| |
| |||||||
Log-Analyse und Auswertung: Spiele Minimieren sich Selbstständig (Leidiges Thema)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
01.08.2012, 16:12
| #1 |
| |  Spiele Minimieren sich Selbstständig (Leidiges Thema) Hallo zusammen: Habe dies schon öfters gelesen und nun trifft es mich auch :/ Vorweg: Mein rechner ist Nagelneu, Knapp ne Woche in Betrieb! Avast habe ich auch dieses mal als Virenschutz! Gescannt-> No Result(Eig auch klar) Skype und Steam habe ich Via msconfig aus dem autostart gelöscht! Nun hab ich alter Laie echt keine Ahnung  Neues "Mopped" da stehen und ich kann nicht zocken  Ob die infos helfen weiß ich nicht: Zuerst habe ich vor Tagen Skyrim gespielt.. da ging es los! bis gestern habe ich Problemlos Cod2 gespielt. Heute trat der Fehler erst bei Cod2 und C:SS auf! Internetverbindung ist WLAN: Jedoch über einen Repeater und dann zum Router-> Voller Ausschlag! Hijack wirft folgenden Log: HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:08:50, on 01.08.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Windows\DAODx.exe C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Braasch\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-21-84847559-674689475-2390767278-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-84847559-674689475-2390767278-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7656 bytes Bitte beachtet das ich sogut wie keine Ahnung von Computern habe Also bitte ich um Hilfe in Laiendeutsch Vielen dank im vorraus |
|
01.08.2012, 18:59
| #2 |
| /// Malware-holic   | Spiele Minimieren sich Selbstständig (Leidiges Thema) bitte nächstes mal die angepinnten themen lesen, hjt logs wollen wir nicht.
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
01.08.2012, 22:06
| #3 |
| | Spiele Minimieren sich Selbstständig (Leidiges Thema) Hallo und erst einmal ein SORRY für die logs
__________________Habe nun die files von OldTimer wie folgt : Extras:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 01.08.2012 22:46:16 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Braasch\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,95 Gb Total Physical Memory | 13,97 Gb Available Physical Memory | 87,58% Memory free
31,89 Gb Paging File | 29,91 Gb Available in Paging File | 93,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 357,24 Gb Free Space | 76,72% Space Free | Partition Type: NTFS
Computer Name: BRAASCH-PC | User Name: Braasch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B3A855B-A893-4B41-A082-6FCF9D72C013}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2A3F2676-9E2C-4C2F-9315-23E0CA71DEA5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2E967B3B-A0FD-47A0-A5EF-9FC6414E9A2C}" = lport=445 | protocol=6 | dir=in | app=system |
"{38B2A979-96F6-4682-85FB-6DE8047FF4B1}" = lport=138 | protocol=17 | dir=in | app=system |
"{40FCF56A-1FE3-4DC2-BDD0-70C9FDE5E08D}" = lport=139 | protocol=6 | dir=in | app=system |
"{46392A83-1053-4913-8FD4-C1E3DD1EDC1C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{47085732-EF27-4BC3-A9BD-84E31DDD7CEA}" = lport=137 | protocol=17 | dir=in | app=system |
"{4730B878-4B84-4B3A-B229-A7FBF63C62B9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{56C737C9-AB68-4D77-8914-A34FF319C845}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5D4C3E9A-3DA2-4F2D-93AA-F8E6BD6FA137}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6246F0C1-0D1B-4411-8610-CD75D79F6217}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6268C958-1D1F-422C-823C-3D487F47AA69}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{65585362-81E9-4AD5-97EA-CD97D7AB9CF0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6FC77B50-0E40-4859-83A0-73C72D1BF0C6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7FE652A2-BB41-4860-AE53-402D4B5972AA}" = rport=139 | protocol=6 | dir=out | app=system |
"{A3AFF8D9-00C1-46E6-BC64-5360C0020DB0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A632E224-7C20-4AA9-B497-1684701667D4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AEFFAA16-72AC-49E8-91E1-23A40C1E5E74}" = rport=445 | protocol=6 | dir=out | app=system |
"{B2E52C7D-453B-45E2-965D-E2067CDC7FEC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B45AE17C-8E25-4C23-B95A-0850A01F84E5}" = rport=138 | protocol=17 | dir=out | app=system |
"{FEA5A753-AB03-41AC-9169-D58BC25F4681}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0570A2DD-D4A4-4628-9C4D-4091612C644D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{079158D6-20CD-43B8-B898-DFE278403298}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{085D6732-5B12-441D-A48A-9423AB2C6B04}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14AA036A-60B1-4DC6-95A2-F79C5321106D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1789B642-46FD-47CE-8D28-7FBE4C6AC46E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{17C2F7CE-C1AE-442A-B653-7BECCC66D7A7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{31AC8FB7-1963-4B69-966A-9209D6746EC9}" = protocol=6 | dir=out | app=system |
"{3515A767-7488-4E37-8764-5841651DB514}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3C0C6633-EE02-4622-B8DF-7BBECA2CAD1D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4790EBC8-562B-46CF-9A00-56AD9F12ED4B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\braasch\counter-strike source\hl2.exe |
"{4FE6AF6F-71D0-4079-B63C-1C5BCBBABDD4}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5D46D32A-F15D-4089-958B-CDF7141DA85B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\braasch\counter-strike source\hl2.exe |
"{5E37A4D7-EE29-4C50-93F2-0B7AA85C0F7C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7133E45B-FDD6-408E-9609-8331EC50891D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{722859F6-65DA-481C-B9F3-E410923CD45D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7C65AC2A-76C5-44D5-9B88-FE869FC72839}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{848130A0-A564-433B-8D5B-E385A8D143A1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9CAE0EF6-62F4-444E-899E-CDEA13317812}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{9CB99413-7AA1-46D9-9467-1FE7FE380380}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D17DBEC-C2B3-4C74-BF04-950B002E74B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D60496A-B219-4629-8732-94CBDCB8B6AD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A05BEA8B-EA38-48D4-8A35-38973F3342CD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BC13C395-3F27-4D4C-9FDD-07D5E8909109}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C44F206A-2C4F-4E86-AB74-5DF4ACF6AC35}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{C4A0BF4D-76BF-4ED3-8AD3-B9B5D2DB12B8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D0A02C00-DB27-46AB-B7AA-FFB9349E92F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{D44DE73B-CFA2-462A-AB88-FF80A526CC82}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D62F71B6-ADAE-4DAD-868D-3F25C366B0E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D815A11B-F400-4A4A-B858-30D4970FB29B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D8A4DED0-ACDB-4AD0-816B-D7962129876A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D9ADFADC-910C-4C1F-A307-6990C4BFD028}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{ED915F10-46C9-4509-9CBB-0BF9B4389B3A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F0AD5365-DA40-40D7-8809-1B2450907FCA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F3BCB637-466D-4BDA-B975-D50BD746E824}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{16320E32-B0D6-441D-89BF-9303AD6390B3}C:\program files (x86)\steam\steamapps\braasch\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\braasch\counter-strike source\hl2.exe |
"TCP Query User{18AF932E-9C91-4173-9C10-F8B45E9F307B}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{346B627D-297F-445D-A1BE-B210DED132ED}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{66FC4D2A-916C-4B1A-B1A7-123B3B7CE0AD}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{234C1DFB-942B-4FBF-9DFD-14F4B2B889D2}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{491D7DBA-AC0D-4A21-9624-3779D5C16A08}C:\program files (x86)\steam\steamapps\braasch\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\braasch\counter-strike source\hl2.exe |
"UDP Query User{9D57576B-8FCA-4476-8879-3D82CABA7490}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{BEDFC4C1-DE1B-4852-BE6D-E136577C82E2}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{AB7F4312-8037-4EBF-9D0F-5513CDFD534C}" = ATI Catalyst Install Manager
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{4BAE4C76-44C3-418F-B715-6BBF5A65323E}" = TL-WN851ND Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Free Antivirus
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Steam App 240" = Counter-Strike: Source
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Xfire" = Xfire (remove only)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.07.2012 07:45:11 | Computer Name = Braasch-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: cod2mp_s.exe, Version: 0.0.0.0, Zeitstempel:
0x4456a34f Name des fehlerhaften Moduls: cod2mp_s.exe, Version: 0.0.0.0, Zeitstempel:
0x4456a34f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0017fb02 ID des fehlerhaften Prozesses:
0x1154 Startzeit der fehlerhaften Anwendung: 0x01cd6736465fb106 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe Pfad des
fehlerhaften Moduls: C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe
Berichtskennung:
86a45e00-d329-11e1-a292-c8600070ab53
Error - 21.07.2012 07:49:34 | Computer Name = Braasch-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: cod2mp_s.exe, Version: 0.0.0.0, Zeitstempel:
0x4456a34f Name des fehlerhaften Moduls: cod2mp_s.exe, Version: 0.0.0.0, Zeitstempel:
0x4456a34f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0017fb02 ID des fehlerhaften Prozesses:
0x644 Startzeit der fehlerhaften Anwendung: 0x01cd6736e2ad7cf3 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe Pfad des
fehlerhaften Moduls: C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe
Berichtskennung:
23a85d8f-d32a-11e1-a292-c8600070ab53
Error - 21.07.2012 07:52:51 | Computer Name = Braasch-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: cod2mp_s.exe, Version: 0.0.0.0, Zeitstempel:
0x4456a34f Name des fehlerhaften Moduls: cod2mp_s.exe, Version: 0.0.0.0, Zeitstempel:
0x4456a34f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0017fb02 ID des fehlerhaften Prozesses:
0x330 Startzeit der fehlerhaften Anwendung: 0x01cd67374bda80b3 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe Pfad des
fehlerhaften Moduls: C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe
Berichtskennung:
9912765b-d32a-11e1-a292-c8600070ab53
Error - 24.07.2012 04:19:47 | Computer Name = Braasch-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nvSCPAPISvr.exe, Version: 7.17.12.9639,
Zeitstempel: 0x4f6f8da8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x72bf6a34 ID des fehlerhaften
Prozesses: 0x390 Startzeit der fehlerhaften Anwendung: 0x01cd6974d73391f9 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 5485c7ff-d568-11e1-86ce-90f6529efaf8
Error - 24.07.2012 04:19:52 | Computer Name = Braasch-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: armsvc.exe, Version: 1.5.7.0, Zeitstempel:
0x4f02b00f Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x72bf6a34 ID des fehlerhaften Prozesses:
0x5f8 Startzeit der fehlerhaften Anwendung: 0x01cd6974dd1d7d26 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: 56fef608-d568-11e1-86ce-90f6529efaf8
Error - 24.07.2012 04:19:52 | Computer Name = Braasch-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: AppleMobileDeviceService.exe, Version:
17.89.0.42, Zeitstempel: 0x4f186178 Name des fehlerhaften Moduls: unknown, Version:
0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x72bf6a34
ID
des fehlerhaften Prozesses: 0x618 Startzeit der fehlerhaften Anwendung: 0x01cd6974dd354ae9
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung:
57250c0c-d568-11e1-86ce-90f6529efaf8
Error - 24.07.2012 04:19:54 | Computer Name = Braasch-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Updater.exe, Version: 5.10.1.44067,
Zeitstempel: 0x5000146c Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x72bf6a34 ID des fehlerhaften
Prozesses: 0x6a4 Startzeit der fehlerhaften Anwendung: 0x01cd6974ddf61a5f Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Skype\Updater\Updater.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: 582ae36a-d568-11e1-86ce-90f6529efaf8
Error - 01.08.2012 10:59:12 | Computer Name = Braasch-PC | Source = ESENT | ID = 215
Description = WinMail (2140) WindowsMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.
Error - 01.08.2012 10:59:18 | Computer Name = Braasch-PC | Source = ESENT | ID = 215
Description = WinMail (1456) WindowsMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.
Error - 01.08.2012 11:02:24 | Computer Name = Braasch-PC | Source = Application Hang | ID = 1002
Description = Programm cod2mp_s.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 820 Startzeit:
01cd6ff66b897901 Endzeit: 240 Anwendungspfad: C:\Program Files (x86)\Activision\Call
of Duty 2\cod2mp_s.exe Berichts-ID:
[ System Events ]
Error - 24.07.2012 04:24:36 | Computer Name = Braasch-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80242016 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2703157)
Error - 24.07.2012 04:24:36 | Computer Name = Braasch-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für
Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)
Error - 29.07.2012 06:52:03 | Computer Name = Braasch-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?28.?07.?2012 um 12:19:25 unerwartet heruntergefahren.
Error - 29.07.2012 08:04:59 | Computer Name = Braasch-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 29.07.2012 08:04:59 | Computer Name = Braasch-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 01.08.2012 08:18:51 | Computer Name = Braasch-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 01.08.2012 08:18:51 | Computer Name = Braasch-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 01.08.2012 10:56:18 | Computer Name = Braasch-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b
Error - 01.08.2012 10:59:49 | Computer Name = Braasch-PC | Source = DCOM | ID = 10016
Description =
Error - 01.08.2012 16:37:10 | Computer Name = Braasch-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b
< End of report >
OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 01.08.2012 22:46:16 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Braasch\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 15,95 Gb Total Physical Memory | 13,97 Gb Available Physical Memory | 87,58% Memory free 31,89 Gb Paging File | 29,91 Gb Available in Paging File | 93,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 357,24 Gb Free Space | 76,72% Space Free | Partition Type: NTFS Computer Name: BRAASCH-PC | User Name: Braasch | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.08.01 22:43:39 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Braasch\Desktop\OTL.exe PRC - [2012.07.29 14:27:44 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.07.14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.04.11 17:32:24 | 000,788,992 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2009.03.30 08:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe ========== Modules (No Company Name) ========== MOD - [2012.07.14 02:14:07 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.05.15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2011.05.23 14:32:36 | 001,410,048 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll MOD - [2011.04.11 17:32:56 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll MOD - [2011.04.11 17:32:56 | 000,111,616 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL MOD - [2011.04.11 17:32:24 | 000,788,992 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe MOD - [2011.04.11 17:32:16 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll MOD - [2009.03.30 08:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe ========== Win32 Services (SafeList) ========== SRV - [2012.08.01 14:18:43 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.07.29 14:27:44 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.07.29 13:47:49 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.04.21 20:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.04.11 17:33:56 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.04 07:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2011.03.04 07:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2011.02.24 10:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011.02.24 10:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2010.12.16 06:06:46 | 000,047,232 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 02 31 CC 56 A3 66 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.21 13:10:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.20 21:13:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.20 21:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Braasch\AppData\Roaming\mozilla\Extensions [2012.07.20 21:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F14614D-9CBC-4181-B88C-4FC40DAD6717}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{e87a29f0-d2c5-11e1-b415-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e87a29f0-d2c5-11e1-b415-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.08.01 22:43:36 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Braasch\Desktop\OTL.exe [2012.08.01 16:43:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012.08.01 16:42:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012.07.29 19:27:32 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\Skyrim [2012.07.29 19:24:09 | 000,000,000 | ---D | C] -- C:\Users\Braasch\Documents\My Games [2012.07.29 17:49:32 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012.07.29 15:23:21 | 000,000,000 | ---D | C] -- C:\Users\Braasch\temp [2012.07.29 15:23:20 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\TeamViewer [2012.07.29 15:03:03 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\TS3Client [2012.07.29 14:27:43 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\PunkBuster [2012.07.29 14:21:32 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2012.07.29 14:21:14 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2012.07.29 13:59:29 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012.07.29 13:01:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012.07.29 13:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012.07.29 13:01:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2012.07.24 10:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.07.21 14:14:51 | 000,000,000 | ---D | C] -- C:\Users\Braasch\Desktop\Game [2012.07.21 14:14:22 | 000,000,000 | ---D | C] -- C:\Users\Braasch\Desktop\Programme [2012.07.21 14:14:01 | 000,000,000 | ---D | C] -- C:\Users\Braasch\Desktop\Daten Festplatte [2012.07.21 13:34:20 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012.07.21 13:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision [2012.07.21 13:29:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.07.21 13:29:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012.07.21 13:28:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.07.21 13:21:52 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache [2012.07.21 13:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012.07.21 13:10:33 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012.07.21 13:10:33 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012.07.21 13:10:31 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012.07.21 13:10:30 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012.07.21 13:10:29 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012.07.21 13:10:29 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012.07.21 13:10:13 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012.07.21 13:10:12 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012.07.21 13:05:57 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\Apple Computer [2012.07.21 13:05:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.07.21 13:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.07.21 13:05:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.07.21 13:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.07.21 13:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012.07.21 13:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2012.07.21 13:00:16 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Apple Computer [2012.07.21 12:57:51 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\Apple [2012.07.21 12:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012.07.21 12:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012.07.21 12:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012.07.21 12:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012.07.21 12:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012.07.21 12:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012.07.21 12:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2012.07.21 12:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client [2012.07.21 12:54:35 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Skype [2012.07.21 12:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.07.21 12:54:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.07.21 12:54:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.07.21 12:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.07.21 12:39:39 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\Google [2012.07.21 12:39:31 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012.07.21 12:38:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012.07.21 12:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012.07.21 11:51:28 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.07.21 11:51:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem [2012.07.21 11:50:26 | 000,000,000 | ---D | C] -- C:\Windows\de-DE [2012.07.21 11:50:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2012.07.21 11:50:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE [2012.07.21 11:50:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE [2012.07.21 11:50:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de [2012.07.21 11:50:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407 [2012.07.21 11:50:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407 [2012.07.21 11:50:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de [2012.07.21 11:48:31 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2012.07.21 11:48:17 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2012.07.21 11:48:17 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2012.07.21 11:48:17 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2012.07.21 01:52:28 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.07.21 01:52:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.07.20 22:02:37 | 000,000,000 | ---D | C] -- C:\Users\Braasch\Documents\Uganda 2012 [2012.07.20 22:00:17 | 000,000,000 | ---D | C] -- C:\Users\Braasch\Documents\Sen [2012.07.20 21:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision [2012.07.20 21:21:40 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\Microsoft Games [2012.07.20 21:17:42 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Mozilla [2012.07.20 21:17:42 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\Mozilla [2012.07.20 21:13:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.07.20 21:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.07.20 21:13:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.07.20 21:12:12 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Xfire [2012.07.20 21:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2012.07.20 21:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire [2012.07.20 21:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire [2012.07.20 21:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology [2012.07.20 21:01:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3 [2012.07.20 21:00:21 | 000,471,144 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012.07.20 20:55:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012.07.20 20:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012.07.20 20:55:44 | 002,580,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012.07.20 20:55:43 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012.07.20 20:55:43 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll [2012.07.20 20:55:43 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012.07.20 20:55:43 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012.07.20 20:55:43 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012.07.20 20:55:43 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll [2012.07.20 20:55:43 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll [2012.07.20 20:55:43 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2012.07.20 20:55:38 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012.07.20 20:55:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012.07.20 20:55:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012.07.20 20:55:38 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012.07.20 20:55:38 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012.07.20 20:55:38 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012.07.20 20:55:35 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2012.07.20 20:55:35 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2012.07.20 20:55:35 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2012.07.20 20:55:35 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2012.07.20 20:55:34 | 001,870,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2012.07.20 20:55:34 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2012.07.20 20:55:34 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2012.07.20 20:55:33 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2012.07.20 20:55:33 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2012.07.20 20:55:33 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012.07.20 20:55:29 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012.07.20 20:55:28 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2012.07.20 20:55:28 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2012.07.20 20:55:28 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2012.07.20 20:55:27 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2012.07.20 20:55:27 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2012.07.20 20:55:27 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2012.07.20 20:55:27 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2012.07.20 20:55:27 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2012.07.20 20:55:27 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2012.07.20 20:55:27 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2012.07.20 20:55:27 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2012.07.20 20:55:27 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2012.07.20 20:55:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012.07.20 20:55:21 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012.07.20 20:55:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012.07.20 20:54:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012.07.20 20:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.07.20 20:50:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.07.20 20:48:26 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.07.20 20:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012.07.20 20:47:17 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012.07.20 20:47:17 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012.07.20 20:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.07.20 20:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012.07.20 20:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.07.20 20:45:13 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Macromedia [2012.07.20 20:45:06 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Adobe [2012.07.20 20:44:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012.07.20 20:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012.07.20 20:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2012.07.20 20:33:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012.07.20 20:10:34 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\TP-LINK [2012.07.20 20:10:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK [2012.07.20 20:10:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TP-LINK [2012.07.20 20:09:37 | 001,579,520 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys [2012.07.20 20:09:37 | 001,579,520 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys [2012.07.20 20:09:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012.07.20 20:09:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK [2012.07.20 20:03:15 | 000,000,000 | R--D | C] -- C:\Users\Braasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.07.20 20:03:15 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Searches [2012.07.20 20:03:15 | 000,000,000 | R--D | C] -- C:\Users\Braasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.07.20 20:03:08 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Identities [2012.07.20 20:03:06 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Contacts [2012.07.20 20:03:04 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\VirtualStore [2012.07.20 20:02:59 | 000,000,000 | --SD | C] -- C:\Users\Braasch\AppData\Roaming\Microsoft [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Videos [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Saved Games [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Pictures [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Music [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Links [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Favorites [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Downloads [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Documents [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\Desktop [2012.07.20 20:02:59 | 000,000,000 | R--D | C] -- C:\Users\Braasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Vorlagen [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\AppData\Local\Verlauf [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\AppData\Local\Temporary Internet Files [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Startmenü [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\SendTo [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Recent [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Netzwerkumgebung [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Lokale Einstellungen [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Documents\Eigene Videos [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Documents\Eigene Musik [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Eigene Dateien [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Documents\Eigene Bilder [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Druckumgebung [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Cookies [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\AppData\Local\Anwendungsdaten [2012.07.20 20:02:59 | 000,000,000 | -HSD | C] -- C:\Users\Braasch\Anwendungsdaten [2012.07.20 20:02:59 | 000,000,000 | -H-D | C] -- C:\Users\Braasch\AppData [2012.07.20 20:02:59 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\Temp [2012.07.20 20:02:59 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Local\Microsoft [2012.07.20 20:02:59 | 000,000,000 | ---D | C] -- C:\Users\Braasch\AppData\Roaming\Media Center Programs [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\Programme [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.07.20 20:02:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.07.20 20:02:48 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution ========== Files - Modified Within 30 Days ========== [2012.08.01 22:46:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.08.01 22:43:43 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.01 22:43:43 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.01 22:43:43 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.01 22:43:43 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.01 22:43:43 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.08.01 22:43:39 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Braasch\Desktop\OTL.exe [2012.08.01 22:40:34 | 000,014,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.01 22:40:34 | 000,014,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.01 22:38:31 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.01 22:38:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.01 22:38:12 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.08.01 22:38:02 | 4252,844,030 | -HS- | M] () -- C:\hiberfil.sys [2012.08.01 17:01:04 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.08.01 17:01:03 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.08.01 15:19:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.29 14:27:44 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.07.21 14:34:59 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.07.21 14:34:59 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.07.21 13:34:05 | 000,000,286 | ---- | M] () -- C:\Windows\game.ini [2012.07.21 13:10:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012.07.21 11:50:19 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat [2012.07.21 11:50:19 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat [2012.07.21 01:55:57 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.07.21 01:55:57 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.07.20 21:13:49 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.07.20 20:59:48 | 000,022,795 | ---- | M] () -- C:\Windows\Ascd_tmp.ini [2012.07.20 20:59:38 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2012.07.20 20:10:07 | 000,002,289 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012.07.03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe ========== Files Created - No Company Name ========== [2012.07.29 14:28:00 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.07.29 14:27:49 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.07.29 14:27:44 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.07.29 14:22:18 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2012.07.29 14:20:55 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2012.07.29 14:20:44 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2012.07.29 14:20:44 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2012.07.29 14:20:22 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2012.07.21 14:34:59 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.07.21 14:34:59 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.07.21 13:34:05 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini [2012.07.21 13:29:11 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.07.21 12:57:49 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012.07.21 12:39:42 | 000,001,112 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.21 12:39:41 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.21 12:39:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012.07.21 11:51:04 | 000,000,024 | RH-- | C] () -- C:\Windows\DELL_version [2012.07.21 11:50:42 | 000,653,928 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat [2012.07.21 11:50:42 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat [2012.07.21 11:50:42 | 000,129,800 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat [2012.07.21 11:50:42 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat [2012.07.21 01:55:50 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.07.21 01:55:38 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.07.21 01:52:09 | 4252,844,030 | -HS- | C] () -- C:\hiberfil.sys [2012.07.20 21:13:48 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.07.20 21:13:48 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.07.20 21:00:21 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2012.07.20 20:52:11 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012.07.20 20:52:07 | 000,022,795 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012.07.20 20:47:27 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2012.07.20 20:47:08 | 000,014,324 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012.07.20 20:44:04 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.20 20:10:07 | 000,002,289 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2012.07.20 20:09:37 | 000,264,558 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf [2012.07.20 20:09:37 | 000,007,634 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat [2012.07.20 20:03:20 | 000,001,401 | ---- | C] () -- C:\Users\Braasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.07.20 20:03:18 | 000,001,435 | ---- | C] () -- C:\Users\Braasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.05.03 04:55:52 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll ========== LOP Check ========== [2012.07.29 15:23:20 | 000,000,000 | ---D | M] -- C:\Users\Braasch\AppData\Roaming\TeamViewer [2012.07.20 20:10:45 | 000,000,000 | ---D | M] -- C:\Users\Braasch\AppData\Roaming\TP-LINK [2012.07.29 16:10:37 | 000,000,000 | ---D | M] -- C:\Users\Braasch\AppData\Roaming\TS3Client [2009.07.14 07:08:49 | 000,007,182 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.07.20 20:03:06 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2012.07.20 20:02:51 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.07.29 13:59:29 | 000,000,000 | ---D | M] -- C:\NVIDIA [2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.07.21 13:05:23 | 000,000,000 | R--D | M] -- C:\Program Files [2012.07.29 14:14:33 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012.07.21 13:28:49 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.07.20 20:02:51 | 000,000,000 | -HSD | M] -- C:\Programme [2012.07.20 20:02:51 | 000,000,000 | -HSD | M] -- C:\Recovery [2012.08.01 22:47:31 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.07.20 20:48:20 | 000,000,000 | R--D | M] -- C:\Users [2012.08.01 16:58:16 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2012.08.01 22:54:14 | 000,786,432 | -HS- | M] () -- C:\Users\Braasch\NTUSER.DAT [2012.08.01 22:54:14 | 000,262,144 | -HS- | M] () -- C:\Users\Braasch\ntuser.dat.LOG1 [2012.07.20 20:02:59 | 000,000,000 | -HS- | M] () -- C:\Users\Braasch\ntuser.dat.LOG2 [2012.07.20 20:48:42 | 000,065,536 | -HS- | M] () -- C:\Users\Braasch\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2012.07.20 20:48:42 | 000,524,288 | -HS- | M] () -- C:\Users\Braasch\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2012.07.20 20:48:42 | 000,524,288 | -HS- | M] () -- C:\Users\Braasch\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2012.07.20 20:02:59 | 000,000,020 | -HS- | M] () -- C:\Users\Braasch\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < > < End of report > Danke für die Hilfe und die wunderbar verständliche Step by Step erklärung Irgendwie brincht meine Internetverbindung auch immer ab, wenn ich hier etwas Posten will oO zufall? xD |
|
02.08.2012, 16:41
| #4 | |
| /// Malware-holic | Spiele Minimieren sich Selbstständig (Leidiges Thema) hi Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.08.2012, 17:28
| #5 |
| | Spiele Minimieren sich Selbstständig (Leidiges Thema) Guten Abend! Hier die gewünschten Daten: Combofix Logfile: Code:
ATTFilter ComboFix 12-07-31.03 - Braasch 02.08.2012 18:17:42.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.16330.14361 [GMT 2:00]
ausgeführt von:: c:\users\Braasch\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-02 bis 2012-08-02 ))))))))))))))))))))))))))))))
.
.
2012-08-03 00:08 . 2012-08-02 14:15 -------- d-----w- c:\windows\Panther
2012-08-03 00:08 . 2012-08-03 00:08 -------- d-----w- c:\windows\system32\oem
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\de-DE
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\SysWow64\XPSViewer
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\SysWow64\wbem\de-DE
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\de-DE
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\SysWow64\drivers\de-DE
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\SysWow64\de
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\SysWow64\0407
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\system32\wbem\de-DE
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\system32\drivers\de-DE
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\system32\de
2012-08-03 00:07 . 2012-08-03 00:07 -------- d-----w- c:\windows\system32\0407
2012-08-03 00:05 . 2009-07-14 03:05 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\de-DE\LXKPTPRC.DLL.mui
2012-08-02 16:21 . 2012-08-02 16:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-02 15:37 . 2012-08-02 15:37 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-08-02 15:20 . 2012-08-02 16:22 -------- d-----w- c:\program files (x86)\Steam
2012-08-02 15:07 . 2012-08-02 15:07 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-08-02 15:02 . 2012-08-02 15:02 -------- d-sh--w- c:\windows\ftpcache
2012-08-02 14:56 . 2012-08-02 14:56 -------- d-----w- c:\program files (x86)\Activision
2012-08-02 14:53 . 2012-08-02 15:57 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2012-08-02 14:52 . 2012-08-02 14:54 -------- d-----w- c:\programdata\Xfire
2012-08-02 14:52 . 2012-08-02 14:52 -------- d-----w- c:\program files (x86)\Xfire
2012-08-02 14:50 . 2012-07-16 00:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2AAB799C-CE6C-46A6-9193-3015EAC3D873}\mpengine.dll
2012-08-02 14:50 . 2012-05-31 10:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-08-02 14:47 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-02 14:47 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-02 14:47 . 2008-04-17 10:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-02 14:46 . 2012-08-02 14:46 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-08-02 14:46 . 2012-08-02 14:46 -------- d-----w- c:\program files\iTunes
2012-08-02 14:46 . 2012-08-02 14:46 -------- d-----w- c:\program files (x86)\iTunes
2012-08-02 14:46 . 2012-08-02 14:46 -------- d-----w- c:\programdata\Apple Computer
2012-08-02 14:46 . 2012-08-02 14:46 -------- d-----w- c:\program files\iPod
2012-08-02 14:46 . 2012-08-02 14:46 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-08-02 14:46 . 2012-08-02 14:46 -------- d-----w- c:\program files\Common Files\Apple
2012-08-02 14:45 . 2012-08-02 14:46 -------- d-----w- c:\program files\Bonjour
2012-08-02 14:45 . 2012-08-02 14:46 -------- d-----w- c:\program files (x86)\Bonjour
2012-08-02 14:45 . 2012-08-02 14:46 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-08-02 14:45 . 2012-08-02 14:46 -------- d-----w- c:\programdata\Apple
2012-08-02 14:41 . 2012-08-02 14:41 -------- d-----w- c:\program files (x86)\ASM104xUSB3
2012-08-02 14:40 . 2011-04-21 18:17 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-08-02 14:40 . 2011-04-21 18:17 471144 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-08-02 14:40 . 2011-04-21 18:17 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-08-02 14:34 . 2012-08-02 14:34 -------- d-----w- c:\users\UpdatusUser
2012-08-02 14:34 . 2012-01-17 18:46 31040 ----a-w- c:\windows\system32\nvhdap64.dll
2012-08-02 14:34 . 2012-01-17 18:45 188224 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2012-08-02 14:34 . 2012-01-17 18:45 1451840 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2012-08-02 14:34 . 2012-08-02 16:22 -------- d-----w- c:\programdata\NVIDIA
2012-08-02 14:34 . 2012-03-25 22:15 3092288 ----a-w- c:\windows\system32\nvsvc64.dll
2012-08-02 14:34 . 2012-03-25 22:14 2533047 ----a-w- c:\windows\system32\nvcoproc.bin
2012-08-02 14:34 . 2012-03-25 22:14 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-02 14:34 . 2012-03-25 22:14 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-08-02 14:34 . 2012-03-25 22:14 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-08-02 14:34 . 2012-03-25 22:15 6087488 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-02 14:34 . 2012-03-25 22:14 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-02 14:32 . 2012-03-26 05:31 17543488 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-08-02 14:32 . 2012-03-26 05:31 25222464 ----a-w- c:\windows\system32\nvcompiler.dll
2012-08-02 14:32 . 2012-03-26 05:31 2678080 ----a-w- c:\windows\system32\nvapi64.dll
2012-08-02 14:32 . 2012-03-26 05:31 2318144 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-08-02 14:32 . 2012-08-02 14:34 -------- d-----w- c:\program files\NVIDIA Corporation
2012-08-02 14:30 . 2012-08-02 14:30 -------- d-----w- c:\windows\SysWow64\Macromed
2012-08-02 14:30 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-02 14:30 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-08-02 14:30 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-08-02 14:30 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-08-02 14:29 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-08-02 14:29 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-08-02 14:29 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-08-02 14:29 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-02 14:29 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-08-02 14:28 . 2012-08-02 14:28 -------- d-----w- c:\program files (x86)\TP-LINK
2012-08-02 14:28 . 2011-04-11 15:33 1579520 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-08-02 14:28 . 2011-04-11 15:33 1579520 ----a-w- c:\windows\system32\athrx.sys
2012-08-02 14:27 . 2012-08-02 14:28 -------- d-----w- c:\programdata\TP-LINK
2012-08-02 14:26 . 2012-07-03 16:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-02 14:26 . 2012-07-03 16:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-02 14:26 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-02 14:26 . 2012-07-03 16:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-02 14:26 . 2012-07-03 16:21 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-02 14:26 . 2012-07-03 16:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-02 14:26 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-02 14:25 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-08-02 14:25 . 2012-07-03 16:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-02 14:25 . 2012-08-02 14:25 -------- d-----w- c:\programdata\AVAST Software
2012-08-02 14:25 . 2012-08-02 14:25 -------- d-----w- c:\program files\AVAST Software
2012-08-02 14:18 . 2011-03-04 05:46 78976 ----a-w- c:\windows\system32\drivers\amd_sata.sys
2012-08-02 14:18 . 2011-03-04 05:46 38528 ----a-w- c:\windows\system32\drivers\amd_xata.sys
2012-08-02 14:18 . 2010-12-16 04:06 47232 ----a-r- c:\windows\system32\drivers\usbfilter.sys
2012-08-02 14:18 . 2012-08-02 14:47 -------- dc----w- c:\windows\system32\DRVSTORE
2012-08-02 14:18 . 2012-08-02 14:18 -------- d-----w- c:\program files\ATI
2012-08-02 14:18 . 2012-08-02 15:48 -------- d-sh--w- c:\windows\Installer
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-02 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2012-8-2 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-26 2458944]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-03-25 382272]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Braasch\AppData\Roaming\Mozilla\Firefox\Profiles\tf1ehv02.default\
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\DAODx.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-02 18:25:47 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-02 16:25
.
Vor Suchlauf: 6 Verzeichnis(se), 440.204.144.640 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 440.120.664.064 Bytes frei
.
- - End Of File - - 128BC781952AB85A7AAE7FB0AEE6F742
Hatte heute ein wenig Zeit und habe Die Platten Formatiert und Windows von CD komplett neu Installiert! -> Fehler treten weiterhin auf! Hoffe ich hab da jetzt nichts falsch gemacht |
|
02.08.2012, 19:30
| #6 |
| /// Malware-holic | Spiele Minimieren sich Selbstständig (Leidiges Thema) download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ --> Spiele Minimieren sich Selbstständig (Leidiges Thema) |
|
02.08.2012, 19:49
| #7 |
| | Spiele Minimieren sich Selbstständig (Leidiges Thema) Check ich net so ganz.. welches Programm denn nun genau ? Gerade hat der mir Sophos Anti-Rootkit runter geladen und scannt gerade das sys ?! Richtig ? Ok! habs verstanden LOGFILES WIE FOLGT 20:52:45.0383 2580 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 20:52:45.0986 2580 ============================================================ 20:52:45.0986 2580 Current date / time: 2012/08/02 20:52:45.0986 20:52:45.0986 2580 SystemInfo: 20:52:45.0987 2580 20:52:45.0987 2580 OS Version: 6.1.7600 ServicePack: 0.0 20:52:45.0987 2580 Product type: Workstation 20:52:45.0987 2580 ComputerName: BRAASCH-PC 20:52:45.0987 2580 UserName: Braasch 20:52:45.0987 2580 Windows directory: C:\Windows 20:52:45.0987 2580 System windows directory: C:\Windows 20:52:45.0987 2580 Running under WOW64 20:52:45.0987 2580 Processor architecture: Intel x64 20:52:45.0987 2580 Number of processors: 6 20:52:45.0987 2580 Page size: 0x1000 20:52:45.0987 2580 Boot type: Normal boot 20:52:45.0987 2580 ============================================================ 20:52:46.0300 2580 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:52:46.0307 2580 ============================================================ 20:52:46.0307 2580 \Device\Harddisk0\DR0: 20:52:46.0307 2580 MBR partitions: 20:52:46.0307 2580 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 20:52:46.0307 2580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000 20:52:46.0307 2580 ============================================================ 20:52:46.0343 2580 C: <-> \Device\Harddisk0\DR0\Partition1 20:52:46.0343 2580 ============================================================ 20:52:46.0343 2580 Initialize success 20:52:46.0343 2580 ============================================================ 20:53:24.0072 0580 ============================================================ 20:53:24.0072 0580 Scan started 20:53:24.0072 0580 Mode: Manual; SigCheck; TDLFS; 20:53:24.0072 0580 ============================================================ 20:53:24.0984 0580 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 20:53:25.0123 0580 1394ohci - ok 20:53:25.0134 0580 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 20:53:25.0149 0580 ACPI - ok 20:53:25.0181 0580 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 20:53:25.0199 0580 AcpiPmi - ok 20:53:25.0223 0580 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:53:25.0239 0580 adp94xx - ok 20:53:25.0251 0580 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:53:25.0265 0580 adpahci - ok 20:53:25.0272 0580 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:53:25.0284 0580 adpu320 - ok 20:53:25.0304 0580 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 20:53:25.0378 0580 AeLookupSvc - ok 20:53:25.0438 0580 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 20:53:25.0489 0580 AFD - ok 20:53:25.0496 0580 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 20:53:25.0516 0580 agp440 - ok 20:53:25.0523 0580 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 20:53:25.0554 0580 ALG - ok 20:53:25.0556 0580 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 20:53:25.0566 0580 aliide - ok 20:53:25.0568 0580 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 20:53:25.0578 0580 amdide - ok 20:53:25.0582 0580 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:53:25.0607 0580 AmdK8 - ok 20:53:25.0621 0580 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:53:25.0642 0580 AmdPPM - ok 20:53:25.0647 0580 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 20:53:25.0658 0580 amdsata - ok 20:53:25.0665 0580 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:53:25.0678 0580 amdsbs - ok 20:53:25.0681 0580 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 20:53:25.0691 0580 amdxata - ok 20:53:25.0714 0580 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\DRIVERS\amd_sata.sys 20:53:27.0631 0580 amd_sata - ok 20:53:27.0646 0580 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\DRIVERS\amd_xata.sys 20:53:27.0656 0580 amd_xata - ok 20:53:27.0660 0580 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 20:53:27.0690 0580 AppID - ok 20:53:27.0707 0580 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 20:53:27.0745 0580 AppIDSvc - ok 20:53:27.0749 0580 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 20:53:27.0761 0580 Appinfo - ok 20:53:27.0898 0580 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 20:53:27.0918 0580 Apple Mobile Device - ok 20:53:27.0949 0580 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:53:27.0970 0580 arc - ok 20:53:27.0976 0580 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:53:27.0992 0580 arcsas - ok 20:53:28.0037 0580 asmthub3 (954950d11ada98ac1b7ee3c770e4622c) C:\Windows\system32\DRIVERS\asmthub3.sys 20:53:28.0090 0580 asmthub3 - ok 20:53:28.0127 0580 asmtxhci (01dbb05db1db95803e3c9f2b49afe79c) C:\Windows\system32\DRIVERS\asmtxhci.sys 20:53:28.0162 0580 asmtxhci - ok 20:53:28.0186 0580 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys 20:53:28.0198 0580 aswFsBlk - ok 20:53:28.0253 0580 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys 20:53:28.0272 0580 aswMonFlt - ok 20:53:28.0277 0580 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys 20:53:28.0292 0580 aswRdr - ok 20:53:28.0319 0580 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys 20:53:28.0342 0580 aswSnx - ok 20:53:28.0354 0580 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys 20:53:28.0369 0580 aswSP - ok 20:53:28.0373 0580 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys 20:53:28.0383 0580 aswTdi - ok 20:53:28.0398 0580 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:53:28.0429 0580 AsyncMac - ok 20:53:28.0432 0580 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 20:53:28.0442 0580 atapi - ok 20:53:28.0520 0580 athr (7d89b0c443f6068e5b27aa3b972069ff) C:\Windows\system32\DRIVERS\athrx.sys 20:53:28.0552 0580 athr - ok 20:53:28.0738 0580 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 20:53:28.0817 0580 AudioEndpointBuilder - ok 20:53:28.0823 0580 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 20:53:28.0859 0580 AudioSrv - ok 20:53:29.0011 0580 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 20:53:29.0035 0580 avast! Antivirus - ok 20:53:29.0097 0580 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 20:53:29.0136 0580 AxInstSV - ok 20:53:29.0270 0580 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:53:29.0299 0580 b06bdrv - ok 20:53:29.0313 0580 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:53:29.0327 0580 b57nd60a - ok 20:53:29.0367 0580 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 20:53:29.0393 0580 BDESVC - ok 20:53:29.0411 0580 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:53:29.0443 0580 Beep - ok 20:53:29.0496 0580 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 20:53:29.0557 0580 BFE - ok 20:53:29.0605 0580 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll 20:53:29.0657 0580 BITS - ok 20:53:29.0674 0580 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:53:29.0698 0580 blbdrive - ok 20:53:29.0750 0580 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 20:53:29.0776 0580 Bonjour Service - ok 20:53:29.0813 0580 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 20:53:29.0829 0580 bowser - ok 20:53:29.0833 0580 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:53:29.0853 0580 BrFiltLo - ok 20:53:29.0856 0580 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:53:29.0875 0580 BrFiltUp - ok 20:53:29.0881 0580 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 20:53:29.0913 0580 BridgeMP - ok 20:53:29.0941 0580 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 20:53:29.0995 0580 Browser - ok 20:53:30.0019 0580 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:53:30.0033 0580 Brserid - ok 20:53:30.0037 0580 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:53:30.0054 0580 BrSerWdm - ok 20:53:30.0057 0580 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:53:30.0072 0580 BrUsbMdm - ok 20:53:30.0074 0580 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:53:30.0096 0580 BrUsbSer - ok 20:53:30.0101 0580 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:53:30.0115 0580 BTHMODEM - ok 20:53:30.0122 0580 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 20:53:30.0154 0580 bthserv - ok 20:53:30.0159 0580 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:53:30.0191 0580 cdfs - ok 20:53:30.0197 0580 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 20:53:30.0210 0580 cdrom - ok 20:53:30.0225 0580 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 20:53:30.0262 0580 CertPropSvc - ok 20:53:30.0266 0580 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:53:30.0280 0580 circlass - ok 20:53:30.0300 0580 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:53:30.0315 0580 CLFS - ok 20:53:30.0414 0580 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:53:30.0435 0580 clr_optimization_v2.0.50727_32 - ok 20:53:30.0521 0580 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:53:30.0536 0580 clr_optimization_v2.0.50727_64 - ok 20:53:30.0540 0580 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:53:30.0556 0580 CmBatt - ok 20:53:30.0559 0580 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 20:53:30.0569 0580 cmdide - ok 20:53:30.0623 0580 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys 20:53:30.0659 0580 CNG - ok 20:53:30.0683 0580 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:53:30.0693 0580 Compbatt - ok 20:53:30.0708 0580 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 20:53:30.0731 0580 CompositeBus - ok 20:53:30.0741 0580 COMSysApp - ok 20:53:30.0745 0580 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:53:30.0757 0580 crcdisk - ok 20:53:30.0793 0580 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll 20:53:30.0808 0580 CryptSvc - ok 20:53:30.0907 0580 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 20:53:30.0962 0580 DcomLaunch - ok 20:53:30.0985 0580 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 20:53:31.0036 0580 defragsvc - ok 20:53:31.0059 0580 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 20:53:31.0085 0580 DfsC - ok 20:53:31.0101 0580 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 20:53:31.0119 0580 Dhcp - ok 20:53:31.0123 0580 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:53:31.0155 0580 discache - ok 20:53:31.0165 0580 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:53:31.0175 0580 Disk - ok 20:53:31.0203 0580 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 20:53:31.0239 0580 Dnscache - ok 20:53:31.0253 0580 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 20:53:31.0288 0580 dot3svc - ok 20:53:31.0295 0580 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 20:53:31.0328 0580 DPS - ok 20:53:31.0355 0580 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:53:31.0369 0580 drmkaud - ok 20:53:31.0426 0580 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 20:53:31.0458 0580 DXGKrnl - ok 20:53:31.0475 0580 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 20:53:31.0509 0580 EapHost - ok 20:53:31.0606 0580 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:53:31.0649 0580 ebdrv - ok 20:53:31.0810 0580 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 20:53:31.0847 0580 EFS - ok 20:53:31.0932 0580 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 20:53:31.0973 0580 ehRecvr - ok 20:53:31.0998 0580 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 20:53:32.0013 0580 ehSched - ok 20:53:32.0146 0580 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:53:32.0174 0580 elxstor - ok 20:53:32.0177 0580 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 20:53:32.0198 0580 ErrDev - ok 20:53:32.0228 0580 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 20:53:32.0288 0580 EventSystem - ok 20:53:32.0296 0580 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:53:32.0348 0580 exfat - ok 20:53:32.0356 0580 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:53:32.0389 0580 fastfat - ok 20:53:32.0439 0580 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 20:53:32.0481 0580 Fax - ok 20:53:32.0492 0580 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:53:32.0522 0580 fdc - ok 20:53:32.0535 0580 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 20:53:32.0598 0580 fdPHost - ok 20:53:32.0602 0580 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 20:53:32.0648 0580 FDResPub - ok 20:53:32.0652 0580 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:53:32.0663 0580 FileInfo - ok 20:53:32.0666 0580 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:53:32.0712 0580 Filetrace - ok 20:53:32.0716 0580 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:53:32.0739 0580 flpydisk - ok 20:53:32.0749 0580 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 20:53:32.0763 0580 FltMgr - ok 20:53:32.0841 0580 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll 20:53:32.0870 0580 FontCache - ok 20:53:32.0910 0580 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:53:32.0929 0580 FontCache3.0.0.0 - ok 20:53:32.0942 0580 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:53:32.0955 0580 FsDepends - ok 20:53:32.0986 0580 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 20:53:32.0997 0580 Fs_Rec - ok 20:53:33.0042 0580 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:53:33.0073 0580 fvevol - ok 20:53:33.0079 0580 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:53:33.0094 0580 gagp30kx - ok 20:53:33.0142 0580 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:53:33.0163 0580 GEARAspiWDM - ok 20:53:33.0209 0580 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 20:53:33.0244 0580 gpsvc - ok 20:53:33.0255 0580 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:53:33.0281 0580 hcw85cir - ok 20:53:33.0307 0580 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 20:53:33.0343 0580 HdAudAddService - ok 20:53:33.0353 0580 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:53:33.0375 0580 HDAudBus - ok 20:53:33.0379 0580 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:53:33.0394 0580 HidBatt - ok 20:53:33.0399 0580 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:53:33.0421 0580 HidBth - ok 20:53:33.0424 0580 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:53:33.0438 0580 HidIr - ok 20:53:33.0454 0580 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 20:53:33.0487 0580 hidserv - ok 20:53:33.0500 0580 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 20:53:33.0512 0580 HidUsb - ok 20:53:33.0527 0580 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 20:53:33.0562 0580 hkmsvc - ok 20:53:33.0576 0580 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 20:53:33.0597 0580 HomeGroupListener - ok 20:53:33.0629 0580 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 20:53:33.0653 0580 HomeGroupProvider - ok 20:53:33.0657 0580 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 20:53:33.0668 0580 HpSAMD - ok 20:53:33.0698 0580 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 20:53:33.0737 0580 HTTP - ok 20:53:33.0740 0580 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 20:53:33.0750 0580 hwpolicy - ok 20:53:33.0755 0580 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 20:53:33.0768 0580 i8042prt - ok 20:53:33.0788 0580 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 20:53:33.0805 0580 iaStorV - ok 20:53:33.0852 0580 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:53:33.0872 0580 idsvc - ok 20:53:33.0876 0580 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:53:33.0887 0580 iirsp - ok 20:53:33.0925 0580 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 20:53:33.0974 0580 IKEEXT - ok 20:53:34.0074 0580 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys 20:53:34.0118 0580 IntcAzAudAddService - ok 20:53:34.0339 0580 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 20:53:34.0364 0580 intelide - ok 20:53:34.0379 0580 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:53:34.0411 0580 intelppm - ok 20:53:34.0432 0580 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 20:53:34.0479 0580 IPBusEnum - ok 20:53:34.0483 0580 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:53:34.0521 0580 IpFilterDriver - ok 20:53:34.0539 0580 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 20:53:34.0578 0580 iphlpsvc - ok 20:53:34.0583 0580 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 20:53:34.0595 0580 IPMIDRV - ok 20:53:34.0610 0580 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:53:34.0646 0580 IPNAT - ok 20:53:34.0837 0580 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 20:53:34.0861 0580 iPod Service - ok 20:53:34.0919 0580 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:53:34.0942 0580 IRENUM - ok 20:53:34.0946 0580 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 20:53:34.0958 0580 isapnp - ok 20:53:34.0989 0580 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 20:53:35.0002 0580 iScsiPrt - ok 20:53:35.0006 0580 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 20:53:35.0017 0580 kbdclass - ok 20:53:35.0034 0580 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 20:53:35.0046 0580 kbdhid - ok 20:53:35.0076 0580 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:53:35.0088 0580 KeyIso - ok 20:53:35.0102 0580 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys 20:53:35.0114 0580 KSecDD - ok 20:53:35.0123 0580 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys 20:53:35.0135 0580 KSecPkg - ok 20:53:35.0160 0580 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:53:35.0191 0580 ksthunk - ok 20:53:35.0216 0580 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 20:53:35.0262 0580 KtmRm - ok 20:53:35.0296 0580 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll 20:53:35.0311 0580 LanmanServer - ok 20:53:35.0346 0580 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 20:53:35.0390 0580 LanmanWorkstation - ok 20:53:35.0404 0580 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:53:35.0445 0580 lltdio - ok 20:53:35.0469 0580 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 20:53:35.0504 0580 lltdsvc - ok 20:53:35.0508 0580 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 20:53:35.0540 0580 lmhosts - ok 20:53:35.0556 0580 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:53:35.0567 0580 LSI_FC - ok 20:53:35.0574 0580 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:53:35.0585 0580 LSI_SAS - ok 20:53:35.0589 0580 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:53:35.0600 0580 LSI_SAS2 - ok 20:53:35.0606 0580 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:53:35.0616 0580 LSI_SCSI - ok 20:53:35.0622 0580 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:53:35.0658 0580 luafv - ok 20:53:35.0683 0580 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 20:53:35.0696 0580 Mcx2Svc - ok 20:53:35.0699 0580 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:53:35.0710 0580 megasas - ok 20:53:35.0719 0580 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:53:35.0733 0580 MegaSR - ok 20:53:35.0805 0580 MEMSWEEP2 (1595fecffbe9ea2417e06d5fd0bfa4c4) C:\Windows\system32\3277.tmp 20:53:35.0813 0580 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning 20:53:35.0814 0580 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1) 20:53:35.0833 0580 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:53:35.0883 0580 MMCSS - ok 20:53:35.0886 0580 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:53:35.0918 0580 Modem - ok 20:53:35.0922 0580 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:53:35.0935 0580 monitor - ok 20:53:35.0940 0580 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 20:53:35.0950 0580 mouclass - ok 20:53:35.0963 0580 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:53:35.0974 0580 mouhid - ok 20:53:35.0979 0580 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 20:53:35.0990 0580 mountmgr - ok 20:53:36.0054 0580 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 20:53:36.0075 0580 MozillaMaintenance - ok 20:53:36.0083 0580 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 20:53:36.0097 0580 mpio - ok 20:53:36.0102 0580 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:53:36.0134 0580 mpsdrv - ok 20:53:36.0172 0580 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 20:53:36.0213 0580 MpsSvc - ok 20:53:36.0219 0580 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 20:53:36.0249 0580 MRxDAV - ok 20:53:36.0288 0580 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:53:36.0301 0580 mrxsmb - ok 20:53:36.0343 0580 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:53:36.0364 0580 mrxsmb10 - ok 20:53:36.0393 0580 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:53:36.0405 0580 mrxsmb20 - ok 20:53:36.0409 0580 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 20:53:36.0419 0580 msahci - ok 20:53:36.0438 0580 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 20:53:36.0449 0580 msdsm - ok 20:53:36.0486 0580 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 20:53:36.0516 0580 MSDTC - ok 20:53:36.0521 0580 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:53:36.0552 0580 Msfs - ok 20:53:36.0555 0580 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:53:36.0587 0580 mshidkmdf - ok 20:53:36.0606 0580 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 20:53:36.0616 0580 msisadrv - ok 20:53:36.0642 0580 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 20:53:36.0688 0580 MSiSCSI - ok 20:53:36.0691 0580 msiserver - ok 20:53:36.0704 0580 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:53:36.0736 0580 MSKSSRV - ok 20:53:36.0739 0580 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:53:36.0771 0580 MSPCLOCK - ok 20:53:36.0788 0580 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:53:36.0831 0580 MSPQM - ok 20:53:36.0844 0580 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 20:53:36.0860 0580 MsRPC - ok 20:53:36.0865 0580 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 20:53:36.0876 0580 mssmbios - ok 20:53:36.0879 0580 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:53:36.0941 0580 MSTEE - ok 20:53:36.0944 0580 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:53:36.0956 0580 MTConfig - ok 20:53:36.0960 0580 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:53:36.0971 0580 Mup - ok 20:53:37.0002 0580 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 20:53:37.0039 0580 napagent - ok 20:53:37.0067 0580 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:53:37.0094 0580 NativeWifiP - ok 20:53:37.0125 0580 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 20:53:37.0147 0580 NDIS - ok 20:53:37.0151 0580 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:53:37.0182 0580 NdisCap - ok 20:53:37.0186 0580 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:53:37.0232 0580 NdisTapi - ok 20:53:37.0236 0580 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 20:53:37.0268 0580 Ndisuio - ok 20:53:37.0275 0580 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 20:53:37.0308 0580 NdisWan - ok 20:53:37.0312 0580 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 20:53:37.0345 0580 NDProxy - ok 20:53:37.0349 0580 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:53:37.0385 0580 NetBIOS - ok 20:53:37.0400 0580 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 20:53:37.0434 0580 NetBT - ok 20:53:37.0454 0580 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:53:37.0466 0580 Netlogon - ok 20:53:37.0499 0580 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 20:53:37.0536 0580 Netman - ok 20:53:37.0551 0580 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 20:53:37.0588 0580 netprofm - ok 20:53:37.0660 0580 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:53:37.0683 0580 NetTcpPortSharing - ok 20:53:37.0687 0580 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:53:37.0700 0580 nfrd960 - ok 20:53:37.0733 0580 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 20:53:37.0775 0580 NlaSvc - ok 20:53:37.0779 0580 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:53:37.0812 0580 Npfs - ok 20:53:37.0822 0580 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 20:53:37.0867 0580 nsi - ok 20:53:37.0870 0580 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:53:37.0901 0580 nsiproxy - ok 20:53:37.0968 0580 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 20:53:38.0008 0580 Ntfs - ok 20:53:38.0227 0580 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:53:38.0276 0580 Null - ok 20:53:38.0329 0580 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys 20:53:38.0355 0580 NVHDA - ok 20:53:38.0821 0580 nvlddmkm (b3357d055675c7bbf22a43b0bd77e6a7) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:53:39.0026 0580 nvlddmkm - ok 20:53:39.0076 0580 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 20:53:39.0088 0580 nvraid - ok 20:53:39.0095 0580 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 20:53:39.0107 0580 nvstor - ok 20:53:39.0195 0580 nvsvc (6a56a9581090b60ee13c934f617250e9) C:\Windows\system32\nvvsvc.exe 20:53:39.0228 0580 nvsvc - ok 20:53:39.0426 0580 nvUpdatusService (fee8f536d0de7b9cc1236114d7c5b45b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 20:53:39.0471 0580 nvUpdatusService - ok 20:53:39.0515 0580 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 20:53:39.0543 0580 nv_agp - ok 20:53:39.0552 0580 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 20:53:39.0579 0580 ohci1394 - ok 20:53:39.0599 0580 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:53:39.0624 0580 p2pimsvc - ok 20:53:39.0649 0580 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 20:53:39.0665 0580 p2psvc - ok 20:53:39.0671 0580 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:53:39.0683 0580 Parport - ok 20:53:39.0710 0580 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys 20:53:39.0721 0580 partmgr - ok 20:53:39.0728 0580 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 20:53:39.0768 0580 PcaSvc - ok 20:53:39.0775 0580 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 20:53:39.0787 0580 pci - ok 20:53:39.0791 0580 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 20:53:39.0800 0580 pciide - ok 20:53:39.0809 0580 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:53:39.0822 0580 pcmcia - ok 20:53:39.0826 0580 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:53:39.0836 0580 pcw - ok 20:53:39.0864 0580 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:53:39.0906 0580 PEAUTH - ok 20:53:40.0067 0580 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 20:53:40.0121 0580 PerfHost - ok 20:53:40.0183 0580 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 20:53:40.0228 0580 pla - ok 20:53:40.0284 0580 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 20:53:40.0318 0580 PlugPlay - ok 20:53:40.0333 0580 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 20:53:40.0346 0580 PNRPAutoReg - ok 20:53:40.0358 0580 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:53:40.0374 0580 PNRPsvc - ok 20:53:40.0409 0580 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 20:53:40.0444 0580 PolicyAgent - ok 20:53:40.0461 0580 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 20:53:40.0497 0580 Power - ok 20:53:40.0516 0580 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 20:53:40.0548 0580 PptpMiniport - ok 20:53:40.0553 0580 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:53:40.0565 0580 Processor - ok 20:53:40.0602 0580 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll 20:53:40.0629 0580 ProfSvc - ok 20:53:40.0666 0580 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:53:40.0678 0580 ProtectedStorage - ok 20:53:40.0700 0580 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 20:53:40.0744 0580 Psched - ok 20:53:40.0802 0580 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:53:40.0832 0580 ql2300 - ok 20:53:40.0987 0580 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:53:41.0014 0580 ql40xx - ok 20:53:41.0039 0580 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 20:53:41.0061 0580 QWAVE - ok 20:53:41.0065 0580 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:53:41.0081 0580 QWAVEdrv - ok 20:53:41.0085 0580 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:53:41.0117 0580 RasAcd - ok 20:53:41.0131 0580 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:53:41.0176 0580 RasAgileVpn - ok 20:53:41.0190 0580 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 20:53:41.0224 0580 RasAuto - ok 20:53:41.0230 0580 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:53:41.0269 0580 Rasl2tp - ok 20:53:41.0311 0580 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 20:53:41.0352 0580 RasMan - ok 20:53:41.0358 0580 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:53:41.0390 0580 RasPppoe - ok 20:53:41.0395 0580 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:53:41.0427 0580 RasSstp - ok 20:53:41.0448 0580 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 20:53:41.0482 0580 rdbss - ok 20:53:41.0486 0580 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:53:41.0500 0580 rdpbus - ok 20:53:41.0503 0580 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:53:41.0542 0580 RDPCDD - ok 20:53:41.0547 0580 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:53:41.0581 0580 RDPENCDD - ok 20:53:41.0585 0580 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:53:41.0635 0580 RDPREFMP - ok 20:53:41.0661 0580 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys 20:53:41.0674 0580 RDPWD - ok 20:53:41.0682 0580 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 20:53:41.0695 0580 rdyboost - ok 20:53:41.0720 0580 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 20:53:41.0766 0580 RemoteAccess - ok 20:53:41.0785 0580 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 20:53:41.0819 0580 RemoteRegistry - ok 20:53:41.0830 0580 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 20:53:41.0869 0580 RpcEptMapper - ok 20:53:41.0888 0580 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 20:53:41.0913 0580 RpcLocator - ok 20:53:41.0947 0580 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 20:53:41.0985 0580 RpcSs - ok 20:53:41.0996 0580 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:53:42.0082 0580 rspndr - ok 20:53:42.0139 0580 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys 20:53:42.0163 0580 RTL8167 - ok 20:53:42.0188 0580 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:53:42.0200 0580 SamSs - ok 20:53:42.0206 0580 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 20:53:42.0217 0580 sbp2port - ok 20:53:42.0242 0580 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 20:53:42.0279 0580 SCardSvr - ok 20:53:42.0283 0580 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 20:53:42.0326 0580 scfilter - ok 20:53:42.0385 0580 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 20:53:42.0413 0580 Schedule - ok 20:53:42.0448 0580 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 20:53:42.0498 0580 SCPolicySvc - ok 20:53:42.0524 0580 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 20:53:42.0546 0580 SDRSVC - ok 20:53:42.0618 0580 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:53:42.0666 0580 secdrv - ok 20:53:42.0682 0580 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 20:53:42.0732 0580 seclogon - ok 20:53:42.0750 0580 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 20:53:42.0792 0580 SENS - ok 20:53:42.0803 0580 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 20:53:42.0829 0580 SensrSvc - ok 20:53:42.0854 0580 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:53:42.0866 0580 Serenum - ok 20:53:42.0871 0580 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:53:42.0889 0580 Serial - ok 20:53:42.0893 0580 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:53:42.0905 0580 sermouse - ok 20:53:42.0925 0580 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 20:53:42.0961 0580 SessionEnv - ok 20:53:42.0964 0580 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 20:53:42.0978 0580 sffdisk - ok 20:53:42.0981 0580 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 20:53:42.0995 0580 sffp_mmc - ok 20:53:42.0998 0580 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 20:53:43.0012 0580 sffp_sd - ok 20:53:43.0025 0580 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:53:43.0036 0580 sfloppy - ok 20:53:43.0097 0580 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 20:53:43.0136 0580 SharedAccess - ok 20:53:43.0166 0580 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 20:53:43.0188 0580 ShellHWDetection - ok 20:53:43.0192 0580 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:53:43.0203 0580 SiSRaid2 - ok 20:53:43.0207 0580 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:53:43.0219 0580 SiSRaid4 - ok 20:53:43.0238 0580 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:53:43.0280 0580 Smb - ok 20:53:43.0292 0580 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 20:53:43.0306 0580 SNMPTRAP - ok 20:53:43.0310 0580 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:53:43.0320 0580 spldr - ok 20:53:43.0350 0580 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 20:53:43.0373 0580 Spooler - ok 20:53:43.0511 0580 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 20:53:43.0561 0580 sppsvc - ok 20:53:43.0716 0580 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 20:53:43.0770 0580 sppuinotify - ok 20:53:43.0894 0580 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 20:53:43.0923 0580 srv - ok 20:53:43.0947 0580 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 20:53:43.0961 0580 srv2 - ok 20:53:43.0989 0580 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 20:53:44.0018 0580 srvnet - ok 20:53:44.0041 0580 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 20:53:44.0076 0580 SSDPSRV - ok 20:53:44.0081 0580 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 20:53:44.0115 0580 SstpSvc - ok 20:53:44.0175 0580 Steam Client Service - ok 20:53:44.0315 0580 Stereo Service (36ac0470ee4f2627ca8a88e2e1dfb388) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 20:53:44.0343 0580 Stereo Service - ok 20:53:44.0347 0580 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:53:44.0357 0580 stexstor - ok 20:53:44.0411 0580 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 20:53:44.0461 0580 stisvc - ok 20:53:44.0465 0580 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 20:53:44.0477 0580 swenum - ok 20:53:44.0504 0580 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 20:53:44.0543 0580 swprv - ok 20:53:44.0607 0580 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 20:53:44.0648 0580 SysMain - ok 20:53:44.0819 0580 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 20:53:44.0847 0580 TabletInputService - ok 20:53:44.0867 0580 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 20:53:44.0918 0580 TapiSrv - ok 20:53:44.0962 0580 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 20:53:45.0010 0580 TBS - ok 20:53:45.0208 0580 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys 20:53:45.0245 0580 Tcpip - ok 20:53:45.0365 0580 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys 20:53:45.0403 0580 TCPIP6 - ok 20:53:45.0434 0580 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 20:53:45.0466 0580 tcpipreg - ok 20:53:45.0472 0580 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:53:45.0483 0580 TDPIPE - ok 20:53:45.0516 0580 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 20:53:45.0539 0580 TDTCP - ok 20:53:45.0545 0580 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 20:53:45.0598 0580 tdx - ok 20:53:45.0602 0580 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 20:53:45.0613 0580 TermDD - ok 20:53:45.0655 0580 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 20:53:45.0694 0580 TermService - ok 20:53:45.0706 0580 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 20:53:45.0723 0580 Themes - ok 20:53:45.0745 0580 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:53:45.0778 0580 THREADORDER - ok 20:53:45.0790 0580 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 20:53:45.0831 0580 TrkWks - ok 20:53:45.0855 0580 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 20:53:45.0879 0580 TrustedInstaller - ok 20:53:45.0885 0580 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:53:45.0924 0580 tssecsrv - ok 20:53:45.0947 0580 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 20:53:45.0982 0580 tunnel - ok 20:53:45.0987 0580 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:53:45.0998 0580 uagp35 - ok 20:53:46.0010 0580 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 20:53:46.0044 0580 udfs - ok 20:53:46.0056 0580 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 20:53:46.0070 0580 UI0Detect - ok 20:53:46.0085 0580 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 20:53:46.0097 0580 uliagpkx - ok 20:53:46.0115 0580 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 20:53:46.0126 0580 umbus - ok 20:53:46.0129 0580 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:53:46.0140 0580 UmPass - ok 20:53:46.0160 0580 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 20:53:46.0214 0580 upnphost - ok 20:53:46.0220 0580 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 20:53:46.0232 0580 usbccgp - ok 20:53:46.0251 0580 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 20:53:46.0274 0580 usbcir - ok 20:53:46.0278 0580 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 20:53:46.0290 0580 usbehci - ok 20:53:46.0312 0580 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys 20:53:46.0321 0580 usbfilter - ok 20:53:46.0333 0580 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 20:53:46.0379 0580 usbhub - ok 20:53:46.0383 0580 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 20:53:46.0394 0580 usbohci - ok 20:53:46.0409 0580 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:53:46.0479 0580 usbprint - ok 20:53:46.0489 0580 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:53:46.0507 0580 USBSTOR - ok 20:53:46.0511 0580 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 20:53:46.0523 0580 usbuhci - ok 20:53:46.0533 0580 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 20:53:46.0566 0580 UxSms - ok 20:53:46.0588 0580 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:53:46.0600 0580 VaultSvc - ok 20:53:46.0604 0580 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 20:53:46.0614 0580 vdrvroot - ok 20:53:46.0649 0580 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 20:53:46.0668 0580 vds - ok 20:53:46.0679 0580 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:53:46.0692 0580 vga - ok 20:53:46.0701 0580 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:53:46.0733 0580 VgaSave - ok 20:53:46.0741 0580 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 20:53:46.0755 0580 vhdmp - ok 20:53:46.0776 0580 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 20:53:46.0786 0580 viaide - ok 20:53:46.0880 0580 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 20:53:46.0904 0580 volmgr - ok 20:53:46.0924 0580 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 20:53:46.0942 0580 volmgrx - ok 20:53:46.0955 0580 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 20:53:46.0970 0580 volsnap - ok 20:53:46.0979 0580 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:53:46.0990 0580 vsmraid - ok 20:53:47.0073 0580 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 20:53:47.0111 0580 VSS - ok 20:53:47.0306 0580 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 20:53:47.0339 0580 vwifibus - ok 20:53:47.0355 0580 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 20:53:47.0393 0580 vwififlt - ok 20:53:47.0422 0580 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 20:53:47.0465 0580 W32Time - ok 20:53:47.0471 0580 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:53:47.0482 0580 WacomPen - ok 20:53:47.0491 0580 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:53:47.0523 0580 WANARP - ok 20:53:47.0526 0580 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:53:47.0558 0580 Wanarpv6 - ok 20:53:47.0608 0580 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 20:53:47.0635 0580 wbengine - ok 20:53:47.0663 0580 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 20:53:47.0694 0580 WbioSrvc - ok 20:53:47.0743 0580 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 20:53:47.0792 0580 wcncsvc - ok 20:53:47.0808 0580 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 20:53:47.0824 0580 WcsPlugInService - ok 20:53:47.0841 0580 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:53:47.0852 0580 Wd - ok 20:53:47.0874 0580 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:53:47.0894 0580 Wdf01000 - ok 20:53:47.0900 0580 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:53:47.0927 0580 WdiServiceHost - ok 20:53:47.0930 0580 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:53:47.0948 0580 WdiSystemHost - ok 20:53:47.0990 0580 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 20:53:48.0020 0580 WebClient - ok 20:53:48.0037 0580 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 20:53:48.0077 0580 Wecsvc - ok 20:53:48.0088 0580 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 20:53:48.0126 0580 wercplsupport - ok 20:53:48.0137 0580 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 20:53:48.0184 0580 WerSvc - ok 20:53:48.0190 0580 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:53:48.0222 0580 WfpLwf - ok 20:53:48.0226 0580 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:53:48.0238 0580 WIMMount - ok 20:53:48.0286 0580 WinDefend - ok 20:53:48.0300 0580 WinHttpAutoProxySvc - ok 20:53:48.0426 0580 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 20:53:48.0493 0580 Winmgmt - ok 20:53:48.0567 0580 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 20:53:48.0619 0580 WinRM - ok 20:53:48.0810 0580 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 20:53:48.0851 0580 Wlansvc - ok 20:53:48.0857 0580 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:53:48.0868 0580 WmiAcpi - ok 20:53:48.0906 0580 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 20:53:48.0935 0580 wmiApSrv - ok 20:53:48.0938 0580 WMPNetworkSvc - ok 20:53:48.0946 0580 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 20:53:48.0959 0580 WPCSvc - ok 20:53:48.0966 0580 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 20:53:48.0981 0580 WPDBusEnum - ok 20:53:48.0989 0580 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:53:49.0026 0580 ws2ifsl - ok 20:53:49.0057 0580 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll 20:53:49.0071 0580 wscsvc - ok 20:53:49.0075 0580 WSearch - ok 20:53:49.0191 0580 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 20:53:49.0240 0580 wuauserv - ok 20:53:49.0263 0580 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 20:53:49.0294 0580 WudfPf - ok 20:53:49.0316 0580 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 20:53:49.0350 0580 wudfsvc - ok 20:53:49.0372 0580 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 20:53:49.0390 0580 WwanSvc - ok 20:53:49.0413 0580 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:53:49.0627 0580 \Device\Harddisk0\DR0 - ok 20:53:49.0632 0580 Boot (0x1200) (d1abc61c5acaae910af174d6d5bc15f2) \Device\Harddisk0\DR0\Partition0 20:53:49.0634 0580 \Device\Harddisk0\DR0\Partition0 - ok 20:53:49.0663 0580 Boot (0x1200) (40f0fdc63c8dab4ab5707d0e37b7bf4c) \Device\Harddisk0\DR0\Partition1 20:53:49.0665 0580 \Device\Harddisk0\DR0\Partition1 - ok 20:53:49.0666 0580 ============================================================ 20:53:49.0666 0580 Scan finished 20:53:49.0666 0580 ============================================================ 20:53:49.0687 4260 Detected object count: 1 20:53:49.0687 4260 Actual detected object count: 1 20:54:02.0786 4260 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user 20:54:02.0786 4260 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:54:59.0789 3208 ============================================================ 20:54:59.0789 3208 Scan started 20:54:59.0789 3208 Mode: Manual; SigCheck; TDLFS; 20:54:59.0789 3208 ============================================================ 20:55:00.0561 3208 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 20:55:00.0584 3208 1394ohci - ok 20:55:00.0597 3208 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 20:55:00.0612 3208 ACPI - ok 20:55:00.0614 3208 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 20:55:00.0628 3208 AcpiPmi - ok 20:55:00.0649 3208 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:55:00.0665 3208 adp94xx - ok 20:55:00.0677 3208 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:55:00.0691 3208 adpahci - ok 20:55:00.0699 3208 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:55:00.0712 3208 adpu320 - ok 20:55:00.0749 3208 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 20:55:00.0799 3208 AeLookupSvc - ok 20:55:00.0873 3208 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 20:55:00.0895 3208 AFD - ok 20:55:00.0901 3208 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 20:55:00.0912 3208 agp440 - ok 20:55:00.0916 3208 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 20:55:00.0928 3208 ALG - ok 20:55:00.0930 3208 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 20:55:00.0941 3208 aliide - ok 20:55:00.0943 3208 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 20:55:00.0953 3208 amdide - ok 20:55:00.0957 3208 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:55:00.0968 3208 AmdK8 - ok 20:55:00.0972 3208 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:55:00.0983 3208 AmdPPM - ok 20:55:01.0004 3208 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 20:55:01.0015 3208 amdsata - ok 20:55:01.0023 3208 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:55:01.0035 3208 amdsbs - ok 20:55:01.0038 3208 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 20:55:01.0049 3208 amdxata - ok 20:55:01.0071 3208 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\DRIVERS\amd_sata.sys 20:55:01.0082 3208 amd_sata - ok 20:55:01.0091 3208 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\DRIVERS\amd_xata.sys 20:55:01.0101 3208 amd_xata - ok 20:55:01.0104 3208 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 20:55:01.0121 3208 AppID - ok 20:55:01.0130 3208 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 20:55:01.0162 3208 AppIDSvc - ok 20:55:01.0166 3208 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 20:55:01.0178 3208 Appinfo - ok 20:55:01.0299 3208 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 20:55:01.0323 3208 Apple Mobile Device - ok 20:55:01.0330 3208 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:55:01.0343 3208 arc - ok 20:55:01.0348 3208 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:55:01.0361 3208 arcsas - ok 20:55:01.0392 3208 asmthub3 (954950d11ada98ac1b7ee3c770e4622c) C:\Windows\system32\DRIVERS\asmthub3.sys 20:55:01.0409 3208 asmthub3 - ok 20:55:01.0448 3208 asmtxhci (01dbb05db1db95803e3c9f2b49afe79c) C:\Windows\system32\DRIVERS\asmtxhci.sys 20:55:01.0479 3208 asmtxhci - ok 20:55:01.0498 3208 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys 20:55:01.0509 3208 aswFsBlk - ok 20:55:01.0530 3208 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys 20:55:01.0541 3208 aswMonFlt - ok 20:55:01.0545 3208 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys 20:55:01.0555 3208 aswRdr - ok 20:55:01.0583 3208 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys 20:55:01.0606 3208 aswSnx - ok 20:55:01.0618 3208 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys 20:55:01.0633 3208 aswSP - ok 20:55:01.0636 3208 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys 20:55:01.0647 3208 aswTdi - ok 20:55:01.0650 3208 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:55:01.0681 3208 AsyncMac - ok 20:55:01.0684 3208 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 20:55:01.0694 3208 atapi - ok 20:55:01.0750 3208 athr (7d89b0c443f6068e5b27aa3b972069ff) C:\Windows\system32\DRIVERS\athrx.sys 20:55:01.0774 3208 athr - ok 20:55:01.0965 3208 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 20:55:02.0013 3208 AudioEndpointBuilder - ok 20:55:02.0019 3208 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 20:55:02.0056 3208 AudioSrv - ok 20:55:02.0167 3208 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 20:55:02.0193 3208 avast! Antivirus - ok 20:55:02.0208 3208 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 20:55:02.0226 3208 AxInstSV - ok 20:55:02.0325 3208 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:55:02.0352 3208 b06bdrv - ok 20:55:02.0368 3208 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:55:02.0384 3208 b57nd60a - ok 20:55:02.0401 3208 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 20:55:02.0415 3208 BDESVC - ok 20:55:02.0418 3208 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:55:02.0451 3208 Beep - ok 20:55:02.0472 3208 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 20:55:02.0509 3208 BFE - ok 20:55:02.0550 3208 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll 20:55:02.0590 3208 BITS - ok 20:55:02.0606 3208 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:55:02.0619 3208 blbdrive - ok 20:55:02.0647 3208 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 20:55:02.0661 3208 Bonjour Service - ok 20:55:02.0691 3208 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 20:55:02.0702 3208 bowser - ok 20:55:02.0705 3208 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:55:02.0718 3208 BrFiltLo - ok 20:55:02.0721 3208 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:55:02.0735 3208 BrFiltUp - ok 20:55:02.0740 3208 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 20:55:02.0772 3208 BridgeMP - ok 20:55:02.0797 3208 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 20:55:02.0829 3208 Browser - ok 20:55:02.0840 3208 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:55:02.0854 3208 Brserid - ok 20:55:02.0857 3208 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:55:02.0871 3208 BrSerWdm - ok 20:55:02.0874 3208 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:55:02.0887 3208 BrUsbMdm - ok 20:55:02.0890 3208 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:55:02.0902 3208 BrUsbSer - ok 20:55:02.0906 3208 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:55:02.0920 3208 BTHMODEM - ok 20:55:02.0926 3208 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 20:55:02.0958 3208 bthserv - ok 20:55:02.0983 3208 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:55:03.0015 3208 cdfs - ok 20:55:03.0021 3208 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 20:55:03.0033 3208 cdrom - ok 20:55:03.0048 3208 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 20:55:03.0079 3208 CertPropSvc - ok 20:55:03.0083 3208 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:55:03.0097 3208 circlass - ok 20:55:03.0122 3208 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:55:03.0137 3208 CLFS - ok 20:55:03.0226 3208 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:55:03.0246 3208 clr_optimization_v2.0.50727_32 - ok 20:55:03.0323 3208 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:55:03.0349 3208 clr_optimization_v2.0.50727_64 - ok 20:55:03.0355 3208 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:55:03.0372 3208 CmBatt - ok 20:55:03.0375 3208 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 20:55:03.0387 3208 cmdide - ok 20:55:03.0434 3208 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys 20:55:03.0469 3208 CNG - ok 20:55:03.0473 3208 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:55:03.0484 3208 Compbatt - ok 20:55:03.0488 3208 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 20:55:03.0501 3208 CompositeBus - ok 20:55:03.0504 3208 COMSysApp - ok 20:55:03.0508 3208 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:55:03.0519 3208 crcdisk - ok 20:55:03.0560 3208 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll 20:55:03.0574 3208 CryptSvc - ok 20:55:03.0603 3208 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 20:55:03.0641 3208 DcomLaunch - ok 20:55:03.0663 3208 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 20:55:03.0697 3208 defragsvc - ok 20:55:03.0715 3208 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 20:55:03.0727 3208 DfsC - ok 20:55:03.0747 3208 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 20:55:03.0765 3208 Dhcp - ok 20:55:03.0768 3208 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:55:03.0800 3208 discache - ok 20:55:03.0804 3208 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:55:03.0815 3208 Disk - ok 20:55:03.0838 3208 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 20:55:03.0850 3208 Dnscache - ok 20:55:03.0876 3208 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 20:55:03.0910 3208 dot3svc - ok 20:55:03.0917 3208 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 20:55:03.0950 3208 DPS - ok 20:55:03.0967 3208 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:55:03.0981 3208 drmkaud - ok 20:55:04.0039 3208 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 20:55:04.0070 3208 DXGKrnl - ok 20:55:04.0087 3208 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 20:55:04.0119 3208 EapHost - ok 20:55:04.0221 3208 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:55:04.0265 3208 ebdrv - ok 20:55:04.0400 3208 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 20:55:04.0430 3208 EFS - ok 20:55:04.0517 3208 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 20:55:04.0543 3208 ehRecvr - ok 20:55:04.0578 3208 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 20:55:04.0595 3208 ehSched - ok 20:55:04.0698 3208 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:55:04.0719 3208 elxstor - ok 20:55:04.0722 3208 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 20:55:04.0734 3208 ErrDev - ok 20:55:04.0814 3208 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 20:55:04.0865 3208 EventSystem - ok 20:55:04.0874 3208 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:55:04.0907 3208 exfat - ok 20:55:04.0915 3208 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:55:04.0948 3208 fastfat - ok 20:55:04.0997 3208 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 20:55:05.0043 3208 Fax - ok 20:55:05.0047 3208 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:55:05.0064 3208 fdc - ok 20:55:05.0069 3208 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 20:55:05.0101 3208 fdPHost - ok 20:55:05.0105 3208 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 20:55:05.0138 3208 FDResPub - ok 20:55:05.0142 3208 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:55:05.0153 3208 FileInfo - ok 20:55:05.0157 3208 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:55:05.0188 3208 Filetrace - ok 20:55:05.0191 3208 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:55:05.0202 3208 flpydisk - ok 20:55:05.0213 3208 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 20:55:05.0227 3208 FltMgr - ok 20:55:05.0277 3208 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll 20:55:05.0300 3208 FontCache - ok 20:55:05.0345 3208 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:55:05.0368 3208 FontCache3.0.0.0 - ok 20:55:05.0386 3208 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:55:05.0399 3208 FsDepends - ok 20:55:05.0431 3208 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 20:55:05.0443 3208 Fs_Rec - ok 20:55:05.0485 3208 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:55:05.0504 3208 fvevol - ok 20:55:05.0509 3208 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:55:05.0521 3208 gagp30kx - ok 20:55:05.0554 3208 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:55:05.0563 3208 GEARAspiWDM - ok 20:55:05.0608 3208 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 20:55:05.0632 3208 gpsvc - ok 20:55:05.0645 3208 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:55:05.0656 3208 hcw85cir - ok 20:55:05.0695 3208 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 20:55:05.0712 3208 HdAudAddService - ok 20:55:05.0718 3208 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:55:05.0732 3208 HDAudBus - ok 20:55:05.0736 3208 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:55:05.0747 3208 HidBatt - ok 20:55:05.0752 3208 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:55:05.0766 3208 HidBth - ok 20:55:05.0769 3208 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:55:05.0784 3208 HidIr - ok 20:55:05.0799 3208 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 20:55:05.0831 3208 hidserv - ok 20:55:05.0834 3208 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 20:55:05.0845 3208 HidUsb - ok 20:55:05.0862 3208 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 20:55:05.0894 3208 hkmsvc - ok 20:55:05.0910 3208 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 20:55:05.0924 3208 HomeGroupListener - ok 20:55:05.0952 3208 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 20:55:05.0966 3208 HomeGroupProvider - ok 20:55:05.0971 3208 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 20:55:05.0982 3208 HpSAMD - ok 20:55:06.0007 3208 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 20:55:06.0045 3208 HTTP - ok 20:55:06.0049 3208 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 20:55:06.0059 3208 hwpolicy - ok 20:55:06.0065 3208 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 20:55:06.0077 3208 i8042prt - ok 20:55:06.0091 3208 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 20:55:06.0106 3208 iaStorV - ok 20:55:06.0153 3208 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:55:06.0174 3208 idsvc - ok 20:55:06.0178 3208 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:55:06.0189 3208 iirsp - ok 20:55:06.0226 3208 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 20:55:06.0266 3208 IKEEXT - ok 20:55:06.0353 3208 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys 20:55:06.0397 3208 IntcAzAudAddService - ok 20:55:06.0541 3208 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 20:55:06.0557 3208 intelide - ok 20:55:06.0562 3208 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:55:06.0577 3208 intelppm - ok 20:55:06.0600 3208 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 20:55:06.0633 3208 IPBusEnum - ok 20:55:06.0638 3208 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:55:06.0670 3208 IpFilterDriver - ok 20:55:06.0688 3208 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 20:55:06.0724 3208 iphlpsvc - ok 20:55:06.0730 3208 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 20:55:06.0742 3208 IPMIDRV - ok 20:55:06.0747 3208 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:55:06.0780 3208 IPNAT - ok 20:55:06.0891 3208 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 20:55:06.0917 3208 iPod Service - ok 20:55:06.0921 3208 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:55:06.0936 3208 IRENUM - ok 20:55:06.0939 3208 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 20:55:06.0950 3208 isapnp - ok 20:55:06.0980 3208 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 20:55:06.0993 3208 iScsiPrt - ok 20:55:06.0997 3208 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 20:55:07.0008 3208 kbdclass - ok 20:55:07.0011 3208 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 20:55:07.0023 3208 kbdhid - ok 20:55:07.0045 3208 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:55:07.0057 3208 KeyIso - ok 20:55:07.0071 3208 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys 20:55:07.0082 3208 KSecDD - ok 20:55:07.0091 3208 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys 20:55:07.0104 3208 KSecPkg - ok 20:55:07.0119 3208 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:55:07.0150 3208 ksthunk - ok 20:55:07.0173 3208 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 20:55:07.0208 3208 KtmRm - ok 20:55:07.0242 3208 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll 20:55:07.0257 3208 LanmanServer - ok 20:55:07.0292 3208 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 20:55:07.0327 3208 LanmanWorkstation - ok 20:55:07.0341 3208 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:55:07.0372 3208 lltdio - ok 20:55:07.0405 3208 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 20:55:07.0440 3208 lltdsvc - ok 20:55:07.0444 3208 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 20:55:07.0476 3208 lmhosts - ok 20:55:07.0483 3208 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:55:07.0495 3208 LSI_FC - ok 20:55:07.0500 3208 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:55:07.0512 3208 LSI_SAS - ok 20:55:07.0516 3208 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:55:07.0527 3208 LSI_SAS2 - ok 20:55:07.0532 3208 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:55:07.0544 3208 LSI_SCSI - ok 20:55:07.0549 3208 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:55:07.0582 3208 luafv - ok 20:55:07.0607 3208 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 20:55:07.0620 3208 Mcx2Svc - ok 20:55:07.0624 3208 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:55:07.0634 3208 megasas - ok 20:55:07.0644 3208 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:55:07.0658 3208 MegaSR - ok 20:55:07.0674 3208 MEMSWEEP2 (1595fecffbe9ea2417e06d5fd0bfa4c4) C:\Windows\system32\3277.tmp 20:55:07.0677 3208 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning 20:55:07.0677 3208 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1) 20:55:07.0691 3208 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:55:07.0724 3208 MMCSS - ok 20:55:07.0729 3208 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:55:07.0760 3208 Modem - ok 20:55:07.0763 3208 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:55:07.0777 3208 monitor - ok 20:55:07.0781 3208 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 20:55:07.0792 3208 mouclass - ok 20:55:07.0795 3208 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:55:07.0807 3208 mouhid - ok 20:55:07.0812 3208 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 20:55:07.0823 3208 mountmgr - ok 20:55:07.0878 3208 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 20:55:07.0902 3208 MozillaMaintenance - ok 20:55:07.0912 3208 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 20:55:07.0930 3208 mpio - ok 20:55:07.0935 3208 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:55:07.0970 3208 mpsdrv - ok 20:55:08.0007 3208 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 20:55:08.0047 3208 MpsSvc - ok 20:55:08.0054 3208 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 20:55:08.0070 3208 MRxDAV - ok 20:55:08.0096 3208 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:55:08.0108 3208 mrxsmb - ok 20:55:08.0145 3208 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:55:08.0158 3208 mrxsmb10 - ok 20:55:08.0173 3208 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:55:08.0185 3208 mrxsmb20 - ok 20:55:08.0188 3208 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 20:55:08.0199 3208 msahci - ok 20:55:08.0205 3208 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 20:55:08.0217 3208 msdsm - ok 20:55:08.0231 3208 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 20:55:08.0245 3208 MSDTC - ok 20:55:08.0250 3208 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:55:08.0281 3208 Msfs - ok 20:55:08.0284 3208 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:55:08.0315 3208 mshidkmdf - ok 20:55:08.0318 3208 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 20:55:08.0328 3208 msisadrv - ok 20:55:08.0344 3208 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 20:55:08.0377 3208 MSiSCSI - ok 20:55:08.0380 3208 msiserver - ok 20:55:08.0384 3208 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:55:08.0415 3208 MSKSSRV - ok 20:55:08.0418 3208 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:55:08.0448 3208 MSPCLOCK - ok 20:55:08.0451 3208 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:55:08.0482 3208 MSPQM - ok 20:55:08.0494 3208 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 20:55:08.0509 3208 MsRPC - ok 20:55:08.0514 3208 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 20:55:08.0524 3208 mssmbios - ok 20:55:08.0527 3208 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:55:08.0559 3208 MSTEE - ok 20:55:08.0562 3208 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:55:08.0573 3208 MTConfig - ok 20:55:08.0577 3208 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:55:08.0589 3208 Mup - ok 20:55:08.0627 3208 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 20:55:08.0664 3208 napagent - ok 20:55:08.0681 3208 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:55:08.0699 3208 NativeWifiP - ok 20:55:08.0748 3208 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 20:55:08.0779 3208 NDIS - ok 20:55:08.0784 3208 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:55:08.0816 3208 NdisCap - ok 20:55:08.0819 3208 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:55:08.0850 3208 NdisTapi - ok 20:55:08.0855 3208 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 20:55:08.0886 3208 Ndisuio - ok 20:55:08.0893 3208 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 20:55:08.0925 3208 NdisWan - ok 20:55:08.0930 3208 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 20:55:08.0961 3208 NDProxy - ok 20:55:08.0965 3208 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:55:08.0996 3208 NetBIOS - ok 20:55:09.0006 3208 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 20:55:09.0039 3208 NetBT - ok 20:55:09.0056 3208 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:55:09.0068 3208 Netlogon - ok 20:55:09.0090 3208 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 20:55:09.0126 3208 Netman - ok 20:55:09.0142 3208 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 20:55:09.0178 3208 netprofm - ok 20:55:09.0251 3208 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:55:09.0275 3208 NetTcpPortSharing - ok 20:55:09.0279 3208 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:55:09.0290 3208 nfrd960 - ok 20:55:09.0313 3208 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 20:55:09.0348 3208 NlaSvc - ok 20:55:09.0352 3208 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:55:09.0390 3208 Npfs - ok 20:55:09.0402 3208 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 20:55:09.0435 3208 nsi - ok 20:55:09.0438 3208 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:55:09.0469 3208 nsiproxy - ok 20:55:09.0529 3208 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 20:55:09.0562 3208 Ntfs - ok 20:55:09.0774 3208 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:55:09.0829 3208 Null - ok 20:55:09.0862 3208 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys 20:55:09.0874 3208 NVHDA - ok 20:55:10.0345 3208 nvlddmkm (b3357d055675c7bbf22a43b0bd77e6a7) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:55:10.0551 3208 nvlddmkm - ok 20:55:10.0615 3208 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 20:55:10.0636 3208 nvraid - ok 20:55:10.0644 3208 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 20:55:10.0662 3208 nvstor - ok 20:55:10.0719 3208 nvsvc (6a56a9581090b60ee13c934f617250e9) C:\Windows\system32\nvvsvc.exe 20:55:10.0746 3208 nvsvc - ok 20:55:11.0003 3208 nvUpdatusService (fee8f536d0de7b9cc1236114d7c5b45b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 20:55:11.0051 3208 nvUpdatusService - ok 20:55:11.0074 3208 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 20:55:11.0086 3208 nv_agp - ok 20:55:11.0109 3208 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 20:55:11.0121 3208 ohci1394 - ok 20:55:11.0145 3208 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:55:11.0160 3208 p2pimsvc - ok 20:55:11.0183 3208 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 20:55:11.0200 3208 p2psvc - ok 20:55:11.0205 3208 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:55:11.0218 3208 Parport - ok 20:55:11.0244 3208 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys 20:55:11.0255 3208 partmgr - ok 20:55:11.0263 3208 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 20:55:11.0282 3208 PcaSvc - ok 20:55:11.0290 3208 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 20:55:11.0303 3208 pci - ok 20:55:11.0306 3208 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 20:55:11.0316 3208 pciide - ok 20:55:11.0325 3208 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:55:11.0338 3208 pcmcia - ok 20:55:11.0342 3208 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:55:11.0353 3208 pcw - ok 20:55:11.0386 3208 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:55:11.0423 3208 PEAUTH - ok 20:55:11.0590 3208 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 20:55:11.0617 3208 PerfHost - ok 20:55:11.0684 3208 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 20:55:11.0731 3208 pla - ok 20:55:11.0769 3208 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 20:55:11.0787 3208 PlugPlay - ok 20:55:11.0800 3208 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 20:55:11.0814 3208 PNRPAutoReg - ok 20:55:11.0826 3208 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:55:11.0842 3208 PNRPsvc - ok 20:55:11.0876 3208 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 20:55:11.0913 3208 PolicyAgent - ok 20:55:11.0940 3208 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 20:55:11.0977 3208 Power - ok 20:55:11.0995 3208 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 20:55:12.0029 3208 PptpMiniport - ok 20:55:12.0034 3208 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:55:12.0046 3208 Processor - ok 20:55:12.0079 3208 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll 20:55:12.0093 3208 ProfSvc - ok 20:55:12.0122 3208 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:55:12.0135 3208 ProtectedStorage - ok 20:55:12.0156 3208 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 20:55:12.0190 3208 Psched - ok 20:55:12.0236 3208 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:55:12.0267 3208 ql2300 - ok 20:55:12.0400 3208 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:55:12.0426 3208 ql40xx - ok 20:55:12.0440 3208 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 20:55:12.0462 3208 QWAVE - ok 20:55:12.0467 3208 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:55:12.0484 3208 QWAVEdrv - ok 20:55:12.0488 3208 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:55:12.0519 3208 RasAcd - ok 20:55:12.0532 3208 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:55:12.0564 3208 RasAgileVpn - ok 20:55:12.0580 3208 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 20:55:12.0614 3208 RasAuto - ok 20:55:12.0620 3208 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:55:12.0653 3208 Rasl2tp - ok 20:55:12.0675 3208 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 20:55:12.0711 3208 RasMan - ok 20:55:12.0716 3208 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:55:12.0749 3208 RasPppoe - ok 20:55:12.0801 3208 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:55:12.0858 3208 RasSstp - ok 20:55:12.0875 3208 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 20:55:12.0909 3208 rdbss - ok 20:55:12.0913 3208 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:55:12.0927 3208 rdpbus - ok 20:55:12.0930 3208 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:55:12.0962 3208 RDPCDD - ok 20:55:12.0967 3208 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:55:12.0998 3208 RDPENCDD - ok 20:55:13.0004 3208 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:55:13.0034 3208 RDPREFMP - ok 20:55:13.0062 3208 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys 20:55:13.0075 3208 RDPWD - ok 20:55:13.0083 3208 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 20:55:13.0096 3208 rdyboost - ok 20:55:13.0121 3208 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 20:55:13.0154 3208 RemoteAccess - ok 20:55:13.0174 3208 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 20:55:13.0209 3208 RemoteRegistry - ok 20:55:13.0219 3208 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 20:55:13.0253 3208 RpcEptMapper - ok 20:55:13.0267 3208 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 20:55:13.0280 3208 RpcLocator - ok 20:55:13.0303 3208 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 20:55:13.0342 3208 RpcSs - ok 20:55:13.0352 3208 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:55:13.0385 3208 rspndr - ok 20:55:13.0424 3208 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys 20:55:13.0439 3208 RTL8167 - ok 20:55:13.0456 3208 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:55:13.0468 3208 SamSs - ok 20:55:13.0474 3208 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 20:55:13.0485 3208 sbp2port - ok 20:55:13.0510 3208 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 20:55:13.0548 3208 SCardSvr - ok 20:55:13.0553 3208 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 20:55:13.0585 3208 scfilter - ok 20:55:13.0640 3208 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 20:55:13.0672 3208 Schedule - ok 20:55:13.0704 3208 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 20:55:13.0736 3208 SCPolicySvc - ok 20:55:13.0747 3208 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 20:55:13.0761 3208 SDRSVC - ok 20:55:13.0766 3208 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:55:13.0797 3208 secdrv - ok 20:55:13.0805 3208 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 20:55:13.0838 3208 seclogon - ok 20:55:13.0843 3208 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 20:55:13.0876 3208 SENS - ok 20:55:13.0882 3208 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 20:55:13.0895 3208 SensrSvc - ok 20:55:13.0899 3208 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:55:13.0910 3208 Serenum - ok 20:55:13.0915 3208 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:55:13.0928 3208 Serial - ok 20:55:13.0931 3208 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:55:13.0943 3208 sermouse - ok 20:55:13.0953 3208 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 20:55:13.0987 3208 SessionEnv - ok 20:55:13.0991 3208 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 20:55:14.0004 3208 sffdisk - ok 20:55:14.0007 3208 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 20:55:14.0022 3208 sffp_mmc - ok 20:55:14.0025 3208 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 20:55:14.0039 3208 sffp_sd - ok 20:55:14.0042 3208 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:55:14.0053 3208 sfloppy - ok 20:55:14.0076 3208 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 20:55:14.0110 3208 SharedAccess - ok 20:55:14.0133 3208 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 20:55:14.0154 3208 ShellHWDetection - ok 20:55:14.0159 3208 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:55:14.0169 3208 SiSRaid2 - ok 20:55:14.0175 3208 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:55:14.0186 3208 SiSRaid4 - ok 20:55:14.0192 3208 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:55:14.0223 3208 Smb - ok 20:55:14.0238 3208 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 20:55:14.0252 3208 SNMPTRAP - ok 20:55:14.0256 3208 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:55:14.0266 3208 spldr - ok 20:55:14.0295 3208 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 20:55:14.0313 3208 Spooler - ok 20:55:14.0417 3208 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 20:55:14.0465 3208 sppsvc - ok 20:55:14.0604 3208 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 20:55:14.0650 3208 sppuinotify - ok 20:55:14.0690 3208 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 20:55:14.0705 3208 srv - ok 20:55:14.0726 3208 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 20:55:14.0741 3208 srv2 - ok 20:55:14.0768 3208 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 20:55:14.0780 3208 srvnet - ok 20:55:14.0809 3208 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 20:55:14.0845 3208 SSDPSRV - ok 20:55:14.0851 3208 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 20:55:14.0885 3208 SstpSvc - ok 20:55:14.0931 3208 Steam Client Service - ok 20:55:15.0048 3208 Stereo Service (36ac0470ee4f2627ca8a88e2e1dfb388) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 20:55:15.0071 3208 Stereo Service - ok 20:55:15.0076 3208 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:55:15.0089 3208 stexstor - ok 20:55:15.0148 3208 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 20:55:15.0183 3208 stisvc - ok 20:55:15.0187 3208 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 20:55:15.0198 3208 swenum - ok 20:55:15.0227 3208 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 20:55:15.0265 3208 swprv - ok 20:55:15.0330 3208 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 20:55:15.0365 3208 SysMain - ok 20:55:15.0397 3208 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 20:55:15.0414 3208 TabletInputService - ok 20:55:15.0434 3208 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 20:55:15.0470 3208 TapiSrv - ok 20:55:15.0476 3208 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 20:55:15.0510 3208 TBS - ok 20:55:15.0587 3208 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys 20:55:15.0622 3208 Tcpip - ok 20:55:15.0709 3208 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys 20:55:15.0744 3208 TCPIP6 - ok 20:55:15.0780 3208 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 20:55:15.0812 3208 tcpipreg - ok 20:55:15.0817 3208 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:55:15.0828 3208 TDPIPE - ok 20:55:15.0861 3208 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 20:55:15.0872 3208 TDTCP - ok 20:55:15.0878 3208 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 20:55:15.0909 3208 tdx - ok 20:55:15.0914 3208 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 20:55:15.0925 3208 TermDD - ok 20:55:15.0972 3208 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 20:55:16.0024 3208 TermService - ok 20:55:16.0052 3208 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 20:55:16.0069 3208 Themes - ok 20:55:16.0090 3208 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:55:16.0124 3208 THREADORDER - ok 20:55:16.0136 3208 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 20:55:16.0170 3208 TrkWks - ok 20:55:16.0189 3208 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 20:55:16.0203 3208 TrustedInstaller - ok 20:55:16.0209 3208 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:55:16.0240 3208 tssecsrv - ok 20:55:16.0247 3208 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 20:55:16.0278 3208 tunnel - ok 20:55:16.0283 3208 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:55:16.0295 3208 uagp35 - ok 20:55:16.0307 3208 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 20:55:16.0342 3208 udfs - ok 20:55:16.0367 3208 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 20:55:16.0382 3208 UI0Detect - ok 20:55:16.0387 3208 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 20:55:16.0398 3208 uliagpkx - ok 20:55:16.0416 3208 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 20:55:16.0427 3208 umbus - ok 20:55:16.0432 3208 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:55:16.0443 3208 UmPass - ok 20:55:16.0461 3208 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 20:55:16.0498 3208 upnphost - ok 20:55:16.0505 3208 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 20:55:16.0518 3208 usbccgp - ok 20:55:16.0523 3208 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 20:55:16.0538 3208 usbcir - ok 20:55:16.0543 3208 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 20:55:16.0555 3208 usbehci - ok 20:55:16.0579 3208 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys 20:55:16.0589 3208 usbfilter - ok 20:55:16.0601 3208 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 20:55:16.0616 3208 usbhub - ok 20:55:16.0621 3208 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 20:55:16.0632 3208 usbohci - ok 20:55:16.0644 3208 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:55:16.0658 3208 usbprint - ok 20:55:16.0664 3208 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:55:16.0677 3208 USBSTOR - ok 20:55:16.0681 3208 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 20:55:16.0693 3208 usbuhci - ok 20:55:16.0700 3208 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 20:55:16.0734 3208 UxSms - ok 20:55:16.0755 3208 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 20:55:16.0768 3208 VaultSvc - ok 20:55:16.0772 3208 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 20:55:16.0782 3208 vdrvroot - ok 20:55:16.0818 3208 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 20:55:16.0837 3208 vds - ok 20:55:16.0841 3208 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:55:16.0856 3208 vga - ok 20:55:16.0869 3208 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:55:16.0900 3208 VgaSave - ok 20:55:16.0909 3208 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 20:55:16.0923 3208 vhdmp - ok 20:55:16.0928 3208 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 20:55:16.0939 3208 viaide - ok 20:55:16.0944 3208 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 20:55:16.0955 3208 volmgr - ok 20:55:16.0968 3208 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 20:55:16.0983 3208 volmgrx - ok 20:55:16.0995 3208 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 20:55:17.0009 3208 volsnap - ok 20:55:17.0017 3208 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:55:17.0029 3208 vsmraid - ok 20:55:17.0084 3208 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 20:55:17.0114 3208 VSS - ok 20:55:17.0296 3208 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 20:55:17.0327 3208 vwifibus - ok 20:55:17.0335 3208 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 20:55:17.0354 3208 vwififlt - ok 20:55:17.0378 3208 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 20:55:17.0415 3208 W32Time - ok 20:55:17.0422 3208 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:55:17.0433 3208 WacomPen - ok 20:55:17.0439 3208 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:55:17.0472 3208 WANARP - ok 20:55:17.0475 3208 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 20:55:17.0507 3208 Wanarpv6 - ok 20:55:17.0565 3208 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 20:55:17.0592 3208 wbengine - ok 20:55:17.0620 3208 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 20:55:17.0639 3208 WbioSrvc - ok 20:55:17.0685 3208 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 20:55:17.0704 3208 wcncsvc - ok 20:55:17.0720 3208 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 20:55:17.0734 3208 WcsPlugInService - ok 20:55:17.0762 3208 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:55:17.0772 3208 Wd - ok 20:55:17.0793 3208 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:55:17.0813 3208 Wdf01000 - ok 20:55:17.0819 3208 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:55:17.0838 3208 WdiServiceHost - ok 20:55:17.0841 3208 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:55:17.0861 3208 WdiSystemHost - ok 20:55:17.0891 3208 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 20:55:17.0907 3208 WebClient - ok 20:55:17.0939 3208 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 20:55:17.0977 3208 Wecsvc - ok 20:55:17.0988 3208 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 20:55:18.0025 3208 wercplsupport - ok 20:55:18.0031 3208 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 20:55:18.0068 3208 WerSvc - ok 20:55:18.0073 3208 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:55:18.0105 3208 WfpLwf - ok 20:55:18.0109 3208 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:55:18.0120 3208 WIMMount - ok 20:55:18.0165 3208 WinDefend - ok 20:55:18.0179 3208 WinHttpAutoProxySvc - ok 20:55:18.0294 3208 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 20:55:18.0342 3208 Winmgmt - ok 20:55:18.0412 3208 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 20:55:18.0466 3208 WinRM - ok 20:55:18.0534 3208 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 20:55:18.0561 3208 Wlansvc - ok 20:55:18.0567 3208 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:55:18.0579 3208 WmiAcpi - ok 20:55:18.0628 3208 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 20:55:18.0642 3208 wmiApSrv - ok 20:55:18.0645 3208 WMPNetworkSvc - ok 20:55:18.0669 3208 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 20:55:18.0683 3208 WPCSvc - ok 20:55:18.0690 3208 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 20:55:18.0707 3208 WPDBusEnum - ok 20:55:18.0723 3208 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:55:18.0755 3208 ws2ifsl - ok 20:55:18.0780 3208 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll 20:55:18.0794 3208 wscsvc - ok 20:55:18.0798 3208 WSearch - ok 20:55:18.0947 3208 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 20:55:18.0998 3208 wuauserv - ok 20:55:19.0022 3208 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 20:55:19.0054 3208 WudfPf - ok 20:55:19.0072 3208 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 20:55:19.0107 3208 wudfsvc - ok 20:55:19.0128 3208 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 20:55:19.0148 3208 WwanSvc - ok 20:55:19.0169 3208 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:55:19.0372 3208 \Device\Harddisk0\DR0 - ok 20:55:19.0378 3208 Boot (0x1200) (d1abc61c5acaae910af174d6d5bc15f2) \Device\Harddisk0\DR0\Partition0 20:55:19.0380 3208 \Device\Harddisk0\DR0\Partition0 - ok 20:55:19.0408 3208 Boot (0x1200) (40f0fdc63c8dab4ab5707d0e37b7bf4c) \Device\Harddisk0\DR0\Partition1 20:55:19.0410 3208 \Device\Harddisk0\DR0\Partition1 - ok 20:55:19.0412 3208 ============================================================ 20:55:19.0412 3208 Scan finished 20:55:19.0412 3208 ============================================================ 20:55:19.0430 2420 Detected object count: 1 20:55:19.0430 2420 Actual detected object count: 1 20:58:08.0893 2420 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user 20:58:08.0893 2420 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
03.08.2012, 20:41
| #8 |
| | Spiele Minimieren sich Selbstständig (Leidiges Thema) Da hatte ich gedacht das Problem hätte sich it einem einfach Headsetfehler behoben... NICHT DA ich verzweifel so langsam!"Übrigens: Gerade ist mein Internet wiedermals Abgeschmiert-> sobald ich HIER etwas posten will!! Langsam sind es mir alles zu viele Zufälle |
|
08.08.2012, 17:59
| #9 |
| /// Malware-holic | Spiele Minimieren sich Selbstständig (Leidiges Thema) hast du beim formatieren den master boot sektor neu geschrieben? ist das ne windows cd oder ne recovery cd?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.08.2012, 17:55
| #10 |
| | Spiele Minimieren sich Selbstständig (Leidiges Thema) Hallo! Was darf ich unter Master Root sektor verstehen? Habe die c Platte formatieren lassen und dann neu aufgespielt! Normale Windows cd! Keine recover! |
|
09.08.2012, 17:58
| #11 |
| /// Malware-holic | Spiele Minimieren sich Selbstständig (Leidiges Thema) hi versuchen wir das neu aufsetzen noch mal wie folgt. über die win7 cd den mbr und botsektor neu schreiben, mit fixmbr und fixboot Tipparchiv - MBR unter Vista oder Windows 7 reparieren - WinTotal.de dann windows instalieren und vom hersteller die neuesten treiber holen danach pc absichern: als antimalware programm würde ich emsisoft empfehlen. diese haben für mich den besten schutz kostet aber etwas. http://www.trojaner-board.de/103809-...i-malware.html testversion: Meine Antivirus-Empfehlung: Emsisoft Anti-Malware insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren. vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen. kostenlos, aber eben nicht ganz so gut wäre avast zu empfehlen. http://www.trojaner-board.de/110895-...antivirus.html sag mir welches du nutzt, dann gebe ich konfigurationshinweise. bitte dein bisheriges av deinstalieren die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch! http://www.trojaner-board.de/96344-a...-rechners.html Starte bitte mit der Passage, Windows Vista und Windows 7 Bitte beginne damit, Windows Updates zu instalieren. Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst. Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist: - Updates automatisch Instalieren, - Täglich - Uhrzeit wählen - Bitte den gesammten rest anhaken, außer: - detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist. Klicke jetzt die Schaltfläche "OK" Klicke jetzt "nach Updates suchen". Bitte instaliere zunächst wichtige Updates. Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren. Mache das selbe bitte mit den optionalen Updates. Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist. aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen. als browser rate ich dir zu chrome: Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe anleitung lesen bitte falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung Sandboxie Die devinition einer Sandbox ist hier nachzulesen: Sandbox Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen. Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen. Download Link: Sandboxie Download - Sandboxie 3.72 anleitung: http://www.trojaner-board.de/71542-a...sandboxie.html ausführliche anleitung als pdf, auch abarbeiten: Sandbox Einstellungen | bitte folgende zusatz konfiguration machen: sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen. dort klicke auf sandbox einstellungen. beschrenkungen, bei programm start und internet zugriff schreibe: chrome.exe dann gehe auf anwendungen, webbrowser, chrome. dort aktiviere alles außer gesammten profil ordner freigeben. Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen. Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate. Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten. Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten. Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar. Weiter mit: Maßnahmen für ALLE Windows-Versionen alles komplett durcharbeiten anmerkung zu file hippo. in den settings zusätzlich auswählen: hide beta updates. Run updateChecker when Windows starts Backup Programm: in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an: http://www.trojaner-board.de/82962-w...en-backup.html Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar. Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist. Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern bitte auch lesen, wie mache ich programme für alle sichtbar: Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox. wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird Sandboxie immer gestartet wenn du nen browser aufrufst. wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser passwort sicherheit: jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort bei der passwort verwaltung und erstellung hilft roboform Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager anleitung: RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Spiele Minimieren sich Selbstständig (Leidiges Thema) |
| acrobat update, adobe, adobe flash player, antivirus, bho, bonjour, computer, computern, explorer, firefox, flash player, google, hijackthis, internet, internet explorer, log, lsass.exe, micro, microsoft, mozilla, nvidia, nvidia update, schutz, software, spiele minimieren, windows, windows media player, wmp |
Linear-Darstellung
