| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: langsames internetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.01.2013, 21:01
| #1 |
 |  langsames internet hallo mein internet geht viel langsamer als es sollte, obwohl ich eigentlich eine gute verbindung habe. jetzt habe ich den verdacht, dass der grund dafür irgendein trojaner ist. mein virenprogramm konnte allerdings nichts finden, die mit malwarebites gefundenen dateien habe ich in quarantätne verschoben. ich bin für jede hilfe dankbar |
|
07.01.2013, 22:16
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | langsames internet Hallo und
__________________ Zitat:
 Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520 Bitte alles nach Möglichkeit hier in CODE-Tags posten.
__________________ |
|
08.01.2013, 19:17
| #3 |
| | langsames internet hallo
__________________also hier ist jetzt das logfile von malwarebites und auch nocheinmal die anderen logfiles, so gepostet wie in der anleitung beschrieben. es tut mir leid, dass ich das falsch gemacht hab, aber irgendwo ist gestanden, dass man das so machen soll. Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.19.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Barbara neu :: BARBARA-PC [Administrator] Schutz: Aktiviert 19.12.2012 18:22:13 mbam-log-2012-12-19 (18-22-13).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 222756 Laufzeit: 8 Minute(n), 51 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\Program Files\RelevantKnowledge (PUP.Spyware.MarketScore) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 2 C:\Users\Barbara neu\Downloads\SoftonicDownloader_fuer_ibm-spss-statistics.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Barbara neu\Downloads\SoftonicDownloader_fuer_spss.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:55 on 06/01/2013 (Barbara neu)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read mbamswissarmy.sys
-=E.O.F=-
OTL Logfile: Code:
ATTFilter OTL logfile created on: 06.01.2013 17:58:31 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barbara neu\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 2,90 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 54,49% Memory free 6,01 Gb Paging File | 4,70 Gb Available in Paging File | 78,08% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 288,32 Gb Total Space | 128,37 Gb Free Space | 44,52% Space Free | Partition Type: NTFS Computer Name: BARBARA-PC | User Name: Barbara neu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.06 17:57:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Barbara neu\Desktop\OTL.exe PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2009.06.14 21:12:28 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009.06.14 21:12:00 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009.05.15 21:39:46 | 000,707,104 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe PRC - [2009.05.15 21:39:46 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe PRC - [2009.05.15 21:39:44 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe PRC - [2009.04.29 18:56:28 | 000,176,128 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe PRC - [2009.04.29 16:32:32 | 000,118,784 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe PRC - [2009.04.13 10:21:26 | 000,791,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2009.04.13 10:21:26 | 000,578,848 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.02.12 01:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009.02.12 01:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008.07.29 18:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2007.09.14 02:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE ========== Modules (No Company Name) ========== MOD - [2012.08.31 12:02:46 | 003,194,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2012.08.31 12:01:10 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2012.04.23 12:01:12 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2012.03.22 12:02:38 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2011.12.27 03:51:23 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2010.09.20 16:36:39 | 000,339,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3452.36786__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010.09.20 16:36:39 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3452.36806__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010.09.20 16:36:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3452.36800__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010.09.20 16:36:38 | 001,732,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3452.36805__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2010.09.20 16:36:38 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3452.36857__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2010.09.20 16:36:38 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3452.36829__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2010.09.20 16:36:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3452.36795__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2010.09.20 16:36:37 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3452.36876__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010.09.20 16:36:37 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3452.36795__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:37 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3452.36838__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2010.09.20 16:36:36 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3452.36877__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:35 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3452.36843__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:35 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3452.36875__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:35 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3452.36885__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:35 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3452.36844__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010.09.20 16:36:35 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3452.36843__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2010.09.20 16:36:35 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossFireX.Graphics.Dashboard\2.0.3452.36900__90ba9c70f846762e\CLI.Aspect.CrossFireX.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:35 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3452.36875__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2010.09.20 16:36:35 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3452.36885__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.dll MOD - [2010.09.20 16:36:33 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3452.36851__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2010.09.20 16:36:32 | 000,950,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3452.36901__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:32 | 000,782,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3452.36831__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:32 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3452.36807__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:32 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3452.36806__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:32 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3452.36836__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:32 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3452.36830__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2010.09.20 16:36:32 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3452.36836__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2010.09.20 16:36:31 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3452.36830__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:31 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3452.36825__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:31 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3452.36837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:31 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3452.36811__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2010.09.20 16:36:31 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3452.36829__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2010.09.20 16:36:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3452.36810__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2010.09.20 16:36:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3452.36837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2010.09.20 16:36:30 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2010.09.20 16:36:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3452.36830__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2010.09.20 16:36:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010.09.20 16:36:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010.09.20 16:36:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2010.09.20 16:36:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2010.09.20 16:36:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010.09.20 16:36:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010.09.20 16:36:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010.09.20 16:36:29 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010.09.20 16:36:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010.09.20 16:36:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010.09.20 16:36:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010.09.20 16:36:27 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010.09.20 16:36:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010.09.20 16:36:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2010.09.20 16:36:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.dll MOD - [2010.09.20 16:36:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010.09.20 16:36:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010.09.20 16:36:26 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010.09.20 16:36:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010.09.20 16:36:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010.09.20 16:36:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010.09.20 16:36:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010.09.20 16:36:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010.09.20 16:36:25 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010.09.20 16:36:25 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010.09.20 16:36:25 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010.09.20 16:36:25 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3428.28328__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll MOD - [2010.09.20 16:36:25 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010.09.20 16:36:24 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2010.09.20 16:36:23 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2010.09.20 16:36:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll MOD - [2010.09.20 16:36:22 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010.09.20 16:36:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3452.36881__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010.09.20 16:36:21 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3452.36782__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010.09.20 16:36:20 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3452.36871__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010.09.20 16:36:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3452.36869__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010.09.20 16:36:20 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010.09.20 16:36:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2010.09.20 16:36:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010.09.20 16:36:19 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3452.36800__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010.09.20 16:36:19 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3452.36786__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2010.09.20 16:36:19 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3452.36784__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010.09.20 16:36:19 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010.09.20 16:36:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010.09.20 16:36:19 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010.09.20 16:36:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010.09.20 16:36:17 | 001,212,416 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3452.36791__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010.09.20 16:36:17 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3452.36784__90ba9c70f846762e\APM.Server.dll MOD - [2010.09.20 16:36:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3452.36782__90ba9c70f846762e\AEM.Server.dll MOD - [2010.09.20 16:36:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010.09.20 16:36:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010.09.20 16:36:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2010.09.20 16:36:17 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3452.36870__90ba9c70f846762e\CCC.Implementation.dll MOD - [2009.06.19 09:49:16 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2009.04.13 10:09:00 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2009.03.30 05:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2009.03.30 05:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2009.03.30 05:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.03.30 05:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2008.07.29 18:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe ========== Services (SafeList) ========== SRV - [2012.12.14 12:43:34 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.07 20:11:48 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011.04.01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2009.06.14 21:12:00 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009.05.15 21:39:46 | 000,703,008 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc) SRV - [2009.04.29 16:32:32 | 000,118,784 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe -- (ODDPwrSvc) SRV - [2009.04.13 10:21:26 | 000,578,848 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009.02.12 01:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tscusb2a.sys -- (TASCAM_US122L_MK2_WDM) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tscusb2m.sys -- (TASCAM_US122L_MK2_MIDI) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\tascusb2.sys -- (TASCAM_US122144) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009.06.19 20:31:06 | 005,958,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw1v32.sys -- (NETw1v32) DRV - [2009.06.14 21:47:20 | 004,989,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag) DRV - [2009.06.14 20:23:10 | 000,106,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2009.06.14 20:09:50 | 004,740,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdpmd32.sys -- (intelkmd) DRV - [2009.04.01 20:54:44 | 000,050,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C60x86.sys -- (L1C) DRV - [2009.02.20 17:10:00 | 000,153,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2008.06.18 16:49:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=2&o=vp32&d=0809&m=aspire_5810t IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=2&o=vp32&d=0809&m=aspire_5810t IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811} IE - HKCU\..\SearchScopes,DefaultScope = {DE0205D4-196A-469C-9A75-F89FF121F80D} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKCU\..\SearchScopes\{CEF49D59-2551-42BC-814E-C12913537CD7}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=214BE686-6759-4B17-8842-769D8690E4A9&apn_sauid=3DE1E432-AF7A-499B-84CE-77B8F2C62331 IE - HKCU\..\SearchScopes\{DE0205D4-196A-469C-9A75-F89FF121F80D}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local> ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.2 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.12 21:07:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.07 20:11:49 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.07 20:11:49 | 000,000,000 | ---D | M] [2010.01.27 00:06:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara neu\AppData\Roaming\mozilla\Extensions [2013.01.04 09:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara neu\AppData\Roaming\mozilla\Firefox\Profiles\4mq0wbaf.default\extensions [2011.03.25 00:12:13 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\Barbara neu\AppData\Roaming\mozilla\firefox\profiles\4mq0wbaf.default\extensions\personas@christopher.beard.xpi [2012.11.23 15:47:58 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Barbara neu\AppData\Roaming\mozilla\firefox\profiles\4mq0wbaf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.01.04 21:30:07 | 000,001,610 | ---- | M] () -- C:\Users\Barbara neu\AppData\Roaming\mozilla\firefox\profiles\4mq0wbaf.default\searchplugins\ixquick---deutsch.xml [2012.12.17 14:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012.11.12 21:07:42 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012.12.07 20:11:49 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.10.25 14:10:09 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.25 14:10:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.10.25 14:10:09 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.10.25 14:10:09 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.25 14:10:09 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.25 14:10:09 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811} CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll CHR - Extension: Google Drive = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: Google Mail = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (smartdownloader Class) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Program Files\SockshareDownloader\smarterdownloader.dll File not found O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated) O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Barbara neu\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10FAFB6D-C08D-4BF5-AC21-787996885DD4}: DhcpNameServer = 195.34.133.21 212.186.211.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF8F8509-B831-43C6-A805-B58C160372CB}: DhcpNameServer = 195.34.133.21 212.186.211.21 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Barbara neu\Pictures\Canon EOS 60D\20110817 - Lichtspiel\IMG_4956.JPG O24 - Desktop BackupWallPaper: C:\Users\Barbara neu\Pictures\Canon EOS 60D\20110817 - Lichtspiel\IMG_4956.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1a0f21d1-b9d1-11e1-b212-001f16ad6811}\Shell - "" = AutoRun O33 - MountPoints2\{1a0f21d1-b9d1-11e1-b212-001f16ad6811}\Shell\AutoRun\command - "" = E:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.06 17:57:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Barbara neu\Desktop\OTL.exe [2013.01.04 10:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.01.03 22:10:47 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Local\PutLockerDownloader [2013.01.03 22:10:38 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SockshareDownloader.com [2012.12.19 18:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in [2012.12.19 18:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2012.12.19 18:20:00 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Roaming\Malwarebytes [2012.12.19 18:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.12.19 18:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.12.19 18:19:42 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.12.19 18:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.12.17 19:43:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{64300630-5B75-49F3-904F-EA6A0C434430} [2012.12.17 19:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UPC Fiber Power Optimizer [2012.12.16 15:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\UPC Fiber Power Optimizer [2012.12.14 20:49:04 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Local\TVU Networks [2012.12.14 20:49:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks [2012.12.14 20:45:47 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Local\Zattoo [2012.12.14 20:45:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4 [2012.12.14 20:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Zattoo4 [2012.12.07 20:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox ========== Files - Modified Within 30 Days ========== [2013.01.06 18:10:00 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5DD97CF1-442C-45FF-9906-8EEE2E1F9D73}.job [2013.01.06 18:04:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.06 17:57:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Barbara neu\Desktop\OTL.exe [2013.01.06 17:55:34 | 000,000,000 | ---- | M] () -- C:\Users\Barbara neu\defogger_reenable [2013.01.06 17:53:35 | 000,050,477 | ---- | M] () -- C:\Users\Barbara neu\Desktop\Defogger.exe [2013.01.06 17:41:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.06 17:04:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.06 16:53:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.06 16:53:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.06 15:07:02 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Barbara neu.job [2013.01.06 14:53:53 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Barbara neu.job [2013.01.06 14:53:28 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013.01.06 14:53:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.06 14:53:14 | 3119,292,416 | -HS- | M] () -- C:\hiberfil.sys [2013.01.05 21:14:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2013.01.04 20:03:03 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Barbara neu.job [2012.12.27 15:29:00 | 000,030,706 | ---- | M] () -- C:\Users\Barbara neu\Desktop\Telefonliste.pdf [2012.12.21 22:45:29 | 003,740,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.12.18 20:44:47 | 000,002,591 | ---- | M] () -- C:\Users\Barbara neu\Desktop\Microsoft Office Word 2007.lnk [2012.12.17 19:58:13 | 000,002,070 | ---- | M] () -- C:\Users\Barbara neu\Documents\cc_20121217_195809.reg [2012.12.17 19:24:16 | 000,101,040 | ---- | M] () -- C:\Users\Barbara neu\Documents\cc_20121217_192406.reg [2012.12.16 13:55:03 | 000,623,280 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.12.16 13:55:03 | 000,591,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.12.16 13:55:03 | 000,125,378 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.12.16 13:55:03 | 000,103,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.12.14 20:46:17 | 000,017,408 | ---- | M] () -- C:\Users\Barbara neu\AppData\Local\WebpageIcons.db [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.12.13 22:08:49 | 000,000,016 | -H-- | M] () -- C:\Windows\System32\servdat.slm ========== Files Created - No Company Name ========== [2013.01.06 17:55:34 | 000,000,000 | ---- | C] () -- C:\Users\Barbara neu\defogger_reenable [2013.01.06 17:53:11 | 000,050,477 | ---- | C] () -- C:\Users\Barbara neu\Desktop\Defogger.exe [2012.12.27 15:29:00 | 000,030,706 | ---- | C] () -- C:\Users\Barbara neu\Desktop\Telefonliste.pdf [2012.12.17 19:58:12 | 000,002,070 | ---- | C] () -- C:\Users\Barbara neu\Documents\cc_20121217_195809.reg [2012.12.17 19:24:09 | 000,101,040 | ---- | C] () -- C:\Users\Barbara neu\Documents\cc_20121217_192406.reg [2012.12.17 14:13:19 | 000,000,400 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Barbara neu.job [2012.12.17 14:12:58 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Barbara neu.job [2012.12.17 14:12:51 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Barbara neu.job [2012.12.14 20:45:46 | 000,017,408 | ---- | C] () -- C:\Users\Barbara neu\AppData\Local\WebpageIcons.db [2012.12.14 12:47:31 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.12.14 12:47:31 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.20 00:59:32 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat.temp [2012.11.05 21:52:30 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2011.06.19 10:09:17 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2011.06.19 10:09:17 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2011.06.19 10:09:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth2.dll [2011.06.19 10:09:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth1.dll [2011.06.19 10:09:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.dll [2011.06.19 10:03:10 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2011.06.19 10:03:10 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2010.10.26 21:58:56 | 000,000,000 | ---- | C] () -- C:\Users\Barbara neu\AppData\Roaming\wklnhst.dat [2010.08.10 16:51:13 | 000,000,331 | ---- | C] () -- C:\Users\Barbara neu\Desktop - Verknüpfung.lnk [2010.06.26 16:22:50 | 000,001,429 | ---- | C] () -- C:\Users\Barbara neu\AppData\Local\RecConfig.xml [2010.04.05 12:15:35 | 000,001,356 | ---- | C] () -- C:\Users\Barbara neu\AppData\Local\d3d9caps.dat [2010.01.26 23:53:38 | 000,166,912 | ---- | C] () -- C:\Users\Barbara neu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.11.17 12:34:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010.08.10 16:39:16 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Acer [2009.04.09 14:21:52 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Acer GameZone Console [2010.05.18 16:08:13 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\cacaoweb [2011.04.07 07:19:44 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Canon [2011.01.27 23:34:52 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012.03.11 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.12.20 23:48:16 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Dropbox [2012.12.17 15:01:30 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\DVDVideoSoft [2011.10.28 09:01:12 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\DVDVideoSoftIEHelpers [2010.02.16 22:07:33 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\EA [2011.06.25 14:04:02 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\GrabPro [2011.08.10 13:19:19 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\HartlauerFotoService3 [2010.02.15 15:02:32 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\iWin [2010.07.06 09:18:03 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\NCH Swift Sound [2010.05.24 22:06:29 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\OLYMPUS [2011.07.21 09:19:14 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Orbit [2010.02.15 16:09:56 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\PlayFirst [2011.03.21 13:43:09 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\ProgSense [2012.03.11 11:40:18 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Quark [2012.05.29 17:46:13 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Scribus [2011.06.25 13:12:28 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Software Informer [2012.09.02 05:16:03 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Sony [2011.01.28 20:53:00 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010.06.26 16:41:31 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Sytexis [2010.07.05 20:18:04 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Sytexis Software [2012.10.28 22:49:25 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\TuneUp Software ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:814B9485 @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:CDFF58FE @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:ADE16379 @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:ABE89FFE @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3B3A35EC @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:798A3728 @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:41099CE9 @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:3064D21D @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:35759C73 @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:B623B5B8 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:CE0A077E @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:9E22BBE8 @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:8750DCE4 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:B203B914 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:131C0EE9 < End of report > [/CODE] |
|
08.01.2013, 19:18
| #4 |
| | langsames internet OTL Extras OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 06.01.2013 17:58:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barbara neu\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,90 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 54,49% Memory free
6,01 Gb Paging File | 4,70 Gb Available in Paging File | 78,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 128,37 Gb Free Space | 44,52% Space Free | Partition Type: NTFS
Computer Name: BARBARA-PC | User Name: Barbara neu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0285A98F-C55C-4F90-A170-F9D6A1E436C5}" = lport=138 | protocol=17 | dir=in | app=system |
"{2042FD56-8067-4654-8C6D-FD72EDD329D0}" = lport=139 | protocol=6 | dir=in | app=system |
"{2E6230C5-655E-4CB1-9D09-ECD85F046BD1}" = rport=139 | protocol=6 | dir=out | app=system |
"{58410EFF-16D3-46CA-AD1C-DEBCFE01F07B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{5EC03791-678A-45D7-85B9-9F049325F636}" = rport=445 | protocol=6 | dir=out | app=system |
"{9060689A-C056-47D4-BFEE-CF0DDE05281E}" = lport=137 | protocol=17 | dir=in | app=system |
"{9FFA1A80-4084-4067-A365-07311D37558B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A8611478-6D51-4928-971D-97CC33AD4DCC}" = rport=137 | protocol=17 | dir=out | app=system |
"{C1F6A508-82FD-448A-BACD-6BBCE1FB2D04}" = lport=49160 | protocol=6 | dir=in | name=akamai netsession interface |
"{CB3F3F18-3220-4B88-BDC6-4EE3C594EED0}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{CFD04E60-22B5-4982-949A-625CD33149FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EFBF0D97-8412-4625-9637-85469E0E1F89}" = lport=445 | protocol=6 | dir=in | app=system |
"{FBC74F25-3F28-4F7A-81E0-A0AB08926977}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17D71B52-EFD6-47DB-AF2C-35DFB043FEA7}" = protocol=17 | dir=in | app=c:\users\barbara neu\appdata\roaming\dropbox\bin\dropbox.exe |
"{332A3D4C-D47F-4732-BE93-A404ECEE9EB6}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{39F1CFF1-DCE9-4268-968A-51987411D03E}" = protocol=6 | dir=in | app=c:\users\barbara neu\appdata\roaming\dropbox\bin\dropbox.exe |
"{566438CD-23E8-438F-8B1F-70597C056D5D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{89B8F9B4-02FD-471A-B402-4AFA0DDF4E20}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{89E9B476-BBFD-4EF1-BFE4-48A3FA1E2644}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{93C6BE9F-2F0C-4487-BD19-16003ECB167E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{959ED7C0-1EFF-464A-AB91-2E818F2C7717}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AA4CD17E-37AD-4863-BBFF-D8C28FF91E1F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E5D3D5C5-55DB-4639-AB53-F9101296FB1F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E64A4F01-E834-44BB-8D92-52EC28AD3E0B}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{F907A242-9244-45A2-B53D-3171976721EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{6590DA7E-0257-4CE4-BDDC-81238FD0EF00}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{7EAD8BC8-3E85-40C8-BB07-EAA576A8149A}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{A6010826-3486-40EE-A800-3B8D5718F63C}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{B42B61FA-C296-48C4-8B52-65187CA15509}C:\users\barbara neu\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\barbara neu\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{F103BF57-8E20-4A58-A921-6ACD8D3C5D1D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{41C79F91-1F2B-4423-ABD0-F6EEF1A0ACA5}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{502E5EC2-3AE8-4B99-BC12-5D7D5AF8B398}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{581FB33C-A6F1-4256-8029-97960EE33C38}C:\users\barbara neu\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\barbara neu\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{DFED5A29-2223-48B7-B6B3-3B9A44FA39E9}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{F0266A98-40EA-4CBC-9757-B7DB44AFC341}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B41341B-4BC2-7CB0-8178-C5D0AD92EEF2}" = CCC Help Greek
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F5A95A6-7A7E-93E7-C77B-470FD9B667F8}" = CCC Help Turkish
"{11712A95-9F9C-2DF6-580D-B62FE3B98768}" = PX Profile Update
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series" = Canon iP2600 series
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FA83AF5-C201-4E45-BBBD-79E8ABADE53E}" = Catalyst Control Center - Branding
"{229F7A4D-6E3B-EB2C-9110-6DEA56E99108}" = Catalyst Control Center Localization All
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2FB5CC56-872B-A0D7-A525-EBF9DB08689B}" = CCC Help French
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{38EA4830-58AE-65AD-A8B3-6064D394D7ED}" = CCC Help Czech
"{39718956-7340-3DFE-3A35-14C91DC9D63D}" = Catalyst Control Center Graphics Previews Vista
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3F88036C-CF12-1114-459A-E266572C017E}" = CCC Help Chinese Standard
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4955AA6E-8C6B-A5B9-B18E-E16384E33B50}" = CCC Help Chinese Traditional
"{4B7FE3B3-9A06-285A-EB91-BC3CA6D60AD8}" = CCC Help Polish
"{4CDE854F-E21C-135B-ED5A-8E9F82B0007E}" = ATI Catalyst Install Manager
"{5C318BD3-BA72-43E4-9D16-A18210B4A5A5}" = Media Go
"{603C6F75-DE85-0E39-9D68-938113A2F5E6}" = Catalyst Control Center Graphics Full Existing
"{631141AD-79AA-447F-B403-21C704D39B8C}" = UPC Fiber Power Optimizer
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6513AD91-DA94-2BD0-E568-432993A4D6BE}" = Skins
"{66E54441-49CF-BA7C-31F8-2B0E8F6ED16C}" = CCC Help Italian
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}" = SPSS 15.0 für Windows [Auswertung Version]
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{721E52C2-EA00-C621-3684-D970952071F9}" = CCC Help Finnish
"{750E150C-26FE-7E07-173B-51E79256A923}" = CCC Help Dutch
"{756E414B-D957-3C82-84D4-A3C287F8EB6A}" = CCC Help Japanese
"{75B384B3-01D1-7483-7F5E-266FB8B17C07}" = CCC Help German
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B18FBCB-A4B6-50E7-ABC6-8DE3544A3252}" = Catalyst Control Center InstallProxy
"{7D6A6201-8191-7F50-E56B-E06A060419F2}" = CCC Help Russian
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A0CED3C4-8144-59C4-C5F4-2EA55F34B9B5}" = CCC Help Hungarian
"{A5BADEDF-5C2E-D41B-CDB7-4EF1126EFAC8}" = CCC Help Norwegian
"{A8BEBC07-B5D5-8717-835D-52A06E8436FE}" = CCC Help Korean
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAEC5400-3AAA-EE21-ABAB-6817E92A1CAD}" = Catalyst Control Center Graphics Light
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE09C972-EEB2-4DA5-8090-0FCF54576854}" = Optical Drive Power Management
"{AE30124B-94BE-4ECC-CA37-25A1773442F0}" = CCC Help Spanish
"{AF5C4D9B-90F3-F13A-1B4C-C3B715D3DBF4}" = ccc-core-static
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B55DB8FF-D820-556E-A1A3-33DBAE66A4D3}" = Catalyst Control Center Graphics Full New
"{BE43F19F-EE18-E389-BBF5-37C27AF16661}" = CCC Help English
"{C53895B8-ABF5-A16E-3415-B8CE794420BD}" = ccc-utility
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEDE4E96-8001-EE93-6F25-96A7E1A87AC9}" = CCC Help Portuguese
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1FAA013-337E-EE72-B238-47A32B2B8314}" = CCC Help Swedish
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D7645CC1-EB78-3481-FBC4-EBC525488E3C}" = Catalyst Control Center Core Implementation
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E283C37C-C781-586F-CA53-5175CB8C4519}" = CCC Help Thai
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EAE682E9-A523-7972-B39B-75674154AF1F}" = CCC Help Danish
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.094
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"1ClickDownload" = SockshareDownloader
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon iP2600 series Benutzerregistrierung" = Canon iP2600 series Benutzerregistrierung
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DPP" = Canon Utilities Digital Photo Professional 3.9
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Software Informer_is1" = Software Informer 1.0 BETA
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"UPC Fiber Power Optimizer" = UPC Fiber Power Optimizer
"VLC media player" = VLC media player 1.1.10
"WFTK" = Canon Utilities WFT Utility
"WinRAR archiver" = WinRAR
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.01.2013 06:21:06 | Computer Name = Barbara-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 04.01.2013 06:21:06 | Computer Name = Barbara-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 04.01.2013 06:21:06 | Computer Name = Barbara-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 04.01.2013 06:21:06 | Computer Name = Barbara-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 04.01.2013 06:21:06 | Computer Name = Barbara-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 04.01.2013 06:22:00 | Computer Name = Barbara-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 17.0.1.4715 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: 1228 Anfangszeit: 01cdea62c83090c8 Zeitpunkt der
Beendigung: 69
Error - 04.01.2013 10:14:36 | Computer Name = Barbara-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.01.2013 03:14:19 | Computer Name = Barbara-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.01.2013 10:16:57 | Computer Name = Barbara-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.01.2013 10:21:03 | Computer Name = Barbara-PC | Source = Windows Search Service | ID = 3024
Description =
Error - 06.01.2013 09:53:50 | Computer Name = Barbara-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 06.11.2010 07:33:21 | Computer Name = Barbara-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 998
seconds with 780 seconds of active time. This session ended with a crash.
Error - 18.11.2010 16:38:14 | Computer Name = Barbara-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3668
seconds with 2880 seconds of active time. This session ended with a crash.
Error - 06.10.2011 07:06:04 | Computer Name = Barbara-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1414
seconds with 480 seconds of active time. This session ended with a crash.
Error - 23.11.2011 10:52:17 | Computer Name = Barbara-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8825
seconds with 300 seconds of active time. This session ended with a crash.
Error - 01.02.2012 12:29:53 | Computer Name = Barbara-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20.02.2012 11:29:54 | Computer Name = Barbara-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 48
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27.02.2012 07:52:00 | Computer Name = Barbara-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3990
seconds with 0 seconds of active time. This session ended with a crash.
Error - 02.04.2012 20:00:58 | Computer Name = Barbara-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27629
seconds with 180 seconds of active time. This session ended with a crash.
Error - 10.10.2012 02:11:44 | Computer Name = Barbara-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 116
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 01.01.2013 14:54:28 | Computer Name = Barbara-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 10.0.0.3 für die Netzwerkkarte mit der Netzwerkadresse
001E64049096 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 02.01.2013 05:57:00 | Computer Name = Barbara-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 10.0.0.2 für die Netzwerkkarte mit der Netzwerkadresse
001E64049096 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 02.01.2013 08:14:35 | Computer Name = Barbara-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 02.01.2013 12:39:32 | Computer Name = Barbara-PC | Source = bowser | ID = 8003
Description =
Error - 02.01.2013 13:15:30 | Computer Name = Barbara-PC | Source = bowser | ID = 8003
Description =
Error - 02.01.2013 14:03:23 | Computer Name = Barbara-PC | Source = bowser | ID = 8003
Description =
Error - 02.01.2013 14:27:25 | Computer Name = Barbara-PC | Source = bowser | ID = 8003
Description =
Error - 03.01.2013 09:34:18 | Computer Name = Barbara-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 10.0.0.1 für die Netzwerkkarte mit der Netzwerkadresse
001E64049096 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 03.01.2013 16:25:37 | Computer Name = Barbara-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 04.01.2013 12:33:41 | Computer Name = Barbara-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
< End of report >
[/CODE] und gmer Code:
ATTFilter
GMER 2.0.18437 - hxxp://www.gmer.net
Rootkit scan 2013-01-06 18:51:57
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB3O 298,09GB
Running: rf3h5z4f.exe; Driver: C:\Users\BARBAR~1\AppData\Local\Temp\kwdiyfog.sys
---- System - GMER 2.0 ----
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0x918644BA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x9201BC22]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0x91864ED6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0x9186FFA8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0x9186FFF4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0x91870176]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0x9186FF16]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x9201BFA6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0x9186FF5E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThread [0x9186511C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0x91870130]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDebugActiveProcess [0x9186593E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0x91864508]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x9201BCEA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x9201A3EC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0x91864556]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x91869534]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0x918663A6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0x9186FFD2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0x91870016]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0x9187019A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0x9186FF3C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0x918700BA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0x9186FF86]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0x91870154]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x9201BE4A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0x91866272]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueueApcThread [0x91865DD4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0x918645A4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0x918645F2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetContextThread [0x918657BE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0x918641FA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0x918643AA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0x91864350]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendProcess [0x91865AF8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendThread [0x91865C54]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0x9186441A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwTerminateProcess [0x9201BEFE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateThread [0x91865636]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwUnloadDriver [0x9201A41C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0x91864640]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwWriteVirtualMemory [0x9201BD96]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThreadEx [0x918652F4]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x92034E56]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 2.0 ----
.text ntkrnlpa.exe!KeSetEvent + 10D 83AC57D0 4 Bytes [BA, 44, 86, 91]
.text ntkrnlpa.exe!KeSetEvent + 131 83AC57F4 4 Bytes [22, BC, 01, 92]
.text ntkrnlpa.exe!KeSetEvent + 191 83AC5854 4 Bytes [D6, 4E, 86, 91]
.text ntkrnlpa.exe!KeSetEvent + 1D1 83AC5894 8 Bytes [A8, FF, 86, 91, F4, FF, 86, ...] {TEST AL, 0xff; XCHG [ECX-0x6e79000c], DL}
.text ntkrnlpa.exe!KeSetEvent + 1DE 83AC58A1 3 Bytes [01, 87, 91]
.text ...
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 83BF0633 5 Bytes JMP 92031CF6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 83C49593 5 Bytes JMP 92033810 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 110 83C52EB8 4 Bytes CALL 91866A8D \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 121 83C56B2C 4 Bytes CALL 91866AA3 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 83CAAE8C 7 Bytes JMP 92034E5A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x8F809000, 0x2D41EC, 0xE8000020]
.text win32k.sys!EngCreateRectRgn + 4537 9BAB0470 5 Bytes JMP 91869FFE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngEraseSurface + FDC 9BAC0628 5 Bytes JMP 9186A090 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreatePalette + C20 9BAC9689 5 Bytes JMP 9186ACB6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngTransparentBlt + 4A1 9BACA475 5 Bytes JMP 9186AE1C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngTransparentBlt + 8C2F 9BAD2C03 5 Bytes JMP 9186956A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 616 9BAD3B59 5 Bytes JMP 9186AA86 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XFORMOBJ_iGetXform + 30FB 9BADF297 5 Bytes JMP 91869EB8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XFORMOBJ_iGetXform + 456D 9BAE0709 5 Bytes JMP 918697C4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XFORMOBJ_iGetXform + 46BC 9BAE0858 5 Bytes JMP 9186A16A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XFORMOBJ_iGetXform + 4C51 9BAE0DED 5 Bytes JMP 9186A182 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XFORMOBJ_iGetXform + 5239 9BAE13D5 5 Bytes JMP 91869CDE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMapFontFileFD + 11A16 9BAFA285 5 Bytes JMP 91869C1E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMapFontFileFD + 11A6A 9BAFA2D9 5 Bytes JMP 91869EE4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 377F 9BB21378 5 Bytes JMP 9186A94C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 60DC 9BB23CD5 5 Bytes JMP 91869670 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMulDiv + 4D3F 9BB2A63E 5 Bytes JMP 91869834 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBlt + 2B44 9BB34AD4 5 Bytes JMP 9186AEBE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStrokePath + 5FF 9BB379BC 5 Bytes JMP 91869688 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngLpkInstalled + 1D73 9BB417E7 5 Bytes JMP 9186AA3C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngAlphaBlend + B990 9BB51D8D 5 Bytes JMP 9186A0A8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngNineGrid + 8C4 9BB55F7F 5 Bytes JMP 9186ABFE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngNineGrid + 6FA0 9BB5C65B 5 Bytes JMP 9186A9F6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCopyBits + B0F 9BB5FDCA 5 Bytes JMP 9186AB4C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!STROBJ_vEnumStart + 4728 9BB676E9 5 Bytes JMP 91869760 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + E80 9BB85C8A 5 Bytes JMP 91869A1C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!CLIPOBJ_bEnum + 248 9BB8B532 5 Bytes JMP 918698F0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 26D9 9BB8F06A 5 Bytes JMP 9186AD74 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 3775 9BBA7454 5 Bytes JMP 9186A0C0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngLineTo + A15 9BBAD59D 5 Bytes JMP 91869944 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngLineTo + D2AF 9BBB9E37 5 Bytes JMP 91869B48 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngLineTo + 10D20 9BBBD8A8 5 Bytes JMP 91869AB2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
---- User code sections - GMER 2.0 ----
.text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[280] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[508] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[604] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\csrss.exe[636] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\svchost.exe[640] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text ...
.text C:\Windows\system32\igfxext.exe[888] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001701F8
.text C:\Windows\system32\igfxext.exe[888] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001703FC
.text C:\Windows\system32\igfxext.exe[888] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\igfxext.exe[888] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00180600
.text C:\Windows\system32\igfxext.exe[888] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00180804
.text C:\Windows\system32\igfxext.exe[888] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00180A08
.text C:\Windows\system32\igfxext.exe[888] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001801F8
.text C:\Windows\system32\igfxext.exe[888] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001803FC
.text C:\Windows\system32\igfxext.exe[888] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001903FC
.text C:\Windows\system32\igfxext.exe[888] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00190600
.text C:\Windows\system32\igfxext.exe[888] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00191014
.text C:\Windows\system32\igfxext.exe[888] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00190804
.text C:\Windows\system32\igfxext.exe[888] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00190A08
.text C:\Windows\system32\igfxext.exe[888] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00190C0C
.text C:\Windows\system32\igfxext.exe[888] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00190E10
.text C:\Windows\system32\igfxext.exe[888] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001901F8
.text C:\Windows\system32\svchost.exe[924] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[932] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\svchost.exe[996] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\System32\svchost.exe[1032] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\winlogon.exe[1100] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text ...
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 000601F8
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 000603FC
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00080600
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00080804
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00080A08
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 000801F8
.text C:\Windows\system32\wbem\wmiprvse.exe[1292] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 000803FC
.text C:\Windows\system32\AUDIODG.EXE[1396] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1420] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1504] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\atieclxx.exe[1544] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1720] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text ...
.text C:\Windows\ehome\ehtray.exe[1768] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 000601F8
.text C:\Windows\ehome\ehtray.exe[1768] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 000603FC
.text C:\Windows\ehome\ehtray.exe[1768] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\ehome\ehtray.exe[1768] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 000703FC
.text C:\Windows\ehome\ehtray.exe[1768] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00070600
.text C:\Windows\ehome\ehtray.exe[1768] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00071014
.text C:\Windows\ehome\ehtray.exe[1768] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00070804
.text C:\Windows\ehome\ehtray.exe[1768] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00070A08
.text C:\Windows\ehome\ehtray.exe[1768] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00070C0C
.text C:\Windows\ehome\ehtray.exe[1768] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00070E10
.text C:\Windows\ehome\ehtray.exe[1768] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 000701F8
.text C:\Windows\ehome\ehtray.exe[1768] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00080600
.text C:\Windows\ehome\ehtray.exe[1768] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00080804
.text C:\Windows\ehome\ehtray.exe[1768] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00080A08
.text C:\Windows\ehome\ehtray.exe[1768] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 000801F8
.text C:\Windows\ehome\ehtray.exe[1768] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 000803FC
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1844] kernel32.dll!SetUnhandledExceptionFilter 7661A8B5 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1844] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\System32\spoolsv.exe[1936] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1964] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\svchost.exe[2060] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Microsoft\BingBar\SeaPort.EXE[2084] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text ...
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001601F8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001603FC
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001703FC
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00170600
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00171014
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00170804
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00170A08
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00170C0C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00170E10
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001701F8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00180600
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00180804
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00180A08
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001801F8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[2944] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001803FC
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001701F8
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001703FC
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00180600
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00180804
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00180A08
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001801F8
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001803FC
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001903FC
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00190600
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00191014
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00190804
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00190A08
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00190C0C
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00190E10
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2972] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001901F8
.text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2992] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 000601F8
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 000603FC
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 000703FC
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00070600
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00071014
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00070804
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00070A08
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00070C0C
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00070E10
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 000701F8
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00080600
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00080804
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00080A08
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 000801F8
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3016] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 000803FC
.text C:\Windows\PLFSetI.exe[3044] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3052] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3080] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[3248] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001601F8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001603FC
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00170600
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00170804
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00170A08
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001701F8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001703FC
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00180600
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00181014
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00180804
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00180A08
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00180C0C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00180E10
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3392] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001801F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001601F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001603FC
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00180600
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00181014
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00180804
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00180A08
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00180C0C
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00180E10
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001801F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00190600
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00190804
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00190A08
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001901F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3520] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001903FC
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001701F8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001703FC
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00180600
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00181014
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00180804
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00180A08
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00180C0C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00180E10
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001801F8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00190600
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00190804
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00190A08
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001901F8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3644] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001903FC
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001601F8
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001603FC
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00170600
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00170804
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00170A08
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001701F8
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001703FC
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00180600
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00181014
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00180804
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00180A08
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00180C0C
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00180E10
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[3780] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001801F8
.text C:\Windows\ehome\ehmsas.exe[3804] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 000501F8
.text C:\Windows\ehome\ehmsas.exe[3804] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 000503FC
.text C:\Windows\ehome\ehmsas.exe[3804] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\ehome\ehmsas.exe[3804] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 000603FC
.text C:\Windows\ehome\ehmsas.exe[3804] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00060600
.text C:\Windows\ehome\ehmsas.exe[3804] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00061014
.text C:\Windows\ehome\ehmsas.exe[3804] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00060804
.text C:\Windows\ehome\ehmsas.exe[3804] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00060A08
.text C:\Windows\ehome\ehmsas.exe[3804] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00060C0C
.text C:\Windows\ehome\ehmsas.exe[3804] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00060E10
.text C:\Windows\ehome\ehmsas.exe[3804] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 000601F8
.text C:\Windows\ehome\ehmsas.exe[3804] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00070600
.text C:\Windows\ehome\ehmsas.exe[3804] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00070804
.text C:\Windows\ehome\ehmsas.exe[3804] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00070A08
.text C:\Windows\ehome\ehmsas.exe[3804] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 000701F8
.text C:\Windows\ehome\ehmsas.exe[3804] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 000703FC
.text C:\Windows\System32\igfxpers.exe[3812] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001601F8
.text C:\Windows\System32\igfxpers.exe[3812] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001603FC
.text C:\Windows\System32\igfxpers.exe[3812] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\System32\igfxpers.exe[3812] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00170600
.text C:\Windows\System32\igfxpers.exe[3812] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00170804
.text C:\Windows\System32\igfxpers.exe[3812] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00170A08
.text C:\Windows\System32\igfxpers.exe[3812] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001701F8
.text C:\Windows\System32\igfxpers.exe[3812] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001703FC
.text C:\Windows\System32\igfxpers.exe[3812] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001803FC
.text C:\Windows\System32\igfxpers.exe[3812] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00180600
.text C:\Windows\System32\igfxpers.exe[3812] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00181014
.text C:\Windows\System32\igfxpers.exe[3812] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00180804
.text C:\Windows\System32\igfxpers.exe[3812] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00180A08
.text C:\Windows\System32\igfxpers.exe[3812] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00180C0C
.text C:\Windows\System32\igfxpers.exe[3812] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00180E10
.text C:\Windows\System32\igfxpers.exe[3812] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001801F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 000501F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 000503FC
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 000603FC
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00060600
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00061014
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00060804
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00060A08
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00060C0C
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00060E10
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 000601F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00070600
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00070804
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00070A08
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 000701F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3824] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 000703FC
.text C:\Windows\system32\igfxsrvc.exe[3920] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001601F8
.text C:\Windows\system32\igfxsrvc.exe[3920] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001603FC
.text C:\Windows\system32\igfxsrvc.exe[3920] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\igfxsrvc.exe[3920] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00170600
.text C:\Windows\system32\igfxsrvc.exe[3920] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00170804
.text C:\Windows\system32\igfxsrvc.exe[3920] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00170A08
.text C:\Windows\system32\igfxsrvc.exe[3920] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001701F8
.text C:\Windows\system32\igfxsrvc.exe[3920] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001703FC
.text C:\Windows\system32\igfxsrvc.exe[3920] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001803FC
.text C:\Windows\system32\igfxsrvc.exe[3920] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00180600
.text C:\Windows\system32\igfxsrvc.exe[3920] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00181014
.text C:\Windows\system32\igfxsrvc.exe[3920] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00180804
.text C:\Windows\system32\igfxsrvc.exe[3920] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00180A08
.text C:\Windows\system32\igfxsrvc.exe[3920] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00180C0C
.text C:\Windows\system32\igfxsrvc.exe[3920] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00180E10
.text C:\Windows\system32\igfxsrvc.exe[3920] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001801F8
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001601F8
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001603FC
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001703FC
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00170600
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00171014
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00170804
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00170A08
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00170C0C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00170E10
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001701F8
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00180600
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00180804
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00180A08
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001801F8
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[4032] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001803FC
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 000601F8
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 000603FC
.text C:\Windows\system32\wbem\unsecapp.exe[4080] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\wbem\unsecapp.exe[4080] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\wbem\unsecapp.exe[4080] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00080600
.text C:\Windows\system32\wbem\unsecapp.exe[4080] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00080804
.text C:\Windows\system32\wbem\unsecapp.exe[4080] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00080A08
.text C:\Windows\system32\wbem\unsecapp.exe[4080] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 000801F8
.text C:\Windows\system32\wbem\unsecapp.exe[4080] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 000803FC
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 001601F8
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 001603FC
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00170600
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00170804
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00170A08
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 001701F8
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 001703FC
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00180600
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00181014
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00180804
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00180A08
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00180C0C
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00180E10
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4472] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 001801F8
.text C:\Users\Barbara neu\Downloads\rf3h5z4f.exe[4512] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\svchost.exe[4852] ntdll.dll!LdrLoadDll 77D49378 5 Bytes JMP 000601F8
.text C:\Windows\system32\svchost.exe[4852] ntdll.dll!LdrUnloadDll 77D5B680 5 Bytes JMP 000603FC
.text C:\Windows\system32\svchost.exe[4852] KERNEL32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\svchost.exe[4852] ADVAPI32.dll!CreateServiceW 764C9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[4852] ADVAPI32.dll!DeleteService 764CA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[4852] ADVAPI32.dll!SetServiceObjectSecurity 76506CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[4852] ADVAPI32.dll!ChangeServiceConfigA 76506DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[4852] ADVAPI32.dll!ChangeServiceConfigW 76506F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[4852] ADVAPI32.dll!ChangeServiceConfig2A 76507099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[4852] ADVAPI32.dll!ChangeServiceConfig2W 765071E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[4852] ADVAPI32.dll!CreateServiceA 765072A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[4852] USER32.dll!SetWindowsHookExA 763E6322 5 Bytes JMP 00080600
.text C:\Windows\system32\svchost.exe[4852] USER32.dll!SetWindowsHookExW 763E87AD 5 Bytes JMP 00080804
.text C:\Windows\system32\svchost.exe[4852] USER32.dll!UnhookWindowsHookEx 763E98DB 5 Bytes JMP 00080A08
.text C:\Windows\system32\svchost.exe[4852] USER32.dll!SetWinEventHook 763E9F3A 5 Bytes JMP 000801F8
.text C:\Windows\system32\svchost.exe[4852] USER32.dll!UnhookWinEvent 763EC06F 5 Bytes JMP 000803FC
.text C:\Windows\system32\igfxtray.exe[5216] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\hkcmd.exe[5228] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
.text C:\Windows\system32\taskeng.exe[5316] kernel32.dll!GetBinaryTypeW + 70 76642447 1 Byte [62]
---- Registry - GMER 2.0 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00265e9ad9e6
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00265e9ad9e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00265e9ad9e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00265e9ad9e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\00265e9ad9e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\BTHPORT\Parameters\Keys\00265e9ad9e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\BTHPORT\Parameters\Keys\00265e9ad9e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet008\Services\BTHPORT\Parameters\Keys\00265e9ad9e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet009\Services\BTHPORT\Parameters\Keys\00265e9ad9e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet010\Services\BTHPORT\Parameters\Keys\00265e9ad9e6 (not active ControlSet)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{542BA5AB-9C0A-14C0-2E12-88310E242B1F}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{542BA5AB-9C0A-14C0-2E12-88310E242B1F}@hajmgicmgdcfjlli 0x6A 0x61 0x70 0x6E ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{542BA5AB-9C0A-14C0-2E12-88310E242B1F}@iadnecmacfafmlpjdm 0x6A 0x61 0x70 0x6E ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F9D7D5DC-1268-1582-6A9D-C9898DB2E4AC}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F9D7D5DC-1268-1582-6A9D-C9898DB2E4AC}@nabmgaokdohmfpiebdljeobhkabj 0x69 0x61 0x67 0x62 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F9D7D5DC-1268-1582-6A9D-C9898DB2E4AC}@mahdmopmgclgeahdemihkpdfhl 0x69 0x61 0x67 0x62 ...
---- EOF - GMER 2.0 ----
so ich hoffe ich hab das jetzt richtig gemacht |
|
08.01.2013, 19:39
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsames internet Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.01.2013, 20:00
| #6 |
| | langsames internet nein, das waren alle. ich habe vor dem scan mit malwarebites einen scan mit meinem virenprogramm gemacht, das hat allerdings nichts gefunden. also das ist alles lg |
|
08.01.2013, 20:37
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsames internet Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.01.2013, 21:58
| #8 |
| | langsames internet hab das jetzt gemacht. mit dem scan wurde keine malware gefunden, daher wurde ich auch nicht zum neustart aufgefordert. Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011
(c) Malwarebytes Corporation 2011-2012
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.296000 GHz
Memory total: 3118309376, free: 1286287360
------------ Kernel report ------------
01/08/2013 21:37:18
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atipmdag.sys
\SystemRoot\system32\DRIVERS\igdpmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\L1C60x86.sys
\SystemRoot\system32\DRIVERS\NETw1v32.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\AswRdr.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\irda.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff875b2ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff86a6b028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2013.01.08.12
Downloaded database version: v2013.01.04.01
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff875b2ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87593160, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff875b2ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff86a6b028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xffffffffd58c6888, 0xffffffff875b2ac8, 0xffffffff8865cac8
Lower DeviceData: 0xffffffffcaca0c18, 0xffffffff86a6b028, 0xffffffff86636d98
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: ED7B8D95
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 20480000
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 20482048 Numsec = 604657664
Partition file system is NTFS
Partition is bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Performing system, memory and registry scan...
Read File: File "C:\ProgramData\{64300630-5B75-49F3-904F-EA6A0C434430}\instance.dat" is compressed (flags = 1)
Read File: File "C:\ProgramData\{64300630-5B75-49F3-904F-EA6A0C434430}\upc optimizer swiss.dat" is compressed (flags = 1)
Read File: File "C:\ProgramData\{64300630-5B75-49F3-904F-EA6A0C434430}\upc optimizer swiss.lan" is compressed (flags = 1)
Done!
Scan finished
=======================================
|
|
09.01.2013, 10:11
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsames internet 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.01.2013, 21:48
| #10 |
| | langsames internet hab ich gemacht hier der log von aswMBR Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-09 11:31:57
-----------------------------
11:31:57.425 OS Version: Windows 6.0.6002 Service Pack 2
11:31:57.425 Number of processors: 2 586 0x170A
11:31:57.425 ComputerName: BARBARA-PC UserName:
11:32:18.329 Initialze error C000010E - driver not loaded
11:32:18.781 AVAST engine defs: 13010801
11:33:08.670 Scan error: Unzulässige Funktion.
11:34:17.071 The log file has been saved successfully to "C:\Users\Barbara neu\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-09 11:35:15
-----------------------------
11:35:15.155 OS Version: Windows 6.0.6002 Service Pack 2
11:35:15.155 Number of processors: 2 586 0x170A
11:35:15.155 ComputerName: BARBARA-PC UserName:
11:35:26.434 Initialize success
11:35:26.528 AVAST engine defs: 13010801
11:36:48.989 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:36:48.989 Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 3
11:36:49.005 Disk 0 MBR read successfully
11:36:49.005 Disk 0 MBR scan
11:36:49.021 Disk 0 unknown MBR code
11:36:49.036 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset 2048
11:36:49.067 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 295243 MB offset 20482048
11:36:49.099 Disk 0 scanning sectors +625139712
11:36:49.223 Disk 0 scanning C:\Windows\system32\drivers
11:38:05.632 Service scanning
11:38:58.454 Modules scanning
11:39:49.029 Disk 0 trace - called modules:
11:39:49.091 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:39:49.091 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87592780]
11:39:49.107 3 CLASSPNP.SYS[8b9a48b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86aab028]
11:39:58.763 AVAST engine scan C:\Windows
11:40:14.051 AVAST engine scan C:\Windows\system32
11:44:47.956 AVAST engine scan C:\Windows\system32\drivers
11:45:14.944 AVAST engine scan C:\Users\Barbara neu
12:04:14.212 AVAST engine scan C:\ProgramData
12:06:11.618 Scan finished successfully
12:44:16.858 Disk 0 MBR has been saved successfully to "C:\Users\Barbara neu\Desktop\MBR.dat"
12:44:16.874 The log file has been saved successfully to "C:\Users\Barbara neu\Desktop\aswMBR.txt"
und hier der log des tdss killer Code:
ATTFilter
21:40:13.0797 5164 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:40:15.0825 5164 ============================================================
21:40:15.0825 5164 Current date / time: 2013/01/09 21:40:15.0825
21:40:15.0825 5164 SystemInfo:
21:40:15.0825 5164
21:40:15.0825 5164 OS Version: 6.0.6002 ServicePack: 2.0
21:40:15.0825 5164 Product type: Workstation
21:40:15.0825 5164 ComputerName: BARBARA-PC
21:40:15.0825 5164 UserName: Barbara neu
21:40:15.0825 5164 Windows directory: C:\Windows
21:40:15.0825 5164 System windows directory: C:\Windows
21:40:15.0825 5164 Processor architecture: Intel x86
21:40:15.0825 5164 Number of processors: 2
21:40:15.0825 5164 Page size: 0x1000
21:40:15.0825 5164 Boot type: Normal boot
21:40:15.0825 5164 ============================================================
21:40:16.0542 5164 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:40:16.0573 5164 ============================================================
21:40:16.0573 5164 \Device\Harddisk0\DR0:
21:40:16.0573 5164 MBR partitions:
21:40:16.0573 5164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x240A5800
21:40:16.0573 5164 ============================================================
21:40:16.0620 5164 C: <-> \Device\Harddisk0\DR0\Partition1
21:40:16.0620 5164 ============================================================
21:40:16.0620 5164 Initialize success
21:40:16.0620 5164 ============================================================
21:41:07.0648 0316 ============================================================
21:41:07.0648 0316 Scan started
21:41:07.0648 0316 Mode: Manual; SigCheck; TDLFS;
21:41:07.0648 0316 ============================================================
21:41:07.0929 0316 ================ Scan system memory ========================
21:41:07.0929 0316 System memory - ok
21:41:07.0929 0316 ================ Scan services =============================
21:41:08.0178 0316 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
21:41:08.0334 0316 ACPI - ok
21:41:08.0459 0316 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:41:08.0475 0316 AdobeARMservice - ok
21:41:08.0553 0316 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:41:08.0584 0316 AdobeFlashPlayerUpdateSvc - ok
21:41:08.0662 0316 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:41:08.0740 0316 adp94xx - ok
21:41:08.0787 0316 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:41:08.0802 0316 adpahci - ok
21:41:08.0849 0316 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:41:08.0880 0316 adpu160m - ok
21:41:08.0911 0316 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:41:08.0927 0316 adpu320 - ok
21:41:08.0989 0316 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:41:09.0036 0316 AeLookupSvc - ok
21:41:09.0114 0316 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
21:41:09.0161 0316 AFD - ok
21:41:09.0192 0316 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:41:09.0223 0316 agp440 - ok
21:41:09.0239 0316 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:41:09.0270 0316 aic78xx - ok
21:41:09.0286 0316 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
21:41:09.0333 0316 ALG - ok
21:41:09.0348 0316 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
21:41:09.0364 0316 aliide - ok
21:41:09.0395 0316 [ 0FF34F07379FBEB7AFE0B2487C12B5A5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:41:09.0457 0316 AMD External Events Utility - ok
21:41:09.0520 0316 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:41:09.0535 0316 amdagp - ok
21:41:09.0567 0316 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
21:41:09.0582 0316 amdide - ok
21:41:09.0598 0316 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
21:41:09.0660 0316 AmdK7 - ok
21:41:09.0691 0316 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:41:09.0738 0316 AmdK8 - ok
21:41:09.0894 0316 [ E518E13C6F11A94D263F1A611A011B8F ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
21:41:10.0191 0316 amdkmdag - ok
21:41:10.0237 0316 [ D877292F7B68A7EE8AC2CD28B377EA9F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:41:10.0269 0316 amdkmdap - ok
21:41:10.0300 0316 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
21:41:10.0347 0316 Appinfo - ok
21:41:10.0393 0316 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
21:41:10.0409 0316 arc - ok
21:41:10.0440 0316 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:41:10.0456 0316 arcsas - ok
21:41:10.0503 0316 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:41:10.0534 0316 aswFsBlk - ok
21:41:10.0581 0316 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:41:10.0596 0316 aswMonFlt - ok
21:41:10.0612 0316 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
21:41:10.0627 0316 AswRdr - ok
21:41:10.0659 0316 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:41:10.0705 0316 aswSnx - ok
21:41:10.0752 0316 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:41:10.0846 0316 aswSP - ok
21:41:10.0908 0316 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:41:10.0939 0316 aswTdi - ok
21:41:11.0002 0316 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:41:11.0064 0316 AsyncMac - ok
21:41:11.0080 0316 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
21:41:11.0111 0316 atapi - ok
21:41:11.0173 0316 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:41:11.0220 0316 AudioEndpointBuilder - ok
21:41:11.0220 0316 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:41:11.0267 0316 Audiosrv - ok
21:41:11.0314 0316 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:41:11.0329 0316 avast! Antivirus - ok
21:41:11.0392 0316 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:41:11.0454 0316 b57nd60x - ok
21:41:11.0548 0316 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
21:41:11.0579 0316 BBSvc - ok
21:41:11.0595 0316 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
21:41:11.0657 0316 Beep - ok
21:41:11.0719 0316 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
21:41:11.0829 0316 BFE - ok
21:41:11.0907 0316 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
21:41:12.0047 0316 BITS - ok
21:41:12.0094 0316 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:41:12.0156 0316 blbdrive - ok
21:41:12.0219 0316 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:41:12.0250 0316 bowser - ok
21:41:12.0281 0316 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:41:12.0328 0316 BrFiltLo - ok
21:41:12.0343 0316 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:41:12.0375 0316 BrFiltUp - ok
21:41:12.0421 0316 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
21:41:12.0453 0316 Browser - ok
21:41:12.0499 0316 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
21:41:12.0687 0316 Brserid - ok
21:41:12.0702 0316 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:41:12.0780 0316 BrSerWdm - ok
21:41:12.0811 0316 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:41:12.0874 0316 BrUsbMdm - ok
21:41:12.0874 0316 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:41:12.0967 0316 BrUsbSer - ok
21:41:13.0045 0316 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:41:13.0077 0316 BthEnum - ok
21:41:13.0108 0316 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:41:13.0201 0316 BTHMODEM - ok
21:41:13.0217 0316 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:41:13.0264 0316 BthPan - ok
21:41:13.0326 0316 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:41:13.0373 0316 BTHPORT - ok
21:41:13.0435 0316 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
21:41:13.0467 0316 BthServ - ok
21:41:13.0529 0316 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:41:13.0560 0316 BTHUSB - ok
21:41:13.0607 0316 [ F97A9C093E79BF117D9F26F2D31DCA5E ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:41:13.0638 0316 btwaudio - ok
21:41:13.0669 0316 [ 143C4C1EE6D131ECA8B4AB5F80B3F910 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
21:41:13.0685 0316 btwavdt - ok
21:41:13.0763 0316 [ B6C870EE321AA8678198EA003DCFBB02 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:41:13.0794 0316 btwdins - ok
21:41:13.0857 0316 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:41:13.0872 0316 btwl2cap - ok
21:41:13.0888 0316 [ 97CF6C5D3B443344497F1F53E5D0ED50 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:41:13.0903 0316 btwrchid - ok
21:41:13.0950 0316 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
21:41:13.0966 0316 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
21:41:13.0966 0316 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
21:41:13.0997 0316 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:41:14.0059 0316 cdfs - ok
21:41:14.0106 0316 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:41:14.0169 0316 cdrom - ok
21:41:14.0247 0316 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
21:41:14.0293 0316 CertPropSvc - ok
21:41:14.0325 0316 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
21:41:14.0387 0316 circlass - ok
21:41:14.0434 0316 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
21:41:14.0465 0316 CLFS - ok
21:41:14.0543 0316 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:41:14.0574 0316 clr_optimization_v2.0.50727_32 - ok
21:41:14.0637 0316 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:41:14.0699 0316 CmBatt - ok
21:41:14.0715 0316 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:41:14.0730 0316 cmdide - ok
21:41:14.0746 0316 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:41:14.0761 0316 Compbatt - ok
21:41:14.0777 0316 COMSysApp - ok
21:41:14.0777 0316 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:41:14.0808 0316 crcdisk - ok
21:41:14.0824 0316 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
21:41:14.0871 0316 Crusoe - ok
21:41:14.0917 0316 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:41:14.0949 0316 CryptSvc - ok
21:41:15.0027 0316 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:41:15.0167 0316 DcomLaunch - ok
21:41:15.0198 0316 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:41:15.0307 0316 DfsC - ok
21:41:15.0448 0316 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
21:41:15.0588 0316 DFSR - ok
21:41:15.0666 0316 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:41:15.0729 0316 Dhcp - ok
21:41:15.0775 0316 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
21:41:15.0791 0316 disk - ok
21:41:15.0853 0316 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:41:15.0869 0316 Dnscache - ok
21:41:15.0916 0316 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:41:15.0963 0316 dot3svc - ok
21:41:16.0009 0316 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:41:16.0056 0316 Dot4 - ok
21:41:16.0087 0316 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:41:16.0119 0316 Dot4Print - ok
21:41:16.0150 0316 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:41:16.0197 0316 dot4usb - ok
21:41:16.0243 0316 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
21:41:16.0275 0316 DPS - ok
21:41:16.0306 0316 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:41:16.0337 0316 drmkaud - ok
21:41:16.0384 0316 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:41:16.0431 0316 DXGKrnl - ok
21:41:16.0477 0316 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
21:41:16.0540 0316 E1G60 - ok
21:41:16.0587 0316 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
21:41:16.0633 0316 EapHost - ok
21:41:16.0696 0316 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
21:41:16.0711 0316 Ecache - ok
21:41:16.0758 0316 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:41:16.0805 0316 ehRecvr - ok
21:41:16.0821 0316 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
21:41:16.0852 0316 ehSched - ok
21:41:16.0867 0316 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
21:41:16.0899 0316 ehstart - ok
21:41:16.0945 0316 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:41:16.0977 0316 elxstor - ok
21:41:17.0039 0316 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:41:17.0179 0316 EMDMgmt - ok
21:41:17.0257 0316 [ 6D49242536F8397AE9AF2A2A360E2EDD ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
21:41:17.0304 0316 ePowerSvc - ok
21:41:17.0367 0316 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:41:17.0413 0316 ErrDev - ok
21:41:17.0491 0316 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
21:41:17.0523 0316 EventSystem - ok
21:41:17.0585 0316 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
21:41:17.0616 0316 exfat - ok
21:41:17.0663 0316 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:41:17.0694 0316 fastfat - ok
21:41:17.0741 0316 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:41:17.0772 0316 fdc - ok
21:41:17.0803 0316 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
21:41:17.0850 0316 fdPHost - ok
21:41:17.0850 0316 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
21:41:17.0944 0316 FDResPub - ok
21:41:17.0959 0316 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:41:17.0991 0316 FileInfo - ok
21:41:18.0006 0316 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:41:18.0069 0316 Filetrace - ok
21:41:18.0100 0316 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:41:18.0147 0316 flpydisk - ok
21:41:18.0193 0316 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:41:18.0225 0316 FltMgr - ok
21:41:18.0287 0316 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
21:41:18.0334 0316 FontCache - ok
21:41:18.0443 0316 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:41:18.0459 0316 FontCache3.0.0.0 - ok
21:41:18.0505 0316 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:41:18.0521 0316 Fs_Rec - ok
21:41:18.0552 0316 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:41:18.0568 0316 gagp30kx - ok
21:41:18.0661 0316 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:41:18.0677 0316 GEARAspiWDM - ok
21:41:18.0724 0316 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
21:41:18.0786 0316 gpsvc - ok
21:41:18.0942 0316 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:41:18.0958 0316 gupdate - ok
21:41:18.0989 0316 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:41:19.0005 0316 gupdatem - ok
21:41:19.0036 0316 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:41:19.0083 0316 HdAudAddService - ok
21:41:19.0145 0316 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:41:19.0223 0316 HDAudBus - ok
21:41:19.0239 0316 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:41:19.0317 0316 HidBth - ok
21:41:19.0332 0316 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
21:41:19.0426 0316 HidIr - ok
21:41:19.0473 0316 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
21:41:19.0519 0316 hidserv - ok
21:41:19.0566 0316 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:41:19.0613 0316 HidUsb - ok
21:41:19.0644 0316 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:41:19.0691 0316 hkmsvc - ok
21:41:19.0738 0316 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:41:19.0753 0316 HpCISSs - ok
21:41:19.0800 0316 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:41:19.0863 0316 HTTP - ok
21:41:19.0878 0316 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:41:19.0894 0316 i2omp - ok
21:41:19.0941 0316 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:41:19.0972 0316 i8042prt - ok
21:41:20.0050 0316 [ 52E8A3CC8269ADB27D25182284C5E650 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:41:20.0081 0316 IAANTMON - ok
21:41:20.0112 0316 [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:41:20.0175 0316 iaStor - ok
21:41:20.0206 0316 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:41:20.0237 0316 iaStorV - ok
21:41:20.0331 0316 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:41:20.0346 0316 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:41:20.0346 0316 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:41:20.0471 0316 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:41:20.0549 0316 idsvc - ok
21:41:20.0596 0316 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:41:20.0611 0316 iirsp - ok
21:41:20.0674 0316 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
21:41:20.0752 0316 IKEEXT - ok
21:41:20.0877 0316 [ D4A1767FD9D5C7762E9B8B36527B8AF3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
21:41:20.0986 0316 IntcAzAudAddService - ok
21:41:21.0033 0316 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
21:41:21.0048 0316 intelide - ok
21:41:21.0220 0316 [ E68472300B27AF1A9B777553776267C3 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd32.sys
21:41:21.0485 0316 intelkmd - ok
21:41:21.0516 0316 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:41:21.0563 0316 intelppm - ok
21:41:21.0594 0316 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:41:21.0672 0316 IPBusEnum - ok
21:41:21.0719 0316 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:41:21.0797 0316 IpFilterDriver - ok
21:41:21.0828 0316 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:41:21.0875 0316 iphlpsvc - ok
21:41:21.0875 0316 IpInIp - ok
21:41:21.0906 0316 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:41:21.0953 0316 IPMIDRV - ok
21:41:21.0969 0316 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:41:22.0015 0316 IPNAT - ok
21:41:22.0047 0316 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
21:41:22.0093 0316 irda - ok
21:41:22.0109 0316 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:41:22.0171 0316 IRENUM - ok
21:41:22.0187 0316 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
21:41:22.0281 0316 Irmon - ok
21:41:22.0312 0316 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:41:22.0327 0316 isapnp - ok
21:41:22.0405 0316 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:41:22.0437 0316 iScsiPrt - ok
21:41:22.0452 0316 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:41:22.0468 0316 iteatapi - ok
21:41:22.0483 0316 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:41:22.0499 0316 iteraid - ok
21:41:22.0530 0316 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:41:22.0546 0316 kbdclass - ok
21:41:22.0561 0316 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:41:22.0593 0316 kbdhid - ok
21:41:22.0624 0316 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
21:41:22.0671 0316 KeyIso - ok
21:41:22.0717 0316 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:41:22.0749 0316 KSecDD - ok
21:41:22.0827 0316 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:41:22.0873 0316 KtmRm - ok
21:41:22.0951 0316 [ D2862BF2E43718DBDD24664EF4B6C0F0 ] L1C C:\Windows\system32\DRIVERS\L1C60x86.sys
21:41:22.0967 0316 L1C - ok
21:41:22.0998 0316 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
21:41:23.0029 0316 LanmanServer - ok
21:41:23.0061 0316 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:41:23.0092 0316 LanmanWorkstation - ok
21:41:23.0139 0316 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:41:23.0185 0316 lltdio - ok
21:41:23.0217 0316 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:41:23.0279 0316 lltdsvc - ok
21:41:23.0279 0316 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:41:23.0373 0316 lmhosts - ok
21:41:23.0404 0316 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:41:23.0419 0316 LSI_FC - ok
21:41:23.0435 0316 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:41:23.0451 0316 LSI_SAS - ok
21:41:23.0482 0316 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:41:23.0513 0316 LSI_SCSI - ok
21:41:23.0513 0316 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
21:41:23.0575 0316 luafv - ok
21:41:23.0591 0316 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:41:23.0622 0316 Mcx2Svc - ok
21:41:23.0669 0316 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
21:41:23.0685 0316 megasas - ok
21:41:23.0731 0316 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
21:41:23.0763 0316 MegaSR - ok
21:41:23.0825 0316 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:41:23.0841 0316 Microsoft Office Groove Audit Service - ok
21:41:23.0872 0316 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
21:41:23.0919 0316 MMCSS - ok
21:41:23.0950 0316 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
21:41:24.0012 0316 Modem - ok
21:41:24.0043 0316 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:41:24.0106 0316 monitor - ok
21:41:24.0137 0316 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:41:24.0153 0316 mouclass - ok
21:41:24.0168 0316 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:41:24.0246 0316 mouhid - ok
21:41:24.0293 0316 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:41:24.0309 0316 MountMgr - ok
21:41:24.0371 0316 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:41:24.0387 0316 MozillaMaintenance - ok
21:41:24.0418 0316 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
21:41:24.0449 0316 mpio - ok
21:41:24.0465 0316 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:41:24.0511 0316 mpsdrv - ok
21:41:24.0558 0316 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
21:41:24.0621 0316 MpsSvc - ok
21:41:24.0667 0316 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:41:24.0683 0316 Mraid35x - ok
21:41:24.0730 0316 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:41:24.0777 0316 MRxDAV - ok
21:41:24.0808 0316 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:41:24.0839 0316 mrxsmb - ok
21:41:24.0855 0316 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:41:24.0901 0316 mrxsmb10 - ok
21:41:24.0917 0316 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:41:24.0948 0316 mrxsmb20 - ok
21:41:24.0979 0316 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
21:41:25.0011 0316 msahci - ok
21:41:25.0026 0316 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:41:25.0042 0316 msdsm - ok
21:41:25.0057 0316 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
21:41:25.0135 0316 MSDTC - ok
21:41:25.0167 0316 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:41:25.0213 0316 Msfs - ok
21:41:25.0229 0316 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:41:25.0260 0316 msisadrv - ok
21:41:25.0291 0316 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:41:25.0354 0316 MSiSCSI - ok
21:41:25.0354 0316 msiserver - ok
21:41:25.0385 0316 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:41:25.0447 0316 MSKSSRV - ok
21:41:25.0463 0316 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:41:25.0494 0316 MSPCLOCK - ok
21:41:25.0525 0316 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:41:25.0572 0316 MSPQM - ok
21:41:25.0635 0316 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:41:25.0650 0316 MsRPC - ok
21:41:25.0681 0316 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:41:25.0697 0316 mssmbios - ok
21:41:25.0728 0316 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:41:25.0759 0316 MSTEE - ok
21:41:25.0822 0316 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
21:41:25.0837 0316 Mup - ok
21:41:25.0900 0316 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
21:41:25.0947 0316 napagent - ok
21:41:26.0009 0316 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:41:26.0040 0316 NativeWifiP - ok
21:41:26.0118 0316 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:41:26.0181 0316 NDIS - ok
21:41:26.0212 0316 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:41:26.0259 0316 NdisTapi - ok
21:41:26.0290 0316 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:41:26.0337 0316 Ndisuio - ok
21:41:26.0399 0316 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:41:26.0430 0316 NdisWan - ok
21:41:26.0446 0316 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:41:26.0493 0316 NDProxy - ok
21:41:26.0524 0316 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:41:26.0539 0316 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:41:26.0539 0316 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:41:26.0571 0316 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:41:26.0617 0316 NetBIOS - ok
21:41:26.0664 0316 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:41:26.0742 0316 netbt - ok
21:41:26.0758 0316 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
21:41:26.0789 0316 Netlogon - ok
21:41:26.0805 0316 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
21:41:26.0883 0316 Netman - ok
21:41:26.0898 0316 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
21:41:26.0961 0316 netprofm - ok
21:41:27.0007 0316 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:41:27.0023 0316 NetTcpPortSharing - ok
21:41:27.0195 0316 [ 369C8988B3E34AE2D3BD056C1A7BD5B1 ] NETw1v32 C:\Windows\system32\DRIVERS\NETw1v32.sys
21:41:27.0507 0316 NETw1v32 - ok
21:41:27.0553 0316 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:41:27.0569 0316 nfrd960 - ok
21:41:27.0600 0316 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:41:27.0647 0316 NlaSvc - ok
21:41:27.0694 0316 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:41:27.0725 0316 Npfs - ok
21:41:27.0741 0316 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
21:41:27.0787 0316 NSCIRDA - ok
21:41:27.0819 0316 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
21:41:27.0881 0316 nsi - ok
21:41:27.0897 0316 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:41:27.0943 0316 nsiproxy - ok
21:41:28.0021 0316 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:41:28.0099 0316 Ntfs - ok
21:41:28.0115 0316 [ 6DCAA65F49EF3B97A5CFFC0CB5DE1C2F ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
21:41:28.0131 0316 NTIDrvr - ok
21:41:28.0162 0316 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
21:41:28.0255 0316 ntrigdigi - ok
21:41:28.0287 0316 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
21:41:28.0333 0316 Null - ok
21:41:28.0349 0316 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:41:28.0380 0316 nvraid - ok
21:41:28.0396 0316 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:41:28.0411 0316 nvstor - ok
21:41:28.0443 0316 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:41:28.0458 0316 nv_agp - ok
21:41:28.0474 0316 NwlnkFlt - ok
21:41:28.0474 0316 NwlnkFwd - ok
21:41:28.0521 0316 [ 69316583D4CC032B3E4E72FD86C2FFA8 ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
21:41:28.0536 0316 ODDPwrSvc ( UnsignedFile.Multi.Generic ) - warning
21:41:28.0536 0316 ODDPwrSvc - detected UnsignedFile.Multi.Generic (1)
21:41:28.0583 0316 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:41:28.0614 0316 odserv - ok
21:41:28.0692 0316 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:41:28.0739 0316 ohci1394 - ok
21:41:28.0786 0316 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:41:28.0817 0316 ose - ok
21:41:28.0879 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:41:29.0020 0316 p2pimsvc - ok
21:41:29.0067 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
21:41:29.0191 0316 p2psvc - ok
21:41:29.0254 0316 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
21:41:29.0332 0316 Parport - ok
21:41:29.0363 0316 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:41:29.0394 0316 partmgr - ok
21:41:29.0410 0316 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
21:41:29.0472 0316 Parvdm - ok
21:41:29.0503 0316 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
21:41:29.0566 0316 PcaSvc - ok
21:41:29.0613 0316 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
21:41:29.0644 0316 pci - ok
21:41:29.0644 0316 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
21:41:29.0675 0316 pciide - ok
21:41:29.0706 0316 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:41:29.0737 0316 pcmcia - ok
21:41:29.0800 0316 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:41:29.0956 0316 PEAUTH - ok
21:41:30.0049 0316 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
21:41:30.0143 0316 pla - ok
21:41:30.0190 0316 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:41:30.0237 0316 PlugPlay - ok
21:41:30.0268 0316 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:41:30.0299 0316 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:41:30.0299 0316 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:41:30.0330 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:41:30.0377 0316 PNRPAutoReg - ok
21:41:30.0393 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:41:30.0439 0316 PNRPsvc - ok
21:41:30.0486 0316 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:41:30.0564 0316 PolicyAgent - ok
21:41:30.0611 0316 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:41:30.0658 0316 PptpMiniport - ok
21:41:30.0673 0316 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
21:41:30.0720 0316 Processor - ok
21:41:30.0751 0316 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
21:41:30.0814 0316 ProfSvc - ok
21:41:30.0829 0316 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:41:30.0845 0316 ProtectedStorage - ok
21:41:30.0907 0316 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:41:30.0939 0316 PSched - ok
21:41:31.0032 0316 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\DRIVERS\PxHelp20.sys
21:41:31.0048 0316 PxHelp20 - ok
21:41:31.0126 0316 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:41:31.0188 0316 ql2300 - ok
21:41:31.0219 0316 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:41:31.0235 0316 ql40xx - ok
21:41:31.0282 0316 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
21:41:31.0313 0316 QWAVE - ok
21:41:31.0329 0316 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:41:31.0375 0316 QWAVEdrv - ok
21:41:31.0407 0316 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:41:31.0453 0316 RasAcd - ok
21:41:31.0485 0316 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
21:41:31.0563 0316 RasAuto - ok
21:41:31.0594 0316 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:41:31.0672 0316 Rasl2tp - ok
21:41:31.0781 0316 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
21:41:31.0859 0316 RasMan - ok
21:41:31.0906 0316 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:41:31.0953 0316 RasPppoe - ok
21:41:32.0031 0316 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:41:32.0077 0316 RasSstp - ok
21:41:32.0171 0316 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:41:32.0233 0316 rdbss - ok
21:41:32.0265 0316 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:41:32.0343 0316 RDPCDD - ok
21:41:32.0405 0316 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:41:32.0452 0316 rdpdr - ok
21:41:32.0514 0316 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:41:32.0561 0316 RDPENCDD - ok
21:41:32.0623 0316 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:41:32.0655 0316 RDPWD - ok
21:41:32.0701 0316 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:41:32.0748 0316 RemoteAccess - ok
21:41:32.0795 0316 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:41:32.0842 0316 RemoteRegistry - ok
21:41:32.0920 0316 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:41:32.0951 0316 RFCOMM - ok
21:41:32.0967 0316 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
21:41:32.0998 0316 RpcLocator - ok
21:41:33.0029 0316 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
21:41:33.0107 0316 RpcSs - ok
21:41:33.0185 0316 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:41:33.0232 0316 rspndr - ok
21:41:33.0279 0316 [ 4A8393F03CB2F40E08126D83916C5633 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
21:41:33.0294 0316 RTHDMIAzAudService - ok
21:41:33.0341 0316 [ 9B09F336DE36A7A6CA871DE8A7847B65 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
21:41:33.0388 0316 RTSTOR - ok
21:41:33.0403 0316 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
21:41:33.0435 0316 SamSs - ok
21:41:33.0450 0316 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:41:33.0481 0316 sbp2port - ok
21:41:33.0528 0316 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:41:33.0559 0316 SCardSvr - ok
21:41:33.0591 0316 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
21:41:33.0684 0316 Schedule - ok
21:41:33.0731 0316 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:41:33.0762 0316 SCPolicySvc - ok
21:41:33.0809 0316 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
21:41:33.0856 0316 sdbus - ok
21:41:33.0887 0316 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:41:33.0918 0316 SDRSVC - ok
21:41:33.0981 0316 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
21:41:34.0012 0316 SeaPort - ok
21:41:34.0027 0316 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:41:34.0090 0316 secdrv - ok
21:41:34.0105 0316 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
21:41:34.0137 0316 seclogon - ok
21:41:34.0168 0316 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
21:41:34.0215 0316 SENS - ok
21:41:34.0246 0316 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:41:34.0324 0316 Serenum - ok
21:41:34.0355 0316 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
21:41:34.0449 0316 Serial - ok
21:41:34.0464 0316 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:41:34.0495 0316 sermouse - ok
21:41:34.0527 0316 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
21:41:34.0605 0316 SessionEnv - ok
21:41:34.0620 0316 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:41:34.0651 0316 sffdisk - ok
21:41:34.0683 0316 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:41:34.0729 0316 sffp_mmc - ok
21:41:34.0745 0316 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:41:34.0792 0316 sffp_sd - ok
21:41:34.0807 0316 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:41:34.0870 0316 sfloppy - ok
21:41:34.0917 0316 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:41:34.0963 0316 SharedAccess - ok
21:41:34.0995 0316 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:41:35.0026 0316 ShellHWDetection - ok
21:41:35.0057 0316 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:41:35.0073 0316 sisagp - ok
21:41:35.0088 0316 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:41:35.0104 0316 SiSRaid2 - ok
21:41:35.0119 0316 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:41:35.0135 0316 SiSRaid4 - ok
21:41:35.0275 0316 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
21:41:35.0494 0316 slsvc - ok
21:41:35.0541 0316 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:41:35.0603 0316 SLUINotify - ok
21:41:35.0650 0316 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:41:35.0681 0316 Smb - ok
21:41:35.0712 0316 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:41:35.0743 0316 SNMPTRAP - ok
21:41:35.0899 0316 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
21:41:35.0915 0316 Sony PC Companion - ok
21:41:35.0946 0316 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
21:41:35.0977 0316 spldr - ok
21:41:36.0024 0316 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
21:41:36.0071 0316 Spooler - ok
21:41:36.0118 0316 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:41:36.0149 0316 srv - ok
21:41:36.0180 0316 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:41:36.0227 0316 srv2 - ok
21:41:36.0243 0316 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:41:36.0274 0316 srvnet - ok
21:41:36.0305 0316 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:41:36.0383 0316 SSDPSRV - ok
21:41:36.0414 0316 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:41:36.0430 0316 SstpSvc - ok
21:41:36.0508 0316 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
21:41:36.0555 0316 stisvc - ok
21:41:36.0586 0316 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:41:36.0601 0316 swenum - ok
21:41:36.0679 0316 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
21:41:36.0742 0316 swprv - ok
21:41:36.0742 0316 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:41:36.0773 0316 Symc8xx - ok
21:41:36.0773 0316 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:41:36.0804 0316 Sym_hi - ok
21:41:36.0835 0316 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:41:36.0851 0316 Sym_u3 - ok
21:41:36.0898 0316 [ 5C3E900F41426A372DE60675AFC8AA07 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:41:36.0929 0316 SynTP - ok
21:41:36.0976 0316 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
21:41:37.0054 0316 SysMain - ok
21:41:37.0101 0316 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:41:37.0132 0316 TabletInputService - ok
21:41:37.0179 0316 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:41:37.0241 0316 TapiSrv - ok
21:41:37.0257 0316 TASCAM_US122144 - ok
21:41:37.0257 0316 TASCAM_US122L_MK2_MIDI - ok
21:41:37.0272 0316 TASCAM_US122L_MK2_WDM - ok
21:41:37.0303 0316 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
21:41:37.0381 0316 TBS - ok
21:41:37.0444 0316 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:41:37.0506 0316 Tcpip - ok
21:41:37.0522 0316 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
21:41:37.0584 0316 Tcpip6 - ok
21:41:37.0615 0316 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:41:37.0693 0316 tcpipreg - ok
21:41:37.0709 0316 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:41:37.0756 0316 TDPIPE - ok
21:41:37.0787 0316 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:41:37.0818 0316 TDTCP - ok
21:41:37.0849 0316 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:41:37.0896 0316 tdx - ok
21:41:37.0927 0316 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:41:37.0943 0316 TermDD - ok
21:41:37.0974 0316 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
21:41:38.0021 0316 TermService - ok
21:41:38.0037 0316 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
21:41:38.0068 0316 Themes - ok
21:41:38.0083 0316 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
21:41:38.0130 0316 THREADORDER - ok
21:41:38.0161 0316 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
21:41:38.0208 0316 TrkWks - ok
21:41:38.0271 0316 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:41:38.0302 0316 TrustedInstaller - ok
21:41:38.0333 0316 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:41:38.0380 0316 tssecsrv - ok
21:41:38.0411 0316 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
21:41:38.0458 0316 tunmp - ok
21:41:38.0489 0316 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:41:38.0536 0316 tunnel - ok
21:41:38.0567 0316 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:41:38.0583 0316 uagp35 - ok
21:41:38.0629 0316 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:41:38.0676 0316 udfs - ok
21:41:38.0707 0316 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:41:38.0754 0316 UI0Detect - ok
21:41:38.0770 0316 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:41:38.0801 0316 uliagpkx - ok
21:41:38.0801 0316 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
21:41:38.0832 0316 uliahci - ok
21:41:38.0848 0316 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
21:41:38.0879 0316 UlSata - ok
21:41:38.0879 0316 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
21:41:38.0895 0316 ulsata2 - ok
21:41:38.0910 0316 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:41:38.0973 0316 umbus - ok
21:41:39.0004 0316 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
21:41:39.0051 0316 upnphost - ok
21:41:39.0097 0316 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:41:39.0129 0316 usbccgp - ok
21:41:39.0160 0316 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:41:39.0269 0316 usbcir - ok
21:41:39.0316 0316 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:41:39.0363 0316 usbehci - ok
21:41:39.0425 0316 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:41:39.0456 0316 usbhub - ok
21:41:39.0472 0316 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:41:39.0565 0316 usbohci - ok
21:41:39.0597 0316 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:41:39.0643 0316 usbprint - ok
21:41:39.0675 0316 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:41:39.0721 0316 USBSTOR - ok
21:41:39.0753 0316 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:41:39.0784 0316 usbuhci - ok
21:41:39.0815 0316 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:41:39.0862 0316 usbvideo - ok
21:41:39.0909 0316 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
21:41:39.0955 0316 UxSms - ok
21:41:40.0002 0316 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
21:41:40.0065 0316 vds - ok
21:41:40.0080 0316 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:41:40.0127 0316 vga - ok
21:41:40.0143 0316 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
21:41:40.0221 0316 VgaSave - ok
21:41:40.0252 0316 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:41:40.0283 0316 viaagp - ok
21:41:40.0299 0316 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:41:40.0345 0316 ViaC7 - ok
21:41:40.0361 0316 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
21:41:40.0377 0316 viaide - ok
21:41:40.0392 0316 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:41:40.0423 0316 volmgr - ok
21:41:40.0470 0316 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:41:40.0501 0316 volmgrx - ok
21:41:40.0564 0316 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:41:40.0595 0316 volsnap - ok
21:41:40.0642 0316 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:41:40.0657 0316 vsmraid - ok
21:41:40.0720 0316 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
21:41:40.0798 0316 VSS - ok
21:41:40.0845 0316 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
21:41:40.0907 0316 W32Time - ok
21:41:40.0938 0316 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:41:41.0016 0316 WacomPen - ok
21:41:41.0032 0316 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:41:41.0079 0316 Wanarp - ok
21:41:41.0079 0316 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:41:41.0110 0316 Wanarpv6 - ok
21:41:41.0141 0316 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:41:41.0203 0316 wcncsvc - ok
21:41:41.0235 0316 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:41:41.0297 0316 WcsPlugInService - ok
21:41:41.0328 0316 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
21:41:41.0359 0316 Wd - ok
21:41:41.0422 0316 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:41:41.0515 0316 Wdf01000 - ok
21:41:41.0562 0316 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:41:41.0609 0316 WdiServiceHost - ok
21:41:41.0625 0316 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:41:41.0671 0316 WdiSystemHost - ok
21:41:41.0718 0316 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
21:41:41.0765 0316 WebClient - ok
21:41:41.0796 0316 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:41:41.0843 0316 Wecsvc - ok
21:41:41.0859 0316 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:41:41.0905 0316 wercplsupport - ok
21:41:41.0968 0316 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
21:41:42.0030 0316 WerSvc - ok
21:41:42.0077 0316 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:41:42.0108 0316 WinDefend - ok
21:41:42.0124 0316 WinHttpAutoProxySvc - ok
21:41:42.0155 0316 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:41:42.0202 0316 Winmgmt - ok
21:41:42.0264 0316 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
21:41:42.0358 0316 WinRM - ok
21:41:42.0436 0316 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:41:42.0545 0316 Wlansvc - ok
21:41:42.0592 0316 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:41:42.0623 0316 WmiAcpi - ok
21:41:42.0670 0316 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:41:42.0701 0316 wmiApSrv - ok
21:41:42.0763 0316 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:41:42.0873 0316 WMPNetworkSvc - ok
21:41:42.0919 0316 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:41:42.0951 0316 WPCSvc - ok
21:41:42.0997 0316 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:41:43.0029 0316 WPDBusEnum - ok
21:41:43.0091 0316 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
21:41:43.0107 0316 WpdUsb - ok
21:41:43.0153 0316 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:41:43.0200 0316 ws2ifsl - ok
21:41:43.0247 0316 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
21:41:43.0294 0316 wscsvc - ok
21:41:43.0294 0316 WSearch - ok
21:41:43.0387 0316 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:41:43.0528 0316 wuauserv - ok
21:41:43.0637 0316 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:41:43.0653 0316 WudfPf - ok
21:41:43.0684 0316 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:41:43.0731 0316 WUDFRd - ok
21:41:43.0777 0316 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:41:43.0840 0316 wudfsvc - ok
21:41:43.0871 0316 ================ Scan global ===============================
21:41:43.0902 0316 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:41:43.0933 0316 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:41:43.0965 0316 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:41:44.0027 0316 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:41:44.0043 0316 [Global] - ok
21:41:44.0043 0316 ================ Scan MBR ==================================
21:41:44.0058 0316 [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
21:41:44.0698 0316 \Device\Harddisk0\DR0 - ok
21:41:44.0698 0316 ================ Scan VBR ==================================
21:41:44.0698 0316 [ 543AFCFCE80AE76D7EC159DAF9E96133 ] \Device\Harddisk0\DR0\Partition1
21:41:44.0698 0316 \Device\Harddisk0\DR0\Partition1 - ok
21:41:44.0713 0316 ============================================================
21:41:44.0713 0316 Scan finished
21:41:44.0713 0316 ============================================================
21:41:44.0713 3812 Detected object count: 5
21:41:44.0713 3812 Actual detected object count: 5
|
|
16.01.2013, 17:06
| #11 |
| | langsames internet hallo cosinus ich warte immer noch auf eine antwort von dir. hast du den thread vielleicht vergessen?  lg |
|
17.01.2013, 01:22
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsames internet Womöglich übersehen oder auf ein Log gewartet, dass dann hinterher in den schon gelesenen Beitrag gequetscht wurde. Ich hatte eigentlich extra den Hinweis für den Erinnerungsstrang gepostet. Das Log vom TDS-Killer ist übrigens unvollständig.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.01.2013, 13:49
| #13 |
| | langsames internet was fehlt den bei dem log? ich hab ihn so gepostet, wie er in der datei ist. |
|
18.01.2013, 14:55
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsames internet Die untere Zusammenfassung fehlt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.01.2013, 19:09
| #15 |
| | langsames internet so nocheinmal der log des tdss killers mit der zusammenfassung Code:
ATTFilter
19:02:34.0041 5520 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:02:34.0400 5520 ============================================================
19:02:34.0400 5520 Current date / time: 2013/01/22 19:02:34.0400
19:02:34.0400 5520 SystemInfo:
19:02:34.0400 5520
19:02:34.0400 5520 OS Version: 6.0.6002 ServicePack: 2.0
19:02:34.0400 5520 Product type: Workstation
19:02:34.0400 5520 ComputerName: BARBARA-PC
19:02:34.0400 5520 UserName: Barbara neu
19:02:34.0400 5520 Windows directory: C:\Windows
19:02:34.0400 5520 System windows directory: C:\Windows
19:02:34.0400 5520 Processor architecture: Intel x86
19:02:34.0400 5520 Number of processors: 2
19:02:34.0400 5520 Page size: 0x1000
19:02:34.0400 5520 Boot type: Normal boot
19:02:34.0400 5520 ============================================================
19:02:35.0149 5520 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:02:35.0149 5520 ============================================================
19:02:35.0149 5520 \Device\Harddisk0\DR0:
19:02:35.0149 5520 MBR partitions:
19:02:35.0149 5520 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x240A5800
19:02:35.0149 5520 ============================================================
19:02:35.0180 5520 C: <-> \Device\Harddisk0\DR0\Partition1
19:02:35.0180 5520 ============================================================
19:02:35.0180 5520 Initialize success
19:02:35.0180 5520 ============================================================
19:02:49.0594 5412 ============================================================
19:02:49.0594 5412 Scan started
19:02:49.0594 5412 Mode: Manual; SigCheck; TDLFS;
19:02:49.0594 5412 ============================================================
19:02:49.0969 5412 ================ Scan system memory ========================
19:02:49.0969 5412 System memory - ok
19:02:49.0969 5412 ================ Scan services =============================
19:02:50.0203 5412 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:02:50.0405 5412 ACPI - ok
19:02:50.0499 5412 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:02:50.0515 5412 AdobeARMservice - ok
19:02:50.0593 5412 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:02:50.0624 5412 AdobeFlashPlayerUpdateSvc - ok
19:02:50.0733 5412 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:02:50.0795 5412 adp94xx - ok
19:02:50.0827 5412 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:02:50.0873 5412 adpahci - ok
19:02:50.0905 5412 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:02:50.0920 5412 adpu160m - ok
19:02:50.0951 5412 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:02:50.0983 5412 adpu320 - ok
19:02:51.0045 5412 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:02:51.0201 5412 AeLookupSvc - ok
19:02:51.0279 5412 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:02:51.0373 5412 AFD - ok
19:02:51.0419 5412 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:02:51.0435 5412 agp440 - ok
19:02:51.0466 5412 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:02:51.0497 5412 aic78xx - ok
19:02:51.0513 5412 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:02:51.0669 5412 ALG - ok
19:02:51.0700 5412 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:02:51.0716 5412 aliide - ok
19:02:51.0778 5412 [ 0FF34F07379FBEB7AFE0B2487C12B5A5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:02:51.0841 5412 AMD External Events Utility - ok
19:02:51.0887 5412 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:02:51.0919 5412 amdagp - ok
19:02:51.0934 5412 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
19:02:51.0950 5412 amdide - ok
19:02:51.0997 5412 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:02:52.0075 5412 AmdK7 - ok
19:02:52.0106 5412 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:02:52.0153 5412 AmdK8 - ok
19:02:52.0340 5412 [ E518E13C6F11A94D263F1A611A011B8F ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
19:02:53.0011 5412 amdkmdag - ok
19:02:53.0073 5412 [ D877292F7B68A7EE8AC2CD28B377EA9F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:02:53.0120 5412 amdkmdap - ok
19:02:53.0167 5412 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:02:53.0260 5412 Appinfo - ok
19:02:53.0276 5412 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:02:53.0307 5412 arc - ok
19:02:53.0369 5412 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:02:53.0385 5412 arcsas - ok
19:02:53.0447 5412 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:02:55.0163 5412 aswFsBlk - ok
19:02:55.0226 5412 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:02:55.0241 5412 aswMonFlt - ok
19:02:55.0257 5412 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
19:02:55.0273 5412 AswRdr - ok
19:02:55.0304 5412 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:02:55.0366 5412 aswSnx - ok
19:02:55.0413 5412 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:02:55.0460 5412 aswSP - ok
19:02:55.0507 5412 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:02:55.0522 5412 aswTdi - ok
19:02:55.0569 5412 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:02:55.0694 5412 AsyncMac - ok
19:02:55.0709 5412 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
19:02:55.0741 5412 atapi - ok
19:02:55.0819 5412 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:02:55.0897 5412 AudioEndpointBuilder - ok
19:02:55.0912 5412 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:02:55.0943 5412 Audiosrv - ok
19:02:56.0006 5412 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:02:56.0021 5412 avast! Antivirus - ok
19:02:56.0099 5412 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:02:56.0162 5412 b57nd60x - ok
19:02:56.0255 5412 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
19:02:56.0287 5412 BBSvc - ok
19:02:56.0333 5412 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:02:56.0396 5412 Beep - ok
19:02:56.0474 5412 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:02:56.0536 5412 BFE - ok
19:02:56.0614 5412 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
19:02:56.0723 5412 BITS - ok
19:02:56.0755 5412 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:02:56.0801 5412 blbdrive - ok
19:02:56.0848 5412 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:02:56.0911 5412 bowser - ok
19:02:56.0957 5412 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:02:57.0004 5412 BrFiltLo - ok
19:02:57.0020 5412 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:02:57.0082 5412 BrFiltUp - ok
19:02:57.0113 5412 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:02:57.0176 5412 Browser - ok
19:02:57.0223 5412 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:02:57.0425 5412 Brserid - ok
19:02:57.0441 5412 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:02:57.0535 5412 BrSerWdm - ok
19:02:57.0566 5412 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:02:57.0628 5412 BrUsbMdm - ok
19:02:57.0644 5412 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:02:57.0737 5412 BrUsbSer - ok
19:02:57.0800 5412 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:02:57.0831 5412 BthEnum - ok
19:02:57.0909 5412 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:02:58.0003 5412 BTHMODEM - ok
19:02:58.0034 5412 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:02:58.0081 5412 BthPan - ok
19:02:58.0143 5412 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:02:58.0205 5412 BTHPORT - ok
19:02:58.0283 5412 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
19:02:58.0346 5412 BthServ - ok
19:02:58.0377 5412 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:02:58.0408 5412 BTHUSB - ok
19:02:58.0455 5412 [ F97A9C093E79BF117D9F26F2D31DCA5E ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:02:58.0471 5412 btwaudio - ok
19:02:58.0517 5412 [ 143C4C1EE6D131ECA8B4AB5F80B3F910 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:02:58.0549 5412 btwavdt - ok
19:02:58.0627 5412 [ B6C870EE321AA8678198EA003DCFBB02 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:02:58.0673 5412 btwdins - ok
19:02:58.0736 5412 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:02:58.0751 5412 btwl2cap - ok
19:02:58.0767 5412 [ 97CF6C5D3B443344497F1F53E5D0ED50 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:02:58.0783 5412 btwrchid - ok
19:02:58.0845 5412 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
19:02:58.0876 5412 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
19:02:58.0876 5412 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
19:02:58.0907 5412 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:02:58.0985 5412 cdfs - ok
19:02:59.0032 5412 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:02:59.0095 5412 cdrom - ok
19:02:59.0157 5412 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:02:59.0251 5412 CertPropSvc - ok
19:02:59.0282 5412 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:02:59.0344 5412 circlass - ok
19:02:59.0391 5412 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:02:59.0422 5412 CLFS - ok
19:02:59.0485 5412 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:02:59.0516 5412 clr_optimization_v2.0.50727_32 - ok
19:02:59.0594 5412 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:02:59.0641 5412 CmBatt - ok
19:02:59.0656 5412 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:02:59.0672 5412 cmdide - ok
19:02:59.0687 5412 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:02:59.0703 5412 Compbatt - ok
19:02:59.0719 5412 COMSysApp - ok
19:02:59.0719 5412 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:02:59.0750 5412 crcdisk - ok
19:02:59.0765 5412 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:02:59.0812 5412 Crusoe - ok
19:02:59.0859 5412 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:02:59.0953 5412 CryptSvc - ok
19:03:00.0031 5412 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:03:00.0109 5412 DcomLaunch - ok
19:03:00.0140 5412 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:03:00.0218 5412 DfsC - ok
19:03:00.0327 5412 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:03:00.0608 5412 DFSR - ok
19:03:00.0670 5412 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:03:00.0717 5412 Dhcp - ok
19:03:00.0779 5412 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:03:00.0811 5412 disk - ok
19:03:00.0857 5412 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:03:00.0904 5412 Dnscache - ok
19:03:00.0951 5412 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:03:00.0998 5412 dot3svc - ok
19:03:01.0076 5412 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:03:01.0138 5412 Dot4 - ok
19:03:01.0169 5412 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:03:01.0216 5412 Dot4Print - ok
19:03:01.0247 5412 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:03:01.0310 5412 dot4usb - ok
19:03:01.0372 5412 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:03:01.0403 5412 DPS - ok
19:03:01.0435 5412 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:03:01.0466 5412 drmkaud - ok
19:03:01.0528 5412 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:03:01.0591 5412 DXGKrnl - ok
19:03:01.0669 5412 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:03:01.0731 5412 E1G60 - ok
19:03:01.0778 5412 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:03:01.0840 5412 EapHost - ok
19:03:01.0903 5412 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:03:01.0934 5412 Ecache - ok
19:03:01.0981 5412 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:03:02.0043 5412 ehRecvr - ok
19:03:02.0059 5412 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:03:02.0105 5412 ehSched - ok
19:03:02.0121 5412 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:03:02.0168 5412 ehstart - ok
19:03:02.0230 5412 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:03:02.0261 5412 elxstor - ok
19:03:02.0339 5412 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:03:02.0402 5412 EMDMgmt - ok
19:03:02.0495 5412 [ 6D49242536F8397AE9AF2A2A360E2EDD ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
19:03:02.0542 5412 ePowerSvc - ok
19:03:02.0605 5412 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:03:02.0651 5412 ErrDev - ok
19:03:02.0714 5412 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:03:02.0761 5412 EventSystem - ok
19:03:02.0823 5412 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:03:02.0870 5412 exfat - ok
19:03:02.0917 5412 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:03:02.0963 5412 fastfat - ok
19:03:03.0010 5412 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:03:03.0057 5412 fdc - ok
19:03:03.0073 5412 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:03:03.0119 5412 fdPHost - ok
19:03:03.0119 5412 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:03:03.0213 5412 FDResPub - ok
19:03:03.0229 5412 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:03:03.0260 5412 FileInfo - ok
19:03:03.0291 5412 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:03:03.0322 5412 Filetrace - ok
19:03:03.0338 5412 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:03:03.0385 5412 flpydisk - ok
19:03:03.0431 5412 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:03:03.0463 5412 FltMgr - ok
19:03:03.0556 5412 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:03:03.0665 5412 FontCache - ok
19:03:03.0743 5412 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:03:03.0775 5412 FontCache3.0.0.0 - ok
19:03:03.0837 5412 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:03:03.0899 5412 Fs_Rec - ok
19:03:03.0931 5412 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:03:03.0946 5412 gagp30kx - ok
19:03:04.0055 5412 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:03:04.0071 5412 GEARAspiWDM - ok
19:03:04.0118 5412 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:03:04.0258 5412 gpsvc - ok
19:03:04.0399 5412 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:03:04.0414 5412 gupdate - ok
19:03:04.0430 5412 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:03:04.0461 5412 gupdatem - ok
19:03:04.0492 5412 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:03:04.0555 5412 HdAudAddService - ok
19:03:04.0617 5412 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:03:04.0679 5412 HDAudBus - ok
19:03:04.0711 5412 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:03:04.0789 5412 HidBth - ok
19:03:04.0820 5412 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:03:04.0898 5412 HidIr - ok
19:03:04.0945 5412 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
19:03:04.0976 5412 hidserv - ok
19:03:05.0023 5412 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:03:05.0085 5412 HidUsb - ok
19:03:05.0116 5412 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:03:05.0179 5412 hkmsvc - ok
19:03:05.0210 5412 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:03:05.0225 5412 HpCISSs - ok
19:03:05.0272 5412 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:03:05.0335 5412 HTTP - ok
19:03:05.0350 5412 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:03:05.0366 5412 i2omp - ok
19:03:05.0428 5412 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:03:05.0491 5412 i8042prt - ok
19:03:05.0569 5412 [ 52E8A3CC8269ADB27D25182284C5E650 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:03:05.0615 5412 IAANTMON - ok
19:03:05.0662 5412 [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:03:05.0725 5412 iaStor - ok
19:03:05.0756 5412 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:03:05.0787 5412 iaStorV - ok
19:03:05.0881 5412 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:03:05.0912 5412 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:03:05.0912 5412 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:03:06.0005 5412 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:03:06.0068 5412 idsvc - ok
19:03:06.0099 5412 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:03:06.0115 5412 iirsp - ok
19:03:06.0177 5412 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:03:06.0239 5412 IKEEXT - ok
19:03:06.0364 5412 [ D4A1767FD9D5C7762E9B8B36527B8AF3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:03:06.0520 5412 IntcAzAudAddService - ok
19:03:06.0551 5412 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:03:06.0583 5412 intelide - ok
19:03:06.0770 5412 [ E68472300B27AF1A9B777553776267C3 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd32.sys
19:03:07.0066 5412 intelkmd - ok
19:03:07.0113 5412 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:03:07.0160 5412 intelppm - ok
19:03:07.0191 5412 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:03:07.0269 5412 IPBusEnum - ok
19:03:07.0300 5412 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:03:07.0363 5412 IpFilterDriver - ok
19:03:07.0409 5412 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:03:07.0472 5412 iphlpsvc - ok
19:03:07.0487 5412 IpInIp - ok
19:03:07.0503 5412 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:03:07.0550 5412 IPMIDRV - ok
19:03:07.0565 5412 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:03:07.0628 5412 IPNAT - ok
19:03:07.0675 5412 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
19:03:07.0721 5412 irda - ok
19:03:07.0753 5412 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:03:07.0799 5412 IRENUM - ok
19:03:07.0815 5412 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
19:03:07.0909 5412 Irmon - ok
19:03:07.0924 5412 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:03:07.0955 5412 isapnp - ok
19:03:08.0018 5412 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:03:08.0049 5412 iScsiPrt - ok
19:03:08.0065 5412 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:03:08.0080 5412 iteatapi - ok
19:03:08.0096 5412 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:03:08.0127 5412 iteraid - ok
19:03:08.0143 5412 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:03:08.0158 5412 kbdclass - ok
19:03:08.0189 5412 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:03:08.0236 5412 kbdhid - ok
19:03:08.0252 5412 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:03:08.0314 5412 KeyIso - ok
19:03:08.0361 5412 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:03:08.0392 5412 KSecDD - ok
19:03:08.0455 5412 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:03:08.0517 5412 KtmRm - ok
19:03:08.0595 5412 [ D2862BF2E43718DBDD24664EF4B6C0F0 ] L1C C:\Windows\system32\DRIVERS\L1C60x86.sys
19:03:08.0626 5412 L1C - ok
19:03:08.0657 5412 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
19:03:08.0704 5412 LanmanServer - ok
19:03:08.0735 5412 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:03:08.0782 5412 LanmanWorkstation - ok
19:03:08.0845 5412 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:03:08.0907 5412 lltdio - ok
19:03:08.0954 5412 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:03:09.0016 5412 lltdsvc - ok
19:03:09.0016 5412 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:03:09.0110 5412 lmhosts - ok
19:03:09.0141 5412 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:03:09.0157 5412 LSI_FC - ok
19:03:09.0172 5412 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:03:09.0203 5412 LSI_SAS - ok
19:03:09.0235 5412 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:03:09.0250 5412 LSI_SCSI - ok
19:03:09.0266 5412 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:03:09.0328 5412 luafv - ok
19:03:09.0344 5412 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:03:09.0406 5412 Mcx2Svc - ok
19:03:09.0484 5412 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:03:09.0515 5412 megasas - ok
19:03:09.0562 5412 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:03:09.0609 5412 MegaSR - ok
19:03:09.0671 5412 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:03:09.0687 5412 Microsoft Office Groove Audit Service - ok
19:03:09.0718 5412 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:03:09.0796 5412 MMCSS - ok
19:03:09.0827 5412 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:03:09.0890 5412 Modem - ok
19:03:09.0937 5412 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:03:09.0999 5412 monitor - ok
19:03:10.0030 5412 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:03:10.0046 5412 mouclass - ok
19:03:10.0061 5412 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:03:10.0139 5412 mouhid - ok
19:03:10.0186 5412 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:03:10.0202 5412 MountMgr - ok
19:03:10.0280 5412 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:03:10.0311 5412 MozillaMaintenance - ok
19:03:10.0358 5412 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
19:03:10.0389 5412 mpio - ok
19:03:10.0405 5412 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:03:10.0436 5412 mpsdrv - ok
19:03:10.0498 5412 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:03:10.0607 5412 MpsSvc - ok
19:03:10.0670 5412 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:03:10.0685 5412 Mraid35x - ok
19:03:10.0748 5412 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:03:10.0795 5412 MRxDAV - ok
19:03:10.0826 5412 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:03:10.0904 5412 mrxsmb - ok
19:03:10.0935 5412 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:03:10.0982 5412 mrxsmb10 - ok
19:03:10.0982 5412 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:03:11.0013 5412 mrxsmb20 - ok
19:03:11.0075 5412 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
19:03:11.0091 5412 msahci - ok
19:03:11.0107 5412 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:03:11.0138 5412 msdsm - ok
19:03:11.0153 5412 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:03:11.0200 5412 MSDTC - ok
19:03:11.0216 5412 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:03:11.0263 5412 Msfs - ok
19:03:11.0294 5412 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:03:11.0309 5412 msisadrv - ok
19:03:11.0341 5412 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:03:11.0403 5412 MSiSCSI - ok
19:03:11.0419 5412 msiserver - ok
19:03:11.0450 5412 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:03:11.0497 5412 MSKSSRV - ok
19:03:11.0512 5412 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:03:11.0575 5412 MSPCLOCK - ok
19:03:11.0590 5412 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:03:11.0668 5412 MSPQM - ok
19:03:11.0715 5412 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:03:11.0746 5412 MsRPC - ok
19:03:11.0762 5412 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:03:11.0793 5412 mssmbios - ok
19:03:11.0809 5412 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:03:11.0855 5412 MSTEE - ok
19:03:11.0902 5412 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:03:11.0933 5412 Mup - ok
19:03:11.0980 5412 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:03:12.0043 5412 napagent - ok
19:03:12.0121 5412 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:03:12.0167 5412 NativeWifiP - ok
19:03:12.0230 5412 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:03:12.0261 5412 NDIS - ok
19:03:12.0339 5412 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:03:12.0386 5412 NdisTapi - ok
19:03:12.0417 5412 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:03:12.0448 5412 Ndisuio - ok
19:03:12.0526 5412 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:03:12.0589 5412 NdisWan - ok
19:03:12.0604 5412 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:03:12.0651 5412 NDProxy - ok
19:03:12.0682 5412 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:03:12.0698 5412 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:03:12.0698 5412 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:03:12.0729 5412 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:03:12.0791 5412 NetBIOS - ok
19:03:12.0838 5412 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:03:12.0885 5412 netbt - ok
19:03:12.0901 5412 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:03:12.0932 5412 Netlogon - ok
19:03:13.0072 5412 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:03:13.0197 5412 Netman - ok
19:03:13.0244 5412 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:03:13.0322 5412 netprofm - ok
19:03:13.0369 5412 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:03:13.0384 5412 NetTcpPortSharing - ok
19:03:13.0790 5412 [ 369C8988B3E34AE2D3BD056C1A7BD5B1 ] NETw1v32 C:\Windows\system32\DRIVERS\NETw1v32.sys
19:03:14.0149 5412 NETw1v32 - ok
19:03:14.0164 5412 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:03:14.0195 5412 nfrd960 - ok
19:03:14.0227 5412 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:03:14.0289 5412 NlaSvc - ok
19:03:14.0336 5412 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:03:14.0383 5412 Npfs - ok
19:03:14.0414 5412 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
19:03:14.0492 5412 NSCIRDA - ok
19:03:14.0507 5412 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:03:14.0554 5412 nsi - ok
19:03:14.0570 5412 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:03:14.0632 5412 nsiproxy - ok
19:03:15.0038 5412 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:03:15.0147 5412 Ntfs - ok
19:03:15.0225 5412 [ 6DCAA65F49EF3B97A5CFFC0CB5DE1C2F ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
19:03:15.0303 5412 NTIDrvr - ok
19:03:15.0350 5412 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:03:15.0459 5412 ntrigdigi - ok
19:03:15.0490 5412 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:03:15.0568 5412 Null - ok
19:03:15.0599 5412 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:03:15.0615 5412 nvraid - ok
19:03:15.0646 5412 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:03:15.0677 5412 nvstor - ok
19:03:15.0693 5412 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:03:15.0740 5412 nv_agp - ok
19:03:15.0740 5412 NwlnkFlt - ok
19:03:15.0755 5412 NwlnkFwd - ok
19:03:15.0818 5412 [ 69316583D4CC032B3E4E72FD86C2FFA8 ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
19:03:15.0833 5412 ODDPwrSvc ( UnsignedFile.Multi.Generic ) - warning
19:03:15.0833 5412 ODDPwrSvc - detected UnsignedFile.Multi.Generic (1)
19:03:15.0880 5412 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:03:15.0927 5412 odserv - ok
19:03:15.0989 5412 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:03:16.0052 5412 ohci1394 - ok
19:03:16.0083 5412 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:03:16.0099 5412 ose - ok
19:03:16.0177 5412 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:03:16.0348 5412 p2pimsvc - ok
19:03:16.0379 5412 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:03:16.0426 5412 p2psvc - ok
19:03:16.0473 5412 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:03:16.0551 5412 Parport - ok
19:03:16.0613 5412 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:03:16.0660 5412 partmgr - ok
19:03:16.0676 5412 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:03:16.0738 5412 Parvdm - ok
19:03:16.0769 5412 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:03:16.0847 5412 PcaSvc - ok
19:03:16.0925 5412 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:03:16.0957 5412 pci - ok
19:03:16.0988 5412 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
19:03:17.0019 5412 pciide - ok
19:03:17.0081 5412 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:03:17.0113 5412 pcmcia - ok
19:03:17.0175 5412 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:03:17.0315 5412 PEAUTH - ok
19:03:17.0409 5412 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:03:17.0518 5412 pla - ok
19:03:17.0581 5412 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:03:17.0643 5412 PlugPlay - ok
19:03:17.0674 5412 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:03:17.0705 5412 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:03:17.0705 5412 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:03:17.0737 5412 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:03:17.0846 5412 PNRPAutoReg - ok
19:03:17.0861 5412 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:03:17.0908 5412 PNRPsvc - ok
19:03:17.0971 5412 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:03:18.0080 5412 PolicyAgent - ok
19:03:18.0142 5412 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:03:18.0189 5412 PptpMiniport - ok
19:03:18.0205 5412 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
19:03:18.0251 5412 Processor - ok
19:03:18.0267 5412 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:03:18.0314 5412 ProfSvc - ok
19:03:18.0329 5412 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:03:18.0361 5412 ProtectedStorage - ok
19:03:18.0407 5412 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:03:18.0470 5412 PSched - ok
19:03:18.0532 5412 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\DRIVERS\PxHelp20.sys
19:03:18.0548 5412 PxHelp20 - ok
19:03:18.0641 5412 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:03:18.0704 5412 ql2300 - ok
19:03:18.0735 5412 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:03:18.0751 5412 ql40xx - ok
19:03:18.0766 5412 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:03:18.0813 5412 QWAVE - ok
19:03:18.0829 5412 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:03:18.0860 5412 QWAVEdrv - ok
19:03:18.0907 5412 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:03:18.0953 5412 RasAcd - ok
19:03:18.0969 5412 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:03:19.0047 5412 RasAuto - ok
19:03:19.0063 5412 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:03:19.0125 5412 Rasl2tp - ok
19:03:19.0172 5412 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:03:19.0219 5412 RasMan - ok
19:03:19.0265 5412 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:03:19.0297 5412 RasPppoe - ok
19:03:19.0328 5412 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:03:19.0343 5412 RasSstp - ok
19:03:19.0390 5412 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:03:19.0437 5412 rdbss - ok
19:03:19.0468 5412 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:03:19.0531 5412 RDPCDD - ok
19:03:19.0562 5412 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:03:19.0609 5412 rdpdr - ok
19:03:19.0624 5412 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:03:19.0671 5412 RDPENCDD - ok
19:03:19.0733 5412 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:03:19.0780 5412 RDPWD - ok
19:03:19.0843 5412 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:03:19.0889 5412 RemoteAccess - ok
19:03:19.0952 5412 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:03:19.0999 5412 RemoteRegistry - ok
19:03:20.0061 5412 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:03:20.0092 5412 RFCOMM - ok
19:03:20.0108 5412 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:03:20.0155 5412 RpcLocator - ok
19:03:20.0201 5412 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:03:20.0248 5412 RpcSs - ok
19:03:20.0279 5412 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:03:20.0311 5412 rspndr - ok
19:03:20.0389 5412 [ 4A8393F03CB2F40E08126D83916C5633 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
19:03:20.0404 5412 RTHDMIAzAudService - ok
19:03:20.0467 5412 [ 9B09F336DE36A7A6CA871DE8A7847B65 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
19:03:20.0498 5412 RTSTOR - ok
19:03:20.0513 5412 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:03:20.0529 5412 SamSs - ok
19:03:20.0560 5412 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:03:20.0576 5412 sbp2port - ok
19:03:20.0623 5412 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:03:20.0654 5412 SCardSvr - ok
19:03:20.0685 5412 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:03:20.0747 5412 Schedule - ok
19:03:20.0779 5412 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:03:20.0810 5412 SCPolicySvc - ok
19:03:20.0872 5412 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:03:20.0935 5412 sdbus - ok
19:03:20.0966 5412 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:03:21.0044 5412 SDRSVC - ok
19:03:21.0091 5412 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
19:03:21.0122 5412 SeaPort - ok
19:03:21.0122 5412 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:03:21.0200 5412 secdrv - ok
19:03:21.0231 5412 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:03:21.0293 5412 seclogon - ok
19:03:21.0325 5412 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:03:21.0371 5412 SENS - ok
19:03:21.0387 5412 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:03:21.0481 5412 Serenum - ok
19:03:21.0512 5412 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:03:21.0590 5412 Serial - ok
19:03:21.0590 5412 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:03:21.0637 5412 sermouse - ok
19:03:21.0668 5412 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:03:21.0730 5412 SessionEnv - ok
19:03:21.0761 5412 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:03:21.0808 5412 sffdisk - ok
19:03:21.0839 5412 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:03:21.0871 5412 sffp_mmc - ok
19:03:21.0886 5412 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:03:21.0917 5412 sffp_sd - ok
19:03:21.0933 5412 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:03:22.0011 5412 sfloppy - ok
19:03:22.0042 5412 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:03:22.0105 5412 SharedAccess - ok
19:03:22.0151 5412 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:03:22.0198 5412 ShellHWDetection - ok
19:03:22.0229 5412 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:03:22.0261 5412 sisagp - ok
19:03:22.0276 5412 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:03:22.0292 5412 SiSRaid2 - ok
19:03:22.0307 5412 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:03:22.0339 5412 SiSRaid4 - ok
19:03:22.0479 5412 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:03:22.0682 5412 slsvc - ok
19:03:22.0729 5412 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:03:22.0791 5412 SLUINotify - ok
19:03:22.0838 5412 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:03:22.0885 5412 Smb - ok
19:03:22.0931 5412 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:03:22.0963 5412 SNMPTRAP - ok
19:03:23.0119 5412 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
19:03:23.0134 5412 Sony PC Companion - ok
19:03:23.0150 5412 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:03:23.0181 5412 spldr - ok
19:03:23.0228 5412 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:03:23.0290 5412 Spooler - ok
19:03:23.0337 5412 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:03:23.0384 5412 srv - ok
19:03:23.0415 5412 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:03:23.0493 5412 srv2 - ok
19:03:23.0493 5412 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:03:23.0524 5412 srvnet - ok
19:03:23.0555 5412 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:03:23.0633 5412 SSDPSRV - ok
19:03:23.0649 5412 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:03:23.0696 5412 SstpSvc - ok
19:03:23.0758 5412 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:03:23.0805 5412 stisvc - ok
19:03:23.0836 5412 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:03:23.0852 5412 swenum - ok
19:03:23.0930 5412 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:03:23.0977 5412 swprv - ok
19:03:24.0008 5412 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:03:24.0023 5412 Symc8xx - ok
19:03:24.0039 5412 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:03:24.0070 5412 Sym_hi - ok
19:03:24.0086 5412 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:03:24.0117 5412 Sym_u3 - ok
19:03:24.0179 5412 [ 5C3E900F41426A372DE60675AFC8AA07 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:03:24.0211 5412 SynTP - ok
19:03:24.0257 5412 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:03:24.0398 5412 SysMain - ok
19:03:24.0445 5412 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:03:24.0476 5412 TabletInputService - ok
19:03:24.0538 5412 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:03:24.0585 5412 TapiSrv - ok
19:03:24.0616 5412 TASCAM_US122144 - ok
19:03:24.0616 5412 TASCAM_US122L_MK2_MIDI - ok
19:03:24.0632 5412 TASCAM_US122L_MK2_WDM - ok
19:03:24.0679 5412 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:03:24.0741 5412 TBS - ok
19:03:24.0819 5412 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:03:24.0881 5412 Tcpip - ok
19:03:24.0913 5412 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:03:24.0959 5412 Tcpip6 - ok
19:03:25.0006 5412 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:03:25.0069 5412 tcpipreg - ok
19:03:25.0100 5412 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:03:25.0162 5412 TDPIPE - ok
19:03:25.0193 5412 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:03:25.0256 5412 TDTCP - ok
19:03:25.0287 5412 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:03:25.0334 5412 tdx - ok
19:03:25.0365 5412 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:03:25.0381 5412 TermDD - ok
19:03:25.0412 5412 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:03:25.0505 5412 TermService - ok
19:03:25.0537 5412 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:03:25.0568 5412 Themes - ok
19:03:25.0583 5412 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:03:25.0630 5412 THREADORDER - ok
19:03:25.0661 5412 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:03:25.0708 5412 TrkWks - ok
19:03:25.0786 5412 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:03:25.0833 5412 TrustedInstaller - ok
19:03:25.0864 5412 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:03:25.0911 5412 tssecsrv - ok
19:03:25.0942 5412 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:03:25.0989 5412 tunmp - ok
19:03:26.0036 5412 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:03:26.0083 5412 tunnel - ok
19:03:26.0098 5412 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:03:26.0129 5412 uagp35 - ok
19:03:26.0176 5412 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:03:26.0223 5412 udfs - ok
19:03:26.0270 5412 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:03:26.0317 5412 UI0Detect - ok
19:03:26.0348 5412 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:03:26.0379 5412 uliagpkx - ok
19:03:26.0395 5412 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:03:26.0410 5412 uliahci - ok
19:03:26.0441 5412 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:03:26.0457 5412 UlSata - ok
19:03:26.0488 5412 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:03:26.0504 5412 ulsata2 - ok
19:03:26.0519 5412 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:03:26.0582 5412 umbus - ok
19:03:26.0629 5412 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:03:26.0675 5412 upnphost - ok
19:03:26.0722 5412 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:03:26.0769 5412 usbccgp - ok
19:03:26.0800 5412 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:03:26.0894 5412 usbcir - ok
19:03:26.0941 5412 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:03:26.0987 5412 usbehci - ok
19:03:27.0034 5412 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:03:27.0097 5412 usbhub - ok
19:03:27.0128 5412 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:03:27.0206 5412 usbohci - ok
19:03:27.0253 5412 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:03:27.0299 5412 usbprint - ok
19:03:27.0315 5412 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:03:27.0377 5412 USBSTOR - ok
19:03:27.0393 5412 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:03:27.0440 5412 usbuhci - ok
19:03:27.0487 5412 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:03:27.0533 5412 usbvideo - ok
19:03:27.0580 5412 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:03:27.0627 5412 UxSms - ok
19:03:27.0674 5412 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:03:27.0752 5412 vds - ok
19:03:27.0830 5412 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:03:27.0877 5412 vga - ok
19:03:27.0892 5412 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:03:27.0970 5412 VgaSave - ok
19:03:28.0001 5412 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:03:28.0017 5412 viaagp - ok
19:03:28.0033 5412 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:03:28.0079 5412 ViaC7 - ok
19:03:28.0095 5412 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:03:28.0111 5412 viaide - ok
19:03:28.0142 5412 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:03:28.0173 5412 volmgr - ok
19:03:28.0220 5412 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:03:28.0251 5412 volmgrx - ok
19:03:28.0313 5412 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:03:28.0345 5412 volsnap - ok
19:03:28.0391 5412 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:03:28.0423 5412 vsmraid - ok
19:03:28.0485 5412 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:03:28.0563 5412 VSS - ok
19:03:28.0625 5412 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:03:28.0672 5412 W32Time - ok
19:03:28.0703 5412 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:03:28.0781 5412 WacomPen - ok
19:03:28.0828 5412 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:03:28.0859 5412 Wanarp - ok
19:03:28.0875 5412 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:03:28.0906 5412 Wanarpv6 - ok
19:03:28.0969 5412 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:03:29.0031 5412 wcncsvc - ok
19:03:29.0062 5412 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:03:29.0140 5412 WcsPlugInService - ok
19:03:29.0171 5412 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:03:29.0203 5412 Wd - ok
19:03:29.0265 5412 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:03:29.0312 5412 Wdf01000 - ok
19:03:29.0359 5412 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:03:29.0405 5412 WdiServiceHost - ok
19:03:29.0421 5412 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:03:29.0468 5412 WdiSystemHost - ok
19:03:29.0530 5412 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:03:29.0561 5412 WebClient - ok
19:03:29.0593 5412 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:03:29.0655 5412 Wecsvc - ok
19:03:29.0686 5412 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:03:29.0717 5412 wercplsupport - ok
19:03:29.0764 5412 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:03:29.0842 5412 WerSvc - ok
19:03:29.0889 5412 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:03:29.0920 5412 WinDefend - ok
19:03:29.0936 5412 WinHttpAutoProxySvc - ok
19:03:29.0967 5412 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:03:29.0998 5412 Winmgmt - ok
19:03:30.0076 5412 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:03:30.0185 5412 WinRM - ok
19:03:30.0248 5412 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:03:30.0310 5412 Wlansvc - ok
19:03:30.0341 5412 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:03:30.0404 5412 WmiAcpi - ok
19:03:30.0451 5412 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:03:30.0482 5412 wmiApSrv - ok
19:03:30.0544 5412 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:03:30.0653 5412 WMPNetworkSvc - ok
19:03:30.0700 5412 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:03:30.0763 5412 WPCSvc - ok
19:03:30.0809 5412 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:03:30.0841 5412 WPDBusEnum - ok
19:03:30.0887 5412 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:03:30.0919 5412 WpdUsb - ok
19:03:30.0950 5412 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:03:30.0997 5412 ws2ifsl - ok
19:03:31.0043 5412 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
19:03:31.0090 5412 wscsvc - ok
19:03:31.0090 5412 WSearch - ok
19:03:31.0184 5412 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:03:31.0293 5412 wuauserv - ok
19:03:31.0340 5412 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:03:31.0402 5412 WudfPf - ok
19:03:31.0433 5412 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:03:31.0480 5412 WUDFRd - ok
19:03:31.0527 5412 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:03:31.0589 5412 wudfsvc - ok
19:03:31.0621 5412 ================ Scan global ===============================
19:03:31.0667 5412 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:03:31.0699 5412 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:03:31.0730 5412 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:03:31.0792 5412 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:03:31.0808 5412 [Global] - ok
19:03:31.0808 5412 ================ Scan MBR ==================================
19:03:31.0823 5412 [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
19:03:32.0416 5412 \Device\Harddisk0\DR0 - ok
19:03:32.0432 5412 ================ Scan VBR ==================================
19:03:32.0432 5412 [ 543AFCFCE80AE76D7EC159DAF9E96133 ] \Device\Harddisk0\DR0\Partition1
19:03:32.0432 5412 \Device\Harddisk0\DR0\Partition1 - ok
19:03:32.0432 5412 ============================================================
19:03:32.0432 5412 Scan finished
19:03:32.0432 5412 ============================================================
19:03:32.0447 4900 Detected object count: 5
19:03:32.0447 4900 Actual detected object count: 5
19:05:01.0196 4900 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
19:05:01.0196 4900 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:05:01.0196 4900 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:05:01.0196 4900 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:05:01.0211 4900 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:05:01.0211 4900 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:05:01.0211 4900 ODDPwrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:05:01.0211 4900 ODDPwrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:05:01.0211 4900 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:05:01.0211 4900 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
| Themen zu langsames internet |
| dankbar, dateien, gefunde, gefundene, gefundenen, grund, inter, interne, internet, konnte, langsamer, langsames, langsames internet, malwarebites, nichts, programm, troja, trojaner, verbindung, verdacht, virenprogramm |
Linear-Darstellung
