| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne RythmusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.07.2012, 15:48
| #1 |
| |  Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus Hallo erstmal, also mein Computer wieder immer wieder Buchstaben, abunzu ein p oder b oder w oder e oder r ist das jezt ein virus, oder nicht? ich benutze Microsoft Security Essentials und der fand selbst beim 3. vollständigen scan nichts, und es liegt auch nicht an meiner tastatur die hatte ich nämlich ausgestöpselt und es kamen trz buchstaben :/ Edit: Diese buchstaben hatte ich natürlich vorher schoma gedrückt Lg itzpink Geändert von itzpink (26.07.2012 um 15:50 Uhr) Grund: Informations-Nachtragung |
|
26.07.2012, 16:13
| #2 |
| /// Malware-holic   | Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus hi
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
26.07.2012, 17:27
| #3 |
| | Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus das kam jezt bei mir raus
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 26.07.2012 18:00:12 - Run 1 OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Lukas.Lukas_Systea\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,60% Memory free 8,00 Gb Paging File | 6,72 Gb Available in Paging File | 84,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 596,17 Gb Total Space | 459,74 Gb Free Space | 77,12% Space Free | Partition Type: NTFS Drive D: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: LUKAS_SYSTEA | User Name: Admin Lukas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.26 17:59:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lukas.Lukas_Systea\Desktop\OTL.exe PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Lukas.Lukas_Systea\AppData\Local\Akamai\netsession_win.exe PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.02.28 18:35:22 | 000,018,432 | ---- | M] () -- C:\Users\Admin\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe PRC - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2010.06.28 20:22:52 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2010.03.27 18:39:06 | 000,362,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2010.03.27 18:38:26 | 005,141,512 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2009.03.20 02:03:00 | 001,904,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe PRC - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe PRC - [2008.11.18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe ========== Modules (No Company Name) ========== MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.03.27 18:39:06 | 000,362,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe MOD - [2010.03.27 18:38:26 | 005,141,512 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe MOD - [2010.03.27 16:30:50 | 000,279,904 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\resource.dll MOD - [2010.03.27 15:14:56 | 000,028,512 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll MOD - [2010.03.27 15:13:36 | 000,019,808 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll MOD - [2009.07.10 10:07:18 | 000,166,912 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL MOD - [2009.02.06 19:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.09.06 09:19:54 | 000,119,632 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysNative\dgdersvc.exe -- (dgdersvc) SRV:64bit: - [2010.04.07 04:12:18 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.07.25 18:56:57 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.07.24 17:39:30 | 004,419,392 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_4f7fccd.dll -- (Akamai) SRV - [2012.07.11 21:40:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.03.13 16:35:03 | 000,129,992 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.03.11 16:54:16 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2012.02.29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.02.28 18:35:22 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Users\Admin\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe -- (GhosteryStatsUpdater) SRV - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2010.09.06 09:16:58 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\dgdersvc.exe -- (dgdersvc) SRV - [2010.06.28 20:22:52 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2010.03.27 18:39:22 | 001,055,288 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service) SRV - [2008.11.18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.03.11 15:03:58 | 000,116,096 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmaudio.sys -- (avmaudio) DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.16 00:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.09.06 09:19:54 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv) DRV:64bit: - [2010.09.06 09:11:32 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:64bit: - [2010.07.20 12:38:24 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2010.07.20 12:38:24 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:64bit: - [2010.07.20 12:38:24 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:64bit: - [2010.06.28 20:22:54 | 000,252,512 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp) DRV:64bit: - [2010.06.28 20:22:51 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258) DRV:64bit: - [2010.06.28 20:22:50 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2010.06.28 20:22:45 | 000,271,456 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2010.04.07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.04.07 03:23:30 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.03.09 12:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.10.16 07:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17) DRV:64bit: - [2009.08.06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.03.20 02:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2009.03.20 02:03:00 | 000,014,120 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV:64bit: - [2009.01.20 08:49:48 | 000,195,584 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169) DRV - [2010.09.06 09:16:58 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2010.09.06 09:11:32 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 12.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components [2012.03.13 20:59:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 12.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins [2012.03.11 14:49:49 | 000,588,544 | ---- | M] () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AR7UY2M2.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (GhosteryStats) - {C331A7D9-4187-464C-BE66-FDBC56C07678} - C:\Users\Admin\AppData\LocalLow\GhosteryStats\IE\GhosteryStats.dll (David Cancel) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe () O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin) O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe () O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\SysNative\WerFault.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41596C22-A5FE-4C7F-B6C2-4BF5BF8532EB}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFD5B0E2-4FBD-4583-A56E-832B31BD4FBF}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.07.24 17:52:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\S4Leauge [2012.07.24 17:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai [2012.07.19 12:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OnlineCounter [2012.07.19 12:48:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.07.19 12:48:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012.07.19 12:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.07.11 18:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.07.11 18:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.07.11 18:18:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.07.11 18:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.07.02 19:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Mouse Auto Clicker [2012.07.02 19:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Mouse Auto Clicker [2012.07.01 22:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fraps ========== Files - Modified Within 30 Days ========== [2012.07.26 17:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.26 16:59:14 | 000,018,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.26 16:59:14 | 000,018,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.26 16:52:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.26 16:51:57 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2012.07.24 17:42:22 | 000,000,044 | ---- | M] () -- C:\Program Files (x86)\S4_League_EU_v1167.exe [2012.07.19 12:59:03 | 000,002,127 | ---- | M] () -- C:\OnlineCounter-Autostart.lnk [2012.07.19 12:48:36 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.07.19 08:13:13 | 343,706,350 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.07.11 10:59:23 | 000,430,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.29 06:40:57 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.29 06:40:57 | 000,656,028 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.29 06:40:57 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.29 06:40:57 | 000,130,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.29 06:40:57 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat ========== Files Created - No Company Name ========== [2012.07.24 17:42:20 | 000,000,044 | ---- | C] () -- C:\Program Files (x86)\S4_League_EU_v1167.exe [2012.07.19 12:59:03 | 000,002,127 | ---- | C] () -- C:\OnlineCounter-Autostart.lnk [2012.07.19 12:59:03 | 000,002,127 | ---- | C] () -- \OnlineCounter-Autostart.lnk [2012.07.19 12:57:00 | 000,002,139 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnlineCounter.lnk [2012.07.19 12:48:36 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.07.19 12:48:36 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.05.21 18:07:24 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012.03.11 18:24:16 | 000,002,006 | ---- | C] () -- \aqua_bitmap.cpp [2012.03.11 16:53:04 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2012.03.11 16:53:04 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2012.03.11 15:00:09 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.09.06 09:19:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2010.09.06 09:19:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2010.09.06 09:19:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2010.09.06 09:19:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2009.08.21 09:35:14 | 000,008,192 | RHS- | C] () -- \BOOTSECT.BAK [2009.08.21 09:35:13 | 000,383,562 | RHS- | C] () -- \bootmgr [2009.08.21 08:35:45 | 3220,578,304 | -HS- | C] () -- \hiberfil.sys [2007.11.07 09:12:28 | 000,232,960 | ---- | C] () -- \VC_RED.MSI [2007.11.07 09:09:22 | 001,442,522 | ---- | C] () -- \VC_RED.cab [2007.11.07 09:03:18 | 000,562,688 | ---- | C] () -- \install.exe [2007.11.07 09:03:18 | 000,097,296 | ---- | C] () -- \install.res.1036.dll [2007.11.07 09:03:18 | 000,096,272 | ---- | C] () -- \install.res.3082.dll [2007.11.07 09:03:18 | 000,096,272 | ---- | C] () -- \install.res.1031.dll [2007.11.07 09:03:18 | 000,095,248 | ---- | C] () -- \install.res.1040.dll [2007.11.07 09:03:18 | 000,091,152 | ---- | C] () -- \install.res.1033.dll [2007.11.07 09:03:18 | 000,081,424 | ---- | C] () -- \install.res.1041.dll [2007.11.07 09:03:18 | 000,079,888 | ---- | C] () -- \install.res.1042.dll [2007.11.07 09:03:18 | 000,076,304 | ---- | C] () -- \install.res.1028.dll [2007.11.07 09:03:18 | 000,075,792 | ---- | C] () -- \install.res.2052.dll [2007.11.07 09:00:40 | 000,005,686 | ---- | C] () -- \vcredist.bmp [2007.11.07 09:00:40 | 000,001,110 | ---- | C] () -- \globdata.ini [2007.11.07 09:00:40 | 000,000,843 | ---- | C] () -- \install.ini ========== LOP Check ========== [2012.05.14 06:59:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.03.12 21:04:53 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2010.05.20 09:18:53 | 000,000,000 | ---D | M] -- C:\ATI [2012.07.01 22:34:43 | 000,000,000 | ---D | M] -- C:\BEHALTEN [2009.08.21 09:35:13 | 000,000,000 | -HSD | M] -- C:\Boot [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2009.08.21 08:43:24 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.03.11 14:57:46 | 000,000,000 | ---D | M] -- C:\downloads [2012.05.01 17:42:35 | 000,000,000 | ---D | M] -- C:\Metin2 [2009.08.21 08:55:41 | 000,000,000 | RH-D | M] -- C:\MSOCache [2012.03.18 03:37:25 | 000,000,000 | ---D | M] -- C:\Nexon [2012.03.11 16:50:19 | 000,000,000 | ---D | M] -- C:\OscarData [2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.07.11 18:18:19 | 000,000,000 | R--D | M] -- C:\Program Files [2012.07.24 17:52:49 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012.07.19 12:47:35 | 000,000,000 | -H-D | M] -- C:\ProgramData [2009.08.21 08:43:24 | 000,000,000 | -HSD | M] -- C:\Programme [2010.06.28 15:57:34 | 000,000,000 | -HSD | M] -- C:\Recovery [2012.05.24 18:49:21 | 000,000,000 | ---D | M] -- C:\Riot Games [2012.07.26 18:08:50 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2010.06.28 18:39:11 | 000,000,000 | ---D | M] -- C:\temp [2012.05.21 18:07:57 | 000,000,000 | R--D | M] -- C:\Users [2012.07.19 08:13:13 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > [2012.07.24 17:42:22 | 000,000,044 | ---- | M] () -- C:\Program Files (x86)\S4_League_EU_v1167.exe < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe [2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2012.07.26 17:59:49 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT [2012.07.26 17:59:49 | 000,230,400 | -HS- | M] () -- C:\Users\Admin Lukas\ntuser.dat.LOG1 [2012.03.11 17:34:07 | 000,000,000 | -HS- | M] () -- C:\Users\Admin Lukas\ntuser.dat.LOG2 [2012.03.11 17:34:14 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2012.03.11 17:34:14 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2012.03.11 17:34:14 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2012.06.02 18:53:01 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1cdc9129-acc1-11e1-b811-00016c66967c}.TM.blf [2012.06.02 18:53:01 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1cdc9129-acc1-11e1-b811-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.06.02 18:53:01 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1cdc9129-acc1-11e1-b811-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.05.13 17:48:47 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1d467599-9cf9-11e1-9aab-00016c66967c}.TM.blf [2012.05.13 17:48:47 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1d467599-9cf9-11e1-9aab-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.05.13 17:48:47 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{1d467599-9cf9-11e1-9aab-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.05.21 16:38:36 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{2d011ee5-a351-11e1-86ba-00016c66967c}.TM.blf [2012.05.21 16:38:36 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{2d011ee5-a351-11e1-86ba-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.05.21 16:38:36 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{2d011ee5-a351-11e1-86ba-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.04.01 19:00:11 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{30959567-7c0a-11e1-afa2-bc0543001744}.TM.blf [2012.04.01 19:00:11 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{30959567-7c0a-11e1-afa2-bc0543001744}.TMContainer00000000000000000001.regtrans-ms [2012.04.01 19:00:11 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{30959567-7c0a-11e1-afa2-bc0543001744}.TMContainer00000000000000000002.regtrans-ms [2012.06.20 20:49:02 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{47bbe47d-bb05-11e1-af35-00016c66967c}.TM.blf [2012.06.20 20:49:02 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{47bbe47d-bb05-11e1-af35-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.06.20 20:49:02 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{47bbe47d-bb05-11e1-af35-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.04.06 23:16:36 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68a9298e-7fb8-11e1-bab1-bc0543001744}.TM.blf [2012.04.06 23:16:36 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68a9298e-7fb8-11e1-bab1-bc0543001744}.TMContainer00000000000000000001.regtrans-ms [2012.04.06 23:16:36 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68a9298e-7fb8-11e1-bab1-bc0543001744}.TMContainer00000000000000000002.regtrans-ms [2012.05.06 15:03:42 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68f6ecd0-9778-11e1-8007-bc0543001744}.TM.blf [2012.05.06 15:03:42 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68f6ecd0-9778-11e1-8007-bc0543001744}.TMContainer00000000000000000001.regtrans-ms [2012.05.06 15:03:42 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{68f6ecd0-9778-11e1-8007-bc0543001744}.TMContainer00000000000000000002.regtrans-ms [2012.07.23 14:02:10 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{776bbfb8-d4b0-11e1-86bf-00016c66967c}.TM.blf [2012.07.23 14:02:10 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{776bbfb8-d4b0-11e1-86bf-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.07.23 14:02:10 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{776bbfb8-d4b0-11e1-86bf-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.07.01 12:27:22 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{7898e6c1-c35b-11e1-ae7c-00016c66967c}.TM.blf [2012.07.01 12:27:22 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{7898e6c1-c35b-11e1-ae7c-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.07.01 12:27:22 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{7898e6c1-c35b-11e1-ae7c-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.06.12 14:12:34 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b0fbe429-b487-11e1-b73f-00016c66967c}.TM.blf [2012.06.12 14:12:34 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b0fbe429-b487-11e1-b73f-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.06.12 14:12:34 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b0fbe429-b487-11e1-b73f-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.06.07 12:13:18 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b19b24ee-b07e-11e1-a378-00016c66967c}.TM.blf [2012.06.07 12:13:18 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b19b24ee-b07e-11e1-a378-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.06.07 12:13:18 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{b19b24ee-b07e-11e1-a378-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.05.27 19:13:00 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bb7a74c3-a81d-11e1-9028-00016c66967c}.TM.blf [2012.05.27 19:13:00 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bb7a74c3-a81d-11e1-9028-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.05.27 19:13:00 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bb7a74c3-a81d-11e1-9028-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.07.12 11:33:47 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bbcba591-cbfc-11e1-8138-00016c66967c}.TM.blf [2012.07.12 11:33:47 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bbcba591-cbfc-11e1-8138-00016c66967c}.TMContainer00000000000000000001.regtrans-ms [2012.07.12 11:33:47 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{bbcba591-cbfc-11e1-8138-00016c66967c}.TMContainer00000000000000000002.regtrans-ms [2012.03.25 12:39:27 | 000,065,536 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{e174c102-765b-11e1-ae7c-bc0543001744}.TM.blf [2012.03.25 12:39:27 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{e174c102-765b-11e1-ae7c-bc0543001744}.TMContainer00000000000000000001.regtrans-ms [2012.03.25 12:39:27 | 000,524,288 | -HS- | M] () -- C:\Users\Admin Lukas\NTUSER.DAT{e174c102-765b-11e1-ae7c-bc0543001744}.TMContainer00000000000000000002.regtrans-ms [2012.03.11 17:34:08 | 000,000,020 | -HS- | M] () -- C:\Users\Admin Lukas\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 26.07.2012 18:00:12 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Lukas.Lukas_Systea\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,60% Memory free
8,00 Gb Paging File | 6,72 Gb Available in Paging File | 84,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,17 Gb Total Space | 459,74 Gb Free Space | 77,12% Space Free | Partition Type: NTFS
Drive D: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: LUKAS_SYSTEA | User Name: Admin Lukas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0242D18C-9A6C-4630-8781-C9E59AB925C8}" = rport=137 | protocol=17 | dir=out | app=system |
"{14DC7B64-FA09-48BF-BD15-593549553AC0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{186B21DE-1258-43FA-8EDC-83CCFDE89ED9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1AA46288-CCDA-46B4-B975-2EA4502AB6B5}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{1F2DC46D-6627-423C-BF9A-873DFAA85C61}" = lport=3390 | protocol=6 | dir=in | app=system |
"{203807FC-1294-44DA-9C7D-7E8ABDB7132E}" = lport=138 | protocol=17 | dir=in | app=system |
"{22C99491-4258-4E97-B025-3CE8E94A511B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2BB99F10-301B-4F55-A8C0-8A11349FABE4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C135EA8-6BA4-448B-A355-2A6C9EDCF5F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2DD1870C-29C1-461D-91FF-075C7B4A5F4C}" = rport=138 | protocol=17 | dir=out | app=system |
"{2F3F6574-7321-45CE-A70E-C3A2863A251F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{382C0702-47EB-46E1-B744-8084AF450AA3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5099F0E4-B77A-465C-97FD-2721D3CF20BB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51D8B2E1-B623-4E2B-BE05-E7A7F8DDFBC7}" = rport=139 | protocol=6 | dir=out | app=system |
"{5750EF49-0864-467F-9979-C9DCDE6AD1C8}" = lport=445 | protocol=6 | dir=in | app=system |
"{58D2E14F-C8B4-4CDE-BB2A-C8DA91B17C5C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{61558C20-4CD9-4355-AB48-B217920F0417}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{62056EEC-A035-4CAD-AFDB-2025D6C6E834}" = lport=2869 | protocol=6 | dir=in | app=system |
"{64FC169F-34AC-4977-B92F-05BA05371D73}" = lport=3390 | protocol=6 | dir=in | app=system |
"{6564CDB4-BC77-4BEF-9E10-74431FC448C5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{66E30F8C-76CD-43D9-8454-43986ECDBBC3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{67852B54-E790-4565-A0F8-A6D25F8303C7}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{69575FB9-6FCF-4BB0-9411-85C27002660E}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6BF7DF00-0442-494F-8246-A22742467C31}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7707B34D-0872-49E7-9365-F0F636F53C2B}" = lport=10244 | protocol=6 | dir=in | app=system |
"{7816C9CA-8CD8-4111-82B9-10D23B1300F9}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{85E5C467-5566-4B35-A18D-EEFFA574A8C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E8AFFC4-BE2D-49ED-8EF8-BC2F6B03F0E1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{94C26438-75EA-41CA-8020-57528A2282BD}" = lport=139 | protocol=6 | dir=in | app=system |
"{968D9E0F-FD73-47F5-9823-1FD7AE4241D1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9709C8E0-E911-4FEA-B636-38318A24ACC7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9ECC6487-5CB1-4B9B-A15F-0E885419051F}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{9F26BCD5-D1A3-469F-A12D-D17EF9E39673}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B29A408B-01AA-44FF-8E4C-A0480B40708E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B4C06FEE-6B8C-4F8A-A109-4FA27AEBABE6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B61B35AF-1F4D-47D9-A3FB-F9544D7B5F5F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B6ECE9BA-0DE1-42CE-97A5-CFB703845CA9}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B87B6E08-5539-4AA8-8114-4C6E636B8AD1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC99222D-31FE-4503-8EBE-2400AE0B718C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C32B41AA-DF62-4DF3-9095-EC05A4A5BD70}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C82DF218-45BE-4CC6-8642-115672CDFD33}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CD0AB130-4886-4BD4-944F-7A8C0495BB9A}" = rport=445 | protocol=6 | dir=out | app=system |
"{CF4B3112-1C62-493D-AF27-EEAF28147C89}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DCD9F295-F4F0-4066-B885-1167181445E0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE13EAE4-9255-43B3-9907-7D660E71055B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9518E0D-A9CC-4DF3-9799-1B84EC0170DC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFCE9BBE-A5A9-4CCA-9716-C10C3A522698}" = lport=137 | protocol=17 | dir=in | app=system |
"{FD80811A-E9D6-4321-BAA5-56DC1A5D4EDD}" = lport=10244 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013832C6-A61B-495E-9A84-0B334E49F203}" = protocol=17 | dir=in | app=c:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe |
"{0484AD28-16B6-4E77-9EBC-3DE816164091}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{06B76CD1-74BF-4A18-B865-B7271E666CE9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{08AE73B9-4376-4E16-BA09-E740FE41AF7B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{14A3F62E-74BF-4439-8BC6-C7221B33FE2A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14EB3C3D-391B-48C9-95C6-0E9402C447D5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\max payne 3 multiplayer\smp.exe |
"{17772A31-6552-4BA8-A39F-FA5EDC9048CC}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{192AF52D-761E-4C45-B5D8-49106CA97CFE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{2077D279-6366-4FA2-898B-0A73032B4093}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{21753509-7B12-4E65-8F28-D1ED3F65D251}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{2689D473-11AE-492C-9DE0-1DB116182F6D}" = protocol=6 | dir=in | app=c:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe |
"{276BA18B-FD4D-4E51-8877-99AD00A86452}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{2BF0611B-1917-4A79-9469-5BF62F512089}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{2C21762D-7B7E-49E5-9EC6-A43C5A807DB6}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2C4BC87E-B90C-4AE2-A03A-C9D5D98B442D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2CC204E1-F493-4C71-A1D7-395DA8D1D209}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{30E53A20-DC8B-4948-91B9-EB6D066C3CC1}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{32C7F9EC-B617-4AAD-B5F9-3396BEE6DC54}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{351E8EFB-5B1F-480C-AA63-13D2ED4AEC5D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{37858640-31E4-4846-9DE3-EE21887367AB}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{3981A0F5-B42A-4B90-8990-24A39EE4E54A}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{4356381A-8730-45BE-8108-E542FD965280}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{463BFBD7-2D95-4E33-955E-9D0413CFF94D}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{48CF8C07-70AE-48EB-B1B6-75D6B3926248}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5165E39A-F39D-46D2-B993-FBBA8B2B973C}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{5298437C-52E9-42BA-89CE-5825235D0498}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{57214651-9448-4E7E-8880-046AF2DC1E5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{5E15DCED-6890-40C2-AC88-3BE52FBF3D03}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{5FAE13F3-B102-4E36-AF10-78B53C301692}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{63DE05C9-9949-4CEC-911A-40E25845802F}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{648A2480-EFF5-49BA-BA4A-A493047F2E02}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A4EEB22-43B3-4C0E-9967-C362EBDDC4EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{6C1FEF7C-6812-4220-9543-7BE5532677AF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6D17BBC7-B056-48F5-88CE-5D7FEA035FB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\max payne 3 multiplayer\smp.exe |
"{70295505-390E-48E4-A0A6-8A5CB5D159CA}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{7351F74E-76AD-48C6-843F-7A3F67D6683C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{74ED7C31-E013-467F-8958-1DFDCE60BAFA}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{7AEE7B6E-6793-4DA2-BED3-7DFD13C60521}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7B04FF2D-856D-425D-9867-7C2F6666C10E}" = protocol=17 | dir=in | app=c:\users\admin\appdata\local\apps\2.0\7j43b0b1.jlt\5k9d8nmm.8kb\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{7DB0ADD6-C503-4C8E-8A0F-F6D4AF18D742}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{823E5993-0361-40B7-A056-77BDDA264DB8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{83B97D32-068B-4463-9B74-5D593FF77210}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{88554DEF-F7EA-47DC-BF96-A2781516C27B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{88D646A0-8A2B-4A12-8151-5573062C131F}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{8CA4A8CB-024D-41FF-A0EA-B061B42FDDED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{91AD276D-8F99-4655-AEB1-52ABCAA1FE66}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{92FA3BAB-9726-4B64-9F4F-BD507172E525}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{98BCE1F0-1FD9-4D93-ACA1-1AD7B4823C13}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{9960DB47-1003-4528-A241-24315F891B16}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{9B94D1C4-E2C5-4CC2-A2AF-DF42A266F9B5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FE885B7-EB77-4718-A109-5FCB51895EE8}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{A29EC732-C3B0-4BAF-B361-BD7FD7E0E815}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A367843F-88D1-4AFE-8200-A9C92B24479E}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A64AA7DA-1D3B-4EBC-98F3-F9230D849BE9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B0D1349C-A699-4AF2-ACAD-E5BC8AAA861E}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{B28F732F-98B1-48B5-ABA7-DA3BEEC75DEF}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{B3D20628-5BA3-4B5F-B194-371FCEE1D4C5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B5F2EC9A-8B9D-496E-922B-6999CA9C9D2C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B98B0579-E3E0-4CC7-98F3-50E55A13D342}" = protocol=6 | dir=in | app=c:\users\admin\appdata\local\apps\2.0\7j43b0b1.jlt\5k9d8nmm.8kb\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{BAAB3AFB-2D4C-4F90-891E-A0190F1F6349}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BD0B480A-6D7A-41A5-9DBC-C08DA51650C4}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{BF5D96B7-3500-43C3-8978-2EAEA9636351}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{C3EDC5E9-EAE0-462E-8814-25F4753FDB7C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C4927691-C058-47B1-99D3-D9CD004FDD76}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C849410F-E6DF-427D-A01A-0F053AE9E6F4}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{C8787BA3-8ABD-454D-B5DE-077FC6DC89AD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CC1C026B-2585-469B-AED3-A612B29225BE}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{CC44C65A-02D0-469D-8BF4-B05F6D3A34A3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CE00E1CE-F6FB-4F2C-88A1-0D4BA07D1D35}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CE771EDF-E7F1-4F14-BE7E-55035D95C151}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D2B86AB5-BF63-4B5F-B146-3169C6A64E84}" = protocol=6 | dir=out | app=system |
"{D674B8D7-7432-4DD6-8954-B62744842E41}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DBD72C3C-7D60-4DD1-9447-E4D38AAC04BF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF4DA9EF-D04A-4C59-9E79-D153694532ED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike go - intro trailer\smp.exe |
"{DFC9479A-3CCC-4613-BCA6-AE72BF1FE391}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{E140154C-80E9-4C1F-AEE2-58766D960497}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E8675A2F-0457-428D-9E0C-5697701BBAF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA30215D-3418-4337-8022-0F797CEF2DEF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F340420E-9076-4798-AF4F-6F88FE73CECF}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{F6F17DA3-7461-4A06-AE68-758B7109FE71}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike go - intro trailer\smp.exe |
"{F8C71E52-1A2E-4029-87D4-388DB3F4813E}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{FE4C4F00-83D6-4A86-A723-E503CC12410F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{0A0B8275-D4EE-4585-95B4-178F94339099}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{219253EB-FF12-47AB-879E-B890E77C71C9}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{2D05DE9C-0354-4484-BFFF-A5095893E743}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{315A4732-428E-4A47-810E-3CB53D25BD50}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"TCP Query User{4D152872-C5F9-4F99-B148-4CF63E4608E1}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{703540BD-6306-4E3D-9A6F-EB454C184B2E}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{81CFFD23-583B-4606-AC40-F7D04FED6283}C:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe" = protocol=6 | dir=in | app=c:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe |
"TCP Query User{8E0A62E8-93FB-4334-A24A-903B49544DF7}C:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe" = protocol=6 | dir=in | app=c:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe |
"TCP Query User{99329BB9-9E80-4D8D-BC98-F9C858FB3204}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{B8475BDF-7A9B-476C-86B1-823E7C3581DA}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"TCP Query User{D232F5CF-32C1-481E-845B-9AAC8CA83EA1}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"TCP Query User{E339AC09-49E3-42AA-811E-891A7C2650BA}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"TCP Query User{F5378015-B8EB-41B6-8627-F4043E827DA6}C:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe |
"UDP Query User{1977EB69-296E-4408-A863-774B86EB0174}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{258E85DC-99EE-45D8-B4F0-75572B90FD98}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{2595EFAC-6E87-4729-88EE-AFB850CDA81F}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"UDP Query User{441776AD-627E-4845-BD49-D96E109A8FAE}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"UDP Query User{456EADC3-4D92-4923-A16F-12BE7ED54C86}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"UDP Query User{5EEBA202-E481-4B48-97B5-56D852F0CDA1}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{63363A81-85FF-4E1E-9124-C23914F53939}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{6B39349A-D211-478F-8CB0-300EC136D276}C:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe" = protocol=17 | dir=in | app=c:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe |
"UDP Query User{6E0DCAE8-4EFD-431D-B0BD-30E90835BB5A}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"UDP Query User{74C6EFEC-412A-41F6-BF32-992D2C7A3932}C:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe" = protocol=17 | dir=in | app=c:\users\lukas.lukas_systea\appdata\roaming\icq\application\icq7.7\icq.exe |
"UDP Query User{B7E7E716-968E-4D31-8787-0408407EE8F7}C:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\lukas.lukas_systea\appdata\local\akamai\netsession_win.exe |
"UDP Query User{DD9B5C30-42DF-4B49-A58B-2A6C9698E5D6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{F875B0ED-8407-4B81-BA98-E517EA2F3CA3}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{576A97E3-1A79-6215-49DE-AA358AF47420}" = ATI Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{AF51A2B6-3AAF-46C5-36A7-0E78B2D23E3E}" = ccc-utility64
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E6456858-8C0C-35CE-96B8-AFFCD205C9FC}" = AMD Drag and Drop Transcoding
"{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024FDD4C-B4EE-4CFC-696F-9A36B3BE4D41}" = Catalyst Control Center Graphics Previews Vista
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BC432D-819E-86AF-74A9-0622CAD08767}" = Catalyst Control Center Graphics Previews Common
"{0A477437-2307-018D-3F3A-AFBDE1D4FF7A}" = Catalyst Control Center HydraVision Full
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = MOUSE Editor
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3B2146CF-546D-4D29-8234-BEC69707F168}" = OnlineCounter
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C2739CB-9E0F-8E06-F315-25F9E9AB2763}" = CCC Help English
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43FC4C9A-9D17-9CAB-FA69-6588AFA5A1B2}" = Catalyst Control Center Core Implementation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1" = Free Mouse Auto Clicker 3.0
"{828CFF5D-054C-D04A-3CB1-0788828CA236}" = Catalyst Control Center Graphics Light
"{85B0B11F-7EA3-D9DE-BB18-1B52CE1A3E3B}" = Catalyst Control Center Graphics Full Existing
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EEA0ED5-CB59-2F06-84A7-3F7B241521B8}" = Catalyst Control Center InstallProxy
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CF9041ED-60C9-36ED-9DB9-F55AAD993865}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{DF9B7D24-4C6E-C773-3E58-D2FEF49ADD74}" = ccc-core-static
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7382773-CBE8-33A9-862E-C2337CD0F359}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{EAD931B5-129D-2A7E-9FD2-522BF504EAF4}" = Catalyst Control Center Graphics Full New
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface
"AudioCS" = Creative Audio-Systemsteuerung
"Aurora 12.0a2 (x86 de)" = Aurora 12.0a2 (x86 de)
"AVMWLANCLI" = AVM FRITZ!WLAN
"Combat Arms EU" = Combat Arms EU
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"EPSON Scanner" = EPSON Scan
"Fraps" = Fraps (remove only)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = MOUSE Editor
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotoScape" = PhotoScape
"PROHYBRIDR" = 2007 Microsoft Office system
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.06.2012 03:29:37 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.06.2012 03:29:37 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.06.2012 03:29:37 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.06.2012 03:29:38 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.06.2012 03:29:38 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.06.2012 06:01:57 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 28.06.2012 06:02:08 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.06.2012 06:02:08 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.06.2012 06:02:08 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.06.2012 06:02:08 | Computer Name = Lukas_Systea | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 12.07.2012 18:05:46 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 00:05:46 - Fehler beim Herstellen der Internetverbindung. 00:05:46
- Serververbindung konnte nicht hergestellt werden..
Error - 12.07.2012 18:05:52 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 00:05:51 - Fehler beim Herstellen der Internetverbindung. 00:05:51
- Serververbindung konnte nicht hergestellt werden..
Error - 12.07.2012 21:44:37 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 03:44:37 - Fehler beim Herstellen der Internetverbindung. 03:44:37
- Serververbindung konnte nicht hergestellt werden..
Error - 12.07.2012 21:44:43 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 03:44:42 - Fehler beim Herstellen der Internetverbindung. 03:44:42
- Serververbindung konnte nicht hergestellt werden..
Error - 12.07.2012 22:44:48 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 04:44:48 - Fehler beim Herstellen der Internetverbindung. 04:44:48
- Serververbindung konnte nicht hergestellt werden..
Error - 12.07.2012 22:44:54 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 04:44:53 - Fehler beim Herstellen der Internetverbindung. 04:44:53
- Serververbindung konnte nicht hergestellt werden..
Error - 12.07.2012 23:44:58 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 05:44:58 - Fehler beim Herstellen der Internetverbindung. 05:44:58
- Serververbindung konnte nicht hergestellt werden..
Error - 12.07.2012 23:45:04 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 05:45:03 - Fehler beim Herstellen der Internetverbindung. 05:45:03
- Serververbindung konnte nicht hergestellt werden..
Error - 13.07.2012 00:45:08 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 06:45:08 - Fehler beim Herstellen der Internetverbindung. 06:45:08
- Serververbindung konnte nicht hergestellt werden..
Error - 13.07.2012 00:45:14 | Computer Name = Lukas_Systea | Source = MCUpdate | ID = 0
Description = 06:45:13 - Fehler beim Herstellen der Internetverbindung. 06:45:13
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 18.06.2012 00:49:08 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.127.2148.0 Aktualisierungsquelle:
%%859 Aktualisierungsphase: %%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion:
Vorherige Modulversion: 1.1.8403.0 Fehlercode: 0x80244019 Fehlerbeschreibung: Unerwartetes
Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates
oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Error - 24.06.2012 07:32:36 | Computer Name = Lukas_Systea | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 25.06.2012 14:51:06 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.129.379.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%853 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8502.0 Fehlercode:
0x8024001e Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 25.06.2012 14:51:06 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.129.379.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%853 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8502.0 Fehlercode:
0x8024001e Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 27.06.2012 10:57:11 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.129.469.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%853 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8502.0 Fehlercode:
0x80240022 Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen
ist nicht möglich.
Error - 27.06.2012 10:57:11 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.129.469.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%853 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8502.0 Fehlercode:
0x80240022 Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen
ist nicht möglich.
Error - 27.06.2012 15:38:05 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.129.469.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8502.0 Fehlercode:
0x80244019 Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 28.06.2012 03:33:16 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.129.469.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8502.0 Fehlercode:
0x80244019 Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 01.07.2012 05:57:59 | Computer Name = Lukas_Systea | Source = BROWSER | ID = 8032
Description =
Error - 03.07.2012 05:51:13 | Computer Name = Lukas_Systea | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.129.793.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8502.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
< End of report >
|
|
26.07.2012, 18:58
| #4 |
| /// Malware-holic | Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
26.07.2012, 21:24
| #5 |
| | Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus Sooo hier das war jezt Kaspersky TDSSKiller Hab überall skip ausgewählt dann continue und dann auf report das kam raus 22:19:59.0402 4504 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 22:19:59.0749 4504 ============================================================ 22:19:59.0749 4504 Current date / time: 2012/07/26 22:19:59.0749 22:19:59.0749 4504 SystemInfo: 22:19:59.0749 4504 22:19:59.0749 4504 OS Version: 6.1.7600 ServicePack: 0.0 22:19:59.0749 4504 Product type: Workstation 22:19:59.0749 4504 ComputerName: LUKAS_SYSTEA 22:19:59.0750 4504 UserName: Admin Lukas 22:19:59.0750 4504 Windows directory: C:\Windows 22:19:59.0750 4504 System windows directory: C:\Windows 22:19:59.0750 4504 Running under WOW64 22:19:59.0750 4504 Processor architecture: Intel x64 22:19:59.0750 4504 Number of processors: 4 22:19:59.0750 4504 Page size: 0x1000 22:19:59.0750 4504 Boot type: Normal boot 22:19:59.0750 4504 ============================================================ 22:20:02.0176 4504 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:20:02.0268 4504 ============================================================ 22:20:02.0268 4504 \Device\Harddisk0\DR0: 22:20:02.0268 4504 MBR partitions: 22:20:02.0268 4504 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856E82 22:20:02.0268 4504 ============================================================ 22:20:02.0270 4504 C: <-> \Device\Harddisk0\DR0\Partition0 22:20:02.0270 4504 ============================================================ 22:20:02.0270 4504 Initialize success 22:20:02.0270 4504 ============================================================ 22:21:02.0569 5288 ============================================================ 22:21:02.0569 5288 Scan started 22:21:02.0569 5288 Mode: Manual; SigCheck; TDLFS; 22:21:02.0569 5288 ============================================================ 22:21:03.0505 5288 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 22:21:03.0615 5288 1394ohci - ok 22:21:03.0693 5288 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 22:21:03.0708 5288 ACPI - ok 22:21:03.0739 5288 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 22:21:03.0833 5288 AcpiPmi - ok 22:21:03.0973 5288 AcrSch2Svc (b8659553b6ab4bf34a3cc113a144dee3) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe 22:21:04.0036 5288 AcrSch2Svc - ok 22:21:04.0145 5288 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 22:21:04.0161 5288 AdobeARMservice - ok 22:21:04.0301 5288 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 22:21:04.0332 5288 AdobeFlashPlayerUpdateSvc - ok 22:21:04.0457 5288 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 22:21:04.0488 5288 adp94xx - ok 22:21:04.0535 5288 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 22:21:04.0582 5288 adpahci - ok 22:21:04.0629 5288 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 22:21:04.0660 5288 adpu320 - ok 22:21:04.0691 5288 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 22:21:04.0878 5288 AeLookupSvc - ok 22:21:04.0941 5288 afcdp (d9a76e6e541e2e61c78140b65db63e6a) C:\Windows\system32\DRIVERS\afcdp.sys 22:21:04.0972 5288 afcdp - ok 22:21:05.0237 5288 afcdpsrv (8b333e7ff3147a63b15975b512364466) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe 22:21:05.0315 5288 afcdpsrv - ok 22:21:05.0455 5288 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 22:21:05.0549 5288 AFD - ok 22:21:05.0596 5288 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 22:21:05.0611 5288 agp440 - ok 22:21:05.0955 5288 Akamai (29584f02a43e427c4227e3b1d9ff1b22) C:/Program Files (x86)/Common Files/Akamai/netsession_win_4f7fccd.dll 22:21:06.0079 5288 Akamai - ok 22:21:06.0189 5288 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 22:21:06.0251 5288 ALG - ok 22:21:06.0282 5288 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 22:21:06.0313 5288 aliide - ok 22:21:06.0360 5288 AMD External Events Utility (caa6ed31c6da3c505a684162b3492166) C:\Windows\system32\atiesrxx.exe 22:21:06.0469 5288 AMD External Events Utility - ok 22:21:06.0501 5288 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 22:21:06.0516 5288 amdide - ok 22:21:06.0579 5288 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 22:21:06.0641 5288 AmdK8 - ok 22:21:07.0062 5288 amdkmdag (cc0b8b1912967d429c4a2d2bd7a9e52d) C:\Windows\system32\DRIVERS\atikmdag.sys 22:21:07.0218 5288 amdkmdag - ok 22:21:07.0327 5288 amdkmdap (b855c99c23a57edeca29f49a3210b95c) C:\Windows\system32\DRIVERS\atikmpag.sys 22:21:07.0405 5288 amdkmdap - ok 22:21:07.0468 5288 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 22:21:07.0530 5288 AmdPPM - ok 22:21:07.0593 5288 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\DRIVERS\amdsata.sys 22:21:07.0624 5288 amdsata - ok 22:21:07.0686 5288 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 22:21:07.0717 5288 amdsbs - ok 22:21:07.0733 5288 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\DRIVERS\amdxata.sys 22:21:07.0749 5288 amdxata - ok 22:21:07.0795 5288 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 22:21:07.0905 5288 AppID - ok 22:21:07.0920 5288 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 22:21:08.0014 5288 AppIDSvc - ok 22:21:08.0045 5288 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 22:21:08.0107 5288 Appinfo - ok 22:21:08.0217 5288 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 22:21:08.0232 5288 Apple Mobile Device - ok 22:21:08.0263 5288 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 22:21:08.0295 5288 arc - ok 22:21:08.0310 5288 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 22:21:08.0341 5288 arcsas - ok 22:21:08.0357 5288 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 22:21:08.0451 5288 AsyncMac - ok 22:21:08.0497 5288 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 22:21:08.0529 5288 atapi - ok 22:21:08.0685 5288 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\Windows\system32\drivers\AtiHdmi.sys 22:21:08.0716 5288 AtiHdmiService - ok 22:21:08.0763 5288 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 22:21:08.0825 5288 AudioEndpointBuilder - ok 22:21:08.0841 5288 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 22:21:08.0903 5288 AudioSrv - ok 22:21:08.0965 5288 AVM WLAN Connection Service (d1a9ae485fff7c72ca50d8949b2210b9) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe 22:21:09.0184 5288 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning 22:21:09.0184 5288 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1) 22:21:09.0215 5288 avmaudio (bd39d7cfd9d6a73396b618113a8e8d57) C:\Windows\system32\DRIVERS\avmaudio.sys 22:21:09.0277 5288 avmaudio - ok 22:21:09.0309 5288 avmeject (1dc2f715792cf33428ad7993acbd224d) C:\Windows\system32\drivers\avmeject.sys 22:21:09.0340 5288 avmeject - ok 22:21:09.0355 5288 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 22:21:09.0449 5288 AxInstSV - ok 22:21:09.0511 5288 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 22:21:09.0558 5288 b06bdrv - ok 22:21:09.0621 5288 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 22:21:09.0667 5288 b57nd60a - ok 22:21:09.0792 5288 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 22:21:09.0823 5288 BBSvc - ok 22:21:09.0870 5288 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 22:21:09.0901 5288 BBUpdate - ok 22:21:09.0948 5288 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 22:21:10.0011 5288 BDESVC - ok 22:21:10.0026 5288 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 22:21:10.0089 5288 Beep - ok 22:21:10.0182 5288 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 22:21:10.0276 5288 BFE - ok 22:21:10.0369 5288 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll 22:21:10.0479 5288 BITS - ok 22:21:10.0541 5288 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 22:21:10.0588 5288 blbdrive - ok 22:21:10.0713 5288 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 22:21:10.0744 5288 Bonjour Service - ok 22:21:10.0791 5288 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 22:21:10.0869 5288 bowser - ok 22:21:10.0915 5288 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 22:21:10.0962 5288 BrFiltLo - ok 22:21:10.0978 5288 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 22:21:10.0993 5288 BrFiltUp - ok 22:21:11.0040 5288 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 22:21:11.0103 5288 Browser - ok 22:21:11.0165 5288 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 22:21:11.0243 5288 Brserid - ok 22:21:11.0274 5288 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 22:21:11.0305 5288 BrSerWdm - ok 22:21:11.0352 5288 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 22:21:11.0383 5288 BrUsbMdm - ok 22:21:11.0399 5288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 22:21:11.0461 5288 BrUsbSer - ok 22:21:11.0508 5288 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 22:21:11.0539 5288 BTHMODEM - ok 22:21:11.0571 5288 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 22:21:11.0617 5288 bthserv - ok 22:21:11.0649 5288 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 22:21:11.0711 5288 cdfs - ok 22:21:11.0758 5288 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 22:21:11.0805 5288 cdrom - ok 22:21:11.0836 5288 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 22:21:11.0914 5288 CertPropSvc - ok 22:21:11.0976 5288 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 22:21:12.0023 5288 circlass - ok 22:21:12.0054 5288 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 22:21:12.0085 5288 CLFS - ok 22:21:12.0163 5288 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:21:12.0179 5288 clr_optimization_v2.0.50727_32 - ok 22:21:12.0241 5288 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 22:21:12.0257 5288 clr_optimization_v2.0.50727_64 - ok 22:21:12.0351 5288 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:21:12.0382 5288 clr_optimization_v4.0.30319_32 - ok 22:21:12.0397 5288 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 22:21:12.0429 5288 clr_optimization_v4.0.30319_64 - ok 22:21:12.0460 5288 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 22:21:12.0491 5288 CmBatt - ok 22:21:12.0491 5288 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 22:21:12.0507 5288 cmdide - ok 22:21:12.0569 5288 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys 22:21:12.0616 5288 CNG - ok 22:21:12.0647 5288 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 22:21:12.0663 5288 Compbatt - ok 22:21:12.0694 5288 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 22:21:12.0741 5288 CompositeBus - ok 22:21:12.0772 5288 COMSysApp - ok 22:21:12.0803 5288 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 22:21:12.0834 5288 crcdisk - ok 22:21:12.0897 5288 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 22:21:12.0928 5288 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning 22:21:12.0928 5288 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1) 22:21:12.0990 5288 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll 22:21:13.0037 5288 CryptSvc - ok 22:21:13.0099 5288 CTAudSvcService (69cdba2b9c397e349a04fa70dd9170a2) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 22:21:13.0240 5288 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning 22:21:13.0255 5288 CTAudSvcService - detected UnsignedFile.Multi.Generic (1) 22:21:13.0333 5288 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 22:21:13.0411 5288 DcomLaunch - ok 22:21:13.0474 5288 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 22:21:13.0552 5288 defragsvc - ok 22:21:13.0661 5288 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 22:21:13.0755 5288 DfsC - ok 22:21:13.0911 5288 dgderdrv (def365f0f6e017888c4b869d3ba4b8e0) C:\Windows\system32\drivers\dgderdrv.sys 22:21:13.0957 5288 dgderdrv - ok 22:21:13.0989 5288 dgdersvc (bc3c53000adcd440f1b23e46dac302ef) C:\Windows\system32\dgdersvc.exe 22:21:14.0020 5288 dgdersvc - ok 22:21:14.0067 5288 dg_ssudbus (113212d25d0c9bb8901a9833774da97f) C:\Windows\system32\DRIVERS\ssudbus.sys 22:21:14.0082 5288 dg_ssudbus - ok 22:21:14.0129 5288 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 22:21:14.0223 5288 Dhcp - ok 22:21:14.0269 5288 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 22:21:14.0347 5288 discache - ok 22:21:14.0394 5288 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 22:21:14.0425 5288 Disk - ok 22:21:14.0457 5288 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 22:21:14.0535 5288 Dnscache - ok 22:21:14.0581 5288 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 22:21:14.0691 5288 dot3svc - ok 22:21:14.0737 5288 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 22:21:14.0815 5288 DPS - ok 22:21:14.0847 5288 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 22:21:14.0862 5288 drmkaud - ok 22:21:14.0956 5288 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 22:21:15.0018 5288 DXGKrnl - ok 22:21:15.0065 5288 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys 22:21:15.0127 5288 E1G60 - ok 22:21:15.0159 5288 EagleX64 - ok 22:21:15.0174 5288 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 22:21:15.0268 5288 EapHost - ok 22:21:15.0502 5288 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 22:21:15.0611 5288 ebdrv - ok 22:21:15.0736 5288 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 22:21:15.0814 5288 EFS - ok 22:21:15.0907 5288 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 22:21:15.0985 5288 ehRecvr - ok 22:21:16.0032 5288 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 22:21:16.0126 5288 ehSched - ok 22:21:16.0204 5288 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 22:21:16.0235 5288 elxstor - ok 22:21:16.0266 5288 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 22:21:16.0329 5288 ErrDev - ok 22:21:16.0407 5288 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 22:21:16.0500 5288 EventSystem - ok 22:21:16.0563 5288 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 22:21:16.0656 5288 exfat - ok 22:21:16.0687 5288 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 22:21:16.0765 5288 fastfat - ok 22:21:16.0828 5288 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 22:21:16.0937 5288 Fax - ok 22:21:16.0968 5288 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 22:21:16.0999 5288 fdc - ok 22:21:17.0031 5288 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 22:21:17.0124 5288 fdPHost - ok 22:21:17.0155 5288 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 22:21:17.0233 5288 FDResPub - ok 22:21:17.0265 5288 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 22:21:17.0280 5288 FileInfo - ok 22:21:17.0296 5288 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 22:21:17.0374 5288 Filetrace - ok 22:21:17.0405 5288 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 22:21:17.0436 5288 flpydisk - ok 22:21:17.0467 5288 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 22:21:17.0499 5288 FltMgr - ok 22:21:17.0592 5288 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll 22:21:17.0701 5288 FontCache - ok 22:21:17.0764 5288 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 22:21:17.0779 5288 FontCache3.0.0.0 - ok 22:21:17.0811 5288 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 22:21:17.0842 5288 FsDepends - ok 22:21:17.0889 5288 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys 22:21:17.0904 5288 fssfltr - ok 22:21:18.0029 5288 fsssvc (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 22:21:18.0076 5288 fsssvc - ok 22:21:18.0107 5288 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 22:21:18.0123 5288 Fs_Rec - ok 22:21:18.0169 5288 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 22:21:18.0201 5288 fvevol - ok 22:21:18.0263 5288 FWLANUSB (444534cba693dd23c1cc589681e01656) C:\Windows\system32\DRIVERS\fwlanusb.sys 22:21:18.0341 5288 FWLANUSB - ok 22:21:18.0357 5288 FXDrv32 - ok 22:21:18.0403 5288 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 22:21:18.0419 5288 gagp30kx - ok 22:21:18.0466 5288 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 22:21:18.0481 5288 GEARAspiWDM - ok 22:21:18.0559 5288 GhosteryStatsUpdater (4ad91cd1ba64e5e3f9ff0fc64676e853) C:\Users\Admin\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe 22:21:18.0653 5288 GhosteryStatsUpdater ( UnsignedFile.Multi.Generic ) - warning 22:21:18.0653 5288 GhosteryStatsUpdater - detected UnsignedFile.Multi.Generic (1) 22:21:18.0731 5288 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 22:21:18.0809 5288 gpsvc - ok 22:21:18.0840 5288 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 22:21:18.0887 5288 hcw85cir - ok 22:21:18.0965 5288 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 22:21:19.0027 5288 HdAudAddService - ok 22:21:19.0074 5288 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 22:21:19.0121 5288 HDAudBus - ok 22:21:19.0168 5288 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 22:21:19.0215 5288 HidBatt - ok 22:21:19.0246 5288 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 22:21:19.0293 5288 HidBth - ok 22:21:19.0339 5288 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 22:21:19.0371 5288 HidIr - ok 22:21:19.0417 5288 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 22:21:19.0495 5288 hidserv - ok 22:21:19.0558 5288 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 22:21:19.0589 5288 HidUsb - ok 22:21:19.0620 5288 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 22:21:19.0698 5288 hkmsvc - ok 22:21:19.0745 5288 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 22:21:19.0792 5288 HomeGroupListener - ok 22:21:19.0839 5288 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 22:21:19.0885 5288 HomeGroupProvider - ok 22:21:19.0917 5288 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 22:21:19.0948 5288 HpSAMD - ok 22:21:20.0026 5288 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 22:21:20.0135 5288 HTTP - ok 22:21:20.0182 5288 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 22:21:20.0197 5288 hwpolicy - ok 22:21:20.0244 5288 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 22:21:20.0275 5288 i8042prt - ok 22:21:20.0322 5288 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\DRIVERS\iaStorV.sys 22:21:20.0353 5288 iaStorV - ok 22:21:20.0478 5288 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 22:21:20.0541 5288 idsvc - ok 22:21:20.0556 5288 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 22:21:20.0587 5288 iirsp - ok 22:21:20.0681 5288 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 22:21:20.0806 5288 IKEEXT - ok 22:21:21.0009 5288 IntcAzAudAddService (e76fdfff07f8a2fa81ff250dda0f6bba) C:\Windows\system32\drivers\RTKVHD64.sys 22:21:21.0087 5288 IntcAzAudAddService - ok 22:21:21.0196 5288 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 22:21:21.0211 5288 intelide - ok 22:21:21.0274 5288 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 22:21:21.0321 5288 intelppm - ok 22:21:21.0383 5288 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 22:21:21.0445 5288 IPBusEnum - ok 22:21:21.0492 5288 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:21:21.0539 5288 IpFilterDriver - ok 22:21:21.0586 5288 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 22:21:21.0664 5288 iphlpsvc - ok 22:21:21.0695 5288 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 22:21:21.0742 5288 IPMIDRV - ok 22:21:21.0757 5288 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 22:21:21.0804 5288 IPNAT - ok 22:21:21.0945 5288 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 22:21:21.0976 5288 iPod Service - ok 22:21:21.0991 5288 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 22:21:22.0007 5288 IRENUM - ok 22:21:22.0038 5288 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 22:21:22.0054 5288 isapnp - ok 22:21:22.0085 5288 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 22:21:22.0132 5288 iScsiPrt - ok 22:21:22.0179 5288 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 22:21:22.0194 5288 kbdclass - ok 22:21:22.0241 5288 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 22:21:22.0288 5288 kbdhid - ok 22:21:22.0319 5288 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 22:21:22.0335 5288 KeyIso - ok 22:21:22.0366 5288 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys 22:21:22.0397 5288 KSecDD - ok 22:21:22.0413 5288 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys 22:21:22.0413 5288 KSecPkg - ok 22:21:22.0428 5288 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 22:21:22.0491 5288 ksthunk - ok 22:21:22.0537 5288 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 22:21:22.0631 5288 KtmRm - ok 22:21:22.0693 5288 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll 22:21:22.0756 5288 LanmanServer - ok 22:21:22.0787 5288 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 22:21:22.0896 5288 LanmanWorkstation - ok 22:21:22.0959 5288 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 22:21:23.0021 5288 lltdio - ok 22:21:23.0068 5288 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 22:21:23.0161 5288 lltdsvc - ok 22:21:23.0177 5288 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 22:21:23.0224 5288 lmhosts - ok 22:21:23.0286 5288 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 22:21:23.0317 5288 LSI_FC - ok 22:21:23.0349 5288 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 22:21:23.0380 5288 LSI_SAS - ok 22:21:23.0411 5288 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 22:21:23.0442 5288 LSI_SAS2 - ok 22:21:23.0473 5288 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 22:21:23.0520 5288 LSI_SCSI - ok 22:21:23.0536 5288 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 22:21:23.0614 5288 luafv - ok 22:21:23.0661 5288 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 22:21:23.0692 5288 Mcx2Svc - ok 22:21:23.0723 5288 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 22:21:23.0739 5288 megasas - ok 22:21:23.0785 5288 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 22:21:23.0832 5288 MegaSR - ok 22:21:23.0848 5288 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 22:21:23.0926 5288 MMCSS - ok 22:21:23.0957 5288 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 22:21:24.0019 5288 Modem - ok 22:21:24.0066 5288 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 22:21:24.0113 5288 monitor - ok 22:21:24.0160 5288 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 22:21:24.0191 5288 mouclass - ok 22:21:24.0222 5288 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 22:21:24.0253 5288 mouhid - ok 22:21:24.0269 5288 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 22:21:24.0285 5288 mountmgr - ok 22:21:24.0347 5288 MozillaMaintenance (12cb039011c1eeec40ec04ceccb76273) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 22:21:24.0378 5288 MozillaMaintenance - ok 22:21:24.0441 5288 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 22:21:24.0472 5288 MpFilter - ok 22:21:24.0503 5288 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 22:21:24.0550 5288 mpio - ok 22:21:24.0565 5288 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 22:21:24.0628 5288 mpsdrv - ok 22:21:24.0737 5288 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 22:21:24.0846 5288 MpsSvc - ok 22:21:24.0893 5288 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 22:21:24.0955 5288 MRxDAV - ok 22:21:25.0002 5288 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 22:21:25.0049 5288 mrxsmb - ok 22:21:25.0080 5288 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:21:25.0111 5288 mrxsmb10 - ok 22:21:25.0158 5288 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:21:25.0205 5288 mrxsmb20 - ok 22:21:25.0236 5288 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 22:21:25.0252 5288 msahci - ok 22:21:25.0267 5288 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 22:21:25.0283 5288 msdsm - ok 22:21:25.0314 5288 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 22:21:25.0377 5288 MSDTC - ok 22:21:25.0423 5288 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 22:21:25.0470 5288 Msfs - ok 22:21:25.0486 5288 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 22:21:25.0564 5288 mshidkmdf - ok 22:21:25.0579 5288 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 22:21:25.0595 5288 msisadrv - ok 22:21:25.0642 5288 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 22:21:25.0720 5288 MSiSCSI - ok 22:21:25.0735 5288 msiserver - ok 22:21:25.0751 5288 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 22:21:25.0813 5288 MSKSSRV - ok 22:21:25.0876 5288 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 22:21:25.0907 5288 MsMpSvc - ok 22:21:25.0923 5288 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 22:21:25.0985 5288 MSPCLOCK - ok 22:21:26.0001 5288 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 22:21:26.0032 5288 MSPQM - ok 22:21:26.0063 5288 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 22:21:26.0079 5288 MsRPC - ok 22:21:26.0125 5288 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 22:21:26.0141 5288 mssmbios - ok 22:21:26.0157 5288 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 22:21:26.0219 5288 MSTEE - ok 22:21:26.0266 5288 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 22:21:26.0297 5288 MTConfig - ok 22:21:26.0344 5288 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 22:21:26.0375 5288 Mup - ok 22:21:26.0437 5288 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 22:21:26.0531 5288 napagent - ok 22:21:26.0593 5288 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 22:21:26.0656 5288 NativeWifiP - ok 22:21:26.0765 5288 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 22:21:26.0812 5288 NDIS - ok 22:21:26.0827 5288 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 22:21:26.0905 5288 NdisCap - ok 22:21:26.0921 5288 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 22:21:27.0015 5288 NdisTapi - ok 22:21:27.0030 5288 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 22:21:27.0108 5288 Ndisuio - ok 22:21:27.0155 5288 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 22:21:27.0217 5288 NdisWan - ok 22:21:27.0233 5288 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 22:21:27.0311 5288 NDProxy - ok 22:21:27.0342 5288 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 22:21:27.0389 5288 NetBIOS - ok 22:21:27.0420 5288 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 22:21:27.0483 5288 NetBT - ok 22:21:27.0514 5288 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 22:21:27.0529 5288 Netlogon - ok 22:21:27.0592 5288 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 22:21:27.0685 5288 Netman - ok 22:21:27.0732 5288 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 22:21:27.0810 5288 netprofm - ok 22:21:27.0904 5288 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 22:21:27.0935 5288 NetTcpPortSharing - ok 22:21:27.0997 5288 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 22:21:28.0013 5288 nfrd960 - ok 22:21:28.0075 5288 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 22:21:28.0091 5288 NisDrv - ok 22:21:28.0153 5288 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 22:21:28.0185 5288 NisSrv - ok 22:21:28.0216 5288 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 22:21:28.0278 5288 NlaSvc - ok 22:21:28.0309 5288 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 22:21:28.0387 5288 Npfs - ok 22:21:28.0403 5288 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 22:21:28.0481 5288 nsi - ok 22:21:28.0512 5288 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 22:21:28.0575 5288 nsiproxy - ok 22:21:28.0715 5288 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 22:21:28.0777 5288 Ntfs - ok 22:21:28.0855 5288 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 22:21:28.0949 5288 Null - ok 22:21:29.0011 5288 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\DRIVERS\nvraid.sys 22:21:29.0058 5288 nvraid - ok 22:21:29.0089 5288 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\DRIVERS\nvstor.sys 22:21:29.0121 5288 nvstor - ok 22:21:29.0167 5288 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 22:21:29.0199 5288 nv_agp - ok 22:21:29.0323 5288 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 22:21:29.0355 5288 odserv - ok 22:21:29.0386 5288 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 22:21:29.0417 5288 ohci1394 - ok 22:21:29.0479 5288 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:21:29.0511 5288 ose - ok 22:21:29.0651 5288 P17 (edd1dcd36f6115acc6935c3f88ff54d7) C:\Windows\system32\drivers\P17.sys 22:21:29.0713 5288 P17 - ok 22:21:29.0776 5288 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 22:21:29.0854 5288 p2pimsvc - ok 22:21:29.0916 5288 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 22:21:29.0947 5288 p2psvc - ok 22:21:30.0010 5288 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 22:21:30.0025 5288 Parport - ok 22:21:30.0057 5288 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys 22:21:30.0088 5288 partmgr - ok 22:21:30.0103 5288 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 22:21:30.0181 5288 PcaSvc - ok 22:21:30.0213 5288 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 22:21:30.0228 5288 pci - ok 22:21:30.0228 5288 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 22:21:30.0244 5288 pciide - ok 22:21:30.0291 5288 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 22:21:30.0322 5288 pcmcia - ok 22:21:30.0353 5288 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 22:21:30.0384 5288 pcw - ok 22:21:30.0415 5288 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 22:21:30.0493 5288 PEAUTH - ok 22:21:30.0587 5288 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 22:21:30.0618 5288 PerfHost - ok 22:21:30.0759 5288 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 22:21:30.0852 5288 pla - ok 22:21:30.0930 5288 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 22:21:31.0008 5288 PlugPlay - ok 22:21:31.0024 5288 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 22:21:31.0055 5288 PNRPAutoReg - ok 22:21:31.0102 5288 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 22:21:31.0133 5288 PNRPsvc - ok 22:21:31.0195 5288 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 22:21:31.0289 5288 PolicyAgent - ok 22:21:31.0351 5288 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 22:21:31.0445 5288 Power - ok 22:21:31.0523 5288 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 22:21:31.0632 5288 PptpMiniport - ok 22:21:31.0679 5288 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 22:21:31.0710 5288 Processor - ok 22:21:31.0804 5288 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll 22:21:31.0835 5288 ProfSvc - ok 22:21:31.0882 5288 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 22:21:31.0897 5288 ProtectedStorage - ok 22:21:31.0944 5288 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 22:21:32.0038 5288 Psched - ok 22:21:32.0147 5288 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 22:21:32.0194 5288 ql2300 - ok 22:21:32.0303 5288 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 22:21:32.0334 5288 ql40xx - ok 22:21:32.0381 5288 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 22:21:32.0459 5288 QWAVE - ok 22:21:32.0490 5288 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 22:21:32.0537 5288 QWAVEdrv - ok 22:21:32.0553 5288 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 22:21:32.0631 5288 RasAcd - ok 22:21:32.0693 5288 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 22:21:32.0755 5288 RasAgileVpn - ok 22:21:32.0771 5288 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 22:21:32.0849 5288 RasAuto - ok 22:21:32.0880 5288 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 22:21:32.0989 5288 Rasl2tp - ok 22:21:33.0036 5288 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 22:21:33.0114 5288 RasMan - ok 22:21:33.0130 5288 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 22:21:33.0177 5288 RasPppoe - ok 22:21:33.0223 5288 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 22:21:33.0301 5288 RasSstp - ok 22:21:33.0348 5288 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 22:21:33.0426 5288 rdbss - ok 22:21:33.0473 5288 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 22:21:33.0489 5288 rdpbus - ok 22:21:33.0520 5288 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 22:21:33.0567 5288 RDPCDD - ok 22:21:33.0582 5288 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 22:21:33.0660 5288 RDPENCDD - ok 22:21:33.0691 5288 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 22:21:33.0754 5288 RDPREFMP - ok 22:21:33.0785 5288 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys 22:21:33.0863 5288 RDPWD - ok 22:21:33.0894 5288 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 22:21:33.0910 5288 rdyboost - ok 22:21:33.0941 5288 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 22:21:34.0035 5288 RemoteAccess - ok 22:21:34.0097 5288 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 22:21:34.0175 5288 RemoteRegistry - ok 22:21:34.0206 5288 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 22:21:34.0284 5288 RpcEptMapper - ok 22:21:34.0315 5288 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 22:21:34.0315 5288 RpcLocator - ok 22:21:34.0362 5288 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 22:21:34.0425 5288 RpcSs - ok 22:21:34.0440 5288 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 22:21:34.0503 5288 rspndr - ok 22:21:34.0565 5288 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 22:21:34.0596 5288 RTL8167 - ok 22:21:34.0643 5288 RTL8169 (d53c84ec99ab4d78a90001e5ce5386ec) C:\Windows\system32\DRIVERS\Rtlh64.sys 22:21:34.0705 5288 RTL8169 - ok 22:21:34.0737 5288 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 22:21:34.0752 5288 SamSs - ok 22:21:34.0783 5288 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 22:21:34.0815 5288 sbp2port - ok 22:21:34.0846 5288 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 22:21:34.0924 5288 SCardSvr - ok 22:21:34.0955 5288 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 22:21:35.0017 5288 scfilter - ok 22:21:35.0111 5288 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 22:21:35.0189 5288 Schedule - ok 22:21:35.0220 5288 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 22:21:35.0298 5288 SCPolicySvc - ok 22:21:35.0314 5288 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 22:21:35.0376 5288 SDRSVC - ok 22:21:35.0407 5288 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 22:21:35.0485 5288 secdrv - ok 22:21:35.0501 5288 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 22:21:35.0563 5288 seclogon - ok 22:21:35.0595 5288 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 22:21:35.0673 5288 SENS - ok 22:21:35.0704 5288 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 22:21:35.0766 5288 SensrSvc - ok 22:21:35.0813 5288 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 22:21:35.0860 5288 Serenum - ok 22:21:35.0907 5288 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 22:21:35.0938 5288 Serial - ok 22:21:35.0969 5288 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 22:21:36.0016 5288 sermouse - ok 22:21:36.0094 5288 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 22:21:36.0172 5288 SessionEnv - ok 22:21:36.0203 5288 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 22:21:36.0234 5288 sffdisk - ok 22:21:36.0281 5288 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 22:21:36.0328 5288 sffp_mmc - ok 22:21:36.0375 5288 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 22:21:36.0406 5288 sffp_sd - ok 22:21:36.0437 5288 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 22:21:36.0484 5288 sfloppy - ok 22:21:36.0515 5288 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 22:21:36.0593 5288 SharedAccess - ok 22:21:36.0655 5288 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 22:21:36.0733 5288 ShellHWDetection - ok 22:21:36.0765 5288 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 22:21:36.0796 5288 SiSRaid2 - ok 22:21:36.0827 5288 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 22:21:36.0858 5288 SiSRaid4 - ok 22:21:36.0936 5288 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe 22:21:36.0967 5288 SkypeUpdate - ok 22:21:36.0999 5288 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 22:21:37.0092 5288 Smb - ok 22:21:37.0155 5288 snapman (0775cb5147953cce129bc3414740d109) C:\Windows\system32\DRIVERS\snapman.sys 22:21:37.0170 5288 snapman - ok 22:21:37.0201 5288 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 22:21:37.0217 5288 SNMPTRAP - ok 22:21:37.0233 5288 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 22:21:37.0233 5288 spldr - ok 22:21:37.0295 5288 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 22:21:37.0389 5288 Spooler - ok 22:21:37.0607 5288 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 22:21:37.0685 5288 sppsvc - ok 22:21:37.0794 5288 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 22:21:37.0872 5288 sppuinotify - ok 22:21:37.0966 5288 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 22:21:38.0044 5288 srv - ok 22:21:38.0091 5288 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 22:21:38.0122 5288 srv2 - ok 22:21:38.0153 5288 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 22:21:38.0215 5288 srvnet - ok 22:21:38.0262 5288 ssadbus (c1212ba5ab6783191899d194672a5b5c) C:\Windows\system32\DRIVERS\ssadbus.sys 22:21:38.0325 5288 ssadbus - ok 22:21:38.0356 5288 ssadmdfl (eb270596d4117c4306442f36ef2c290e) C:\Windows\system32\DRIVERS\ssadmdfl.sys 22:21:38.0403 5288 ssadmdfl - ok 22:21:38.0449 5288 ssadmdm (e29027dfaec246299d1cf88627c5cbe6) C:\Windows\system32\DRIVERS\ssadmdm.sys 22:21:38.0496 5288 ssadmdm - ok 22:21:38.0559 5288 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 22:21:38.0652 5288 SSDPSRV - ok 22:21:38.0683 5288 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 22:21:38.0746 5288 SstpSvc - ok 22:21:38.0808 5288 Steam Client Service - ok 22:21:38.0839 5288 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 22:21:38.0855 5288 stexstor - ok 22:21:38.0933 5288 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 22:21:38.0980 5288 stisvc - ok 22:21:38.0995 5288 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 22:21:39.0011 5288 swenum - ok 22:21:39.0058 5288 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 22:21:39.0105 5288 swprv - ok 22:21:39.0229 5288 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 22:21:39.0323 5288 SysMain - ok 22:21:39.0417 5288 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 22:21:39.0479 5288 TabletInputService - ok 22:21:39.0526 5288 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 22:21:39.0635 5288 TapiSrv - ok 22:21:39.0651 5288 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 22:21:39.0744 5288 TBS - ok 22:21:39.0916 5288 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys 22:21:39.0963 5288 Tcpip - ok 22:21:40.0119 5288 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys 22:21:40.0181 5288 TCPIP6 - ok 22:21:40.0243 5288 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 22:21:40.0306 5288 tcpipreg - ok 22:21:40.0321 5288 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 22:21:40.0368 5288 TDPIPE - ok 22:21:40.0493 5288 tdrpman258 (bf7ac81df6fbe09438d9dc7188178ea9) C:\Windows\system32\DRIVERS\tdrpm258.sys 22:21:40.0555 5288 tdrpman258 - ok 22:21:40.0602 5288 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 22:21:40.0680 5288 TDTCP - ok 22:21:40.0711 5288 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 22:21:40.0805 5288 tdx - ok 22:21:40.0836 5288 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 22:21:40.0867 5288 TermDD - ok 22:21:40.0930 5288 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 22:21:41.0039 5288 TermService - ok 22:21:41.0101 5288 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys 22:21:41.0148 5288 TFsExDisk - ok 22:21:41.0164 5288 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 22:21:41.0226 5288 Themes - ok 22:21:41.0257 5288 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 22:21:41.0320 5288 THREADORDER - ok 22:21:41.0429 5288 timounter (2c1caf5563548a15515eab07d2a069c6) C:\Windows\system32\DRIVERS\timntr.sys 22:21:41.0476 5288 timounter - ok 22:21:41.0507 5288 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 22:21:41.0585 5288 TrkWks - ok 22:21:41.0663 5288 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 22:21:41.0710 5288 TrustedInstaller - ok 22:21:41.0757 5288 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 22:21:41.0835 5288 tssecsrv - ok 22:21:41.0881 5288 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 22:21:41.0944 5288 tunnel - ok 22:21:41.0975 5288 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 22:21:42.0006 5288 uagp35 - ok 22:21:42.0037 5288 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 22:21:42.0115 5288 udfs - ok 22:21:42.0147 5288 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 22:21:42.0162 5288 UI0Detect - ok 22:21:42.0209 5288 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 22:21:42.0225 5288 uliagpkx - ok 22:21:42.0256 5288 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 22:21:42.0303 5288 umbus - ok 22:21:42.0349 5288 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 22:21:42.0365 5288 UmPass - ok 22:21:42.0412 5288 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 22:21:42.0459 5288 upnphost - ok 22:21:42.0505 5288 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 22:21:42.0568 5288 USBAAPL64 - ok 22:21:42.0583 5288 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 22:21:42.0661 5288 usbccgp - ok 22:21:42.0693 5288 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 22:21:42.0755 5288 usbcir - ok 22:21:42.0786 5288 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys 22:21:42.0802 5288 usbehci - ok 22:21:42.0833 5288 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 22:21:42.0864 5288 usbhub - ok 22:21:42.0864 5288 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys 22:21:42.0880 5288 usbohci - ok 22:21:42.0911 5288 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 22:21:42.0927 5288 usbprint - ok 22:21:42.0958 5288 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:21:43.0005 5288 USBSTOR - ok 22:21:43.0020 5288 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys 22:21:43.0067 5288 usbuhci - ok 22:21:43.0083 5288 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 22:21:43.0145 5288 UxSms - ok 22:21:43.0176 5288 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 22:21:43.0192 5288 VaultSvc - ok 22:21:43.0239 5288 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 22:21:43.0254 5288 vdrvroot - ok 22:21:43.0301 5288 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 22:21:43.0348 5288 vds - ok 22:21:43.0395 5288 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 22:21:43.0426 5288 vga - ok 22:21:43.0441 5288 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 22:21:43.0504 5288 VgaSave - ok 22:21:43.0566 5288 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 22:21:43.0597 5288 vhdmp - ok 22:21:43.0613 5288 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 22:21:43.0613 5288 viaide - ok 22:21:43.0644 5288 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 22:21:43.0660 5288 volmgr - ok 22:21:43.0691 5288 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 22:21:43.0707 5288 volmgrx - ok 22:21:43.0753 5288 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 22:21:43.0785 5288 volsnap - ok 22:21:43.0831 5288 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 22:21:43.0863 5288 vsmraid - ok 22:21:43.0987 5288 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 22:21:44.0065 5288 VSS - ok 22:21:44.0175 5288 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 22:21:44.0206 5288 vwifibus - ok 22:21:44.0253 5288 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 22:21:44.0315 5288 W32Time - ok 22:21:44.0346 5288 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 22:21:44.0393 5288 WacomPen - ok 22:21:44.0424 5288 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 22:21:44.0518 5288 WANARP - ok 22:21:44.0533 5288 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 22:21:44.0565 5288 Wanarpv6 - ok 22:21:44.0705 5288 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 22:21:44.0736 5288 WatAdminSvc - ok 22:21:44.0861 5288 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 22:21:44.0923 5288 wbengine - ok 22:21:45.0001 5288 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 22:21:45.0033 5288 WbioSrvc - ok 22:21:45.0079 5288 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 22:21:45.0142 5288 wcncsvc - ok 22:21:45.0157 5288 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 22:21:45.0189 5288 WcsPlugInService - ok 22:21:45.0235 5288 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 22:21:45.0251 5288 Wd - ok 22:21:45.0329 5288 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 22:21:45.0376 5288 Wdf01000 - ok 22:21:45.0391 5288 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 22:21:45.0438 5288 WdiServiceHost - ok 22:21:45.0438 5288 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 22:21:45.0454 5288 WdiSystemHost - ok 22:21:45.0501 5288 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 22:21:45.0547 5288 WebClient - ok 22:21:45.0579 5288 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 22:21:45.0657 5288 Wecsvc - ok 22:21:45.0672 5288 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 22:21:45.0781 5288 wercplsupport - ok 22:21:45.0828 5288 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 22:21:45.0922 5288 WerSvc - ok 22:21:45.0969 5288 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 22:21:46.0031 5288 WfpLwf - ok 22:21:46.0047 5288 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 22:21:46.0047 5288 WIMMount - ok 22:21:46.0078 5288 WinDefend - ok 22:21:46.0093 5288 WinHttpAutoProxySvc - ok 22:21:46.0156 5288 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 22:21:46.0234 5288 Winmgmt - ok 22:21:46.0405 5288 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 22:21:46.0530 5288 WinRM - ok 22:21:46.0639 5288 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 22:21:46.0686 5288 WinUsb - ok 22:21:46.0780 5288 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 22:21:46.0858 5288 Wlansvc - ok 22:21:46.0889 5288 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 22:21:46.0920 5288 WmiAcpi - ok 22:21:47.0014 5288 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 22:21:47.0092 5288 wmiApSrv - ok 22:21:47.0123 5288 WMPNetworkSvc - ok 22:21:47.0154 5288 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 22:21:47.0185 5288 WPCSvc - ok 22:21:47.0201 5288 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 22:21:47.0279 5288 WPDBusEnum - ok 22:21:47.0326 5288 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 22:21:47.0404 5288 ws2ifsl - ok 22:21:47.0466 5288 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll 22:21:47.0529 5288 wscsvc - ok 22:21:47.0529 5288 WSearch - ok 22:21:47.0716 5288 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 22:21:47.0778 5288 wuauserv - ok 22:21:47.0872 5288 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 22:21:47.0965 5288 WudfPf - ok 22:21:48.0012 5288 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 22:21:48.0106 5288 WUDFRd - ok 22:21:48.0153 5288 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 22:21:48.0215 5288 wudfsvc - ok 22:21:48.0246 5288 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 22:21:48.0293 5288 WwanSvc - ok 22:21:48.0355 5288 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 22:21:48.0683 5288 \Device\Harddisk0\DR0 - ok 22:21:48.0683 5288 Boot (0x1200) (16fa8ae7ab8275d264d37461b124f92c) \Device\Harddisk0\DR0\Partition0 22:21:48.0683 5288 \Device\Harddisk0\DR0\Partition0 - ok 22:21:48.0699 5288 ============================================================ 22:21:48.0699 5288 Scan finished 22:21:48.0699 5288 ============================================================ 22:21:48.0714 4924 Detected object count: 4 22:21:48.0714 4924 Actual detected object count: 4 22:22:31.0848 4924 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user 22:22:31.0848 4924 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:22:31.0864 4924 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 22:22:31.0864 4924 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:22:31.0864 4924 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user 22:22:31.0864 4924 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:22:31.0864 4924 GhosteryStatsUpdater ( UnsignedFile.Multi.Generic ) - skipped by user 22:22:31.0864 4924 GhosteryStatsUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip Heey markus.. ich bin dermaßen blöd, ich hatte zwar die ganze zeit meine makros durchgesehn aber nie meine Play/Pause taste und dort hab ich mir irgentwie mein makro verschrieben,.. ich danke dir trz vielmals (: ! Heey markus  ehm ich bin ein trottelchen (: ich hab zwar dran gedacht meine eigenen makro zu untersuchen aber nicht die standart makros, leider gottest hab ich meine wiedergabe/pause taste mit einem neuen makro belegt dass dies vorhergerufen hat  naja ich gedanke mich trz (: |
|
27.07.2012, 21:53
| #6 |
| /// Malware-holic | Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus na das geht ja. aber wir können den pc noch absichern. lade den CCleaner standard: CCleaner Download - CCleaner 3.21.1767 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ --> Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus |
|
| Themen zu Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus |
| bestimmte, bestimmten, buchstaben, compu, computer, essen, essentials, immer wieder, microsoft, microsoft security essentials, nichts, scan, security, security essentials, tastatur, virus, vollständige, wiederholt |
Linear-Darstellung
