Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.07.2012, 15:48   #1
itzpink
 
Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus - Standard

Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus



Hallo erstmal,
also mein Computer wieder immer wieder Buchstaben, abunzu ein p oder b oder w oder e oder r ist das jezt ein virus, oder nicht? ich benutze Microsoft Security Essentials und der fand selbst beim 3. vollständigen scan nichts, und es liegt auch nicht an meiner tastatur die hatte ich nämlich ausgestöpselt und es kamen trz buchstaben :/

Edit: Diese buchstaben hatte ich natürlich vorher schoma gedrückt

Lg itzpink

Geändert von itzpink (26.07.2012 um 15:50 Uhr) Grund: Informations-Nachtragung

Alt 26.07.2012, 16:13   #2
markusg
/// Malware-holic
 
Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus - Standard

Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus



hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 26.07.2012, 17:27   #3
itzpink
 
Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus - Standard

Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus



das kam jezt bei mir raus

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.07.2012 18:00:12 - Run 1
OTL by OldTimer - Version 3.2.54.1     Folder = C:\Users\Lukas.Lukas_Systea\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,60% Memory free
8,00 Gb Paging File | 6,72 Gb Available in Paging File | 84,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,17 Gb Total Space | 459,74 Gb Free Space | 77,12% Space Free | Partition Type: NTFS
Drive D: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: LUKAS_SYSTEA | User Name: Admin Lukas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.26 17:59:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lukas.Lukas_Systea\Desktop\OTL.exe
PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Lukas.Lukas_Systea\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.02.28 18:35:22 | 000,018,432 | ---- | M] () -- C:\Users\Admin\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe
PRC - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010.06.28 20:22:52 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010.03.27 18:39:06 | 000,362,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2010.03.27 18:38:26 | 005,141,512 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009.03.20 02:03:00 | 001,904,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
PRC - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
PRC - [2008.11.18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.03.27 18:39:06 | 000,362,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
MOD - [2010.03.27 18:38:26 | 005,141,512 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
MOD - [2010.03.27 16:30:50 | 000,279,904 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\resource.dll
MOD - [2010.03.27 15:14:56 | 000,028,512 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll
MOD - [2010.03.27 15:13:36 | 000,019,808 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll
MOD - [2009.07.10 10:07:18 | 000,166,912 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009.02.06 19:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.09.06 09:19:54 | 000,119,632 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysNative\dgdersvc.exe -- (dgdersvc)
SRV:64bit: - [2010.04.07 04:12:18 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.07.25 18:56:57 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.24 17:39:30 | 004,419,392 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012.07.11 21:40:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.03.13 16:35:03 | 000,129,992 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.11 16:54:16 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012.02.29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.28 18:35:22 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Users\Admin\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe -- (GhosteryStatsUpdater)
SRV - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010.09.06 09:16:58 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\dgdersvc.exe -- (dgdersvc)
SRV - [2010.06.28 20:22:52 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.03.27 18:39:22 | 001,055,288 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2008.11.18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.11 15:03:58 | 000,116,096 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmaudio.sys -- (avmaudio)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.16 00:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.09.06 09:19:54 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2010.09.06 09:11:32 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.07.20 12:38:24 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2010.07.20 12:38:24 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2010.07.20 12:38:24 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2010.06.28 20:22:54 | 000,252,512 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2010.06.28 20:22:51 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258)
DRV:64bit: - [2010.06.28 20:22:50 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010.06.28 20:22:45 | 000,271,456 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010.04.07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.07 03:23:30 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.03.09 12:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.10.16 07:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:64bit: - [2009.08.06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.20 02:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)
DRV:64bit: - [2009.03.20 02:03:00 | 000,014,120 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2009.01.20 08:49:48 | 000,195,584 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV - [2010.09.06 09:16:58 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.09.06 09:11:32 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 12.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components [2012.03.13 20:59:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 12.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins
 
[2012.03.11 14:49:49 | 000,588,544 | ---- | M] () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AR7UY2M2.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (GhosteryStats) - {C331A7D9-4187-464C-BE66-FDBC56C07678} - C:\Users\Admin\AppData\LocalLow\GhosteryStats\IE\GhosteryStats.dll (David Cancel)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ()
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\SysNative\WerFault.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41596C22-A5FE-4C7F-B6C2-4BF5BF8532EB}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFD5B0E2-4FBD-4583-A56E-832B31BD4FBF}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.24 17:52:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\S4Leauge
[2012.07.24 17:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2012.07.19 12:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OnlineCounter
[2012.07.19 12:48:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.07.19 12:48:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.07.19 12:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.07.11 18:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.07.11 18:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.07.11 18:18:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.07.11 18:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.07.02 19:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Mouse Auto Clicker
[2012.07.02 19:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Mouse Auto Clicker
[2012.07.01 22:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fraps
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.26 17:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.26 16:59:14 | 000,018,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.26 16:59:14 | 000,018,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.26 16:52:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.26 16:51:57 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.24 17:42:22 | 000,000,044 | ---- | M] () -- C:\Program Files (x86)\S4_League_EU_v1167.exe
[2012.07.19 12:59:03 | 000,002,127 | ---- | M] () -- C:\OnlineCounter-Autostart.lnk
[2012.07.19 12:48:36 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.07.19 08:13:13 | 343,706,350 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.11 10:59:23 | 000,430,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.29 06:40:57 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.29 06:40:57 | 000,656,028 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.29 06:40:57 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.29 06:40:57 | 000,130,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.29 06:40:57 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.07.24 17:42:20 | 000,000,044 | ---- | C] () -- C:\Program Files (x86)\S4_League_EU_v1167.exe
[2012.07.19 12:59:03 | 000,002,127 | ---- | C] () -- C:\OnlineCounter-Autostart.lnk
[2012.07.19 12:59:03 | 000,002,127 | ---- | C] () -- \OnlineCounter-Autostart.lnk
[2012.07.19 12:57:00 | 000,002,139 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnlineCounter.lnk
[2012.07.19 12:48:36 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.07.19 12:48:36 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.05.21 18:07:24 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.03.11 18:24:16 | 000,002,006 | ---- | C] () -- \aqua_bitmap.cpp
[2012.03.11 16:53:04 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.03.11 16:53:04 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.03.11 15:00:09 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.09.06 09:19:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2010.09.06 09:19:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2010.09.06 09:19:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2010.09.06 09:19:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2009.08.21 09:35:14 | 000,008,192 | RHS- | C] () -- \BOOTSECT.BAK
[2009.08.21 09:35:13 | 000,383,562 | RHS- | C] () -- \bootmgr
[2009.08.21 08:35:45 | 3220,578,304 | -HS- | C] () -- \hiberfil.sys
[2007.11.07 09:12:28 | 000,232,960 | ---- | C] () -- \VC_RED.MSI
[2007.11.07 09:09:22 | 001,442,522 | ---- | C] () -- \VC_RED.cab
[2007.11.07 09:03:18 | 000,562,688 | ---- | C] () -- \install.exe
[2007.11.07 09:03:18 | 000,097,296 | ---- | C] () -- \install.res.1036.dll
[2007.11.07 09:03:18 | 000,096,272 | ---- | C] () -- \install.res.3082.dll
[2007.11.07 09:03:18 | 000,096,272 | ---- | C] () -- \install.res.1031.dll
[2007.11.07 09:03:18 | 000,095,248 | ---- | C] () -- \install.res.1040.dll
[2007.11.07 09:03:18 | 000,091,152 | ---- | C] () -- \install.res.1033.dll
[2007.11.07 09:03:18 | 000,081,424 | ---- | C] () -- \install.res.1041.dll
[2007.11.07 09:03:18 | 000,079,888 | ---- | C] () -- \install.res.1042.dll
[2007.11.07 09:03:18 | 000,076,304 | ---- | C] () -- \install.res.1028.dll
[2007.11.07 09:03:18 | 000,075,792 | ---- | C] () -- \install.res.2052.dll
[2007.11.07 09:00:40 | 000,005,686 | ---- | C] () -- \vcredist.bmp
[2007.11.07 09:00:40 | 000,001,110 | ---- | C] () -- \globdata.ini
[2007.11.07 09:00:40 | 000,000,843 | ---- | C] () -- \install.ini
 
========== LOP Check ==========
 
[2012.05.14 06:59:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.03.12 21:04:53 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.05.20 09:18:53 | 000,000,000 | ---D | M] -- C:\ATI
[2012.07.01 22:34:43 | 000,000,000 | ---D | M] -- C:\BEHALTEN
[2009.08.21 09:35:13 | 000,000,000 | -HSD | M] -- C:\Boot
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.08.21 08:43:24 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.03.11 14:57:46 | 000,000,000 | ---D | M] -- C:\downloads
[2012.05.01 17:42:35 | 000,000,000 | ---D | M] -- C:\Metin2
[2009.08.21 08:55:41 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.03.18 03:37:25 | 000,000,000 | ---D | M] -- C:\Nexon
[2012.03.11 16:50:19 | 000,000,000 | ---D | M] -- C:\OscarData
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.07.11 18:18:19 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.07.24 17:52:49 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.07.19 12:47:35 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.08.21 08:43:24 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.06.28 15:57:34 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.05.24 18:49:21 | 000,000,000 | ---D | M] -- C:\Riot Games
[2012.07.26 18:08:50 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.06.28 18:39:11 | 000,000,000 | ---D | M] -- C:\temp
[2012.05.21 18:07:57 | 000,000,000 | R--D | M] -- C:\Users
[2012.07.19 08:13:13 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
[2012.07.24 17:42:22 | 000,000,044 | ---- | M] () -- C:\Program Files (x86)\S4_League_EU_v1167.exe
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012.07.26 17:59:49 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT
[2012.07.26 17:59:49 | 000,230,400 | -HS- | M] () -- C:\Users\Admin Lukas\ntuser.dat.LOG1
[2012.03.11 17:34:07 | 000,000,000 | -HS- | M] () -- C:\Users\Admin Lukas\ntuser.dat.LOG2
[2012.03.11 17:34:14 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.03.11 17:34:14 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.03.11 17:34:14 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.06.02 18:53:01 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1cdc9129-acc1-11e1-b811-00016c66967c}.TM.blf
[2012.06.02 18:53:01 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1cdc9129-acc1-11e1-b811-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.06.02 18:53:01 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1cdc9129-acc1-11e1-b811-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.05.13 17:48:47 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1d467599-9cf9-11e1-9aab-00016c66967c}.TM.blf
[2012.05.13 17:48:47 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1d467599-9cf9-11e1-9aab-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.05.13 17:48:47 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1d467599-9cf9-11e1-9aab-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.05.21 16:38:36 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{2d011ee5-a351-11e1-86ba-00016c66967c}.TM.blf
[2012.05.21 16:38:36 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{2d011ee5-a351-11e1-86ba-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.05.21 16:38:36 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{2d011ee5-a351-11e1-86ba-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.04.01 19:00:11 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{30959567-7c0a-11e1-afa2-bc0543001744}.TM.blf
[2012.04.01 19:00:11 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{30959567-7c0a-11e1-afa2-bc0543001744}.TMContainer00000000000000000001.regtrans-ms
[2012.04.01 19:00:11 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{30959567-7c0a-11e1-afa2-bc0543001744}.TMContainer00000000000000000002.regtrans-ms
[2012.06.20 20:49:02 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{47bbe47d-bb05-11e1-af35-00016c66967c}.TM.blf
[2012.06.20 20:49:02 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{47bbe47d-bb05-11e1-af35-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.06.20 20:49:02 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{47bbe47d-bb05-11e1-af35-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.04.06 23:16:36 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68a9298e-7fb8-11e1-bab1-bc0543001744}.TM.blf
[2012.04.06 23:16:36 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68a9298e-7fb8-11e1-bab1-bc0543001744}.TMContainer00000000000000000001.regtrans-ms
[2012.04.06 23:16:36 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68a9298e-7fb8-11e1-bab1-bc0543001744}.TMContainer00000000000000000002.regtrans-ms
[2012.05.06 15:03:42 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68f6ecd0-9778-11e1-8007-bc0543001744}.TM.blf
[2012.05.06 15:03:42 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68f6ecd0-9778-11e1-8007-bc0543001744}.TMContainer00000000000000000001.regtrans-ms
[2012.05.06 15:03:42 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68f6ecd0-9778-11e1-8007-bc0543001744}.TMContainer00000000000000000002.regtrans-ms
[2012.07.23 14:02:10 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{776bbfb8-d4b0-11e1-86bf-00016c66967c}.TM.blf
[2012.07.23 14:02:10 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{776bbfb8-d4b0-11e1-86bf-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.07.23 14:02:10 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{776bbfb8-d4b0-11e1-86bf-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.07.01 12:27:22 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{7898e6c1-c35b-11e1-ae7c-00016c66967c}.TM.blf
[2012.07.01 12:27:22 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{7898e6c1-c35b-11e1-ae7c-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.07.01 12:27:22 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{7898e6c1-c35b-11e1-ae7c-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.06.12 14:12:34 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b0fbe429-b487-11e1-b73f-00016c66967c}.TM.blf
[2012.06.12 14:12:34 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b0fbe429-b487-11e1-b73f-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.06.12 14:12:34 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b0fbe429-b487-11e1-b73f-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.06.07 12:13:18 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b19b24ee-b07e-11e1-a378-00016c66967c}.TM.blf
[2012.06.07 12:13:18 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b19b24ee-b07e-11e1-a378-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.06.07 12:13:18 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b19b24ee-b07e-11e1-a378-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.05.27 19:13:00 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bb7a74c3-a81d-11e1-9028-00016c66967c}.TM.blf
[2012.05.27 19:13:00 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bb7a74c3-a81d-11e1-9028-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.05.27 19:13:00 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bb7a74c3-a81d-11e1-9028-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.07.12 11:33:47 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bbcba591-cbfc-11e1-8138-00016c66967c}.TM.blf
[2012.07.12 11:33:47 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bbcba591-cbfc-11e1-8138-00016c66967c}.TMContainer00000000000000000001.regtrans-ms
[2012.07.12 11:33:47 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bbcba591-cbfc-11e1-8138-00016c66967c}.TMContainer00000000000000000002.regtrans-ms
[2012.03.25 12:39:27 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{e174c102-765b-11e1-ae7c-bc0543001744}.TM.blf
[2012.03.25 12:39:27 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{e174c102-765b-11e1-ae7c-bc0543001744}.TMContainer00000000000000000001.regtrans-ms
[2012.03.25 12:39:27 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{e174c102-765b-11e1-ae7c-bc0543001744}.TMContainer00000000000000000002.regtrans-ms
[2012.03.11 17:34:08 | 000,000,020 | -HS- | M] () -- C:\Users\Admin Lukas\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 26.07.2012 18:00:12 - Run 1
OTL by OldTimer - Version 3.2.54.1     Folder = C:\Users\Lukas.Lukas_Systea\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,60% Memory free
8,00 Gb Paging File | 6,72 Gb Available in Paging File | 84,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,17 Gb Total Space | 459,74 Gb Free Space | 77,12% Space Free | Partition Type: NTFS
Drive D: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: LUKAS_SYSTEA | User Name: Admin Lukas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0242D18C-9A6C-4630-8781-C9E59AB925C8}" = rport=137 | protocol=17 | dir=out | app=system | 
"{14DC7B64-FA09-48BF-BD15-593549553AC0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{186B21DE-1258-43FA-8EDC-83CCFDE89ED9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1AA46288-CCDA-46B4-B975-2EA4502AB6B5}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{1F2DC46D-6627-423C-BF9A-873DFAA85C61}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{203807FC-1294-44DA-9C7D-7E8ABDB7132E}" = lport=138 | protocol=17 | dir=in | app=system | 
"{22C99491-4258-4E97-B025-3CE8E94A511B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2BB99F10-301B-4F55-A8C0-8A11349FABE4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2C135EA8-6BA4-448B-A355-2A6C9EDCF5F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2DD1870C-29C1-461D-91FF-075C7B4A5F4C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{2F3F6574-7321-45CE-A70E-C3A2863A251F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{382C0702-47EB-46E1-B744-8084AF450AA3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5099F0E4-B77A-465C-97FD-2721D3CF20BB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{51D8B2E1-B623-4E2B-BE05-E7A7F8DDFBC7}" = rport=139 | protocol=6 | dir=out | app=system | 
"{5750EF49-0864-467F-9979-C9DCDE6AD1C8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{58D2E14F-C8B4-4CDE-BB2A-C8DA91B17C5C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{61558C20-4CD9-4355-AB48-B217920F0417}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{62056EEC-A035-4CAD-AFDB-2025D6C6E834}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{64FC169F-34AC-4977-B92F-05BA05371D73}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{6564CDB4-BC77-4BEF-9E10-74431FC448C5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{66E30F8C-76CD-43D9-8454-43986ECDBBC3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{67852B54-E790-4565-A0F8-A6D25F8303C7}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{69575FB9-6FCF-4BB0-9411-85C27002660E}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6BF7DF00-0442-494F-8246-A22742467C31}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7707B34D-0872-49E7-9365-F0F636F53C2B}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{7816C9CA-8CD8-4111-82B9-10D23B1300F9}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{85E5C467-5566-4B35-A18D-EEFFA574A8C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8E8AFFC4-BE2D-49ED-8EF8-BC2F6B03F0E1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{94C26438-75EA-41CA-8020-57528A2282BD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{968D9E0F-FD73-47F5-9823-1FD7AE4241D1}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{9709C8E0-E911-4FEA-B636-38318A24ACC7}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9ECC6487-5CB1-4B9B-A15F-0E885419051F}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{9F26BCD5-D1A3-469F-A12D-D17EF9E39673}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{B29A408B-01AA-44FF-8E4C-A0480B40708E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B4C06FEE-6B8C-4F8A-A109-4FA27AEBABE6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B61B35AF-1F4D-47D9-A3FB-F9544D7B5F5F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{B6ECE9BA-0DE1-42CE-97A5-CFB703845CA9}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{B87B6E08-5539-4AA8-8114-4C6E636B8AD1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BC99222D-31FE-4503-8EBE-2400AE0B718C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C32B41AA-DF62-4DF3-9095-EC05A4A5BD70}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C82DF218-45BE-4CC6-8642-115672CDFD33}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CD0AB130-4886-4BD4-944F-7A8C0495BB9A}" = rport=445 | protocol=6 | dir=out | app=system | 
"{CF4B3112-1C62-493D-AF27-EEAF28147C89}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DCD9F295-F4F0-4066-B885-1167181445E0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DE13EAE4-9255-43B3-9907-7D660E71055B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E9518E0D-A9CC-4DF3-9799-1B84EC0170DC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EFCE9BBE-A5A9-4CCA-9716-C10C3A522698}" = lport=137 | protocol=17 | dir=in | app=system | 
"{FD80811A-E9D6-4321-BAA5-56DC1A5D4EDD}" = lport=10244 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013832C6-A61B-495E-9A84-0B334E49F203}" = protocol=17 | dir=in | app=c:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe | 
"{0484AD28-16B6-4E77-9EBC-3DE816164091}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{06B76CD1-74BF-4A18-B865-B7271E666CE9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{08AE73B9-4376-4E16-BA09-E740FE41AF7B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{14A3F62E-74BF-4439-8BC6-C7221B33FE2A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{14EB3C3D-391B-48C9-95C6-0E9402C447D5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\max payne 3 multiplayer\smp.exe | 
"{17772A31-6552-4BA8-A39F-FA5EDC9048CC}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | 
"{192AF52D-761E-4C45-B5D8-49106CA97CFE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{2077D279-6366-4FA2-898B-0A73032B4093}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{21753509-7B12-4E65-8F28-D1ED3F65D251}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{2689D473-11AE-492C-9DE0-1DB116182F6D}" = protocol=6 | dir=in | app=c:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe | 
"{276BA18B-FD4D-4E51-8877-99AD00A86452}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{2BF0611B-1917-4A79-9469-5BF62F512089}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{2C21762D-7B7E-49E5-9EC6-A43C5A807DB6}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{2C4BC87E-B90C-4AE2-A03A-C9D5D98B442D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{2CC204E1-F493-4C71-A1D7-395DA8D1D209}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{30E53A20-DC8B-4948-91B9-EB6D066C3CC1}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{32C7F9EC-B617-4AAD-B5F9-3396BEE6DC54}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{351E8EFB-5B1F-480C-AA63-13D2ED4AEC5D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{37858640-31E4-4846-9DE3-EE21887367AB}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | 
"{3981A0F5-B42A-4B90-8990-24A39EE4E54A}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{4356381A-8730-45BE-8108-E542FD965280}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{463BFBD7-2D95-4E33-955E-9D0413CFF94D}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{48CF8C07-70AE-48EB-B1B6-75D6B3926248}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{5165E39A-F39D-46D2-B993-FBBA8B2B973C}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{5298437C-52E9-42BA-89CE-5825235D0498}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{57214651-9448-4E7E-8880-046AF2DC1E5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{5E15DCED-6890-40C2-AC88-3BE52FBF3D03}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{5FAE13F3-B102-4E36-AF10-78B53C301692}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{63DE05C9-9949-4CEC-911A-40E25845802F}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{648A2480-EFF5-49BA-BA4A-A493047F2E02}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6A4EEB22-43B3-4C0E-9967-C362EBDDC4EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{6C1FEF7C-6812-4220-9543-7BE5532677AF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{6D17BBC7-B056-48F5-88CE-5D7FEA035FB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\max payne 3 multiplayer\smp.exe | 
"{70295505-390E-48E4-A0A6-8A5CB5D159CA}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{7351F74E-76AD-48C6-843F-7A3F67D6683C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{74ED7C31-E013-467F-8958-1DFDCE60BAFA}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{7AEE7B6E-6793-4DA2-BED3-7DFD13C60521}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7B04FF2D-856D-425D-9867-7C2F6666C10E}" = protocol=17 | dir=in | app=c:\users\admin\appdata\local\apps\2.0\7j43b0b1.jlt\5k9d8nmm.8kb\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{7DB0ADD6-C503-4C8E-8A0F-F6D4AF18D742}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{823E5993-0361-40B7-A056-77BDDA264DB8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{83B97D32-068B-4463-9B74-5D593FF77210}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | 
"{88554DEF-F7EA-47DC-BF96-A2781516C27B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{88D646A0-8A2B-4A12-8151-5573062C131F}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{8CA4A8CB-024D-41FF-A0EA-B061B42FDDED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{91AD276D-8F99-4655-AEB1-52ABCAA1FE66}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{92FA3BAB-9726-4B64-9F4F-BD507172E525}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{98BCE1F0-1FD9-4D93-ACA1-1AD7B4823C13}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{9960DB47-1003-4528-A241-24315F891B16}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | 
"{9B94D1C4-E2C5-4CC2-A2AF-DF42A266F9B5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9FE885B7-EB77-4718-A109-5FCB51895EE8}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{A29EC732-C3B0-4BAF-B361-BD7FD7E0E815}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A367843F-88D1-4AFE-8200-A9C92B24479E}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{A64AA7DA-1D3B-4EBC-98F3-F9230D849BE9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{B0D1349C-A699-4AF2-ACAD-E5BC8AAA861E}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{B28F732F-98B1-48B5-ABA7-DA3BEEC75DEF}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{B3D20628-5BA3-4B5F-B194-371FCEE1D4C5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{B5F2EC9A-8B9D-496E-922B-6999CA9C9D2C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{B98B0579-E3E0-4CC7-98F3-50E55A13D342}" = protocol=6 | dir=in | app=c:\users\admin\appdata\local\apps\2.0\7j43b0b1.jlt\5k9d8nmm.8kb\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{BAAB3AFB-2D4C-4F90-891E-A0190F1F6349}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{BD0B480A-6D7A-41A5-9DBC-C08DA51650C4}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{BF5D96B7-3500-43C3-8978-2EAEA9636351}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{C3EDC5E9-EAE0-462E-8814-25F4753FDB7C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{C4927691-C058-47B1-99D3-D9CD004FDD76}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{C849410F-E6DF-427D-A01A-0F053AE9E6F4}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | 
"{C8787BA3-8ABD-454D-B5DE-077FC6DC89AD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CC1C026B-2585-469B-AED3-A612B29225BE}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{CC44C65A-02D0-469D-8BF4-B05F6D3A34A3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{CE00E1CE-F6FB-4F2C-88A1-0D4BA07D1D35}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{CE771EDF-E7F1-4F14-BE7E-55035D95C151}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{D2B86AB5-BF63-4B5F-B146-3169C6A64E84}" = protocol=6 | dir=out | app=system | 
"{D674B8D7-7432-4DD6-8954-B62744842E41}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DBD72C3C-7D60-4DD1-9447-E4D38AAC04BF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DF4DA9EF-D04A-4C59-9E79-D153694532ED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike go - intro trailer\smp.exe | 
"{DFC9479A-3CCC-4613-BCA6-AE72BF1FE391}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{E140154C-80E9-4C1F-AEE2-58766D960497}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{E8675A2F-0457-428D-9E0C-5697701BBAF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EA30215D-3418-4337-8022-0F797CEF2DEF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{F340420E-9076-4798-AF4F-6F88FE73CECF}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | 
"{F6F17DA3-7461-4A06-AE68-758B7109FE71}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike go - intro trailer\smp.exe | 
"{F8C71E52-1A2E-4029-87D4-388DB3F4813E}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{FE4C4F00-83D6-4A86-A723-E503CC12410F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{0A0B8275-D4EE-4585-95B4-178F94339099}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{219253EB-FF12-47AB-879E-B890E77C71C9}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{2D05DE9C-0354-4484-BFFF-A5095893E743}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{315A4732-428E-4A47-810E-3CB53D25BD50}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | 
"TCP Query User{4D152872-C5F9-4F99-B148-4CF63E4608E1}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"TCP Query User{703540BD-6306-4E3D-9A6F-EB454C184B2E}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"TCP Query User{81CFFD23-583B-4606-AC40-F7D04FED6283}C:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe" = protocol=6 | dir=in | app=c:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe | 
"TCP Query User{8E0A62E8-93FB-4334-A24A-903B49544DF7}C:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe" = protocol=6 | dir=in | app=c:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe | 
"TCP Query User{99329BB9-9E80-4D8D-BC98-F9C858FB3204}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{B8475BDF-7A9B-476C-86B1-823E7C3581DA}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"TCP Query User{D232F5CF-32C1-481E-845B-9AAC8CA83EA1}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | 
"TCP Query User{E339AC09-49E3-42AA-811E-891A7C2650BA}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"TCP Query User{F5378015-B8EB-41B6-8627-F4043E827DA6}C:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{1977EB69-296E-4408-A863-774B86EB0174}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{258E85DC-99EE-45D8-B4F0-75572B90FD98}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{2595EFAC-6E87-4729-88EE-AFB850CDA81F}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | 
"UDP Query User{441776AD-627E-4845-BD49-D96E109A8FAE}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | 
"UDP Query User{456EADC3-4D92-4923-A16F-12BE7ED54C86}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"UDP Query User{5EEBA202-E481-4B48-97B5-56D852F0CDA1}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{63363A81-85FF-4E1E-9124-C23914F53939}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{6B39349A-D211-478F-8CB0-300EC136D276}C:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe" = protocol=17 | dir=in | app=c:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe | 
"UDP Query User{6E0DCAE8-4EFD-431D-B0BD-30E90835BB5A}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"UDP Query User{74C6EFEC-412A-41F6-BF32-992D2C7A3932}C:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe" = protocol=17 | dir=in | app=c:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe | 
"UDP Query User{B7E7E716-968E-4D31-8787-0408407EE8F7}C:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{DD9B5C30-42DF-4B49-A58B-2A6C9698E5D6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{F875B0ED-8407-4B81-BA98-E517EA2F3CA3}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{576A97E3-1A79-6215-49DE-AA358AF47420}" = ATI Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{AF51A2B6-3AAF-46C5-36A7-0E78B2D23E3E}" = ccc-utility64
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E6456858-8C0C-35CE-96B8-AFFCD205C9FC}" = AMD Drag and Drop Transcoding
"{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024FDD4C-B4EE-4CFC-696F-9A36B3BE4D41}" = Catalyst Control Center Graphics Previews Vista
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BC432D-819E-86AF-74A9-0622CAD08767}" = Catalyst Control Center Graphics Previews Common
"{0A477437-2307-018D-3F3A-AFBDE1D4FF7A}" = Catalyst Control Center HydraVision Full
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = MOUSE Editor
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3B2146CF-546D-4D29-8234-BEC69707F168}" = OnlineCounter
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C2739CB-9E0F-8E06-F315-25F9E9AB2763}" = CCC Help English
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43FC4C9A-9D17-9CAB-FA69-6588AFA5A1B2}" = Catalyst Control Center Core Implementation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1" = Free Mouse Auto Clicker 3.0
"{828CFF5D-054C-D04A-3CB1-0788828CA236}" = Catalyst Control Center Graphics Light
"{85B0B11F-7EA3-D9DE-BB18-1B52CE1A3E3B}" = Catalyst Control Center Graphics Full Existing
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EEA0ED5-CB59-2F06-84A7-3F7B241521B8}" = Catalyst Control Center InstallProxy
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CF9041ED-60C9-36ED-9DB9-F55AAD993865}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{DF9B7D24-4C6E-C773-3E58-D2FEF49ADD74}" = ccc-core-static
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7382773-CBE8-33A9-862E-C2337CD0F359}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{EAD931B5-129D-2A7E-9FD2-522BF504EAF4}" = Catalyst Control Center Graphics Full New
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface
"AudioCS" = Creative Audio-Systemsteuerung
"Aurora 12.0a2 (x86 de)" = Aurora 12.0a2 (x86 de)
"AVMWLANCLI" = AVM FRITZ!WLAN
"Combat Arms EU" = Combat Arms EU
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"EPSON Scanner" = EPSON Scan
"Fraps" = Fraps (remove only)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = MOUSE Editor
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotoScape" = PhotoScape
"PROHYBRIDR" = 2007 Microsoft Office system
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 28.06.2012 03:29:37 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.06.2012 03:29:37 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.06.2012 03:29:37 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.06.2012 03:29:38 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.06.2012 03:29:38 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.06.2012 06:01:57 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 28.06.2012 06:02:08 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.06.2012 06:02:08 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.06.2012 06:02:08 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.06.2012 06:02:08 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ Media Center Events ]
Error - 12.07.2012 18:05:46 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 00:05:46 - Fehler beim Herstellen der Internetverbindung.  00:05:46 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 12.07.2012 18:05:52 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 00:05:51 - Fehler beim Herstellen der Internetverbindung.  00:05:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 12.07.2012 21:44:37 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 03:44:37 - Fehler beim Herstellen der Internetverbindung.  03:44:37 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 12.07.2012 21:44:43 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 03:44:42 - Fehler beim Herstellen der Internetverbindung.  03:44:42 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 12.07.2012 22:44:48 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 04:44:48 - Fehler beim Herstellen der Internetverbindung.  04:44:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 12.07.2012 22:44:54 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 04:44:53 - Fehler beim Herstellen der Internetverbindung.  04:44:53 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 12.07.2012 23:44:58 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 05:44:58 - Fehler beim Herstellen der Internetverbindung.  05:44:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 12.07.2012 23:45:04 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 05:45:03 - Fehler beim Herstellen der Internetverbindung.  05:45:03 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.07.2012 00:45:08 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 06:45:08 - Fehler beim Herstellen der Internetverbindung.  06:45:08 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.07.2012 00:45:14 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 06:45:13 - Fehler beim Herstellen der Internetverbindung.  06:45:13 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 18.06.2012 00:49:08 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.127.2148.0     Aktualisierungsquelle: 
%%859     Aktualisierungsphase: %%852     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: 
%%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:
      Vorherige Modulversion: 1.1.8403.0     Fehlercode: 0x80244019     Fehlerbeschreibung: Unerwartetes
 Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates
 oder zur Problembehandlung finden Sie unter "Hilfe und Support". 
 
Error - 24.06.2012 07:32:36 | Computer Name = Lukas_Systea | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
 
Error - 25.06.2012 14:51:06 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.129.379.0     Aktualisierungsquelle: %%859

	Aktualisierungsphase:
 %%853     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: %%800     Aktualisierungstyp: %%803

	Benutzer:
 NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:      Vorherige Modulversion: 1.1.8502.0     Fehlercode:
 0x8024001e     Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
 Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
 unter "Hilfe und Support". 
 
Error - 25.06.2012 14:51:06 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.129.379.0     Aktualisierungsquelle: %%859

	Aktualisierungsphase:
 %%853     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: %%800     Aktualisierungstyp: %%803

	Benutzer:
 NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:      Vorherige Modulversion: 1.1.8502.0     Fehlercode:
 0x8024001e     Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
 Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
 unter "Hilfe und Support". 
 
Error - 27.06.2012 10:57:11 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.129.469.0     Aktualisierungsquelle: %%859

	Aktualisierungsphase:
 %%853     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: %%800     Aktualisierungstyp: %%803

	Benutzer:
 NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:      Vorherige Modulversion: 1.1.8502.0     Fehlercode:
 0x80240022     Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen
 ist nicht möglich. 
 
Error - 27.06.2012 10:57:11 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.129.469.0     Aktualisierungsquelle: %%859

	Aktualisierungsphase:
 %%853     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: %%800     Aktualisierungstyp: %%803

	Benutzer:
 NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:      Vorherige Modulversion: 1.1.8502.0     Fehlercode:
 0x80240022     Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen
 ist nicht möglich. 
 
Error - 27.06.2012 15:38:05 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.129.469.0     Aktualisierungsquelle: %%859

	Aktualisierungsphase:
 %%852     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: %%800     Aktualisierungstyp: %%803

	Benutzer:
 NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:      Vorherige Modulversion: 1.1.8502.0     Fehlercode:
 0x80244019     Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
 Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
 unter "Hilfe und Support". 
 
Error - 28.06.2012 03:33:16 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.129.469.0     Aktualisierungsquelle: %%859

	Aktualisierungsphase:
 %%852     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: %%800     Aktualisierungstyp: %%803

	Benutzer:
 NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:      Vorherige Modulversion: 1.1.8502.0     Fehlercode:
 0x80244019     Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
 Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
 unter "Hilfe und Support". 
 
Error - 01.07.2012 05:57:59 | Computer Name = Lukas_Systea | Source = BROWSER | ID = 8032
Description = 
 
Error - 03.07.2012 05:51:13 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.129.793.0     Aktualisierungsquelle: %%859

	Aktualisierungsphase:
 %%852     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: %%800     Aktualisierungstyp: %%803

	Benutzer:
 NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:      Vorherige Modulversion: 1.1.8502.0     Fehlercode:
 0x8024402c     Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
 Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
 unter "Hilfe und Support". 
 
 
< End of report >
         
--- --- ---
__________________

Alt 26.07.2012, 18:58   #4
markusg
/// Malware-holic
 
Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus - Standard

Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus



download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.07.2012, 21:24   #5
itzpink
 
Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus - Standard

Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus



Sooo hier das war jezt Kaspersky TDSSKiller Hab überall skip ausgewählt dann continue und dann auf report das kam raus

22:19:59.0402 4504 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:19:59.0749 4504 ============================================================
22:19:59.0749 4504 Current date / time: 2012/07/26 22:19:59.0749
22:19:59.0749 4504 SystemInfo:
22:19:59.0749 4504
22:19:59.0749 4504 OS Version: 6.1.7600 ServicePack: 0.0
22:19:59.0749 4504 Product type: Workstation
22:19:59.0749 4504 ComputerName: LUKAS_SYSTEA
22:19:59.0750 4504 UserName: Admin Lukas
22:19:59.0750 4504 Windows directory: C:\Windows
22:19:59.0750 4504 System windows directory: C:\Windows
22:19:59.0750 4504 Running under WOW64
22:19:59.0750 4504 Processor architecture: Intel x64
22:19:59.0750 4504 Number of processors: 4
22:19:59.0750 4504 Page size: 0x1000
22:19:59.0750 4504 Boot type: Normal boot
22:19:59.0750 4504 ============================================================
22:20:02.0176 4504 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:20:02.0268 4504 ============================================================
22:20:02.0268 4504 \Device\Harddisk0\DR0:
22:20:02.0268 4504 MBR partitions:
22:20:02.0268 4504 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856E82
22:20:02.0268 4504 ============================================================
22:20:02.0270 4504 C: <-> \Device\Harddisk0\DR0\Partition0
22:20:02.0270 4504 ============================================================
22:20:02.0270 4504 Initialize success
22:20:02.0270 4504 ============================================================
22:21:02.0569 5288 ============================================================
22:21:02.0569 5288 Scan started
22:21:02.0569 5288 Mode: Manual; SigCheck; TDLFS;
22:21:02.0569 5288 ============================================================
22:21:03.0505 5288 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
22:21:03.0615 5288 1394ohci - ok
22:21:03.0693 5288 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
22:21:03.0708 5288 ACPI - ok
22:21:03.0739 5288 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
22:21:03.0833 5288 AcpiPmi - ok
22:21:03.0973 5288 AcrSch2Svc (b8659553b6ab4bf34a3cc113a144dee3) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
22:21:04.0036 5288 AcrSch2Svc - ok
22:21:04.0145 5288 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:21:04.0161 5288 AdobeARMservice - ok
22:21:04.0301 5288 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:21:04.0332 5288 AdobeFlashPlayerUpdateSvc - ok
22:21:04.0457 5288 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:21:04.0488 5288 adp94xx - ok
22:21:04.0535 5288 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:21:04.0582 5288 adpahci - ok
22:21:04.0629 5288 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:21:04.0660 5288 adpu320 - ok
22:21:04.0691 5288 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:21:04.0878 5288 AeLookupSvc - ok
22:21:04.0941 5288 afcdp (d9a76e6e541e2e61c78140b65db63e6a) C:\Windows\system32\DRIVERS\afcdp.sys
22:21:04.0972 5288 afcdp - ok
22:21:05.0237 5288 afcdpsrv (8b333e7ff3147a63b15975b512364466) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
22:21:05.0315 5288 afcdpsrv - ok
22:21:05.0455 5288 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
22:21:05.0549 5288 AFD - ok
22:21:05.0596 5288 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
22:21:05.0611 5288 agp440 - ok
22:21:05.0955 5288 Akamai (29584f02a43e427c4227e3b1d9ff1b22) C:/Program Files (x86)/Common Files/Akamai/netsession_win_4f7fccd.dll
22:21:06.0079 5288 Akamai - ok
22:21:06.0189 5288 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:21:06.0251 5288 ALG - ok
22:21:06.0282 5288 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
22:21:06.0313 5288 aliide - ok
22:21:06.0360 5288 AMD External Events Utility (caa6ed31c6da3c505a684162b3492166) C:\Windows\system32\atiesrxx.exe
22:21:06.0469 5288 AMD External Events Utility - ok
22:21:06.0501 5288 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
22:21:06.0516 5288 amdide - ok
22:21:06.0579 5288 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:21:06.0641 5288 AmdK8 - ok
22:21:07.0062 5288 amdkmdag (cc0b8b1912967d429c4a2d2bd7a9e52d) C:\Windows\system32\DRIVERS\atikmdag.sys
22:21:07.0218 5288 amdkmdag - ok
22:21:07.0327 5288 amdkmdap (b855c99c23a57edeca29f49a3210b95c) C:\Windows\system32\DRIVERS\atikmpag.sys
22:21:07.0405 5288 amdkmdap - ok
22:21:07.0468 5288 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:21:07.0530 5288 AmdPPM - ok
22:21:07.0593 5288 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\DRIVERS\amdsata.sys
22:21:07.0624 5288 amdsata - ok
22:21:07.0686 5288 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:21:07.0717 5288 amdsbs - ok
22:21:07.0733 5288 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\DRIVERS\amdxata.sys
22:21:07.0749 5288 amdxata - ok
22:21:07.0795 5288 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
22:21:07.0905 5288 AppID - ok
22:21:07.0920 5288 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:21:08.0014 5288 AppIDSvc - ok
22:21:08.0045 5288 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
22:21:08.0107 5288 Appinfo - ok
22:21:08.0217 5288 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:21:08.0232 5288 Apple Mobile Device - ok
22:21:08.0263 5288 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:21:08.0295 5288 arc - ok
22:21:08.0310 5288 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:21:08.0341 5288 arcsas - ok
22:21:08.0357 5288 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:21:08.0451 5288 AsyncMac - ok
22:21:08.0497 5288 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
22:21:08.0529 5288 atapi - ok
22:21:08.0685 5288 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\Windows\system32\drivers\AtiHdmi.sys
22:21:08.0716 5288 AtiHdmiService - ok
22:21:08.0763 5288 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:21:08.0825 5288 AudioEndpointBuilder - ok
22:21:08.0841 5288 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:21:08.0903 5288 AudioSrv - ok
22:21:08.0965 5288 AVM WLAN Connection Service (d1a9ae485fff7c72ca50d8949b2210b9) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
22:21:09.0184 5288 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
22:21:09.0184 5288 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
22:21:09.0215 5288 avmaudio (bd39d7cfd9d6a73396b618113a8e8d57) C:\Windows\system32\DRIVERS\avmaudio.sys
22:21:09.0277 5288 avmaudio - ok
22:21:09.0309 5288 avmeject (1dc2f715792cf33428ad7993acbd224d) C:\Windows\system32\drivers\avmeject.sys
22:21:09.0340 5288 avmeject - ok
22:21:09.0355 5288 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
22:21:09.0449 5288 AxInstSV - ok
22:21:09.0511 5288 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:21:09.0558 5288 b06bdrv - ok
22:21:09.0621 5288 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:21:09.0667 5288 b57nd60a - ok
22:21:09.0792 5288 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:21:09.0823 5288 BBSvc - ok
22:21:09.0870 5288 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:21:09.0901 5288 BBUpdate - ok
22:21:09.0948 5288 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:21:10.0011 5288 BDESVC - ok
22:21:10.0026 5288 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:21:10.0089 5288 Beep - ok
22:21:10.0182 5288 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
22:21:10.0276 5288 BFE - ok
22:21:10.0369 5288 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
22:21:10.0479 5288 BITS - ok
22:21:10.0541 5288 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:21:10.0588 5288 blbdrive - ok
22:21:10.0713 5288 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:21:10.0744 5288 Bonjour Service - ok
22:21:10.0791 5288 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
22:21:10.0869 5288 bowser - ok
22:21:10.0915 5288 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:21:10.0962 5288 BrFiltLo - ok
22:21:10.0978 5288 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:21:10.0993 5288 BrFiltUp - ok
22:21:11.0040 5288 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
22:21:11.0103 5288 Browser - ok
22:21:11.0165 5288 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:21:11.0243 5288 Brserid - ok
22:21:11.0274 5288 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:21:11.0305 5288 BrSerWdm - ok
22:21:11.0352 5288 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:21:11.0383 5288 BrUsbMdm - ok
22:21:11.0399 5288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:21:11.0461 5288 BrUsbSer - ok
22:21:11.0508 5288 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:21:11.0539 5288 BTHMODEM - ok
22:21:11.0571 5288 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:21:11.0617 5288 bthserv - ok
22:21:11.0649 5288 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:21:11.0711 5288 cdfs - ok
22:21:11.0758 5288 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
22:21:11.0805 5288 cdrom - ok
22:21:11.0836 5288 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:21:11.0914 5288 CertPropSvc - ok
22:21:11.0976 5288 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:21:12.0023 5288 circlass - ok
22:21:12.0054 5288 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:21:12.0085 5288 CLFS - ok
22:21:12.0163 5288 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:21:12.0179 5288 clr_optimization_v2.0.50727_32 - ok
22:21:12.0241 5288 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:21:12.0257 5288 clr_optimization_v2.0.50727_64 - ok
22:21:12.0351 5288 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:21:12.0382 5288 clr_optimization_v4.0.30319_32 - ok
22:21:12.0397 5288 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:21:12.0429 5288 clr_optimization_v4.0.30319_64 - ok
22:21:12.0460 5288 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:21:12.0491 5288 CmBatt - ok
22:21:12.0491 5288 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
22:21:12.0507 5288 cmdide - ok
22:21:12.0569 5288 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
22:21:12.0616 5288 CNG - ok
22:21:12.0647 5288 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:21:12.0663 5288 Compbatt - ok
22:21:12.0694 5288 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:21:12.0741 5288 CompositeBus - ok
22:21:12.0772 5288 COMSysApp - ok
22:21:12.0803 5288 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:21:12.0834 5288 crcdisk - ok
22:21:12.0897 5288 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
22:21:12.0928 5288 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
22:21:12.0928 5288 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
22:21:12.0990 5288 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
22:21:13.0037 5288 CryptSvc - ok
22:21:13.0099 5288 CTAudSvcService (69cdba2b9c397e349a04fa70dd9170a2) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
22:21:13.0240 5288 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
22:21:13.0255 5288 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
22:21:13.0333 5288 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:21:13.0411 5288 DcomLaunch - ok
22:21:13.0474 5288 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:21:13.0552 5288 defragsvc - ok
22:21:13.0661 5288 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
22:21:13.0755 5288 DfsC - ok
22:21:13.0911 5288 dgderdrv (def365f0f6e017888c4b869d3ba4b8e0) C:\Windows\system32\drivers\dgderdrv.sys
22:21:13.0957 5288 dgderdrv - ok
22:21:13.0989 5288 dgdersvc (bc3c53000adcd440f1b23e46dac302ef) C:\Windows\system32\dgdersvc.exe
22:21:14.0020 5288 dgdersvc - ok
22:21:14.0067 5288 dg_ssudbus (113212d25d0c9bb8901a9833774da97f) C:\Windows\system32\DRIVERS\ssudbus.sys
22:21:14.0082 5288 dg_ssudbus - ok
22:21:14.0129 5288 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
22:21:14.0223 5288 Dhcp - ok
22:21:14.0269 5288 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:21:14.0347 5288 discache - ok
22:21:14.0394 5288 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:21:14.0425 5288 Disk - ok
22:21:14.0457 5288 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
22:21:14.0535 5288 Dnscache - ok
22:21:14.0581 5288 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
22:21:14.0691 5288 dot3svc - ok
22:21:14.0737 5288 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
22:21:14.0815 5288 DPS - ok
22:21:14.0847 5288 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:21:14.0862 5288 drmkaud - ok
22:21:14.0956 5288 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
22:21:15.0018 5288 DXGKrnl - ok
22:21:15.0065 5288 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
22:21:15.0127 5288 E1G60 - ok
22:21:15.0159 5288 EagleX64 - ok
22:21:15.0174 5288 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:21:15.0268 5288 EapHost - ok
22:21:15.0502 5288 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:21:15.0611 5288 ebdrv - ok
22:21:15.0736 5288 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
22:21:15.0814 5288 EFS - ok
22:21:15.0907 5288 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
22:21:15.0985 5288 ehRecvr - ok
22:21:16.0032 5288 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:21:16.0126 5288 ehSched - ok
22:21:16.0204 5288 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:21:16.0235 5288 elxstor - ok
22:21:16.0266 5288 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
22:21:16.0329 5288 ErrDev - ok
22:21:16.0407 5288 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:21:16.0500 5288 EventSystem - ok
22:21:16.0563 5288 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:21:16.0656 5288 exfat - ok
22:21:16.0687 5288 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:21:16.0765 5288 fastfat - ok
22:21:16.0828 5288 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
22:21:16.0937 5288 Fax - ok
22:21:16.0968 5288 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:21:16.0999 5288 fdc - ok
22:21:17.0031 5288 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:21:17.0124 5288 fdPHost - ok
22:21:17.0155 5288 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:21:17.0233 5288 FDResPub - ok
22:21:17.0265 5288 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:21:17.0280 5288 FileInfo - ok
22:21:17.0296 5288 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:21:17.0374 5288 Filetrace - ok
22:21:17.0405 5288 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:21:17.0436 5288 flpydisk - ok
22:21:17.0467 5288 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
22:21:17.0499 5288 FltMgr - ok
22:21:17.0592 5288 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
22:21:17.0701 5288 FontCache - ok
22:21:17.0764 5288 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:21:17.0779 5288 FontCache3.0.0.0 - ok
22:21:17.0811 5288 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:21:17.0842 5288 FsDepends - ok
22:21:17.0889 5288 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys
22:21:17.0904 5288 fssfltr - ok
22:21:18.0029 5288 fsssvc (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:21:18.0076 5288 fsssvc - ok
22:21:18.0107 5288 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
22:21:18.0123 5288 Fs_Rec - ok
22:21:18.0169 5288 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:21:18.0201 5288 fvevol - ok
22:21:18.0263 5288 FWLANUSB (444534cba693dd23c1cc589681e01656) C:\Windows\system32\DRIVERS\fwlanusb.sys
22:21:18.0341 5288 FWLANUSB - ok
22:21:18.0357 5288 FXDrv32 - ok
22:21:18.0403 5288 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:21:18.0419 5288 gagp30kx - ok
22:21:18.0466 5288 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:21:18.0481 5288 GEARAspiWDM - ok
22:21:18.0559 5288 GhosteryStatsUpdater (4ad91cd1ba64e5e3f9ff0fc64676e853) C:\Users\Admin\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe
22:21:18.0653 5288 GhosteryStatsUpdater ( UnsignedFile.Multi.Generic ) - warning
22:21:18.0653 5288 GhosteryStatsUpdater - detected UnsignedFile.Multi.Generic (1)
22:21:18.0731 5288 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
22:21:18.0809 5288 gpsvc - ok
22:21:18.0840 5288 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:21:18.0887 5288 hcw85cir - ok
22:21:18.0965 5288 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
22:21:19.0027 5288 HdAudAddService - ok
22:21:19.0074 5288 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:21:19.0121 5288 HDAudBus - ok
22:21:19.0168 5288 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:21:19.0215 5288 HidBatt - ok
22:21:19.0246 5288 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:21:19.0293 5288 HidBth - ok
22:21:19.0339 5288 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:21:19.0371 5288 HidIr - ok
22:21:19.0417 5288 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:21:19.0495 5288 hidserv - ok
22:21:19.0558 5288 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
22:21:19.0589 5288 HidUsb - ok
22:21:19.0620 5288 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
22:21:19.0698 5288 hkmsvc - ok
22:21:19.0745 5288 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
22:21:19.0792 5288 HomeGroupListener - ok
22:21:19.0839 5288 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
22:21:19.0885 5288 HomeGroupProvider - ok
22:21:19.0917 5288 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
22:21:19.0948 5288 HpSAMD - ok
22:21:20.0026 5288 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
22:21:20.0135 5288 HTTP - ok
22:21:20.0182 5288 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
22:21:20.0197 5288 hwpolicy - ok
22:21:20.0244 5288 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:21:20.0275 5288 i8042prt - ok
22:21:20.0322 5288 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\DRIVERS\iaStorV.sys
22:21:20.0353 5288 iaStorV - ok
22:21:20.0478 5288 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:21:20.0541 5288 idsvc - ok
22:21:20.0556 5288 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:21:20.0587 5288 iirsp - ok
22:21:20.0681 5288 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
22:21:20.0806 5288 IKEEXT - ok
22:21:21.0009 5288 IntcAzAudAddService (e76fdfff07f8a2fa81ff250dda0f6bba) C:\Windows\system32\drivers\RTKVHD64.sys
22:21:21.0087 5288 IntcAzAudAddService - ok
22:21:21.0196 5288 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
22:21:21.0211 5288 intelide - ok
22:21:21.0274 5288 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:21:21.0321 5288 intelppm - ok
22:21:21.0383 5288 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:21:21.0445 5288 IPBusEnum - ok
22:21:21.0492 5288 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:21:21.0539 5288 IpFilterDriver - ok
22:21:21.0586 5288 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
22:21:21.0664 5288 iphlpsvc - ok
22:21:21.0695 5288 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:21:21.0742 5288 IPMIDRV - ok
22:21:21.0757 5288 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:21:21.0804 5288 IPNAT - ok
22:21:21.0945 5288 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
22:21:21.0976 5288 iPod Service - ok
22:21:21.0991 5288 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:21:22.0007 5288 IRENUM - ok
22:21:22.0038 5288 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
22:21:22.0054 5288 isapnp - ok
22:21:22.0085 5288 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
22:21:22.0132 5288 iScsiPrt - ok
22:21:22.0179 5288 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:21:22.0194 5288 kbdclass - ok
22:21:22.0241 5288 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
22:21:22.0288 5288 kbdhid - ok
22:21:22.0319 5288 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:21:22.0335 5288 KeyIso - ok
22:21:22.0366 5288 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
22:21:22.0397 5288 KSecDD - ok
22:21:22.0413 5288 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
22:21:22.0413 5288 KSecPkg - ok
22:21:22.0428 5288 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:21:22.0491 5288 ksthunk - ok
22:21:22.0537 5288 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:21:22.0631 5288 KtmRm - ok
22:21:22.0693 5288 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
22:21:22.0756 5288 LanmanServer - ok
22:21:22.0787 5288 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
22:21:22.0896 5288 LanmanWorkstation - ok
22:21:22.0959 5288 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:21:23.0021 5288 lltdio - ok
22:21:23.0068 5288 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:21:23.0161 5288 lltdsvc - ok
22:21:23.0177 5288 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:21:23.0224 5288 lmhosts - ok
22:21:23.0286 5288 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:21:23.0317 5288 LSI_FC - ok
22:21:23.0349 5288 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:21:23.0380 5288 LSI_SAS - ok
22:21:23.0411 5288 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:21:23.0442 5288 LSI_SAS2 - ok
22:21:23.0473 5288 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:21:23.0520 5288 LSI_SCSI - ok
22:21:23.0536 5288 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:21:23.0614 5288 luafv - ok
22:21:23.0661 5288 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
22:21:23.0692 5288 Mcx2Svc - ok
22:21:23.0723 5288 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:21:23.0739 5288 megasas - ok
22:21:23.0785 5288 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:21:23.0832 5288 MegaSR - ok
22:21:23.0848 5288 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:21:23.0926 5288 MMCSS - ok
22:21:23.0957 5288 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:21:24.0019 5288 Modem - ok
22:21:24.0066 5288 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:21:24.0113 5288 monitor - ok
22:21:24.0160 5288 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:21:24.0191 5288 mouclass - ok
22:21:24.0222 5288 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:21:24.0253 5288 mouhid - ok
22:21:24.0269 5288 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
22:21:24.0285 5288 mountmgr - ok
22:21:24.0347 5288 MozillaMaintenance (12cb039011c1eeec40ec04ceccb76273) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:21:24.0378 5288 MozillaMaintenance - ok
22:21:24.0441 5288 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
22:21:24.0472 5288 MpFilter - ok
22:21:24.0503 5288 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
22:21:24.0550 5288 mpio - ok
22:21:24.0565 5288 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:21:24.0628 5288 mpsdrv - ok
22:21:24.0737 5288 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
22:21:24.0846 5288 MpsSvc - ok
22:21:24.0893 5288 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
22:21:24.0955 5288 MRxDAV - ok
22:21:25.0002 5288 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:21:25.0049 5288 mrxsmb - ok
22:21:25.0080 5288 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:21:25.0111 5288 mrxsmb10 - ok
22:21:25.0158 5288 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:21:25.0205 5288 mrxsmb20 - ok
22:21:25.0236 5288 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
22:21:25.0252 5288 msahci - ok
22:21:25.0267 5288 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
22:21:25.0283 5288 msdsm - ok
22:21:25.0314 5288 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:21:25.0377 5288 MSDTC - ok
22:21:25.0423 5288 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:21:25.0470 5288 Msfs - ok
22:21:25.0486 5288 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:21:25.0564 5288 mshidkmdf - ok
22:21:25.0579 5288 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
22:21:25.0595 5288 msisadrv - ok
22:21:25.0642 5288 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:21:25.0720 5288 MSiSCSI - ok
22:21:25.0735 5288 msiserver - ok
22:21:25.0751 5288 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:21:25.0813 5288 MSKSSRV - ok
22:21:25.0876 5288 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:21:25.0907 5288 MsMpSvc - ok
22:21:25.0923 5288 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:21:25.0985 5288 MSPCLOCK - ok
22:21:26.0001 5288 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:21:26.0032 5288 MSPQM - ok
22:21:26.0063 5288 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
22:21:26.0079 5288 MsRPC - ok
22:21:26.0125 5288 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
22:21:26.0141 5288 mssmbios - ok
22:21:26.0157 5288 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:21:26.0219 5288 MSTEE - ok
22:21:26.0266 5288 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:21:26.0297 5288 MTConfig - ok
22:21:26.0344 5288 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:21:26.0375 5288 Mup - ok
22:21:26.0437 5288 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
22:21:26.0531 5288 napagent - ok
22:21:26.0593 5288 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:21:26.0656 5288 NativeWifiP - ok
22:21:26.0765 5288 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
22:21:26.0812 5288 NDIS - ok
22:21:26.0827 5288 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:21:26.0905 5288 NdisCap - ok
22:21:26.0921 5288 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:21:27.0015 5288 NdisTapi - ok
22:21:27.0030 5288 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
22:21:27.0108 5288 Ndisuio - ok
22:21:27.0155 5288 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:21:27.0217 5288 NdisWan - ok
22:21:27.0233 5288 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
22:21:27.0311 5288 NDProxy - ok
22:21:27.0342 5288 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:21:27.0389 5288 NetBIOS - ok
22:21:27.0420 5288 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
22:21:27.0483 5288 NetBT - ok
22:21:27.0514 5288 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:21:27.0529 5288 Netlogon - ok
22:21:27.0592 5288 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:21:27.0685 5288 Netman - ok
22:21:27.0732 5288 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:21:27.0810 5288 netprofm - ok
22:21:27.0904 5288 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:21:27.0935 5288 NetTcpPortSharing - ok
22:21:27.0997 5288 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:21:28.0013 5288 nfrd960 - ok
22:21:28.0075 5288 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:21:28.0091 5288 NisDrv - ok
22:21:28.0153 5288 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
22:21:28.0185 5288 NisSrv - ok
22:21:28.0216 5288 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
22:21:28.0278 5288 NlaSvc - ok
22:21:28.0309 5288 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:21:28.0387 5288 Npfs - ok
22:21:28.0403 5288 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:21:28.0481 5288 nsi - ok
22:21:28.0512 5288 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:21:28.0575 5288 nsiproxy - ok
22:21:28.0715 5288 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
22:21:28.0777 5288 Ntfs - ok
22:21:28.0855 5288 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:21:28.0949 5288 Null - ok
22:21:29.0011 5288 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\DRIVERS\nvraid.sys
22:21:29.0058 5288 nvraid - ok
22:21:29.0089 5288 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\DRIVERS\nvstor.sys
22:21:29.0121 5288 nvstor - ok
22:21:29.0167 5288 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
22:21:29.0199 5288 nv_agp - ok
22:21:29.0323 5288 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:21:29.0355 5288 odserv - ok
22:21:29.0386 5288 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
22:21:29.0417 5288 ohci1394 - ok
22:21:29.0479 5288 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:21:29.0511 5288 ose - ok
22:21:29.0651 5288 P17 (edd1dcd36f6115acc6935c3f88ff54d7) C:\Windows\system32\drivers\P17.sys
22:21:29.0713 5288 P17 - ok
22:21:29.0776 5288 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:21:29.0854 5288 p2pimsvc - ok
22:21:29.0916 5288 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:21:29.0947 5288 p2psvc - ok
22:21:30.0010 5288 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:21:30.0025 5288 Parport - ok
22:21:30.0057 5288 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
22:21:30.0088 5288 partmgr - ok
22:21:30.0103 5288 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:21:30.0181 5288 PcaSvc - ok
22:21:30.0213 5288 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
22:21:30.0228 5288 pci - ok
22:21:30.0228 5288 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
22:21:30.0244 5288 pciide - ok
22:21:30.0291 5288 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:21:30.0322 5288 pcmcia - ok
22:21:30.0353 5288 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:21:30.0384 5288 pcw - ok
22:21:30.0415 5288 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:21:30.0493 5288 PEAUTH - ok
22:21:30.0587 5288 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:21:30.0618 5288 PerfHost - ok
22:21:30.0759 5288 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
22:21:30.0852 5288 pla - ok
22:21:30.0930 5288 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
22:21:31.0008 5288 PlugPlay - ok
22:21:31.0024 5288 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:21:31.0055 5288 PNRPAutoReg - ok
22:21:31.0102 5288 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:21:31.0133 5288 PNRPsvc - ok
22:21:31.0195 5288 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
22:21:31.0289 5288 PolicyAgent - ok
22:21:31.0351 5288 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:21:31.0445 5288 Power - ok
22:21:31.0523 5288 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
22:21:31.0632 5288 PptpMiniport - ok
22:21:31.0679 5288 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:21:31.0710 5288 Processor - ok
22:21:31.0804 5288 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
22:21:31.0835 5288 ProfSvc - ok
22:21:31.0882 5288 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:21:31.0897 5288 ProtectedStorage - ok
22:21:31.0944 5288 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
22:21:32.0038 5288 Psched - ok
22:21:32.0147 5288 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:21:32.0194 5288 ql2300 - ok
22:21:32.0303 5288 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:21:32.0334 5288 ql40xx - ok
22:21:32.0381 5288 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:21:32.0459 5288 QWAVE - ok
22:21:32.0490 5288 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:21:32.0537 5288 QWAVEdrv - ok
22:21:32.0553 5288 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:21:32.0631 5288 RasAcd - ok
22:21:32.0693 5288 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:21:32.0755 5288 RasAgileVpn - ok
22:21:32.0771 5288 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:21:32.0849 5288 RasAuto - ok
22:21:32.0880 5288 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:21:32.0989 5288 Rasl2tp - ok
22:21:33.0036 5288 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
22:21:33.0114 5288 RasMan - ok
22:21:33.0130 5288 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:21:33.0177 5288 RasPppoe - ok
22:21:33.0223 5288 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:21:33.0301 5288 RasSstp - ok
22:21:33.0348 5288 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
22:21:33.0426 5288 rdbss - ok
22:21:33.0473 5288 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:21:33.0489 5288 rdpbus - ok
22:21:33.0520 5288 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:21:33.0567 5288 RDPCDD - ok
22:21:33.0582 5288 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:21:33.0660 5288 RDPENCDD - ok
22:21:33.0691 5288 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:21:33.0754 5288 RDPREFMP - ok
22:21:33.0785 5288 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
22:21:33.0863 5288 RDPWD - ok
22:21:33.0894 5288 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
22:21:33.0910 5288 rdyboost - ok
22:21:33.0941 5288 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:21:34.0035 5288 RemoteAccess - ok
22:21:34.0097 5288 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:21:34.0175 5288 RemoteRegistry - ok
22:21:34.0206 5288 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:21:34.0284 5288 RpcEptMapper - ok
22:21:34.0315 5288 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:21:34.0315 5288 RpcLocator - ok
22:21:34.0362 5288 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:21:34.0425 5288 RpcSs - ok
22:21:34.0440 5288 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:21:34.0503 5288 rspndr - ok
22:21:34.0565 5288 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
22:21:34.0596 5288 RTL8167 - ok
22:21:34.0643 5288 RTL8169 (d53c84ec99ab4d78a90001e5ce5386ec) C:\Windows\system32\DRIVERS\Rtlh64.sys
22:21:34.0705 5288 RTL8169 - ok
22:21:34.0737 5288 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:21:34.0752 5288 SamSs - ok
22:21:34.0783 5288 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
22:21:34.0815 5288 sbp2port - ok
22:21:34.0846 5288 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:21:34.0924 5288 SCardSvr - ok
22:21:34.0955 5288 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
22:21:35.0017 5288 scfilter - ok
22:21:35.0111 5288 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
22:21:35.0189 5288 Schedule - ok
22:21:35.0220 5288 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:21:35.0298 5288 SCPolicySvc - ok
22:21:35.0314 5288 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
22:21:35.0376 5288 SDRSVC - ok
22:21:35.0407 5288 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:21:35.0485 5288 secdrv - ok
22:21:35.0501 5288 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
22:21:35.0563 5288 seclogon - ok
22:21:35.0595 5288 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:21:35.0673 5288 SENS - ok
22:21:35.0704 5288 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:21:35.0766 5288 SensrSvc - ok
22:21:35.0813 5288 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:21:35.0860 5288 Serenum - ok
22:21:35.0907 5288 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:21:35.0938 5288 Serial - ok
22:21:35.0969 5288 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:21:36.0016 5288 sermouse - ok
22:21:36.0094 5288 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
22:21:36.0172 5288 SessionEnv - ok
22:21:36.0203 5288 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
22:21:36.0234 5288 sffdisk - ok
22:21:36.0281 5288 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:21:36.0328 5288 sffp_mmc - ok
22:21:36.0375 5288 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
22:21:36.0406 5288 sffp_sd - ok
22:21:36.0437 5288 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:21:36.0484 5288 sfloppy - ok
22:21:36.0515 5288 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:21:36.0593 5288 SharedAccess - ok
22:21:36.0655 5288 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
22:21:36.0733 5288 ShellHWDetection - ok
22:21:36.0765 5288 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:21:36.0796 5288 SiSRaid2 - ok
22:21:36.0827 5288 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:21:36.0858 5288 SiSRaid4 - ok
22:21:36.0936 5288 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:21:36.0967 5288 SkypeUpdate - ok
22:21:36.0999 5288 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:21:37.0092 5288 Smb - ok
22:21:37.0155 5288 snapman (0775cb5147953cce129bc3414740d109) C:\Windows\system32\DRIVERS\snapman.sys
22:21:37.0170 5288 snapman - ok
22:21:37.0201 5288 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:21:37.0217 5288 SNMPTRAP - ok
22:21:37.0233 5288 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:21:37.0233 5288 spldr - ok
22:21:37.0295 5288 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
22:21:37.0389 5288 Spooler - ok
22:21:37.0607 5288 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
22:21:37.0685 5288 sppsvc - ok
22:21:37.0794 5288 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:21:37.0872 5288 sppuinotify - ok
22:21:37.0966 5288 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
22:21:38.0044 5288 srv - ok
22:21:38.0091 5288 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
22:21:38.0122 5288 srv2 - ok
22:21:38.0153 5288 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
22:21:38.0215 5288 srvnet - ok
22:21:38.0262 5288 ssadbus (c1212ba5ab6783191899d194672a5b5c) C:\Windows\system32\DRIVERS\ssadbus.sys
22:21:38.0325 5288 ssadbus - ok
22:21:38.0356 5288 ssadmdfl (eb270596d4117c4306442f36ef2c290e) C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:21:38.0403 5288 ssadmdfl - ok
22:21:38.0449 5288 ssadmdm (e29027dfaec246299d1cf88627c5cbe6) C:\Windows\system32\DRIVERS\ssadmdm.sys
22:21:38.0496 5288 ssadmdm - ok
22:21:38.0559 5288 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:21:38.0652 5288 SSDPSRV - ok
22:21:38.0683 5288 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:21:38.0746 5288 SstpSvc - ok
22:21:38.0808 5288 Steam Client Service - ok
22:21:38.0839 5288 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:21:38.0855 5288 stexstor - ok
22:21:38.0933 5288 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
22:21:38.0980 5288 stisvc - ok
22:21:38.0995 5288 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
22:21:39.0011 5288 swenum - ok
22:21:39.0058 5288 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:21:39.0105 5288 swprv - ok
22:21:39.0229 5288 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
22:21:39.0323 5288 SysMain - ok
22:21:39.0417 5288 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
22:21:39.0479 5288 TabletInputService - ok
22:21:39.0526 5288 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
22:21:39.0635 5288 TapiSrv - ok
22:21:39.0651 5288 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:21:39.0744 5288 TBS - ok
22:21:39.0916 5288 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
22:21:39.0963 5288 Tcpip - ok
22:21:40.0119 5288 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
22:21:40.0181 5288 TCPIP6 - ok
22:21:40.0243 5288 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
22:21:40.0306 5288 tcpipreg - ok
22:21:40.0321 5288 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:21:40.0368 5288 TDPIPE - ok
22:21:40.0493 5288 tdrpman258 (bf7ac81df6fbe09438d9dc7188178ea9) C:\Windows\system32\DRIVERS\tdrpm258.sys
22:21:40.0555 5288 tdrpman258 - ok
22:21:40.0602 5288 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
22:21:40.0680 5288 TDTCP - ok
22:21:40.0711 5288 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
22:21:40.0805 5288 tdx - ok
22:21:40.0836 5288 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
22:21:40.0867 5288 TermDD - ok
22:21:40.0930 5288 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
22:21:41.0039 5288 TermService - ok
22:21:41.0101 5288 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys
22:21:41.0148 5288 TFsExDisk - ok
22:21:41.0164 5288 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:21:41.0226 5288 Themes - ok
22:21:41.0257 5288 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:21:41.0320 5288 THREADORDER - ok
22:21:41.0429 5288 timounter (2c1caf5563548a15515eab07d2a069c6) C:\Windows\system32\DRIVERS\timntr.sys
22:21:41.0476 5288 timounter - ok
22:21:41.0507 5288 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:21:41.0585 5288 TrkWks - ok
22:21:41.0663 5288 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
22:21:41.0710 5288 TrustedInstaller - ok
22:21:41.0757 5288 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:21:41.0835 5288 tssecsrv - ok
22:21:41.0881 5288 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
22:21:41.0944 5288 tunnel - ok
22:21:41.0975 5288 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:21:42.0006 5288 uagp35 - ok
22:21:42.0037 5288 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
22:21:42.0115 5288 udfs - ok
22:21:42.0147 5288 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:21:42.0162 5288 UI0Detect - ok
22:21:42.0209 5288 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
22:21:42.0225 5288 uliagpkx - ok
22:21:42.0256 5288 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
22:21:42.0303 5288 umbus - ok
22:21:42.0349 5288 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:21:42.0365 5288 UmPass - ok
22:21:42.0412 5288 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:21:42.0459 5288 upnphost - ok
22:21:42.0505 5288 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
22:21:42.0568 5288 USBAAPL64 - ok
22:21:42.0583 5288 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
22:21:42.0661 5288 usbccgp - ok
22:21:42.0693 5288 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
22:21:42.0755 5288 usbcir - ok
22:21:42.0786 5288 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
22:21:42.0802 5288 usbehci - ok
22:21:42.0833 5288 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
22:21:42.0864 5288 usbhub - ok
22:21:42.0864 5288 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
22:21:42.0880 5288 usbohci - ok
22:21:42.0911 5288 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:21:42.0927 5288 usbprint - ok
22:21:42.0958 5288 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:21:43.0005 5288 USBSTOR - ok
22:21:43.0020 5288 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:21:43.0067 5288 usbuhci - ok
22:21:43.0083 5288 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:21:43.0145 5288 UxSms - ok
22:21:43.0176 5288 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:21:43.0192 5288 VaultSvc - ok
22:21:43.0239 5288 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
22:21:43.0254 5288 vdrvroot - ok
22:21:43.0301 5288 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
22:21:43.0348 5288 vds - ok
22:21:43.0395 5288 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:21:43.0426 5288 vga - ok
22:21:43.0441 5288 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:21:43.0504 5288 VgaSave - ok
22:21:43.0566 5288 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
22:21:43.0597 5288 vhdmp - ok
22:21:43.0613 5288 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
22:21:43.0613 5288 viaide - ok
22:21:43.0644 5288 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
22:21:43.0660 5288 volmgr - ok
22:21:43.0691 5288 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
22:21:43.0707 5288 volmgrx - ok
22:21:43.0753 5288 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
22:21:43.0785 5288 volsnap - ok
22:21:43.0831 5288 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:21:43.0863 5288 vsmraid - ok
22:21:43.0987 5288 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
22:21:44.0065 5288 VSS - ok
22:21:44.0175 5288 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
22:21:44.0206 5288 vwifibus - ok
22:21:44.0253 5288 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:21:44.0315 5288 W32Time - ok
22:21:44.0346 5288 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:21:44.0393 5288 WacomPen - ok
22:21:44.0424 5288 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:21:44.0518 5288 WANARP - ok
22:21:44.0533 5288 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:21:44.0565 5288 Wanarpv6 - ok
22:21:44.0705 5288 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:21:44.0736 5288 WatAdminSvc - ok
22:21:44.0861 5288 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
22:21:44.0923 5288 wbengine - ok
22:21:45.0001 5288 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:21:45.0033 5288 WbioSrvc - ok
22:21:45.0079 5288 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
22:21:45.0142 5288 wcncsvc - ok
22:21:45.0157 5288 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:21:45.0189 5288 WcsPlugInService - ok
22:21:45.0235 5288 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:21:45.0251 5288 Wd - ok
22:21:45.0329 5288 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:21:45.0376 5288 Wdf01000 - ok
22:21:45.0391 5288 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:21:45.0438 5288 WdiServiceHost - ok
22:21:45.0438 5288 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:21:45.0454 5288 WdiSystemHost - ok
22:21:45.0501 5288 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
22:21:45.0547 5288 WebClient - ok
22:21:45.0579 5288 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:21:45.0657 5288 Wecsvc - ok
22:21:45.0672 5288 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:21:45.0781 5288 wercplsupport - ok
22:21:45.0828 5288 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:21:45.0922 5288 WerSvc - ok
22:21:45.0969 5288 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:21:46.0031 5288 WfpLwf - ok
22:21:46.0047 5288 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:21:46.0047 5288 WIMMount - ok
22:21:46.0078 5288 WinDefend - ok
22:21:46.0093 5288 WinHttpAutoProxySvc - ok
22:21:46.0156 5288 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:21:46.0234 5288 Winmgmt - ok
22:21:46.0405 5288 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
22:21:46.0530 5288 WinRM - ok
22:21:46.0639 5288 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
22:21:46.0686 5288 WinUsb - ok
22:21:46.0780 5288 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:21:46.0858 5288 Wlansvc - ok
22:21:46.0889 5288 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:21:46.0920 5288 WmiAcpi - ok
22:21:47.0014 5288 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:21:47.0092 5288 wmiApSrv - ok
22:21:47.0123 5288 WMPNetworkSvc - ok
22:21:47.0154 5288 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:21:47.0185 5288 WPCSvc - ok
22:21:47.0201 5288 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
22:21:47.0279 5288 WPDBusEnum - ok
22:21:47.0326 5288 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:21:47.0404 5288 ws2ifsl - ok
22:21:47.0466 5288 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
22:21:47.0529 5288 wscsvc - ok
22:21:47.0529 5288 WSearch - ok
22:21:47.0716 5288 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:21:47.0778 5288 wuauserv - ok
22:21:47.0872 5288 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
22:21:47.0965 5288 WudfPf - ok
22:21:48.0012 5288 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:21:48.0106 5288 WUDFRd - ok
22:21:48.0153 5288 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
22:21:48.0215 5288 wudfsvc - ok
22:21:48.0246 5288 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:21:48.0293 5288 WwanSvc - ok
22:21:48.0355 5288 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:21:48.0683 5288 \Device\Harddisk0\DR0 - ok
22:21:48.0683 5288 Boot (0x1200) (16fa8ae7ab8275d264d37461b124f92c) \Device\Harddisk0\DR0\Partition0
22:21:48.0683 5288 \Device\Harddisk0\DR0\Partition0 - ok
22:21:48.0699 5288 ============================================================
22:21:48.0699 5288 Scan finished
22:21:48.0699 5288 ============================================================
22:21:48.0714 4924 Detected object count: 4
22:21:48.0714 4924 Actual detected object count: 4
22:22:31.0848 4924 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:22:31.0848 4924 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:22:31.0864 4924 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:22:31.0864 4924 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:22:31.0864 4924 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
22:22:31.0864 4924 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:22:31.0864 4924 GhosteryStatsUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
22:22:31.0864 4924 GhosteryStatsUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip

Heey markus.. ich bin dermaßen blöd, ich hatte zwar die ganze zeit meine makros durchgesehn aber nie meine Play/Pause taste und dort hab ich mir irgentwie mein makro verschrieben,.. ich danke dir trz vielmals (: !

Heey markus ehm ich bin ein trottelchen (: ich hab zwar dran gedacht meine eigenen makro zu untersuchen aber nicht die standart makros, leider gottest hab ich meine wiedergabe/pause taste mit einem neuen makro belegt dass dies vorhergerufen hat naja ich gedanke mich trz (:


Alt 27.07.2012, 21:53   #6
markusg
/// Malware-holic
 
Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus - Standard

Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus



na das geht ja.
aber wir können den pc noch absichern.
lade den CCleaner standard:
CCleaner Download - CCleaner 3.21.1767
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
--> Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus

Antwort

Themen zu Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus
bestimmte, bestimmten, buchstaben, compu, computer, essen, essentials, immer wieder, microsoft, microsoft security essentials, nichts, scan, security, security essentials, tastatur, virus, vollständige, wiederholt



Ähnliche Themen: Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus


  1. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping - Wlan
    Plagegeister aller Art und deren Bekämpfung - 19.09.2015 (24)
  2. Mozilla schließt sich einfach nach einer gewissen Zeit
    Alles rund um Windows - 08.05.2015 (5)
  3. Windows 7 nach Anmelden Schwarzer Bildschirm mit Maus / nach einer Zeit Windows Funktioniert nicht mehr
    Alles rund um Windows - 09.02.2015 (1)
  4. Tastatur läßt Buchstaben aus
    Log-Analyse und Auswertung - 06.10.2014 (9)
  5. Tastatur setzt aus oder Buchstaben mehrfach
    Log-Analyse und Auswertung - 28.02.2014 (4)
  6. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping
    Netzwerk und Hardware - 16.08.2013 (1)
  7. Das öffnen von Webseiten dauert nach einer Zeit sehr lange
    Log-Analyse und Auswertung - 09.06.2013 (25)
  8. Maus,Tastatur und Monitor funktionieren nach bestimmter Zeit nicht mehr
    Alles rund um Windows - 06.07.2012 (3)
  9. mein bildschirm nach einer zeit dunkel
    Plagegeister aller Art und deren Bekämpfung - 26.04.2012 (1)
  10. PC Stürzt ab nach einer gewissen Zeit
    Log-Analyse und Auswertung - 30.04.2011 (9)
  11. usb funktioniert nach einiger Zeit nicht mehr, Maus und Tastatur betroffen
    Alles rund um Windows - 22.09.2010 (7)
  12. Bildschirm nach einer Zeit schwarz und hängt dann Virus?
    Plagegeister aller Art und deren Bekämpfung - 19.01.2010 (1)
  13. Pc stürtzt nach einer bestimmten Zeit ab
    Log-Analyse und Auswertung - 19.08.2009 (5)
  14. Programme Stürtzen nach einer Zeit automatisch ab...
    Plagegeister aller Art und deren Bekämpfung - 08.01.2008 (1)
  15. iexplore.exe beendet sich nach einer bestimmten zeit auf einer seite
    Plagegeister aller Art und deren Bekämpfung - 08.01.2008 (47)
  16. Maus und Tastatur funktionieren nach einiger Zeit nicht mehr
    Alles rund um Windows - 11.02.2007 (2)
  17. schrift kursiv - buchstaben überschreiben - englisch = deutsch tastatur
    Alles rund um Windows - 07.08.2006 (1)

Zum Thema Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus - Hallo erstmal, also mein Computer wieder immer wieder Buchstaben, abunzu ein p oder b oder w oder e oder r ist das jezt ein virus, oder nicht? ich benutze Microsoft - Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus...
Archiv
Du betrachtest: Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.