trillian (x32) TrueCrypt (x32 Version: 7.1a) Unify (x32 Version: 0.5) Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (x32 Version: 9.00.5000.00) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32) Update für Microsoft Office Excel 2007 Help (KB963678) (x32) Update für Microsoft Office Outlook 2007 Help (KB963677) (x32) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update für Microsoft Office Word 2007 Help (KB963665) (x32) uTorrentBar_DE Toolbar (x32 Version: 6.9.0.16) Vector CANcaseXL log Configuration (x32 Version: 4.0.94 SP1) Vector CANoe 7.2 (x32 Version: 7.2.42) Vector CANoe/CANalyzer Redistributables 1.0 (x32 Version: 1.1.0) VLC media player 1.1.4 (x32 Version: 1.1.4) Welcome Center (x32 Version: 1.01.3002) WinAVR 20090313 (remove only) (x32 Version: 20090313) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0) Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5) Windows Live Call (x32 Version: 14.0.8064.0206) Windows Live Communications Platform (x32 Version: 14.0.8064.206) Windows Live Essentials (x32 Version: 14.0.8089.0726) Windows Live Essentials (x32 Version: 14.0.8089.726) Windows Live Fotogalerie (x32 Version: 14.0.8081.709) Windows Live Mail (x32 Version: 14.0.8089.0726) Windows Live Messenger (x32 Version: 14.0.8089.0726) Windows Live Movie Maker (x32 Version: 14.0.8091.0730) Windows Live Sync (x32 Version: 14.0.8089.726) Windows Live Writer (x32 Version: 14.0.8089.0726) Windows Live-Uploadtool (x32 Version: 14.0.8014.1029) Windows Mobile-Gerätecenter (Version: 6.1.6965.0) Windows Mobile-Gerätecenter: Treiberupdate (Version: 6.1.6965.0) Winload Toolbar (x32 Version: 6.9.0.16) WinMerge 2.12.4 (x32 Version: 2.12.4) WinRAR XviD4PSP 6.0 (x32 Version: 6.001) ZTE USB Driver (Version: 1.0.1.31_TME) ==================== Restore Points ========================= 21-12-2013 09:26:01 Windows Update 21-12-2013 21:09:02 Installed Shutdown Timer. 22-12-2013 03:03:08 Windows Update 22-12-2013 07:50:37 Windows Update 24-12-2013 04:59:24 avast! antivirus system restore point ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {06D9D4C2-75C0-4974-B99D-3290E72EF413} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-16] (Google Inc.) Task: {226E7D2C-8A73-48C5-AF2C-3E506BD8F5C2} - System32\Tasks\{89AA22D8-7792-4999-BD5C-B5EC55B8574A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-10-02] (Skype Technologies S.A.) Task: {23803495-A1C8-4F2B-A5DF-B1B36E58D50C} - System32\Tasks\{D72CD6DE-0ABD-443D-A914-15589E1FAB38} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered Task: {27BFB457-F399-4779-AED0-DD23A3B5B1E8} - System32\Tasks\{E4491C3C-A6A4-4BBC-967F-EFAB58A56087} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152&LastError=12002 Task: {2C476DBD-0BB3-4FAC-8012-5648B3708A66} - System32\Tasks\{DC673526-6613-4947-AB83-AEA70691934A} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered Task: {3F458628-9345-4148-9E3D-02C71D2E25F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-16] (Google Inc.) Task: {5CE5DBE8-9066-4117-8B11-FCB5BE771489} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2414150100-1524001657-1069558630-1003UA => C:\Users\JZ\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-30] (Google Inc.) Task: {643C1FB2-79EC-4C73-A0C5-7284B9F8F0DB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {6AFF2775-BD42-43FC-BC4D-ED5D02A35ED9} - System32\Tasks\{7113827F-E370-4F62-BDD6-BD98A045B51B} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered Task: {73BB82BB-207E-4FD7-962E-D4B914F92005} - System32\Tasks\{8AB6AFA7-9F82-488E-A1C1-CC591D6DA448} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.111/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault Task: {8F05E572-88B1-4AD9-A1EC-D1F0E9B4F3F8} - System32\Tasks\{93B30A89-A240-41BC-AD50-7B8CDFDD05F9} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation) Task: {9C4DB48F-BD88-49F0-949F-FDF400BA6232} - System32\Tasks\{CD1ABD0E-F2C7-4C7D-8FC3-43285D5C8E0E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?page=tsMain Task: {A85BCD2E-BFAD-46CF-B9D1-81625C652117} - System32\Tasks\{9313CF28-4F19-4888-86F6-696864FE2470} => C:\Garmin\MapSource_61511.exe [2010-03-02] (Igor Pavlov) Task: {AEE8F96F-7183-4DE1-8DA3-44BB47B471C6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-24] (AVAST Software) Task: {B1454446-ABBD-4B9F-B2F0-7906259C7444} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-21] (Adobe Systems Incorporated) Task: {DC3FED79-458D-4798-B82B-1544D38F60EE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2414150100-1524001657-1069558630-1003Core => C:\Users\JZ\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-30] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2414150100-1524001657-1069558630-1003Core.job => C:\Users\JZ\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2414150100-1524001657-1069558630-1003UA.job => C:\Users\JZ\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-07-23 13:05 - 2012-07-23 13:05 - 00332800 _____ () C:\Program Files\Genie9\Genie Timeline\OnlineHandler.dll 2012-04-24 10:29 - 2012-04-24 10:29 - 00045568 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogging.dll 2012-07-23 13:05 - 2012-07-23 13:05 - 00488960 _____ () C:\Program Files\Genie9\Genie Timeline\GSIndexDB.dll 2012-02-02 10:16 - 2012-02-02 10:16 - 00740864 _____ () C:\Program Files\Genie9\Genie Timeline\sqlite3.dll 2012-04-24 10:29 - 2012-04-24 10:29 - 00011264 _____ () C:\Program Files\Genie9\Genie Timeline\RWLock.dll 2012-07-23 13:05 - 2012-07-23 13:05 - 00205824 _____ () C:\Program Files\Genie9\Genie Timeline\Settings.dll 2012-04-24 10:29 - 2012-04-24 10:29 - 00089600 _____ () C:\Program Files\Genie9\Genie Timeline\GSEncryption.dll 2012-07-23 13:05 - 2012-07-23 13:05 - 00087040 _____ () C:\Program Files\Genie9\Genie Timeline\QueueManager.dll 2012-07-23 13:05 - 2012-07-23 13:05 - 00708608 _____ () C:\Program Files\Genie9\Genie Timeline\GSBackupManager.dll 2012-07-23 13:05 - 2012-07-23 13:05 - 00343552 _____ () C:\Program Files\Genie9\Genie Timeline\GSWatcher4.dll 2012-07-23 13:05 - 2012-07-23 13:05 - 00054784 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogManager.dll 2012-02-02 10:16 - 2012-02-02 10:16 - 00010752 _____ () C:\Program Files\Genie9\Genie Timeline\VSSEngine_Proxy.dll 2012-04-24 10:29 - 2012-04-24 10:29 - 00058368 _____ () C:\Program Files\Genie9\Genie Timeline\GSLibrariesManager.dll 2012-12-09 14:41 - 2012-07-23 13:05 - 00163328 _____ () C:\Program Files\Genie9\Genie Timeline\GSTimelineIconOverlay.gtl 2012-12-09 14:41 - 2012-04-24 10:29 - 00045568 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogging.gtl 2012-12-09 14:41 - 2012-07-23 13:05 - 00205824 _____ () C:\Program Files\Genie9\Genie Timeline\Settings.gtl 2012-12-09 14:41 - 2012-04-24 10:29 - 00089600 _____ () C:\Program Files\Genie9\Genie Timeline\GSEncryption.gtl 2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2010-10-27 18:16 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll 2012-10-04 12:15 - 2011-10-26 16:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll 2013-04-05 11:58 - 2013-04-05 11:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll 2011-02-09 01:56 - 2011-02-09 01:56 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll 2012-12-09 14:41 - 2012-07-23 13:05 - 00488960 _____ () C:\Program Files\Genie9\Genie Timeline\GSIndexDB.gtl 2012-12-09 14:41 - 2012-02-02 10:16 - 00740864 _____ () C:\Program Files\Genie9\Genie Timeline\sqlite3.gtl 2012-12-09 14:41 - 2012-04-24 10:29 - 00011264 _____ () C:\Program Files\Genie9\Genie Timeline\RWLock.gtl 2012-12-09 14:41 - 2012-07-23 13:05 - 00708608 _____ () C:\Program Files\Genie9\Genie Timeline\GSBackupManager.gtl 2012-12-09 14:41 - 2012-07-23 13:05 - 00343552 _____ () C:\Program Files\Genie9\Genie Timeline\GSWatcher4.gtl 2012-12-09 14:41 - 2012-07-23 13:05 - 00332800 _____ () C:\Program Files\Genie9\Genie Timeline\OnlineHandler.gtl 2012-12-09 14:41 - 2012-07-23 13:05 - 00054784 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogManager.gtl 2012-12-09 14:41 - 2012-07-23 13:05 - 00087040 _____ () C:\Program Files\Genie9\Genie Timeline\QueueManager.gtl 2012-12-09 14:41 - 2012-02-02 10:16 - 00010752 _____ () C:\Program Files\Genie9\Genie Timeline\VSSEngine_Proxy.gtl 2012-12-09 14:41 - 2012-04-24 10:29 - 00058368 _____ () C:\Program Files\Genie9\Genie Timeline\GSLibrariesManager.gtl 2012-10-04 12:15 - 2011-10-26 16:41 - 00126464 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll 2013-04-05 11:58 - 2013-04-05 11:58 - 00021320 _____ () C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsPS64.dll 2013-12-22 21:13 - 2013-12-22 17:59 - 02246144 _____ () C:\Program Files\AVAST Software\Avast\defs\13122201\algo.dll 2013-12-23 20:57 - 2013-12-23 19:15 - 02246144 _____ () C:\Program Files\AVAST Software\Avast\defs\13122301\algo.dll 2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll 2013-01-10 20:07 - 2013-01-10 20:07 - 00715048 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll 2010-10-27 18:16 - 2010-03-15 10:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext32.dll 2012-12-09 14:40 - 2012-04-24 10:29 - 00038400 _____ () C:\Program Files\Genie9\Genie Timeline\x86\GSLogging.gtl 2012-12-09 14:40 - 2012-07-23 13:05 - 00169984 _____ () C:\Program Files\Genie9\Genie Timeline\x86\Settings.gtl 2012-12-09 14:40 - 2012-04-24 10:29 - 00080384 _____ () C:\Program Files\Genie9\Genie Timeline\x86\GSEncryption.gtl 2012-12-09 14:40 - 2012-07-23 13:05 - 00396288 _____ () C:\Program Files\Genie9\Genie Timeline\x86\GSIndexDB.gtl 2012-12-09 14:40 - 2012-02-02 10:16 - 00923136 _____ () C:\Program Files\Genie9\Genie Timeline\x86\sqlite3.gtl 2012-12-09 14:40 - 2012-04-24 10:29 - 00010752 _____ () C:\Program Files\Genie9\Genie Timeline\x86\RWLock.gtl 2013-12-21 11:02 - 2013-12-21 11:02 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\mozjs.dll 2013-12-25 15:47 - 2009-01-11 04:32 - 00011362 _____ () C:\Program Files (x86)\TeXstudio\mingwm10.dll 2013-12-25 15:47 - 2010-04-18 02:09 - 00108032 _____ () C:\Program Files (x86)\TeXstudio\libgcc_s_dw2-1.dll 2013-12-25 15:47 - 2013-06-24 18:48 - 00409600 _____ () C:\Program Files (x86)\TeXstudio\libpoppler-qt4.dll 2013-12-25 15:47 - 2013-06-24 18:48 - 02020352 _____ () C:\Program Files (x86)\TeXstudio\libpoppler.dll 2013-12-25 15:47 - 2013-06-24 18:47 - 00153600 _____ () C:\Program Files (x86)\TeXstudio\libpng15.dll 2013-12-25 15:47 - 2013-06-24 18:48 - 00080896 _____ () C:\Program Files (x86)\TeXstudio\libz.dll 2013-12-25 15:47 - 2013-06-24 18:48 - 00260096 _____ () C:\Program Files (x86)\TeXstudio\libcurl.dll 2013-12-25 15:47 - 2013-06-24 18:47 - 00473088 _____ () C:\Program Files (x86)\TeXstudio\libfreetype.dll 2013-12-25 15:47 - 2013-06-24 18:47 - 00199168 _____ () C:\Program Files (x86)\TeXstudio\libjpeg.dll 2013-12-25 15:47 - 2013-06-24 18:48 - 00259072 _____ () C:\Program Files (x86)\TeXstudio\liblcms2.dll 2013-12-25 15:47 - 2013-06-24 18:47 - 00125952 _____ () C:\Program Files (x86)\TeXstudio\libopenjpeg.dll 2013-12-25 15:47 - 2013-06-24 18:47 - 00318464 _____ () C:\Program Files (x86)\TeXstudio\libtiff3.dll 2013-12-25 15:47 - 2013-06-24 18:48 - 00038912 _____ () C:\Program Files (x86)\TeXstudio\libgcc_s_sjlj-1.dll 2009-02-27 20:52 - 2009-02-27 20:52 - 00258048 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll 2007-12-11 15:19 - 2007-12-11 15:19 - 01204224 ____R () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Onix32.dll 2009-01-18 23:50 - 2009-01-18 23:50 - 00417792 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeXMP.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:798A3728 AlternateDataStreams: C:\ProgramData\TEMP:93EB7685 AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D AlternateDataStreams: C:\ProgramData\TEMP:E36F5B57 ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft-Adapter für Miniports virtueller WiFis Description: Microsoft-Adapter für Miniports virtueller WiFis Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: avast! Firewall NDIS Filter Miniport Description: avast! Firewall NDIS Filter Miniport Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ALWIL Software Service: aswNdis Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (12/25/2013 04:05:50 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error: (12/25/2013 04:05:44 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error: (12/25/2013 04:05:38 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error: (12/25/2013 04:05:33 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error: (12/25/2013 04:05:27 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error: (12/25/2013 04:05:21 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error: (12/25/2013 04:05:16 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error: (12/25/2013 04:05:10 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error: (12/25/2013 04:05:05 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. Error: (12/25/2013 04:04:59 PM) (Source: XatDevService) (User: ) Description: Error: VCI V3 device 0 "Canblue" => start failed with error code 0x00000103. System errors: ============= Error: (12/25/2013 03:33:08 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst GenieTimelineService erreicht. Error: (12/25/2013 03:07:16 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst GenieTimelineService erreicht. Error: (12/25/2013 03:06:46 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst GenieTimelineService erreicht. Error: (12/25/2013 00:45:09 PM) (Source: NetBT) (User: ) Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.130 registriert werden. Der Computer mit IP-Adresse 192.168.0.104 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (12/25/2013 09:32:45 AM) (Source: WMPNetworkSvc) (User: ) Description: 0x80004004-1 Error: (12/24/2013 05:41:16 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BIRGIT-NB", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3AD09975-99D7-48CB-980D-F4C585B495F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (12/24/2013 04:38:41 PM) (Source: WMPNetworkSvc) (User: ) Description: 0x80004004-1 Error: (12/24/2013 04:38:33 PM) (Source: VDS Basic Provider) (User: ) Description: Unerwarteter Fehler. Fehlercode: 490@01010004 Error: (12/24/2013 04:38:32 PM) (Source: Virtual Disk Service) (User: ) Description: Unerwarteter Anbieterfehler. Möglicherweise kann das Problem durch erneutes Starten des Dienstes behoben werden. Fehlercode: 8007001F@02000014 Error: (12/24/2013 04:37:37 PM) (Source: DCOM) (User: ) Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58} Microsoft Office Sessions: ========================= Error: (01/05/2013 10:11:53 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Percentage of memory in use: 62% Total physical RAM: 3996.93 MB Available physical RAM: 1492.41 MB Total Pagefile: 7992.04 MB Available Pagefile: 5303.73 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:119.66 GB) NTFS Drive e: () (Removable) (Total:0.96 GB) (Free:0.07 GB) FAT32 Drive g: () (Removable) (Total:3.69 GB) (Free:3.68 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: DAB43A2C) Partition 1: (Not Active) - (Size=13 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 4 GB) (Disk ID: 00000000) Partition 1: (Not Active) - (Size=4 GB) - (Type=0B) ======================================================== Disk: 2 (Size: 991 MB) (Disk ID: 002C5A21) Partition 1: (Active) - (Size=990 MB) - (Type=0C) ==================== End Of Log ============================ |
26.12.2013, 14:31 | #7 | |
/// the machine /// TB-Ausbilder | Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Avast\VisthAux.exe lässt sich nicht starten + unerwünschter sleep bei Windows 7 |
aktivieren, anderen, antivirus, avast, board, daten, forum, heute, hintergrund, hängt, meldung, neue, problem, scan, starten, trojaner, trojaner board, update, verbindung, virenscan, virenscann, weihnachten, windows, windows 7, zusammen |