Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.01.2013, 13:49   #1
onetwelve
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Frage

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



Hallo

Habe mir wohl schon vor längerer Zeit diesen Virus eingefangen und im Internet versucht mir einige Beseitigungsvorschläge einzuholen. Aber da ich nicht so viel Ahnung habe mit speziellen Fachbegriffen, verweilt Dieser immernoch auf meinem PC. Kaspersky findet Ihn, kann Ihn aber nicht löschen, da irreparabel.
Hatte gelesen ich müsse die neuste Version von Java installieren und den Trojaner über das Java Control Panel zu löschen, aber dabei komme ich auch nicht weiter.
Ich benutze windows7 und bin nun auf der Suche nach einer verständlichen Erklärung um meinen Laptop wieder zu bereinigen.
Hoffe es kann mir hier jemand weiterhelfen !!!
Werde natürlich mit meinen besten Kräften versuchen mitzuarbeiten.

Lieber Gruß

Mirko

Alt 02.01.2013, 16:36   #2
markusg
/// Malware-holic
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



Hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 02.01.2013, 20:01   #3
onetwelve
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



Hallo Markus !

Vielen Dank für die schnelle Antwort !

Im Anschluss, dass Protokoll von OTL.OTL Logfile:
[CODE]OTL logfile created on: 1/2/2013 7:40:08 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\samsung\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2.97 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.94% Memory free
5.93 Gb Paging File | 4.53 Gb Available in Paging File | 76.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 282.99 Gb Total Space | 171.50 Gb Free Space | 60.60% Space Free | Partition Type: NTFS

Computer Name: SAMSUNG-PC | User Name: samsung | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/02 19:28:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe
PRC - [2012/12/20 22:35:30 | 000,222,208 | ---- | M] (Somoto Ltd.) -- C:\Users\samsung\AppData\Local\Temp\biclient.exe
PRC - [2012/12/11 21:17:13 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
PRC - [2012/11/15 19:31:56 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/11/04 05:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/26 12:53:14 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2009/10/13 11:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/10/07 02:31:56 | 002,246,144 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/08/13 21:58:10 | 000,044,312 | ---- | M] () -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
PRC - [2009/06/03 12:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/04/15 15:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/17 20:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll
MOD - [2009/08/16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/06/03 12:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/06/03 12:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006/08/12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll


========== Services (SafeList) ==========

SRV - [2012/12/11 21:17:20 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/15 19:31:56 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP)
SRV - [2009/08/13 21:58:10 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2012/11/15 19:32:51 | 000,043,608 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
DRV - [2012/11/15 19:32:50 | 000,589,144 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012/09/19 17:37:07 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2012/09/19 17:37:06 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2012/08/13 15:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
DRV - [2012/08/02 14:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2012/06/19 16:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2011/12/13 03:32:24 | 002,228,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/12/02 11:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/12/02 11:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/12/02 11:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/12/02 11:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/12/02 09:36:42 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/02/15 09:24:00 | 000,322,336 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/11/06 05:07:10 | 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/27 15:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2005/04/18 15:15:54 | 000,015,104 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmunet.sys -- (AVMUNET)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-5975212467994412%3A1i8hj0-cydp&ie=UTF-8&q={searchTerms}&sa=Search&ub=_|0U0I0DzutDtDtByEyDyEyEtByE0D0CyCtN0P1C0S1Czu0E1H2Y1I1P0E0XtN0C0H0Nzu0S0R0C0HtA|_&cr=1002344293

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2012/12/29 18:03:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2012/12/29 18:03:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2012/12/29 18:03:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\anti_banner@kaspersky.com [2012/12/05 19:25:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\online_banking@kaspersky.com [2012/12/29 18:03:22 | 000,000,000 | ---D | M]

[2012/12/14 19:49:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.claro-search.com/?affID=114506&tt=5012_3&babsrc=HP_clro&mntrId=78635dfc0000000000002226b6b512bd
CHR - Extension: No name found = C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O4 - HKLM..\Run: [APLangApp] C:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\RunOnce: [downloadsourcede] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\ie_banner_deny.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36F95E33-6649-4EEB-A25C-A2EC6142ED87}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54F37B68-462C-4240-A5CC-0088CCF0C80F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6740F581-8B96-4B73-9C1B-74E80ABB4E31}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6cfa8114-90ef-11df-9419-002454424dc6}\Shell - "" = AutoRun
O33 - MountPoints2\{6cfa8114-90ef-11df-9419-002454424dc6}\Shell\AutoRun\command - "" = D:\preinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/02 19:28:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe
[2013/01/01 13:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/01/01 13:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/12/14 19:50:09 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Roaming\Claro
[2012/12/14 19:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/12/14 19:49:38 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Roaming\PerformerSoft
[2012/12/14 19:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\PC Performer
[2012/12/14 19:49:28 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Roaming\Babylon
[2012/12/14 19:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/12/14 19:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012/12/14 19:49:24 | 000,000,000 | ---D | C] -- C:\windows\System32\Extensions
[2012/12/14 19:49:23 | 000,000,000 | ---D | C] -- C:\windows\System32\searchplugins
[2012/12/14 19:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Performer Manager
[2012/12/14 19:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Streamripper
[2012/12/14 19:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012/12/14 19:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2 C:\Users\samsung\*.tmp files -> C:\Users\samsung\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/02 19:28:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe
[2013/01/02 19:17:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/01/02 19:15:15 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/02 19:15:15 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/02 19:07:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/01/02 19:07:36 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/30 11:41:01 | 000,657,910 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012/12/30 11:41:01 | 000,619,146 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/12/30 11:41:01 | 000,131,250 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012/12/30 11:41:01 | 000,107,466 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/12/29 18:16:04 | 000,457,704 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2 C:\Users\samsung\*.tmp files -> C:\Users\samsung\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/14 18:03:40 | 000,017,408 | ---- | C] () -- C:\Users\samsung\AppData\Local\WebpageIcons.db
[2011/06/25 21:01:49 | 000,001,093 | ---- | C] () -- C:\Users\samsung\Radiotracker 6.lnk
[2010/03/30 16:07:20 | 000,000,000 | ---- | C] () -- C:\Users\samsung\AppData\Roaming\wklnhst.dat
[2010/03/22 19:43:24 | 000,004,608 | ---- | C] () -- C:\Users\samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/04 20:21:26 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 1/2/2013 7:29:59 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\samsung\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.97 Gb Total Physical Memory | 1.87 Gb Available Physical Memory | 62.89% Memory free
5.93 Gb Paging File | 4.59 Gb Available in Paging File | 77.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 282.99 Gb Total Space | 171.50 Gb Free Space | 60.60% Space Free | Partition Type: NTFS
 
Computer Name: SAMSUNG-PC | User Name: samsung | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1"
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1"
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044AECB5-6ED0-4AB7-9296-8CADEDB78D65}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{08F099FF-B03F-4D96-BB0C-D7E36D6392FF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{12650E80-432B-45B4-8E93-787FCBD611F1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{12AFA8F1-5038-4BCC-B83C-93358FFB8A87}" = rport=139 | protocol=6 | dir=out | app=system | 
"{219EDD43-1DEE-4EBB-B10C-29588B89FC78}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{22D614AD-9D2C-427E-A0C4-AC0A7640002F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3FC57477-95AC-41F7-AE10-F8935C055C72}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{467B47F8-AC82-4FC3-A9B1-C61DEFDF20F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{51798682-FCC2-4E15-AA78-F6BB77FADD79}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{5479A3C9-4701-48B4-862C-47BF4E56A48E}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{59316E15-F380-4CD4-9B44-49BBE2572E8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{69602ACA-E7E8-4D83-B419-9AD56023F2D4}" = rport=138 | protocol=17 | dir=out | app=system | 
"{6CB2EEAB-E69B-4A91-99C6-B62136BA4A66}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{84573A3C-B22B-44C1-8A66-21EE82C3D30A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{89BDDA84-D493-4419-BEB6-2B81C485F501}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8E109767-605C-442E-975B-53D1A9DD4628}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{8FAAA6CE-7CEA-4D05-811B-77401B96121A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9113A3FD-7243-4ADC-80EC-5C8B500E9BD3}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{9996150D-BD90-42DB-8C2F-8C9B59D89CAE}" = lport=137 | protocol=17 | dir=in | app=system | 
"{A7B46EAF-6259-4F12-9DA1-2C5A587058DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C47DC1B0-DE73-4412-BA8B-D380E34280BA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{C7774ADE-51B9-48D6-9139-C518FD92BE51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CA495C31-3B68-4701-AA3F-4998609F401E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CC5D431B-B458-468F-AE34-D421C679D4C3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CD77EAFD-9E6A-4B9E-AA6A-622B5DD32F8D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{D3901B3F-8EF3-4ED7-96BC-3039D50FF7B4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D8BB7789-6388-4C88-9220-9E5B3C0E3A2B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{E58FDA39-7A9B-4A0A-A142-0549F44E73F0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E707D949-21B7-4DDB-AB15-18F9DACE9149}" = lport=139 | protocol=6 | dir=in | app=system | 
"{E74540DE-7EFA-4703-8198-4C244A71B20F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F0AFA054-05CD-4EA9-BBA3-1652941CBECE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F5B264D4-FF0A-4944-8D22-CAB117AD14E6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{FB278F6B-870D-40A5-A1EB-ABDF9805F64D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FE518521-C60C-4DB4-BDF6-00818C35FA67}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B4A8D63-D7D1-415C-803A-98E0DFD28F92}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe | 
"{27FB3976-8313-4168-B672-95E8F66E2CB4}" = protocol=17 | dir=in | app=c:\program files\tv-browser\tvbrowser_nodd.exe | 
"{3EE56642-2CEB-42DF-B0F5-661C114408CC}" = protocol=17 | dir=in | app=c:\program files\tv-browser\tvbrowser.exe | 
"{414749A6-45B1-435C-BB08-3DD48F94274B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{41C063D2-2381-4011-8F22-42C297127E04}" = protocol=6 | dir=in | app=c:\program files\tv-browser\tvbrowser.exe | 
"{44B33948-7106-4D9C-B875-E5235E532B71}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4CC409A9-79C8-44BC-8436-107D381AB604}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{5EF8CB55-68B4-4B92-8D5B-390F76FD45C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{667675B9-C461-4343-A988-82FE3B6C1C89}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{68454269-9DB3-4980-AA62-0FBF98B0B7BD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6CBCB482-B1F4-42E8-9B2B-C1315D47AC0B}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | 
"{6D4EF18D-407B-479D-B7D0-CC4CB361112E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6DCDCA99-0498-40C5-ACCD-5C02D5D71BBD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{76410C61-A2AE-4F66-8E85-9C8961887E64}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{76C60C43-5B3B-454B-BE7E-0931857A7730}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{7C8817A0-7E0E-4D97-8CEA-32EA6802A1BE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{80763932-6272-4EC3-922F-91E8FFCFF411}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{82A5BAB4-A1DB-4A05-9084-2C1FA08FA7CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{862771D9-E68A-4B26-90BA-790249A94930}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8A4697DC-6A62-4937-933E-A9D1B1E46508}" = protocol=6 | dir=out | app=system | 
"{8DA23832-825A-481C-AB16-D78090711872}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | 
"{A10F0A57-A310-4A60-B8D9-40CFBF9112C6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{A1309770-1680-4D1F-8801-3B5CF23AD1B1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{A3729501-15C4-4A84-8D3E-F75F2D4A580D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{A800FA81-3DED-4252-AFE3-7C0EAD7D13BE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B6B1004D-1977-4DD6-983B-F770DD33EB0D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{D8AABC73-EB37-4062-82CF-E334CAFD07E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{EDF44AE9-AC13-4076-B3C7-A4A7CFE05609}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{EE05D020-AEDB-4BFB-903F-BE026DDDA44A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{EF491654-D8F8-45C1-9D95-93A34D83CC87}" = protocol=6 | dir=in | app=c:\program files\tv-browser\tvbrowser_nodd.exe | 
"{EFFE6017-5256-4EA4-A547-396888EB6C3C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FBA3E422-A639-40AF-8712-FCDA50C83607}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FF9FC9D6-D175-4F2F-9207-3D32F2EC24B3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{02DF8076-C8B9-4578-A84B-78BFC445B0B2}C:\program files\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare\bearshare.exe | 
"TCP Query User{2C0693CC-35CF-4F55-A815-F181B29BF631}C:\program files\emuleex\emsoft.exe" = protocol=6 | dir=in | app=c:\program files\emuleex\emsoft.exe | 
"TCP Query User{4D18EEDC-DF52-4925-9569-95E568C636A0}C:\program files\amule\amule.exe" = protocol=6 | dir=in | app=c:\program files\amule\amule.exe | 
"TCP Query User{52FB7162-4433-46BF-88DE-DF91F59BC062}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{7AB692B3-A256-4023-9CF8-C990FD67CE0E}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"TCP Query User{851B60B3-A6E1-4D3C-9D17-B961A1AFD5DD}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{8FA41571-E176-48A9-A7E4-B789708E64FA}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{B7D1C090-E0AC-4343-962F-593F6ECFBB21}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{D84AEB60-F78F-45E1-AF0A-056CD79F0398}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | 
"TCP Query User{DFEB6FBB-2C91-412E-A4DC-C3C85FB2A8F4}C:\program files\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare\bearshare.exe | 
"UDP Query User{0EC9A017-672A-495B-B4AB-7A16E34BD217}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"UDP Query User{1470BF95-EDE3-4459-994A-3F7A3A05A383}C:\program files\emuleex\emsoft.exe" = protocol=17 | dir=in | app=c:\program files\emuleex\emsoft.exe | 
"UDP Query User{1D49B78E-12AA-4DFA-AF7F-5F94D407FF71}C:\program files\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare\bearshare.exe | 
"UDP Query User{45995BFB-FF5D-4C31-A319-B68809182C75}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{51626B7E-A2EE-40D3-8FD5-18CBBD126A4A}C:\program files\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare\bearshare.exe | 
"UDP Query User{5FA41ADE-124C-42EC-B4A0-CFBF256B668B}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{6FAFAC6F-72A0-49E2-94D0-ADCF47673E9F}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | 
"UDP Query User{7CF30AE8-3283-4C57-AFC7-71CD4C1D217C}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{8ACC9100-D418-4D9D-956E-9A89D203F237}C:\program files\amule\amule.exe" = protocol=17 | dir=in | app=c:\program files\amule\amule.exe | 
"UDP Query User{AFAC2556-F2C3-4672-9447-7C204C5AEBE7}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{900C2AB5-3F37-4F84-B58C-893FA5F42D7D}_is1" = WiseFixer 3.5
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A5675A9E-F073-414A-9A04-F9BCD50459D7}" = Easy Network Manager
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8BB05BC-2C4A-4178-A819-64B8F5392960}" = Radiotracker
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}" = Samsung Support Center
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}" = inSSIDer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Biet-O-Matic v2.14.3" = Biet-O-Matic v2.14.3
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"PokerStars.eu" = PokerStars.eu
"SopCast" = SopCast 3.4.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TIPP10_is1" = TIPP10 Version 2.0.3
"tvbrowser" = TV-Browser 3.0-beta2
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"ZehnFinger5" = ZehnFinger5 5.21
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12/29/2012 1:07:06 PM | Computer Name = samsung-PC | Source = System Restore | ID = 8210
Description = 
 
Error - 12/30/2012 7:10:17 AM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
 Support Center\Drv\drv2x64\KStartMem.exe.Manifest".  Die abhängige Assemblierung 
"Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 12/30/2012 7:10:36 AM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 12/30/2012 8:10:48 PM | Computer Name = samsung-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16457 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 384    Startzeit: 01cde6e05196653a    Endzeit: 20    Anwendungspfad: 
C:\Program Files\Internet Explorer\iexplore.exe    Berichts-ID:   
 
Error - 12/31/2012 7:53:17 AM | Computer Name = samsung-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
 Zeitstempel: 0x50a2f9e3  Name des fehlerhaften Moduls: Flash32_11_5_502_135.ocx, 
Version: 11.5.502.135, Zeitstempel: 0x50b84945  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x0008ac0a  ID des fehlerhaften Prozesses: 0xafc  Startzeit der fehlerhaften Anwendung:
 0x01cde74aa08360ce  Pfad der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe
Pfad
 des fehlerhaften Moduls: C:\windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx
Berichtskennung:
 a97f3396-5340-11e2-8e97-002454424dc6
 
Error - 12/31/2012 12:03:18 PM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
 Support Center\Drv\drv2x64\KStartMem.exe.Manifest".  Die abhängige Assemblierung 
"Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 12/31/2012 12:03:36 PM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 1/1/2013 7:22:13 AM | Computer Name = samsung-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
 Zeitstempel: 0x50a2f9e3  Name des fehlerhaften Moduls: Flash32_11_5_502_135.ocx, 
Version: 11.5.502.135, Zeitstempel: 0x50b84945  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x0008ac0a  ID des fehlerhaften Prozesses: 0x9c8  Startzeit der fehlerhaften Anwendung:
 0x01cde810bc158bc9  Pfad der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe
Pfad
 des fehlerhaften Moduls: C:\windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx
Berichtskennung:
 7d30e5c0-5405-11e2-b66c-002454424dc6
 
Error - 1/1/2013 11:21:11 AM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
 Support Center\Drv\drv2x64\KStartMem.exe.Manifest".  Die abhängige Assemblierung 
"Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 1/1/2013 11:21:46 AM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ Media Center Events ]
Error - 2/4/2010 7:39:58 PM | Computer Name = samsung-PC | Source = MCUpdate | ID = 0
Description = 00:39:58 - Fehler beim Herstellen der Internetverbindung.  00:39:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 4/7/2010 1:46:00 AM | Computer Name = samsung-PC | Source = MCUpdate | ID = 0
Description = 07:46:00 - Fehler beim Herstellen der Internetverbindung.  07:46:00 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 4/7/2010 1:46:09 AM | Computer Name = samsung-PC | Source = MCUpdate | ID = 0
Description = 07:46:05 - Fehler beim Herstellen der Internetverbindung.  07:46:05 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ OSession Events ]
Error - 4/5/2011 7:06:41 AM | Computer Name = samsung-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 6/3/2011 12:35:08 PM | Computer Name = samsung-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 11/27/2012 8:24:27 AM | Computer Name = samsung-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 11/29/2012 5:04:38 AM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 11/30/2012 10:46:38 AM | Computer Name = samsung-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 12/6/2012 12:52:55 AM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 12/7/2012 12:49:33 AM | Computer Name = samsung-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 12/20/2012 1:48:33 PM | Computer Name = samsung-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Oberon Media Game Console service erreicht.
 
Error - 12/20/2012 1:48:33 PM | Computer Name = samsung-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Oberon Media Game Console service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 12/27/2012 6:50:21 AM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 12/31/2012 8:00:19 PM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 1/1/2013 5:42:13 AM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         
--- --- ---

--- --- ---
__________________

Alt 02.01.2013, 20:15   #4
markusg
/// Malware-holic
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.01.2013, 20:39   #5
onetwelve
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



Bin gerade dabei, dauert nur noch ein wenig.

TDSSKiller checking for updates, bleibt aber die ganze Zeit bei 15% stehen.

Und nun?

Lieber Gruß

Insigned file
Service: MDM
Suspicious object, medium risk
Service start: Auto (0x2)
File: C:\Programm Files\Common Files\Microsoft Shared\VS7DEBUG`
MD5: 7cf1b716372b89568ae4c0fe769f5869

Hat doch geklappt !!


Alt 03.01.2013, 19:05   #6
markusg
/// Malware-holic
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



hi
c: tdss-killer-version-Datum.txt deren Inhalt bitte posten
__________________
--> Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?

Alt 03.01.2013, 19:11   #7
onetwelve
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



Verstehe nicht ganz.

Alt 03.01.2013, 19:41   #8
markusg
/// Malware-holic
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



das log vom TDSs killer posten bitte
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.01.2013, 19:41   #9
onetwelve
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



20:38:22.0887 4180 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
20:46:05.0002 4180 ============================================================
20:46:05.0002 4180 Current date / time: 2013/01/02 20:46:05.0002
20:46:05.0002 4180 SystemInfo:
20:46:05.0002 4180
20:46:05.0002 4180 OS Version: 6.1.7601 ServicePack: 1.0
20:46:05.0002 4180 Product type: Workstation
20:46:05.0002 4180 ComputerName: SAMSUNG-PC
20:46:05.0002 4180 UserName: samsung
20:46:05.0002 4180 Windows directory: C:\windows
20:46:05.0002 4180 System windows directory: C:\windows
20:46:05.0002 4180 Processor architecture: Intel x86
20:46:05.0002 4180 Number of processors: 2
20:46:05.0002 4180 Page size: 0x1000
20:46:05.0002 4180 Boot type: Normal boot
20:46:05.0002 4180 ============================================================
20:46:09.0962 4180 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:46:09.0962 4180 ============================================================
20:46:09.0962 4180 \Device\Harddisk0\DR0:
20:46:09.0962 4180 MBR partitions:
20:46:09.0962 4180 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
20:46:09.0962 4180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x235FBAB0
20:46:09.0962 4180 ============================================================
20:46:09.0994 4180 C: <-> \Device\Harddisk0\DR0\Partition1
20:46:09.0994 4180 ============================================================
20:46:09.0994 4180 Initialize success
20:46:09.0994 4180 ============================================================
20:47:27.0665 0828 ============================================================
20:47:27.0665 0828 Scan started
20:47:27.0665 0828 Mode: Manual; SigCheck; TDLFS;
20:47:27.0665 0828 ============================================================
20:47:29.0225 0828 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
20:47:29.0349 0828 1394ohci - ok
20:47:29.0427 0828 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
20:47:29.0459 0828 ACPI - ok
20:47:29.0490 0828 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
20:47:29.0583 0828 AcpiPmi - ok
20:47:29.0755 0828 AdobeFlashPlayerUpdateSvc (95ce557d16a75606ccc2d7f3b0b0bccb) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:47:29.0786 0828 AdobeFlashPlayerUpdateSvc - ok
20:47:29.0849 0828 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
20:47:29.0880 0828 adp94xx - ok
20:47:29.0911 0828 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
20:47:29.0942 0828 adpahci - ok
20:47:29.0958 0828 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
20:47:29.0973 0828 adpu320 - ok
20:47:30.0005 0828 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
20:47:30.0036 0828 AeLookupSvc - ok
20:47:30.0098 0828 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
20:47:30.0145 0828 AFD - ok
20:47:30.0176 0828 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
20:47:30.0192 0828 agp440 - ok
20:47:30.0239 0828 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
20:47:30.0270 0828 aic78xx - ok
20:47:30.0332 0828 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
20:47:30.0395 0828 ALG - ok
20:47:30.0426 0828 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
20:47:30.0441 0828 aliide - ok
20:47:30.0457 0828 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
20:47:30.0473 0828 amdagp - ok
20:47:30.0488 0828 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
20:47:30.0519 0828 amdide - ok
20:47:30.0551 0828 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
20:47:30.0582 0828 AmdK8 - ok
20:47:30.0613 0828 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
20:47:30.0644 0828 AmdPPM - ok
20:47:30.0691 0828 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
20:47:30.0738 0828 amdsata - ok
20:47:30.0769 0828 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
20:47:30.0785 0828 amdsbs - ok
20:47:30.0800 0828 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
20:47:30.0816 0828 amdxata - ok
20:47:30.0878 0828 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
20:47:30.0987 0828 AppID - ok
20:47:31.0019 0828 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
20:47:31.0081 0828 AppIDSvc - ok
20:47:31.0128 0828 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
20:47:31.0175 0828 Appinfo - ok
20:47:31.0206 0828 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
20:47:31.0221 0828 arc - ok
20:47:31.0237 0828 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
20:47:31.0253 0828 arcsas - ok
20:47:31.0284 0828 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
20:47:31.0377 0828 AsyncMac - ok
20:47:31.0424 0828 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
20:47:31.0440 0828 atapi - ok
20:47:31.0596 0828 athr (49f17a2e79469be6581d491706720671) C:\windows\system32\DRIVERS\athr.sys
20:47:31.0658 0828 athr - ok
20:47:31.0814 0828 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
20:47:31.0861 0828 AudioEndpointBuilder - ok
20:47:31.0877 0828 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
20:47:31.0908 0828 Audiosrv - ok
20:47:31.0939 0828 AVMUNET (077b3692f4376d1539755761feef659a) C:\windows\system32\DRIVERS\avmunet.sys
20:47:31.0986 0828 AVMUNET - ok
20:47:32.0095 0828 AVP - ok
20:47:32.0173 0828 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
20:47:32.0220 0828 AxInstSV - ok
20:47:32.0267 0828 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
20:47:32.0329 0828 b06bdrv - ok
20:47:32.0391 0828 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
20:47:32.0438 0828 b57nd60x - ok
20:47:32.0501 0828 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
20:47:32.0547 0828 BDESVC - ok
20:47:32.0563 0828 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
20:47:32.0610 0828 Beep - ok
20:47:32.0688 0828 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
20:47:32.0766 0828 BFE - ok
20:47:32.0797 0828 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll
20:47:32.0844 0828 BITS - ok
20:47:32.0891 0828 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
20:47:32.0937 0828 blbdrive - ok
20:47:32.0969 0828 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
20:47:33.0015 0828 bowser - ok
20:47:33.0047 0828 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:47:33.0109 0828 BrFiltLo - ok
20:47:33.0125 0828 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:47:33.0171 0828 BrFiltUp - ok
20:47:33.0218 0828 Browser (3daa727b5b0a45039b0e1c9a211b8400) C:\windows\System32\browser.dll
20:47:33.0265 0828 Browser - ok
20:47:33.0281 0828 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
20:47:33.0343 0828 Brserid - ok
20:47:33.0359 0828 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
20:47:33.0390 0828 BrSerWdm - ok
20:47:33.0405 0828 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
20:47:33.0437 0828 BrUsbMdm - ok
20:47:33.0468 0828 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
20:47:33.0515 0828 BrUsbSer - ok
20:47:33.0546 0828 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
20:47:33.0577 0828 BTHMODEM - ok
20:47:33.0624 0828 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
20:47:33.0671 0828 bthserv - ok
20:47:33.0702 0828 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
20:47:33.0749 0828 cdfs - ok
20:47:33.0795 0828 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
20:47:33.0827 0828 cdrom - ok
20:47:33.0889 0828 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
20:47:33.0951 0828 CertPropSvc - ok
20:47:33.0998 0828 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
20:47:34.0014 0828 circlass - ok
20:47:34.0045 0828 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
20:47:34.0061 0828 CLFS - ok
20:47:34.0139 0828 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:47:34.0201 0828 clr_optimization_v2.0.50727_32 - ok
20:47:34.0279 0828 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:47:34.0310 0828 clr_optimization_v4.0.30319_32 - ok
20:47:34.0326 0828 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
20:47:34.0357 0828 CmBatt - ok
20:47:34.0388 0828 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
20:47:34.0419 0828 cmdide - ok
20:47:34.0482 0828 CNG (42f158036bd4c2ff3122bf142e60e6fd) C:\windows\system32\Drivers\cng.sys
20:47:34.0529 0828 CNG - ok
20:47:34.0544 0828 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
20:47:34.0575 0828 Compbatt - ok
20:47:34.0607 0828 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
20:47:34.0638 0828 CompositeBus - ok
20:47:34.0653 0828 COMSysApp - ok
20:47:34.0669 0828 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
20:47:34.0685 0828 crcdisk - ok
20:47:34.0731 0828 CryptSvc (96c0e38905cfd788313be8e11dae3f2f) C:\windows\system32\cryptsvc.dll
20:47:34.0778 0828 CryptSvc - ok
20:47:34.0841 0828 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
20:47:34.0887 0828 DcomLaunch - ok
20:47:34.0934 0828 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
20:47:34.0981 0828 defragsvc - ok
20:47:35.0059 0828 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
20:47:35.0090 0828 DfsC - ok
20:47:35.0184 0828 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
20:47:35.0231 0828 Dhcp - ok
20:47:35.0262 0828 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
20:47:35.0309 0828 discache - ok
20:47:35.0340 0828 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
20:47:35.0371 0828 Disk - ok
20:47:35.0387 0828 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
20:47:35.0433 0828 Dnscache - ok
20:47:35.0480 0828 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
20:47:35.0543 0828 dot3svc - ok
20:47:35.0589 0828 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
20:47:35.0636 0828 DPS - ok
20:47:35.0683 0828 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
20:47:35.0730 0828 drmkaud - ok
20:47:35.0792 0828 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
20:47:35.0823 0828 DXGKrnl - ok
20:47:35.0855 0828 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
20:47:35.0901 0828 EapHost - ok
20:47:36.0057 0828 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
20:47:36.0151 0828 ebdrv - ok
20:47:36.0291 0828 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
20:47:36.0338 0828 EFS - ok
20:47:36.0432 0828 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
20:47:36.0494 0828 ehRecvr - ok
20:47:36.0525 0828 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
20:47:36.0557 0828 ehSched - ok
20:47:36.0635 0828 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
20:47:36.0681 0828 elxstor - ok
20:47:36.0697 0828 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
20:47:36.0744 0828 ErrDev - ok
20:47:36.0791 0828 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
20:47:36.0822 0828 EventSystem - ok
20:47:36.0853 0828 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
20:47:36.0900 0828 exfat - ok
20:47:36.0931 0828 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
20:47:36.0978 0828 fastfat - ok
20:47:37.0040 0828 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
20:47:37.0087 0828 Fax - ok
20:47:37.0103 0828 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
20:47:37.0134 0828 fdc - ok
20:47:37.0165 0828 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
20:47:37.0196 0828 fdPHost - ok
20:47:37.0196 0828 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
20:47:37.0259 0828 FDResPub - ok
20:47:37.0290 0828 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
20:47:37.0305 0828 FileInfo - ok
20:47:37.0321 0828 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
20:47:37.0368 0828 Filetrace - ok
20:47:37.0399 0828 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
20:47:37.0446 0828 flpydisk - ok
20:47:37.0477 0828 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
20:47:37.0493 0828 FltMgr - ok
20:47:37.0555 0828 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
20:47:37.0602 0828 FontCache - ok
20:47:37.0664 0828 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:47:37.0711 0828 FontCache3.0.0.0 - ok
20:47:37.0727 0828 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
20:47:37.0742 0828 FsDepends - ok
20:47:37.0758 0828 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
20:47:37.0773 0828 fssfltr - ok
20:47:37.0867 0828 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:47:37.0914 0828 fsssvc - ok
20:47:37.0929 0828 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
20:47:37.0945 0828 Fs_Rec - ok
20:47:38.0007 0828 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
20:47:38.0039 0828 fvevol - ok
20:47:38.0070 0828 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
20:47:38.0101 0828 gagp30kx - ok
20:47:38.0163 0828 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
20:47:38.0241 0828 gpsvc - ok
20:47:38.0257 0828 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
20:47:38.0288 0828 hcw85cir - ok
20:47:38.0351 0828 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
20:47:38.0444 0828 HdAudAddService - ok
20:47:38.0491 0828 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
20:47:38.0553 0828 HDAudBus - ok
20:47:38.0600 0828 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
20:47:38.0663 0828 HidBatt - ok
20:47:38.0678 0828 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
20:47:38.0725 0828 HidBth - ok
20:47:38.0756 0828 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
20:47:38.0803 0828 HidIr - ok
20:47:38.0834 0828 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll
20:47:38.0897 0828 hidserv - ok
20:47:38.0928 0828 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
20:47:38.0975 0828 HidUsb - ok
20:47:39.0021 0828 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
20:47:39.0068 0828 hkmsvc - ok
20:47:39.0115 0828 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
20:47:39.0177 0828 HomeGroupListener - ok
20:47:39.0209 0828 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
20:47:39.0240 0828 HomeGroupProvider - ok
20:47:39.0271 0828 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
20:47:39.0302 0828 HpSAMD - ok
20:47:39.0380 0828 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
20:47:39.0427 0828 HTTP - ok
20:47:39.0427 0828 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
20:47:39.0443 0828 hwpolicy - ok
20:47:39.0489 0828 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
20:47:39.0521 0828 i8042prt - ok
20:47:39.0567 0828 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys
20:47:39.0583 0828 iaStor - ok
20:47:39.0630 0828 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
20:47:39.0692 0828 iaStorV - ok
20:47:39.0833 0828 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:47:39.0864 0828 idsvc - ok
20:47:40.0082 0828 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
20:47:40.0191 0828 igfx - ok
20:47:40.0332 0828 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
20:47:40.0379 0828 iirsp - ok
20:47:40.0488 0828 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
20:47:40.0566 0828 IKEEXT - ok
20:47:40.0706 0828 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys
20:47:40.0769 0828 IntcAzAudAddService - ok
20:47:40.0878 0828 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
20:47:40.0909 0828 intelide - ok
20:47:40.0940 0828 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
20:47:40.0971 0828 intelppm - ok
20:47:41.0003 0828 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
20:47:41.0049 0828 IPBusEnum - ok
20:47:41.0081 0828 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:47:41.0143 0828 IpFilterDriver - ok
20:47:41.0221 0828 iphlpsvc (58f67245d041fbe7af88f4eaf79df0fa) C:\windows\System32\iphlpsvc.dll
20:47:41.0252 0828 iphlpsvc - ok
20:47:41.0268 0828 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
20:47:41.0299 0828 IPMIDRV - ok
20:47:41.0315 0828 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
20:47:41.0377 0828 IPNAT - ok
20:47:41.0408 0828 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
20:47:41.0455 0828 IRENUM - ok
20:47:41.0486 0828 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
20:47:41.0502 0828 isapnp - ok
20:47:41.0517 0828 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
20:47:41.0564 0828 iScsiPrt - ok
20:47:41.0580 0828 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
20:47:41.0595 0828 kbdclass - ok
20:47:41.0627 0828 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
20:47:41.0673 0828 kbdhid - ok
20:47:41.0720 0828 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:47:41.0736 0828 KeyIso - ok
20:47:41.0814 0828 KL1 (ea26cb00f83686856f2c79673c00c686) C:\windows\system32\DRIVERS\kl1.sys
20:47:41.0829 0828 KL1 - ok
20:47:41.0923 0828 KLIF (fbc7f840f1118d358d2afb8c1714b384) C:\windows\system32\DRIVERS\klif.sys
20:47:41.0970 0828 KLIF - ok
20:47:42.0063 0828 KLIM6 (af127fe7dd5ed2bbc9049fd8a00defc2) C:\windows\system32\DRIVERS\klim6.sys
20:47:42.0079 0828 KLIM6 - ok
20:47:42.0110 0828 klkbdflt (24aebad59d1de8a7cc36e8f09f999362) C:\windows\system32\DRIVERS\klkbdflt.sys
20:47:42.0141 0828 klkbdflt - ok
20:47:42.0141 0828 klmouflt (a58507c2827c3ae1d4ccb2746aab349f) C:\windows\system32\DRIVERS\klmouflt.sys
20:47:42.0157 0828 klmouflt - ok
20:47:42.0173 0828 kltdi (53c0df6c5139cb78a631e7afcd893730) C:\windows\system32\DRIVERS\kltdi.sys
20:47:42.0188 0828 kltdi - ok
20:47:42.0235 0828 kneps (71a38c123600172511c26bfabd0ef579) C:\windows\system32\DRIVERS\kneps.sys
20:47:42.0251 0828 kneps - ok
20:47:42.0297 0828 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\windows\system32\Drivers\ksecdd.sys
20:47:42.0313 0828 KSecDD - ok
20:47:42.0360 0828 KSecPkg (5fe1abf1af591a3458c9cf24ed9a4d35) C:\windows\system32\Drivers\ksecpkg.sys
20:47:42.0375 0828 KSecPkg - ok
20:47:42.0407 0828 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
20:47:42.0453 0828 KtmRm - ok
20:47:42.0500 0828 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll
20:47:42.0563 0828 LanmanServer - ok
20:47:42.0609 0828 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
20:47:42.0656 0828 LanmanWorkstation - ok
20:47:42.0719 0828 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
20:47:42.0781 0828 lltdio - ok
20:47:42.0828 0828 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
20:47:42.0875 0828 lltdsvc - ok
20:47:42.0890 0828 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
20:47:42.0953 0828 lmhosts - ok
20:47:42.0999 0828 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
20:47:43.0015 0828 LSI_FC - ok
20:47:43.0046 0828 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
20:47:43.0062 0828 LSI_SAS - ok
20:47:43.0062 0828 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:47:43.0077 0828 LSI_SAS2 - ok
20:47:43.0093 0828 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:47:43.0124 0828 LSI_SCSI - ok
20:47:43.0140 0828 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
20:47:43.0171 0828 luafv - ok
20:47:43.0249 0828 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
20:47:43.0280 0828 Mcx2Svc - ok
20:47:43.0374 0828 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
20:47:43.0405 0828 MDM ( UnsignedFile.Multi.Generic ) - warning
20:47:43.0405 0828 MDM - detected UnsignedFile.Multi.Generic (1)
20:47:43.0436 0828 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
20:47:43.0467 0828 megasas - ok
20:47:43.0483 0828 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
20:47:43.0514 0828 MegaSR - ok
20:47:43.0592 0828 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:47:43.0623 0828 Microsoft Office Groove Audit Service - ok
20:47:43.0639 0828 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
20:47:43.0701 0828 MMCSS - ok
20:47:43.0733 0828 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
20:47:43.0795 0828 Modem - ok
20:47:43.0826 0828 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
20:47:43.0857 0828 monitor - ok
20:47:43.0920 0828 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
20:47:43.0935 0828 mouclass - ok
20:47:43.0982 0828 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
20:47:44.0029 0828 mouhid - ok
20:47:44.0060 0828 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
20:47:44.0076 0828 mountmgr - ok
20:47:44.0107 0828 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
20:47:44.0138 0828 mpio - ok
20:47:44.0154 0828 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
20:47:44.0201 0828 mpsdrv - ok
20:47:44.0263 0828 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll
20:47:44.0325 0828 MpsSvc - ok
20:47:44.0357 0828 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
20:47:44.0388 0828 MRxDAV - ok
20:47:44.0435 0828 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
20:47:44.0466 0828 mrxsmb - ok
20:47:44.0497 0828 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:47:44.0559 0828 mrxsmb10 - ok
20:47:44.0575 0828 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:47:44.0622 0828 mrxsmb20 - ok
20:47:44.0669 0828 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
20:47:44.0684 0828 msahci - ok
20:47:44.0715 0828 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
20:47:44.0731 0828 msdsm - ok
20:47:44.0747 0828 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
20:47:44.0793 0828 MSDTC - ok
20:47:44.0825 0828 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
20:47:44.0887 0828 Msfs - ok
20:47:44.0903 0828 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
20:47:44.0949 0828 mshidkmdf - ok
20:47:44.0965 0828 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
20:47:44.0981 0828 msisadrv - ok
20:47:45.0027 0828 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
20:47:45.0074 0828 MSiSCSI - ok
20:47:45.0090 0828 msiserver - ok
20:47:45.0137 0828 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
20:47:45.0215 0828 MSKSSRV - ok
20:47:45.0230 0828 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
20:47:45.0293 0828 MSPCLOCK - ok
20:47:45.0308 0828 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
20:47:45.0355 0828 MSPQM - ok
20:47:45.0386 0828 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
20:47:45.0402 0828 MsRPC - ok
20:47:45.0433 0828 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
20:47:45.0449 0828 mssmbios - ok
20:47:45.0480 0828 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
20:47:45.0511 0828 MSTEE - ok
20:47:45.0527 0828 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
20:47:45.0558 0828 MTConfig - ok
20:47:45.0589 0828 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
20:47:45.0605 0828 Mup - ok
20:47:45.0667 0828 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
20:47:45.0714 0828 napagent - ok
20:47:45.0776 0828 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
20:47:45.0792 0828 NativeWifiP - ok
20:47:45.0839 0828 NDIS (8c9c922d71f1cd4def73f186416b7896) C:\windows\system32\drivers\ndis.sys
20:47:45.0870 0828 NDIS - ok
20:47:45.0885 0828 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
20:47:45.0932 0828 NdisCap - ok
20:47:45.0963 0828 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
20:47:45.0995 0828 NdisTapi - ok
20:47:46.0041 0828 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
20:47:46.0088 0828 Ndisuio - ok
20:47:46.0119 0828 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
20:47:46.0182 0828 NdisWan - ok
20:47:46.0197 0828 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
20:47:46.0244 0828 NDProxy - ok
20:47:46.0291 0828 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
20:47:46.0353 0828 NetBIOS - ok
20:47:46.0385 0828 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
20:47:46.0431 0828 NetBT - ok
20:47:46.0463 0828 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:47:46.0494 0828 Netlogon - ok
20:47:46.0525 0828 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
20:47:46.0587 0828 Netman - ok
20:47:46.0619 0828 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
20:47:46.0681 0828 netprofm - ok
20:47:46.0790 0828 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:47:46.0806 0828 NetTcpPortSharing - ok
20:47:46.0853 0828 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
20:47:46.0884 0828 nfrd960 - ok
20:47:46.0931 0828 NlaSvc (374071043f9e4231ee43be2bb48dd36d) C:\windows\System32\nlasvc.dll
20:47:46.0977 0828 NlaSvc - ok
20:47:47.0055 0828 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\windows\system32\drivers\ccdcmb.sys
20:47:47.0102 0828 nmwcd - ok
20:47:47.0118 0828 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\windows\system32\drivers\ccdcmbo.sys
20:47:47.0165 0828 nmwcdc - ok
20:47:47.0211 0828 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\windows\system32\drivers\nmwcdnsu.sys
20:47:47.0274 0828 nmwcdnsu - ok
20:47:47.0321 0828 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
20:47:47.0367 0828 Npfs - ok
20:47:47.0399 0828 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
20:47:47.0430 0828 nsi - ok
20:47:47.0430 0828 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
20:47:47.0492 0828 nsiproxy - ok
20:47:47.0570 0828 Ntfs (0d87503986bb3dfed58e343fe39dde13) C:\windows\system32\drivers\Ntfs.sys
20:47:47.0601 0828 Ntfs - ok
20:47:47.0633 0828 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
20:47:47.0664 0828 Null - ok
20:47:47.0711 0828 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
20:47:47.0726 0828 NVHDA - ok
20:47:48.0132 0828 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
20:47:48.0459 0828 nvlddmkm - ok
20:47:48.0600 0828 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
20:47:48.0647 0828 nvraid - ok
20:47:48.0662 0828 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
20:47:48.0678 0828 nvstor - ok
20:47:48.0740 0828 nvsvc (63a9cace87c31a46bdf4ad448d9a033a) C:\windows\system32\nvvsvc.exe
20:47:48.0771 0828 nvsvc - ok
20:47:48.0787 0828 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
20:47:48.0803 0828 nv_agp - ok
20:47:48.0849 0828 OberonGameConsoleService (b5d5da8230d3d3525839d939a9196c3e) C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
20:47:48.0865 0828 OberonGameConsoleService - ok
20:47:48.0943 0828 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:47:49.0068 0828 odserv - ok
20:47:49.0099 0828 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
20:47:49.0146 0828 ohci1394 - ok
20:47:49.0177 0828 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:47:49.0193 0828 ose - ok
20:47:49.0239 0828 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
20:47:49.0271 0828 p2pimsvc - ok
20:47:49.0302 0828 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
20:47:49.0333 0828 p2psvc - ok
20:47:49.0349 0828 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
20:47:49.0395 0828 Parport - ok
20:47:49.0427 0828 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\windows\system32\drivers\partmgr.sys
20:47:49.0442 0828 partmgr - ok
20:47:49.0458 0828 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
20:47:49.0489 0828 Parvdm - ok
20:47:49.0520 0828 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
20:47:49.0551 0828 PcaSvc - ok
20:47:49.0583 0828 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
20:47:49.0598 0828 pci - ok
20:47:49.0614 0828 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
20:47:49.0629 0828 pciide - ok
20:47:49.0661 0828 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
20:47:49.0676 0828 pcmcia - ok
20:47:49.0692 0828 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
20:47:49.0707 0828 pcw - ok
20:47:49.0754 0828 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
20:47:49.0801 0828 PEAUTH - ok
20:47:49.0910 0828 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
20:47:49.0988 0828 pla - ok
20:47:50.0129 0828 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
20:47:50.0175 0828 PlugPlay - ok
20:47:50.0207 0828 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
20:47:50.0238 0828 PNRPAutoReg - ok
20:47:50.0269 0828 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
20:47:50.0285 0828 PNRPsvc - ok
20:47:50.0347 0828 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
20:47:50.0394 0828 PolicyAgent - ok
20:47:50.0441 0828 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
20:47:50.0472 0828 Power - ok
20:47:50.0519 0828 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
20:47:50.0581 0828 PptpMiniport - ok
20:47:50.0597 0828 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
20:47:50.0628 0828 Processor - ok
20:47:50.0706 0828 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\windows\system32\profsvc.dll
20:47:50.0753 0828 ProfSvc - ok
20:47:50.0799 0828 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:47:50.0815 0828 ProtectedStorage - ok
20:47:50.0846 0828 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
20:47:50.0877 0828 Psched - ok
20:47:50.0940 0828 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
20:47:50.0987 0828 ql2300 - ok
20:47:51.0080 0828 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
20:47:51.0111 0828 ql40xx - ok
20:47:51.0143 0828 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
20:47:51.0174 0828 QWAVE - ok
20:47:51.0189 0828 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
20:47:51.0236 0828 QWAVEdrv - ok
20:47:51.0252 0828 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
20:47:51.0299 0828 RasAcd - ok
20:47:51.0330 0828 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
20:47:51.0361 0828 RasAgileVpn - ok
20:47:51.0392 0828 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
20:47:51.0423 0828 RasAuto - ok
20:47:51.0455 0828 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
20:47:51.0501 0828 Rasl2tp - ok
20:47:51.0564 0828 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
20:47:51.0611 0828 RasMan - ok
20:47:51.0642 0828 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
20:47:51.0689 0828 RasPppoe - ok
20:47:51.0720 0828 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
20:47:51.0782 0828 RasSstp - ok
20:47:51.0829 0828 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
20:47:51.0860 0828 rdbss - ok
20:47:51.0876 0828 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
20:47:51.0891 0828 rdpbus - ok
20:47:51.0938 0828 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
20:47:52.0016 0828 RDPCDD - ok
20:47:52.0063 0828 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
20:47:52.0110 0828 RDPENCDD - ok
20:47:52.0125 0828 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
20:47:52.0157 0828 RDPREFMP - ok
20:47:52.0235 0828 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\windows\system32\drivers\RDPWD.sys
20:47:52.0297 0828 RDPWD - ok
20:47:52.0391 0828 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
20:47:52.0422 0828 rdyboost - ok
20:47:52.0469 0828 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
20:47:52.0531 0828 RemoteAccess - ok
20:47:52.0578 0828 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
20:47:52.0625 0828 RemoteRegistry - ok
20:47:52.0718 0828 RichVideo (7ccaebcab6fc1ed0206c07e083e79207) C:\Program Files\CyberLink\Shared files\RichVideo.exe
20:47:52.0749 0828 RichVideo - ok
20:47:52.0781 0828 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
20:47:52.0843 0828 RpcEptMapper - ok
20:47:52.0859 0828 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
20:47:52.0905 0828 RpcLocator - ok
20:47:52.0952 0828 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
20:47:52.0999 0828 RpcSs - ok
20:47:53.0030 0828 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
20:47:53.0093 0828 rspndr - ok
20:47:53.0124 0828 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
20:47:53.0155 0828 RTL8167 - ok
20:47:53.0202 0828 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
20:47:53.0249 0828 SABI - ok
20:47:53.0280 0828 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:47:53.0311 0828 SamSs - ok
20:47:53.0342 0828 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
20:47:53.0373 0828 sbp2port - ok
20:47:53.0405 0828 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
20:47:53.0467 0828 SCardSvr - ok
20:47:53.0514 0828 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
20:47:53.0529 0828 scfilter - ok
20:47:53.0607 0828 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
20:47:53.0670 0828 Schedule - ok
20:47:53.0717 0828 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
20:47:53.0763 0828 SCPolicySvc - ok
20:47:53.0810 0828 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
20:47:53.0857 0828 SDRSVC - ok
20:47:53.0904 0828 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
20:47:53.0966 0828 secdrv - ok
20:47:53.0997 0828 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
20:47:54.0044 0828 seclogon - ok
20:47:54.0060 0828 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll
20:47:54.0122 0828 SENS - ok
20:47:54.0138 0828 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
20:47:54.0153 0828 SensrSvc - ok
20:47:54.0185 0828 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
20:47:54.0231 0828 Serenum - ok
20:47:54.0263 0828 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
20:47:54.0294 0828 Serial - ok
20:47:54.0325 0828 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
20:47:54.0356 0828 sermouse - ok
20:47:54.0419 0828 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
20:47:54.0481 0828 SessionEnv - ok
20:47:54.0512 0828 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
20:47:54.0559 0828 sffdisk - ok
20:47:54.0590 0828 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
20:47:54.0621 0828 sffp_mmc - ok
20:47:54.0653 0828 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
20:47:54.0684 0828 sffp_sd - ok
20:47:54.0715 0828 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
20:47:54.0762 0828 sfloppy - ok
20:47:54.0824 0828 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
20:47:54.0902 0828 SharedAccess - ok
20:47:54.0965 0828 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
20:47:55.0027 0828 ShellHWDetection - ok
20:47:55.0058 0828 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
20:47:55.0074 0828 sisagp - ok
20:47:55.0105 0828 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:47:55.0136 0828 SiSRaid2 - ok
20:47:55.0136 0828 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
20:47:55.0152 0828 SiSRaid4 - ok
20:47:55.0183 0828 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
20:47:55.0230 0828 Smb - ok
20:47:55.0261 0828 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
20:47:55.0277 0828 SNMPTRAP - ok
20:47:55.0292 0828 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
20:47:55.0308 0828 spldr - ok
20:47:55.0370 0828 Spooler (9aea093b8f9c37cf45538382caba2475) C:\windows\System32\spoolsv.exe
20:47:55.0417 0828 Spooler - ok
20:47:55.0589 0828 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
20:47:55.0667 0828 sppsvc - ok
20:47:55.0791 0828 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
20:47:55.0823 0828 sppuinotify - ok
20:47:55.0885 0828 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
20:47:55.0916 0828 srv - ok
20:47:55.0947 0828 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
20:47:55.0994 0828 srv2 - ok
20:47:56.0010 0828 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
20:47:56.0057 0828 srvnet - ok
20:47:56.0088 0828 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
20:47:56.0135 0828 SSDPSRV - ok
20:47:56.0150 0828 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
20:47:56.0181 0828 SstpSvc - ok
20:47:56.0213 0828 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
20:47:56.0228 0828 stexstor - ok
20:47:56.0322 0828 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
20:47:56.0369 0828 StiSvc - ok
20:47:56.0384 0828 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
20:47:56.0400 0828 swenum - ok
20:47:56.0431 0828 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
20:47:56.0478 0828 swprv - ok
20:47:56.0540 0828 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
20:47:56.0556 0828 SynTP - ok
20:47:56.0649 0828 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
20:47:56.0712 0828 SysMain - ok
20:47:56.0759 0828 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
20:47:56.0790 0828 TabletInputService - ok
20:47:56.0852 0828 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
20:47:56.0899 0828 TapiSrv - ok
20:47:56.0930 0828 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
20:47:56.0977 0828 TBS - ok
20:47:57.0117 0828 Tcpip (e23a56f843e2aebbb209d0acca73c640) C:\windows\system32\drivers\tcpip.sys
20:47:57.0164 0828 Tcpip - ok
20:47:57.0180 0828 TCPIP6 (e23a56f843e2aebbb209d0acca73c640) C:\windows\system32\DRIVERS\tcpip.sys
20:47:57.0211 0828 TCPIP6 - ok
20:47:57.0258 0828 tcpipreg (3eebd3bd93da46a26e89893c7ab2ff3b) C:\windows\system32\drivers\tcpipreg.sys
20:47:57.0320 0828 tcpipreg - ok
20:47:57.0367 0828 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
20:47:57.0383 0828 TDPIPE - ok
20:47:57.0429 0828 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
20:47:57.0461 0828 TDTCP - ok
20:47:57.0492 0828 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
20:47:57.0523 0828 tdx - ok
20:47:57.0539 0828 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
20:47:57.0554 0828 TermDD - ok
20:47:57.0617 0828 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
20:47:57.0648 0828 TermService - ok
20:47:57.0663 0828 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
20:47:57.0710 0828 Themes - ok
20:47:57.0741 0828 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
20:47:57.0773 0828 THREADORDER - ok
20:47:57.0788 0828 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
20:47:57.0835 0828 TrkWks - ok
20:47:57.0913 0828 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
20:47:57.0991 0828 TrustedInstaller - ok
20:47:58.0022 0828 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
20:47:58.0069 0828 tssecsrv - ok
20:47:58.0147 0828 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
20:47:58.0178 0828 TsUsbFlt - ok
20:47:58.0256 0828 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
20:47:58.0303 0828 tunnel - ok
20:47:58.0319 0828 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
20:47:58.0334 0828 uagp35 - ok
20:47:58.0397 0828 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
20:47:58.0475 0828 udfs - ok
20:47:58.0506 0828 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
20:47:58.0537 0828 UI0Detect - ok
20:47:58.0584 0828 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
20:47:58.0615 0828 uliagpkx - ok
20:47:58.0646 0828 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
20:47:58.0677 0828 umbus - ok
20:47:58.0709 0828 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
20:47:58.0755 0828 UmPass - ok
20:47:58.0802 0828 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
20:47:58.0865 0828 upnphost - ok
20:47:58.0927 0828 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\windows\system32\DRIVERS\usbser_lowerflt.sys
20:47:59.0005 0828 upperdev - ok
20:47:59.0036 0828 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
20:47:59.0067 0828 usbccgp - ok
20:47:59.0114 0828 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
20:47:59.0161 0828 usbcir - ok
20:47:59.0192 0828 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
20:47:59.0208 0828 usbehci - ok
20:47:59.0239 0828 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
20:47:59.0270 0828 usbhub - ok
20:47:59.0286 0828 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys
20:47:59.0301 0828 usbohci - ok
20:47:59.0333 0828 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
20:47:59.0348 0828 usbprint - ok
20:47:59.0395 0828 usbser (31181de6190b39fc8007dffd1a48ffd6) C:\windows\system32\drivers\usbser.sys
20:47:59.0442 0828 usbser - ok
20:47:59.0489 0828 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
20:47:59.0520 0828 UsbserFilt - ok
20:47:59.0535 0828 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
20:47:59.0567 0828 USBSTOR - ok
20:47:59.0582 0828 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys
20:47:59.0598 0828 usbuhci - ok
20:47:59.0645 0828 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
20:47:59.0660 0828 usbvideo - ok
20:47:59.0691 0828 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
20:47:59.0723 0828 UxSms - ok
20:47:59.0754 0828 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:47:59.0769 0828 VaultSvc - ok
20:47:59.0816 0828 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
20:47:59.0832 0828 vdrvroot - ok
20:47:59.0894 0828 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
20:47:59.0925 0828 vds - ok
20:47:59.0957 0828 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
20:47:59.0972 0828 vga - ok
20:47:59.0988 0828 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
20:48:00.0050 0828 VgaSave - ok
20:48:00.0066 0828 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
20:48:00.0113 0828 vhdmp - ok
20:48:00.0144 0828 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
20:48:00.0175 0828 viaagp - ok
20:48:00.0222 0828 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
20:48:00.0284 0828 ViaC7 - ok
20:48:00.0315 0828 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
20:48:00.0331 0828 viaide - ok
20:48:00.0378 0828 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
20:48:00.0393 0828 volmgr - ok
20:48:00.0425 0828 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
20:48:00.0440 0828 volmgrx - ok
20:48:00.0487 0828 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
20:48:00.0503 0828 volsnap - ok
20:48:00.0518 0828 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
20:48:00.0549 0828 vsmraid - ok
20:48:00.0627 0828 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
20:48:00.0690 0828 VSS - ok
20:48:00.0705 0828 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
20:48:00.0752 0828 vwifibus - ok
20:48:00.0799 0828 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
20:48:00.0861 0828 vwififlt - ok
20:48:00.0893 0828 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
20:48:00.0908 0828 vwifimp - ok
20:48:00.0955 0828 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
20:48:01.0002 0828 W32Time - ok
20:48:01.0017 0828 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
20:48:01.0049 0828 WacomPen - ok
20:48:01.0111 0828 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
20:48:01.0173 0828 WANARP - ok
20:48:01.0173 0828 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
20:48:01.0205 0828 Wanarpv6 - ok
20:48:01.0298 0828 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
20:48:01.0376 0828 wbengine - ok
20:48:01.0407 0828 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
20:48:01.0439 0828 WbioSrvc - ok
20:48:01.0501 0828 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
20:48:01.0532 0828 wcncsvc - ok
20:48:01.0532 0828 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
20:48:01.0579 0828 WcsPlugInService - ok
20:48:01.0626 0828 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
20:48:01.0641 0828 Wd - ok
20:48:01.0704 0828 Wdf01000 (a840213f1acdcc175b4d1d5aaeac0d7a) C:\windows\system32\drivers\Wdf01000.sys
20:48:01.0735 0828 Wdf01000 - ok
20:48:01.0751 0828 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
20:48:01.0766 0828 WdiServiceHost - ok
20:48:01.0782 0828 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
20:48:01.0797 0828 WdiSystemHost - ok
20:48:01.0844 0828 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
20:48:01.0891 0828 WebClient - ok
20:48:01.0922 0828 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
20:48:01.0953 0828 Wecsvc - ok
20:48:01.0969 0828 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
20:48:02.0031 0828 wercplsupport - ok
20:48:02.0063 0828 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
20:48:02.0109 0828 WerSvc - ok
20:48:02.0125 0828 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
20:48:02.0156 0828 WfpLwf - ok
20:48:02.0187 0828 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
20:48:02.0203 0828 WIMMount - ok
20:48:02.0281 0828 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
20:48:02.0328 0828 WinDefend - ok
20:48:02.0328 0828 WinHttpAutoProxySvc - ok
20:48:02.0390 0828 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
20:48:02.0437 0828 Winmgmt - ok
20:48:02.0531 0828 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
20:48:02.0609 0828 WinRM - ok
20:48:02.0687 0828 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
20:48:02.0718 0828 Wlansvc - ok
20:48:02.0921 0828 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:48:02.0967 0828 wlidsvc - ok
20:48:03.0061 0828 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
20:48:03.0108 0828 WmiAcpi - ok
20:48:03.0170 0828 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
20:48:03.0201 0828 wmiApSrv - ok
20:48:03.0342 0828 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:48:03.0404 0828 WMPNetworkSvc - ok
20:48:03.0435 0828 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
20:48:03.0451 0828 WPCSvc - ok
20:48:03.0498 0828 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
20:48:03.0529 0828 WPDBusEnum - ok
20:48:03.0576 0828 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
20:48:03.0654 0828 ws2ifsl - ok
20:48:03.0685 0828 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll
20:48:03.0701 0828 wscsvc - ok
20:48:03.0716 0828 WSearch - ok
20:48:03.0841 0828 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll
20:48:03.0919 0828 wuauserv - ok
20:48:04.0044 0828 WudfPf (06e6f32c8d0a3f66d956f57b43a2e070) C:\windows\system32\drivers\WudfPf.sys
20:48:04.0075 0828 WudfPf - ok
20:48:04.0106 0828 WUDFRd (867c301e8b790040ae9cf6486e8041df) C:\windows\system32\DRIVERS\WUDFRd.sys
20:48:04.0122 0828 WUDFRd - ok
20:48:04.0137 0828 wudfsvc (fe47b7bc8ea320c2d9b5e5bf6e303765) C:\windows\System32\WUDFSvc.dll
20:48:04.0153 0828 wudfsvc - ok
20:48:04.0184 0828 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
20:48:04.0215 0828 WwanSvc - ok
20:48:04.0262 0828 yukonw7 (4e2e09afdb9da5d0c2a3a01a903797a8) C:\windows\system32\DRIVERS\yk62x86.sys
20:48:04.0278 0828 yukonw7 - ok
20:48:04.0309 0828 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
20:48:04.0637 0828 \Device\Harddisk0\DR0 - ok
20:48:04.0637 0828 Boot (0x1200) (f92b9d6b59fd66260c04087457a4d6e1) \Device\Harddisk0\DR0\Partition0
20:48:04.0637 0828 \Device\Harddisk0\DR0\Partition0 - ok
20:48:04.0683 0828 Boot (0x1200) (a54264fcf4b94baa8cab49688cf6a61a) \Device\Harddisk0\DR0\Partition1
20:48:04.0683 0828 \Device\Harddisk0\DR0\Partition1 - ok
20:48:04.0683 0828 ============================================================
20:48:04.0683 0828 Scan finished
20:48:04.0683 0828 ============================================================
20:48:04.0699 4192 Detected object count: 1
20:48:04.0699 4192 Actual detected object count: 1
20:54:01.0183 4192 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe - copied to quarantine
20:54:01.0183 4192 MDM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:54:27.0079 6060 ============================================================
20:54:27.0079 6060 Scan started
20:54:27.0079 6060 Mode: Manual; SigCheck; TDLFS;
20:54:27.0079 6060 ============================================================
20:54:27.0672 6060 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
20:54:27.0703 6060 1394ohci - ok
20:54:27.0750 6060 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
20:54:27.0766 6060 ACPI - ok
20:54:27.0813 6060 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
20:54:27.0844 6060 AcpiPmi - ok
20:54:27.0953 6060 AdobeFlashPlayerUpdateSvc (95ce557d16a75606ccc2d7f3b0b0bccb) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:54:27.0984 6060 AdobeFlashPlayerUpdateSvc - ok
20:54:28.0047 6060 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
20:54:28.0062 6060 adp94xx - ok
20:54:28.0093 6060 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
20:54:28.0109 6060 adpahci - ok
20:54:28.0125 6060 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
20:54:28.0140 6060 adpu320 - ok
20:54:28.0156 6060 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
20:54:28.0171 6060 AeLookupSvc - ok
20:54:28.0218 6060 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
20:54:28.0234 6060 AFD - ok
20:54:28.0265 6060 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
20:54:28.0281 6060 agp440 - ok
20:54:28.0312 6060 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
20:54:28.0327 6060 aic78xx - ok
20:54:28.0343 6060 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
20:54:28.0359 6060 ALG - ok
20:54:28.0374 6060 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
20:54:28.0390 6060 aliide - ok
20:54:28.0390 6060 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
20:54:28.0421 6060 amdagp - ok
20:54:28.0421 6060 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
20:54:28.0437 6060 amdide - ok
20:54:28.0452 6060 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
20:54:28.0468 6060 AmdK8 - ok
20:54:28.0483 6060 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
20:54:28.0499 6060 AmdPPM - ok
20:54:28.0515 6060 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
20:54:28.0530 6060 amdsata - ok
20:54:28.0561 6060 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
20:54:28.0577 6060 amdsbs - ok
20:54:28.0593 6060 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
20:54:28.0608 6060 amdxata - ok
20:54:28.0655 6060 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
20:54:28.0671 6060 AppID - ok
20:54:28.0702 6060 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
20:54:28.0733 6060 AppIDSvc - ok
20:54:28.0780 6060 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
20:54:28.0811 6060 Appinfo - ok
20:54:28.0827 6060 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
20:54:28.0842 6060 arc - ok
20:54:28.0858 6060 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
20:54:28.0873 6060 arcsas - ok
20:54:28.0889 6060 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
20:54:28.0920 6060 AsyncMac - ok
20:54:28.0936 6060 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
20:54:28.0951 6060 atapi - ok
20:54:29.0092 6060 athr (49f17a2e79469be6581d491706720671) C:\windows\system32\DRIVERS\athr.sys
20:54:29.0123 6060 athr - ok
20:54:29.0263 6060 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
20:54:29.0310 6060 AudioEndpointBuilder - ok
20:54:29.0326 6060 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
20:54:29.0357 6060 Audiosrv - ok
20:54:29.0388 6060 AVMUNET (077b3692f4376d1539755761feef659a) C:\windows\system32\DRIVERS\avmunet.sys
20:54:29.0404 6060 AVMUNET - ok
20:54:29.0482 6060 AVP - ok
20:54:29.0529 6060 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
20:54:29.0575 6060 AxInstSV - ok
20:54:29.0607 6060 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
20:54:29.0638 6060 b06bdrv - ok
20:54:29.0669 6060 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
20:54:29.0685 6060 b57nd60x - ok
20:54:29.0716 6060 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
20:54:29.0731 6060 BDESVC - ok
20:54:29.0747 6060 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
20:54:29.0778 6060 Beep - ok
20:54:29.0856 6060 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
20:54:29.0887 6060 BFE - ok
20:54:29.0919 6060 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll
20:54:29.0950 6060 BITS - ok
20:54:29.0997 6060 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
20:54:30.0028 6060 blbdrive - ok
20:54:30.0043 6060 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
20:54:30.0059 6060 bowser - ok
20:54:30.0075 6060 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:54:30.0090 6060 BrFiltLo - ok
20:54:30.0106 6060 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:54:30.0121 6060 BrFiltUp - ok
20:54:30.0168 6060 Browser (3daa727b5b0a45039b0e1c9a211b8400) C:\windows\System32\browser.dll
20:54:30.0184 6060 Browser - ok
20:54:30.0215 6060 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
20:54:30.0231 6060 Brserid - ok
20:54:30.0246 6060 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
20:54:30.0262 6060 BrSerWdm - ok
20:54:30.0277 6060 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
20:54:30.0293 6060 BrUsbMdm - ok
20:54:30.0309 6060 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
20:54:30.0324 6060 BrUsbSer - ok
20:54:30.0340 6060 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
20:54:30.0355 6060 BTHMODEM - ok
20:54:30.0387 6060 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
20:54:30.0418 6060 bthserv - ok
20:54:30.0433 6060 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
20:54:30.0465 6060 cdfs - ok
20:54:30.0465 6060 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
20:54:30.0480 6060 cdrom - ok
20:54:30.0527 6060 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
20:54:30.0558 6060 CertPropSvc - ok
20:54:30.0589 6060 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
20:54:30.0605 6060 circlass - ok
20:54:30.0621 6060 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
20:54:30.0636 6060 CLFS - ok
20:54:30.0699 6060 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:54:30.0714 6060 clr_optimization_v2.0.50727_32 - ok
20:54:30.0777 6060 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:54:30.0792 6060 clr_optimization_v4.0.30319_32 - ok
20:54:30.0808 6060 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
20:54:30.0823 6060 CmBatt - ok
20:54:30.0855 6060 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
20:54:30.0870 6060 cmdide - ok
20:54:30.0933 6060 CNG (42f158036bd4c2ff3122bf142e60e6fd) C:\windows\system32\Drivers\cng.sys
20:54:30.0964 6060 CNG - ok
20:54:30.0979 6060 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
20:54:30.0995 6060 Compbatt - ok
20:54:31.0026 6060 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
20:54:31.0042 6060 CompositeBus - ok
20:54:31.0042 6060 COMSysApp - ok
20:54:31.0073 6060 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
20:54:31.0089 6060 crcdisk - ok
20:54:31.0151 6060 CryptSvc (96c0e38905cfd788313be8e11dae3f2f) C:\windows\system32\cryptsvc.dll
20:54:31.0167 6060 CryptSvc - ok
20:54:31.0229 6060 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
20:54:31.0260 6060 DcomLaunch - ok
20:54:31.0291 6060 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
20:54:31.0323 6060 defragsvc - ok
20:54:31.0369 6060 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
20:54:31.0401 6060 DfsC - ok
20:54:31.0416 6060 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
20:54:31.0447 6060 Dhcp - ok
20:54:31.0479 6060 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
20:54:31.0510 6060 discache - ok
20:54:31.0525 6060 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
20:54:31.0541 6060 Disk - ok
20:54:31.0572 6060 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
20:54:31.0588 6060 Dnscache - ok
20:54:31.0635 6060 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
20:54:31.0666 6060 dot3svc - ok
20:54:31.0713 6060 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
20:54:31.0744 6060 DPS - ok
20:54:31.0759 6060 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
20:54:31.0775 6060 drmkaud - ok
20:54:31.0822 6060 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
20:54:31.0853 6060 DXGKrnl - ok
20:54:31.0884 6060 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
20:54:31.0915 6060 EapHost - ok
20:54:32.0071 6060 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
20:54:32.0134 6060 ebdrv - ok
20:54:32.0274 6060 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
20:54:32.0305 6060 EFS - ok
20:54:32.0399 6060 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
20:54:32.0430 6060 ehRecvr - ok
20:54:32.0446 6060 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
20:54:32.0461 6060 ehSched - ok
20:54:32.0524 6060 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
20:54:32.0555 6060 elxstor - ok
20:54:32.0571 6060 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
20:54:32.0586 6060 ErrDev - ok
20:54:32.0617 6060 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
20:54:32.0664 6060 EventSystem - ok
20:54:32.0680 6060 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
20:54:32.0711 6060 exfat - ok
20:54:32.0711 6060 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
20:54:32.0742 6060 fastfat - ok
20:54:32.0805 6060 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
20:54:32.0820 6060 Fax - ok
20:54:32.0836 6060 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
20:54:32.0851 6060 fdc - ok
20:54:32.0867 6060 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
20:54:32.0898 6060 fdPHost - ok
20:54:32.0914 6060 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
20:54:32.0945 6060 FDResPub - ok
20:54:32.0961 6060 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
20:54:32.0976 6060 FileInfo - ok
20:54:32.0992 6060 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
20:54:33.0023 6060 Filetrace - ok
20:54:33.0039 6060 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
20:54:33.0054 6060 flpydisk - ok
20:54:33.0070 6060 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
20:54:33.0085 6060 FltMgr - ok
20:54:33.0163 6060 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
20:54:33.0179 6060 FontCache - ok
20:54:33.0257 6060 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:54:33.0273 6060 FontCache3.0.0.0 - ok
20:54:33.0304 6060 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
20:54:33.0319 6060 FsDepends - ok
20:54:33.0335 6060 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
20:54:33.0351 6060 fssfltr - ok
20:54:33.0444 6060 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:54:33.0475 6060 fsssvc - ok
20:54:33.0507 6060 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
20:54:33.0522 6060 Fs_Rec - ok
20:54:33.0569 6060 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
20:54:33.0600 6060 fvevol - ok
20:54:33.0631 6060 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
20:54:33.0647 6060 gagp30kx - ok
20:54:33.0709 6060 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
20:54:33.0756 6060 gpsvc - ok
20:54:33.0772 6060 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
20:54:33.0787 6060 hcw85cir - ok
20:54:33.0803 6060 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
20:54:33.0834 6060 HdAudAddService - ok
20:54:33.0850 6060 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
20:54:33.0865 6060 HDAudBus - ok
20:54:33.0881 6060 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
20:54:33.0912 6060 HidBatt - ok
20:54:33.0928 6060 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
20:54:33.0943 6060 HidBth - ok
20:54:33.0959 6060 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
20:54:33.0975 6060 HidIr - ok
20:54:34.0006 6060 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll
20:54:34.0037 6060 hidserv - ok
20:54:34.0053 6060 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
20:54:34.0068 6060 HidUsb - ok
20:54:34.0115 6060 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
20:54:34.0162 6060 hkmsvc - ok
20:54:34.0209 6060 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
20:54:34.0255 6060 HomeGroupListener - ok
20:54:34.0302 6060 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
20:54:34.0318 6060 HomeGroupProvider - ok
20:54:34.0333 6060 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
20:54:34.0349 6060 HpSAMD - ok
20:54:34.0443 6060 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
20:54:34.0489 6060 HTTP - ok
20:54:34.0505 6060 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
20:54:34.0521 6060 hwpolicy - ok
20:54:34.0536 6060 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
20:54:34.0552 6060 i8042prt - ok
20:54:34.0583 6060 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys
20:54:34.0599 6060 iaStor - ok
20:54:34.0630 6060 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
20:54:34.0645 6060 iaStorV - ok
20:54:34.0770 6060 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:54:34.0801 6060 idsvc - ok
20:54:35.0035 6060 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
20:54:35.0113 6060 igfx - ok
20:54:35.0223 6060 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
20:54:35.0254 6060 iirsp - ok
20:54:35.0316 6060 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
20:54:35.0363 6060 IKEEXT - ok
20:54:35.0503 6060 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys
20:54:35.0566 6060 IntcAzAudAddService - ok
20:54:35.0675 6060 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
20:54:35.0706 6060 intelide - ok
20:54:35.0722 6060 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
20:54:35.0737 6060 intelppm - ok
20:54:35.0769 6060 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
20:54:35.0800 6060 IPBusEnum - ok
20:54:35.0800 6060 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:54:35.0831 6060 IpFilterDriver - ok
20:54:35.0909 6060 iphlpsvc (58f67245d041fbe7af88f4eaf79df0fa) C:\windows\System32\iphlpsvc.dll
20:54:35.0940 6060 iphlpsvc - ok
20:54:35.0971 6060 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
20:54:36.0003 6060 IPMIDRV - ok
20:54:36.0018 6060 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
20:54:36.0049 6060 IPNAT - ok
20:54:36.0065 6060 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
20:54:36.0081 6060 IRENUM - ok
20:54:36.0112 6060 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
20:54:36.0127 6060 isapnp - ok
20:54:36.0143 6060 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
20:54:36.0159 6060 iScsiPrt - ok
20:54:36.0174 6060 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
20:54:36.0190 6060 kbdclass - ok
20:54:36.0205 6060 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
20:54:36.0221 6060 kbdhid - ok
20:54:36.0283 6060 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:54:36.0315 6060 KeyIso - ok
20:54:36.0361 6060 KL1 (ea26cb00f83686856f2c79673c00c686) C:\windows\system32\DRIVERS\kl1.sys
20:54:36.0393 6060 KL1 - ok
20:54:36.0439 6060 KLIF (fbc7f840f1118d358d2afb8c1714b384) C:\windows\system32\DRIVERS\klif.sys
20:54:36.0471 6060 KLIF - ok
20:54:36.0486 6060 KLIM6 (af127fe7dd5ed2bbc9049fd8a00defc2) C:\windows\system32\DRIVERS\klim6.sys
20:54:36.0502 6060 KLIM6 - ok
20:54:36.0502 6060 klkbdflt (24aebad59d1de8a7cc36e8f09f999362) C:\windows\system32\DRIVERS\klkbdflt.sys
20:54:36.0517 6060 klkbdflt - ok
20:54:36.0517 6060 klmouflt (a58507c2827c3ae1d4ccb2746aab349f) C:\windows\system32\DRIVERS\klmouflt.sys
20:54:36.0533 6060 klmouflt - ok
20:54:36.0549 6060 kltdi (53c0df6c5139cb78a631e7afcd893730) C:\windows\system32\DRIVERS\kltdi.sys
20:54:36.0564 6060 kltdi - ok
20:54:36.0580 6060 kneps (71a38c123600172511c26bfabd0ef579) C:\windows\system32\DRIVERS\kneps.sys
20:54:36.0595 6060 kneps - ok
20:54:36.0642 6060 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\windows\system32\Drivers\ksecdd.sys
20:54:36.0658 6060 KSecDD - ok
20:54:36.0705 6060 KSecPkg (5fe1abf1af591a3458c9cf24ed9a4d35) C:\windows\system32\Drivers\ksecpkg.sys
20:54:36.0720 6060 KSecPkg - ok
20:54:36.0751 6060 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
20:54:36.0783 6060 KtmRm - ok
20:54:36.0845 6060 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll
20:54:36.0876 6060 LanmanServer - ok
20:54:36.0907 6060 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
20:54:36.0939 6060 LanmanWorkstation - ok
20:54:36.0970 6060 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
20:54:37.0001 6060 lltdio - ok
20:54:37.0032 6060 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
20:54:37.0063 6060 lltdsvc - ok
20:54:37.0079 6060 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
20:54:37.0110 6060 lmhosts - ok
20:54:37.0141 6060 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
20:54:37.0157 6060 LSI_FC - ok
20:54:37.0173 6060 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
20:54:37.0188 6060 LSI_SAS - ok
20:54:37.0204 6060 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:54:37.0219 6060 LSI_SAS2 - ok
20:54:37.0219 6060 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:54:37.0235 6060 LSI_SCSI - ok
20:54:37.0266 6060 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
20:54:37.0297 6060 luafv - ok
20:54:37.0344 6060 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
20:54:37.0375 6060 Mcx2Svc - ok
20:54:37.0469 6060 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
20:54:37.0469 6060 MDM ( UnsignedFile.Multi.Generic ) - warning
20:54:37.0469 6060 MDM - detected UnsignedFile.Multi.Generic (1)
20:54:37.0516 6060 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
20:54:37.0531 6060 megasas - ok
20:54:37.0547 6060 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
20:54:37.0563 6060 MegaSR - ok
20:54:37.0641 6060 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:54:37.0656 6060 Microsoft Office Groove Audit Service - ok
20:54:37.0687 6060 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
20:54:37.0719 6060 MMCSS - ok
20:54:37.0750 6060 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
20:54:37.0781 6060 Modem - ok
20:54:37.0797 6060 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
20:54:37.0812 6060 monitor - ok
20:54:37.0843 6060 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
20:54:37.0859 6060 mouclass - ok
20:54:37.0875 6060 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
20:54:37.0890 6060 mouhid - ok
20:54:37.0937 6060 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
20:54:37.0953 6060 mountmgr - ok
20:54:37.0984 6060 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
20:54:37.0999 6060 mpio - ok
20:54:38.0031 6060 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
20:54:38.0062 6060 mpsdrv - ok
20:54:38.0140 6060 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll
20:54:38.0171 6060 MpsSvc - ok
20:54:38.0218 6060 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
20:54:38.0233 6060 MRxDAV - ok
20:54:38.0265 6060 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
20:54:38.0280 6060 mrxsmb - ok
20:54:38.0296 6060 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:54:38.0311 6060 mrxsmb10 - ok
20:54:38.0327 6060 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:54:38.0343 6060 mrxsmb20 - ok
20:54:38.0389 6060 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
20:54:38.0405 6060 msahci - ok
20:54:38.0421 6060 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
20:54:38.0436 6060 msdsm - ok
20:54:38.0467 6060 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
20:54:38.0483 6060 MSDTC - ok
20:54:38.0514 6060 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
20:54:38.0545 6060 Msfs - ok
20:54:38.0545 6060 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
20:54:38.0577 6060 mshidkmdf - ok
20:54:38.0592 6060 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
20:54:38.0608 6060 msisadrv - ok
20:54:38.0639 6060 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
20:54:38.0670 6060 MSiSCSI - ok
20:54:38.0670 6060 msiserver - ok
20:54:38.0686 6060 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
20:54:38.0717 6060 MSKSSRV - ok
20:54:38.0717 6060 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
20:54:38.0748 6060 MSPCLOCK - ok
20:54:38.0764 6060 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
20:54:38.0795 6060 MSPQM - ok
20:54:38.0826 6060 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
20:54:38.0842 6060 MsRPC - ok
20:54:38.0873 6060 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
20:54:38.0889 6060 mssmbios - ok
20:54:38.0889 6060 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
20:54:38.0920 6060 MSTEE - ok
20:54:38.0935 6060 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
20:54:38.0951 6060 MTConfig - ok
20:54:38.0967 6060 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
20:54:38.0982 6060 Mup - ok
20:54:39.0029 6060 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
20:54:39.0060 6060 napagent - ok
20:54:39.0091 6060 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
20:54:39.0107 6060 NativeWifiP - ok
20:54:39.0201 6060 NDIS (8c9c922d71f1cd4def73f186416b7896) C:\windows\system32\drivers\ndis.sys
20:54:39.0247 6060 NDIS - ok
20:54:39.0263 6060 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
20:54:39.0294 6060 NdisCap - ok
20:54:39.0294 6060 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
20:54:39.0325 6060 NdisTapi - ok
20:54:39.0372 6060 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
20:54:39.0388 6060 Ndisuio - ok
20:54:39.0450 6060 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
20:54:39.0481 6060 NdisWan - ok
20:54:39.0497 6060 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
20:54:39.0528 6060 NDProxy - ok
20:54:39.0575 6060 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
20:54:39.0606 6060 NetBIOS - ok
20:54:39.0606 6060 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
20:54:39.0637 6060 NetBT - ok
20:54:39.0684 6060 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:54:39.0715 6060 Netlogon - ok
20:54:39.0747 6060 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
20:54:39.0793 6060 Netman - ok
20:54:39.0809 6060 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
20:54:39.0840 6060 netprofm - ok
20:54:39.0934 6060 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:54:39.0965 6060 NetTcpPortSharing - ok
20:54:39.0996 6060 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
20:54:40.0012 6060 nfrd960 - ok
20:54:40.0059 6060 NlaSvc (374071043f9e4231ee43be2bb48dd36d) C:\windows\System32\nlasvc.dll
20:54:40.0074 6060 NlaSvc - ok
20:54:40.0105 6060 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\windows\system32\drivers\ccdcmb.sys
20:54:40.0137 6060 nmwcd - ok
20:54:40.0152 6060 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\windows\system32\drivers\ccdcmbo.sys
20:54:40.0183 6060 nmwcdc - ok
20:54:40.0215 6060 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\windows\system32\drivers\nmwcdnsu.sys
20:54:40.0246 6060 nmwcdnsu - ok
20:54:40.0293 6060 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
20:54:40.0339 6060 Npfs - ok
20:54:40.0371 6060 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
20:54:40.0402 6060 nsi - ok
20:54:40.0417 6060 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
20:54:40.0449 6060 nsiproxy - ok
20:54:40.0542 6060 Ntfs (0d87503986bb3dfed58e343fe39dde13) C:\windows\system32\drivers\Ntfs.sys
20:54:40.0573 6060 Ntfs - ok
20:54:40.0605 6060 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
20:54:40.0636 6060 Null - ok
20:54:40.0667 6060 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
20:54:40.0667 6060 NVHDA - ok
20:54:41.0073 6060 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
20:54:41.0229 6060 nvlddmkm - ok
20:54:41.0353 6060 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
20:54:41.0385 6060 nvraid - ok
20:54:41.0400 6060 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
20:54:41.0416 6060 nvstor - ok
20:54:41.0463 6060 nvsvc (63a9cace87c31a46bdf4ad448d9a033a) C:\windows\system32\nvvsvc.exe
20:54:41.0494 6060 nvsvc - ok
20:54:41.0494 6060 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
20:54:41.0525 6060 nv_agp - ok
20:54:41.0572 6060 OberonGameConsoleService (b5d5da8230d3d3525839d939a9196c3e) C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
20:54:41.0587 6060 OberonGameConsoleService - ok
20:54:41.0681 6060 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:54:41.0697 6060 odserv - ok
20:54:41.0728 6060 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
20:54:41.0743 6060 ohci1394 - ok
20:54:41.0775 6060 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:54:41.0790 6060 ose - ok
20:54:41.0821 6060 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
20:54:41.0853 6060 p2pimsvc - ok
20:54:41.0868 6060 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
20:54:41.0884 6060 p2psvc - ok
20:54:41.0915 6060 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
20:54:41.0946 6060 Parport - ok
20:54:41.0977 6060 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\windows\system32\drivers\partmgr.sys
20:54:41.0993 6060 partmgr - ok
20:54:42.0009 6060 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
20:54:42.0024 6060 Parvdm - ok
20:54:42.0040 6060 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
20:54:42.0071 6060 PcaSvc - ok
20:54:42.0102 6060 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
20:54:42.0118 6060 pci - ok
20:54:42.0133 6060 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
20:54:42.0149 6060 pciide - ok
20:54:42.0180 6060 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
20:54:42.0196 6060 pcmcia - ok
20:54:42.0211 6060 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
20:54:42.0227 6060 pcw - ok
20:54:42.0274 6060 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
20:54:42.0305 6060 PEAUTH - ok
20:54:42.0414 6060 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
20:54:42.0461 6060 pla - ok
20:54:42.0570 6060 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
20:54:42.0617 6060 PlugPlay - ok
20:54:42.0633 6060 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
20:54:42.0648 6060 PNRPAutoReg - ok
20:54:42.0679 6060 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
20:54:42.0695 6060 PNRPsvc - ok
20:54:42.0742 6060 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
20:54:42.0773 6060 PolicyAgent - ok
20:54:42.0820 6060 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
20:54:42.0851 6060 Power - ok
20:54:42.0882 6060 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
20:54:42.0929 6060 PptpMiniport - ok
20:54:42.0945 6060 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
20:54:42.0960 6060 Processor - ok
20:54:43.0007 6060 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\windows\system32\profsvc.dll
20:54:43.0038 6060 ProfSvc - ok
20:54:43.0085 6060 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:54:43.0101 6060 ProtectedStorage - ok
20:54:43.0116 6060 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
20:54:43.0147 6060 Psched - ok
20:54:43.0225 6060 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
20:54:43.0288 6060 ql2300 - ok
20:54:43.0381 6060 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
20:54:43.0413 6060 ql40xx - ok
20:54:43.0444 6060 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
20:54:43.0475 6060 QWAVE - ok
20:54:43.0491 6060 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
20:54:43.0506 6060 QWAVEdrv - ok
20:54:43.0506 6060 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
20:54:43.0537 6060 RasAcd - ok
20:54:43.0553 6060 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
20:54:43.0584 6060 RasAgileVpn - ok
20:54:43.0600 6060 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
20:54:43.0631 6060 RasAuto - ok
20:54:43.0647 6060 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
20:54:43.0678 6060 Rasl2tp - ok
20:54:43.0725 6060 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
20:54:43.0787 6060 RasMan - ok
20:54:43.0818 6060 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
20:54:43.0849 6060 RasPppoe - ok
20:54:43.0865 6060 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
20:54:43.0896 6060 RasSstp - ok
20:54:43.0943 6060 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
20:54:43.0990 6060 rdbss - ok
20:54:44.0005 6060 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
20:54:44.0021 6060 rdpbus - ok
20:54:44.0068 6060 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
20:54:44.0083 6060 RDPCDD - ok
20:54:44.0099 6060 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
20:54:44.0130 6060 RDPENCDD - ok
20:54:44.0146 6060 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
20:54:44.0177 6060 RDPREFMP - ok
20:54:44.0224 6060 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\windows\system32\drivers\RDPWD.sys
20:54:44.0255 6060 RDPWD - ok
20:54:44.0302 6060 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
20:54:44.0333 6060 rdyboost - ok
20:54:44.0380 6060 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
20:54:44.0427 6060 RemoteAccess - ok
20:54:44.0458 6060 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
20:54:44.0489 6060 RemoteRegistry - ok
20:54:44.0583 6060 RichVideo (7ccaebcab6fc1ed0206c07e083e79207) C:\Program Files\CyberLink\Shared files\RichVideo.exe
20:54:44.0598 6060 RichVideo - ok
20:54:44.0614 6060 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
20:54:44.0645 6060 RpcEptMapper - ok
20:54:44.0676 6060 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
20:54:44.0692 6060 RpcLocator - ok
20:54:44.0754 6060 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
20:54:44.0785 6060 RpcSs - ok
20:54:44.0817 6060 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
20:54:44.0848 6060 rspndr - ok
20:54:44.0863 6060 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
20:54:44.0879 6060 RTL8167 - ok
20:54:44.0910 6060 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
20:54:44.0926 6060 SABI - ok
20:54:44.0957 6060 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:54:44.0973 6060 SamSs - ok
20:54:45.0004 6060 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
20:54:45.0019 6060 sbp2port - ok
20:54:45.0051 6060 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
20:54:45.0082 6060 SCardSvr - ok
20:54:45.0129 6060 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
20:54:45.0160 6060 scfilter - ok
20:54:45.0222 6060 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
20:54:45.0285 6060 Schedule - ok
20:54:45.0347 6060 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
20:54:45.0378 6060 SCPolicySvc - ok
20:54:45.0425 6060 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
20:54:45.0441 6060 SDRSVC - ok
20:54:45.0472 6060 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
20:54:45.0503 6060 secdrv - ok
20:54:45.0519 6060 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
20:54:45.0550 6060 seclogon - ok
20:54:45.0565 6060 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll
20:54:45.0597 6060 SENS - ok
20:54:45.0612 6060 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
20:54:45.0643 6060 SensrSvc - ok
20:54:45.0659 6060 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
20:54:45.0675 6060 Serenum - ok
20:54:45.0690 6060 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
20:54:45.0706 6060 Serial - ok
20:54:45.0737 6060 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
20:54:45.0753 6060 sermouse - ok
20:54:45.0815 6060 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
20:54:45.0846 6060 SessionEnv - ok
20:54:45.0877 6060 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
20:54:45.0893 6060 sffdisk - ok
20:54:45.0893 6060 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
20:54:45.0909 6060 sffp_mmc - ok
20:54:45.0924 6060 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
20:54:45.0940 6060 sffp_sd - ok
20:54:45.0971 6060 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
20:54:45.0987 6060 sfloppy - ok
20:54:46.0018 6060 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
20:54:46.0049 6060 SharedAccess - ok
20:54:46.0111 6060 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
20:54:46.0158 6060 ShellHWDetection - ok
20:54:46.0174 6060 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
20:54:46.0189 6060 sisagp - ok
20:54:46.0221 6060 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:54:46.0236 6060 SiSRaid2 - ok
20:54:46.0252 6060 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
20:54:46.0267 6060 SiSRaid4 - ok
20:54:46.0283 6060 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
20:54:46.0314 6060 Smb - ok
20:54:46.0330 6060 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
20:54:46.0345 6060 SNMPTRAP - ok
20:54:46.0361 6060 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
20:54:46.0377 6060 spldr - ok
20:54:46.0439 6060 Spooler (9aea093b8f9c37cf45538382caba2475) C:\windows\System32\spoolsv.exe
20:54:46.0486 6060 Spooler - ok
20:54:46.0657 6060 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
20:54:46.0735 6060 sppsvc - ok
20:54:46.0845 6060 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
20:54:46.0891 6060 sppuinotify - ok
20:54:46.0938 6060 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
20:54:46.0954 6060 srv - ok
20:54:47.0001 6060 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
20:54:47.0016 6060 srv2 - ok
20:54:47.0032 6060 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
20:54:47.0047 6060 srvnet - ok
20:54:47.0079 6060 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
20:54:47.0110 6060 SSDPSRV - ok
20:54:47.0125 6060 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
20:54:47.0157 6060 SstpSvc - ok
20:54:47.0203 6060 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
20:54:47.0219 6060 stexstor - ok
20:54:47.0266 6060 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
20:54:47.0297 6060 StiSvc - ok
20:54:47.0328 6060 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
20:54:47.0344 6060 swenum - ok
20:54:47.0375 6060 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
20:54:47.0422 6060 swprv - ok
20:54:47.0453 6060 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
20:54:47.0469 6060 SynTP - ok
20:54:47.0562 6060 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
20:54:47.0593 6060 SysMain - ok
20:54:47.0656 6060 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
20:54:47.0671 6060 TabletInputService - ok
20:54:47.0718 6060 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
20:54:47.0765 6060 TapiSrv - ok
20:54:47.0796 6060 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
20:54:47.0827 6060 TBS - ok
20:54:47.0952 6060 Tcpip (e23a56f843e2aebbb209d0acca73c640) C:\windows\system32\drivers\tcpip.sys
20:54:47.0983 6060 Tcpip - ok
20:54:47.0999 6060 TCPIP6 (e23a56f843e2aebbb209d0acca73c640) C:\windows\system32\DRIVERS\tcpip.sys
20:54:48.0046 6060 TCPIP6 - ok
20:54:48.0061 6060 tcpipreg (3eebd3bd93da46a26e89893c7ab2ff3b) C:\windows\system32\drivers\tcpipreg.sys
20:54:48.0077 6060 tcpipreg - ok
20:54:48.0124 6060 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
20:54:48.0139 6060 TDPIPE - ok
20:54:48.0186 6060 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
20:54:48.0202 6060 TDTCP - ok
20:54:48.0217 6060 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
20:54:48.0249 6060 tdx - ok
20:54:48.0264 6060 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
20:54:48.0280 6060 TermDD - ok
20:54:48.0342 6060 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
20:54:48.0373 6060 TermService - ok
20:54:48.0389 6060 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
20:54:48.0405 6060 Themes - ok
20:54:48.0436 6060 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
20:54:48.0467 6060 THREADORDER - ok
20:54:48.0483 6060 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
20:54:48.0514 6060 TrkWks - ok
20:54:48.0592 6060 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
20:54:48.0654 6060 TrustedInstaller - ok
20:54:48.0654 6060 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
20:54:48.0685 6060 tssecsrv - ok
20:54:48.0732 6060 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
20:54:48.0748 6060 TsUsbFlt - ok
20:54:48.0795 6060 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
20:54:48.0826 6060 tunnel - ok
20:54:48.0841 6060 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
20:54:48.0857 6060 uagp35 - ok
20:54:48.0919 6060 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
20:54:48.0966 6060 udfs - ok
20:54:49.0013 6060 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
20:54:49.0029 6060 UI0Detect - ok
20:54:49.0044 6060 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
20:54:49.0060 6060 uliagpkx - ok
20:54:49.0091 6060 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
20:54:49.0107 6060 umbus - ok
20:54:49.0122 6060 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
20:54:49.0138 6060 UmPass - ok
20:54:49.0153 6060 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
20:54:49.0200 6060 upnphost - ok
20:54:49.0231 6060 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\windows\system32\DRIVERS\usbser_lowerflt.sys
20:54:49.0263 6060 upperdev - ok
20:54:49.0263 6060 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
20:54:49.0278 6060 usbccgp - ok
20:54:49.0294 6060 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
20:54:49.0309 6060 usbcir - ok
20:54:49.0325 6060 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
20:54:49.0341 6060 usbehci - ok
20:54:49.0356 6060 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
20:54:49.0372 6060 usbhub - ok
20:54:49.0387 6060 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys
20:54:49.0403 6060 usbohci - ok
20:54:49.0419 6060 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
20:54:49.0434 6060 usbprint - ok
20:54:49.0450 6060 usbser (31181de6190b39fc8007dffd1a48ffd6) C:\windows\system32\drivers\usbser.sys
20:54:49.0465 6060 usbser - ok
20:54:49.0481 6060 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
20:54:49.0512 6060 UsbserFilt - ok
20:54:49.0528 6060 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
20:54:49.0543 6060 USBSTOR - ok
20:54:49.0543 6060 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys
20:54:49.0559 6060 usbuhci - ok
20:54:49.0590 6060 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
20:54:49.0606 6060 usbvideo - ok
20:54:49.0637 6060 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
20:54:49.0668 6060 UxSms - ok
20:54:49.0715 6060 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:54:49.0746 6060 VaultSvc - ok
20:54:49.0777 6060 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
20:54:49.0793 6060 vdrvroot - ok
20:54:49.0855 6060 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
20:54:49.0902 6060 vds - ok
20:54:49.0918 6060 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
20:54:49.0933 6060 vga - ok
20:54:49.0949 6060 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
20:54:49.0980 6060 VgaSave - ok
20:54:50.0011 6060 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
20:54:50.0027 6060 vhdmp - ok
20:54:50.0058 6060 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
20:54:50.0074 6060 viaagp - ok
20:54:50.0089 6060 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
20:54:50.0105 6060 ViaC7 - ok
20:54:50.0121 6060 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
20:54:50.0136 6060 viaide - ok
20:54:50.0167 6060 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
20:54:50.0183 6060 volmgr - ok
20:54:50.0230 6060 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
20:54:50.0245 6060 volmgrx - ok
20:54:50.0277 6060 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
20:54:50.0292 6060 volsnap - ok
20:54:50.0323 6060 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
20:54:50.0339 6060 vsmraid - ok
20:54:50.0448 6060 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
20:54:50.0495 6060 VSS - ok
20:54:50.0526 6060 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
20:54:50.0542 6060 vwifibus - ok
20:54:50.0573 6060 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
20:54:50.0604 6060 vwififlt - ok
20:54:50.0620 6060 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
20:54:50.0651 6060 vwifimp - ok
20:54:50.0682 6060 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
20:54:50.0713 6060 W32Time - ok
20:54:50.0729 6060 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
20:54:50.0745 6060 WacomPen - ok
20:54:50.0791 6060 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
20:54:50.0838 6060 WANARP - ok
20:54:50.0854 6060 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
20:54:50.0869 6060 Wanarpv6 - ok
20:54:50.0963 6060 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
20:54:51.0010 6060 wbengine - ok
20:54:51.0025 6060 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
20:54:51.0041 6060 WbioSrvc - ok
20:54:51.0088 6060 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
20:54:51.0119 6060 wcncsvc - ok
20:54:51.0135 6060 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
20:54:51.0166 6060 WcsPlugInService - ok
20:54:51.0197 6060 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
20:54:51.0213 6060 Wd - ok
20:54:51.0291 6060 Wdf01000 (a840213f1acdcc175b4d1d5aaeac0d7a) C:\windows\system32\drivers\Wdf01000.sys
20:54:51.0322 6060 Wdf01000 - ok
20:54:51.0337 6060 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
20:54:51.0353 6060 WdiServiceHost - ok
20:54:51.0369 6060 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
20:54:51.0384 6060 WdiSystemHost - ok
20:54:51.0431 6060 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
20:54:51.0478 6060 WebClient - ok
20:54:51.0493 6060 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
20:54:51.0525 6060 Wecsvc - ok
20:54:51.0556 6060 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
20:54:51.0587 6060 wercplsupport - ok
20:54:51.0603 6060 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
20:54:51.0634 6060 WerSvc - ok
20:54:51.0649 6060 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
20:54:51.0681 6060 WfpLwf - ok
20:54:51.0696 6060 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
20:54:51.0712 6060 WIMMount - ok
20:54:51.0790 6060 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
20:54:51.0805 6060 WinDefend - ok
20:54:51.0821 6060 WinHttpAutoProxySvc - ok
20:54:51.0868 6060 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
20:54:51.0899 6060 Winmgmt - ok
20:54:52.0008 6060 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
20:54:52.0055 6060 WinRM - ok
20:54:52.0117 6060 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
20:54:52.0149 6060 Wlansvc - ok
20:54:52.0289 6060 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:54:52.0320 6060 wlidsvc - ok
20:54:52.0429 6060 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
20:54:52.0461 6060 WmiAcpi - ok
20:54:52.0507 6060 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
20:54:52.0523 6060 wmiApSrv - ok
20:54:52.0632 6060 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:54:52.0663 6060 WMPNetworkSvc - ok
20:54:52.0679 6060 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
20:54:52.0710 6060 WPCSvc - ok
20:54:52.0741 6060 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
20:54:52.0773 6060 WPDBusEnum - ok
20:54:52.0804 6060 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
20:54:52.0835 6060 ws2ifsl - ok
20:54:52.0866 6060 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll
20:54:52.0882 6060 wscsvc - ok
20:54:52.0882 6060 WSearch - ok
20:54:53.0007 6060 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll
20:54:53.0069 6060 wuauserv - ok
20:54:53.0194 6060 WudfPf (06e6f32c8d0a3f66d956f57b43a2e070) C:\windows\system32\drivers\WudfPf.sys
20:54:53.0225 6060 WudfPf - ok
20:54:53.0256 6060 WUDFRd (867c301e8b790040ae9cf6486e8041df) C:\windows\system32\DRIVERS\WUDFRd.sys
20:54:53.0272 6060 WUDFRd - ok
20:54:53.0287 6060 wudfsvc (fe47b7bc8ea320c2d9b5e5bf6e303765) C:\windows\System32\WUDFSvc.dll
20:54:53.0303 6060 wudfsvc - ok
20:54:53.0334 6060 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
20:54:53.0350 6060 WwanSvc - ok
20:54:53.0381 6060 yukonw7 (4e2e09afdb9da5d0c2a3a01a903797a8) C:\windows\system32\DRIVERS\yk62x86.sys
20:54:53.0397 6060 yukonw7 - ok
20:54:53.0428 6060 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
20:54:53.0755 6060 \Device\Harddisk0\DR0 - ok
20:54:53.0755 6060 Boot (0x1200) (f92b9d6b59fd66260c04087457a4d6e1) \Device\Harddisk0\DR0\Partition0
20:54:53.0771 6060 \Device\Harddisk0\DR0\Partition0 - ok
20:54:53.0802 6060 Boot (0x1200) (a54264fcf4b94baa8cab49688cf6a61a) \Device\Harddisk0\DR0\Partition1
20:54:53.0802 6060 \Device\Harddisk0\DR0\Partition1 - ok
20:54:53.0802 6060 ============================================================
20:54:53.0802 6060 Scan finished
20:54:53.0802 6060 ============================================================
20:54:53.0818 4360 Detected object count: 1
20:54:53.0818 4360 Actual detected object count: 1
21:03:57.0371 4360 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:57.0371 4360 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:04:00.0007 4480 Deinitialize success

Ich hoffe es ist das was du meinst !!!?

Gruß

Mirko

Alt 03.01.2013, 19:43   #10
markusg
/// Malware-holic
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.01.2013, 20:18   #11
onetwelve
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



Combofix Logfile:
Code:
ATTFilter
ComboFix 13-01-03.05 - samsung 03.01.2013  19:59:12.1.2 - x86
ausgeführt von:: c:\users\samsung\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\ErrLog.txt
c:\programdata\FullRemove.exe
c:\programdata\ntuser.dat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\51776774_danimarinov_OneTwelve.mat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\56220905_moses698_onetwelve.mat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\56902220_jasmina6_onetwelve.mat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\57758202_karadogan_onetwelve.mat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\Wikipedia.url
c:\windows\$NtUninstallKB1688$
c:\windows\$NtUninstallKB1688$\1027095456\cfg.ini
c:\windows\$NtUninstallKB1688$\2387151705
c:\windows\system32\drivers\etc\hosts.ics
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-03 bis 2013-01-03  ))))))))))))))))))))))))))))))
.
.
2013-01-03 19:08 . 2013-01-03 19:08	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-01-02 19:54 . 2013-01-02 19:54	--------	d-----w-	C:\TDSSKiller_Quarantine
2013-01-01 12:21 . 2013-01-01 12:21	--------	d-----w-	c:\program files\Common Files\Java
2013-01-01 12:20 . 2013-01-01 12:20	93640	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-01-01 12:20 . 2013-01-01 12:20	--------	d-----w-	c:\program files\Java
2012-12-29 17:10 . 2012-12-16 14:13	295424	----a-w-	c:\windows\system32\atmfd.dll
2012-12-29 17:10 . 2012-12-16 14:13	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-14 19:23 . 2012-11-22 02:56	2345984	----a-w-	c:\windows\system32\win32k.sys
2012-12-14 19:21 . 2012-11-09 04:42	2048	----a-w-	c:\windows\system32\tzres.dll
2012-12-14 18:50 . 2012-12-14 18:50	--------	d-----w-	c:\users\samsung\AppData\Roaming\Claro
2012-12-14 18:49 . 2012-12-14 18:49	--------	d-----w-	c:\users\samsung\AppData\Roaming\PerformerSoft
2012-12-14 18:49 . 2012-12-14 19:11	--------	d-----w-	c:\program files\PC Performer
2012-12-14 18:49 . 2012-12-14 18:49	--------	d-----w-	c:\users\samsung\AppData\Roaming\Babylon
2012-12-14 18:49 . 2012-12-14 18:49	--------	d-----w-	c:\programdata\Babylon
2012-12-14 18:49 . 2012-12-14 18:49	--------	d-----w-	c:\programdata\IBUpdaterService
2012-12-14 18:49 . 2012-12-14 18:49	--------	d-----w-	c:\windows\system32\Extensions
2012-12-14 18:49 . 2012-12-14 18:49	--------	d-----w-	c:\windows\system32\searchplugins
2012-12-14 18:49 . 2012-12-14 18:49	--------	d-----w-	c:\programdata\PC Performer Manager
2012-12-14 18:44 . 2012-12-14 19:11	--------	d-----w-	c:\program files\Streamripper
2012-12-14 18:21 . 2012-12-14 18:21	--------	d-----w-	c:\programdata\DivX
2012-12-14 18:21 . 2012-12-14 19:11	--------	d-----w-	c:\program files\Winamp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-03 19:08 . 2013-01-03 19:08	60872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FEC52D5C-318D-466C-BFB2-0544206CB435}\offreg.dll
2013-01-01 12:20 . 2012-05-09 16:30	859072	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-12-11 20:17 . 2012-04-08 14:34	697272	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-12-11 20:17 . 2011-06-05 12:46	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-15 18:32 . 2012-06-08 09:38	43608	----a-w-	c:\windows\system32\drivers\kltdi.sys
2012-11-08 18:00 . 2013-01-01 09:45	6812136	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FEC52D5C-318D-466C-BFB2-0544206CB435}\mpengine.dll
2012-10-16 07:39 . 2012-11-28 18:19	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40 . 2012-11-16 05:11	44032	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 05:11	193536	----a-w-	c:\windows\system32\dhcpcore6.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-04 13830760]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-11-21 8092192]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-10 1578280]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"APLangApp"="c:\program files\AnyPC Client\APLangApp.exe" [2009-10-20 13312]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2012-11-15 356376]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-07-31 11:20	38872	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36	30040	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2012-06-28 15:40	74752	----a-w-	c:\program files\Winamp\winampa.exe
.
R3 AVMUNET;AVM FRITZ!Box;c:\windows\system32\DRIVERS\avmunet.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02	114688	----a-w-	c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 20:17]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = fritz.box
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files\PokerStars.EU\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-BearShare - c:\program files\BearShare\BearShare.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\taskhost.exe
c:\program files\Samsung\Samsung Update Plus\SUPBackground.exe
c:\program files\AnyPC Client\APLanMgrC.exe
c:\program files\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-03  20:14:53 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-01-03 19:14
.
Vor Suchlauf: 11 Verzeichnis(se), 183.815.929.856 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 183.362.408.448 Bytes frei
.
- - End Of File - - 586F94664C0B154E7F18833A1656DA97
         
--- --- ---




Hoffe das ist das Richtige !!!

Alt 03.01.2013, 20:21   #12
markusg
/// Malware-holic
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



Hi
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.01.2013, 21:34   #13
onetwelve
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.03.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
samsung :: SAMSUNG-PC [Administrator]

Schutz: Aktiviert

03.01.2013 20:31:32
mbam-log-2013-01-03 (20-31-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 332573
Laufzeit: 57 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 1
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)









Hat bis jetzt Alles gut geklappt !!

Und nun?

Lieber Gruß

Sorry dachte Combofix wurde nicht online gestellt.

Kaspersky findet immernoch Malware

HEUR:Exploit.Java.CVE-2012-4681.gen

Und was nun?

Bitte um Hilfe !!!

Gruß Mirko

Alt 05.01.2013, 16:31   #14
markusg
/// Malware-holic
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



poste mal die Pfadangabe von Kaspersky, mit Datum.
Wie leere ich den Java-Cache?
leere den Cache von Java.
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.01.2013, 18:13   #15
onetwelve
 
Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Standard

Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?



Hallo Markus

C:\Documents and Settings\samsung\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5c9af9c5-5449ab32

Ereignis: Gefunden: Heur:Exploit.Java.CVE-2012-4681.gen

Datum = 04.01.2013 um 18.48.14 Uhr

Antwort

Themen zu Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?
ahnung, beste, besten, control, eingefangen, erklärung, heur:exploit.java.cve-2012-4681.gen, installieren, interne, internet, java, kaspersky, laptop, löschen, natürlich, neuste, nicht löschen, pup.installbrain, rechner, trojaner, version, versuche, virus, windows



Ähnliche Themen: Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?


  1. Backdoor.Win32.ZAccess.eqwk / .epsi und HEUR:Exploit.Java.Generic auf meinem Rechner
    Log-Analyse und Auswertung - 26.11.2013 (17)
  2. HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 26.10.2013 (13)
  3. HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 26.10.2013 (12)
  4. Kaspersky findet 2 trojanische Programme (Windows 7): HEUR:Exploit.Java.CVE-2012-1723.gen und Exploit.Java.CVE-2012-1723.nh
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (14)
  5. Trojaner HEUR:Exploit.Java.CVE-2012-1723.gen in c:\documents and settings\***\appdata\locallow\sun\java\deployment\cache\6.0\34\ gefunden
    Log-Analyse und Auswertung - 30.05.2013 (7)
  6. HEUR:Exploit.Java.CVE-2012-0507.gen
    Log-Analyse und Auswertung - 03.04.2013 (13)
  7. HEUR:Exploit.Java.CVE-2012-1723.gen
    Log-Analyse und Auswertung - 18.03.2013 (1)
  8. Trojan-Downloader.JS.Expack.ack / Exploit.Java.CVE-2012-4681.gen
    Log-Analyse und Auswertung - 30.01.2013 (15)
  9. Trojaner HEUR:Exploit.Java.CVE-2012-0507.gen und HEUR:Exploit.Java.Generic
    Log-Analyse und Auswertung - 26.01.2013 (24)
  10. HEUR:Exploit.Java.CVE-2012-0507.gen
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (3)
  11. "HEUR:Exploit.Java.CVE-2012-4681.gen" entfernen
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (2)
  12. HEUR:Exploit.Java.CVE-2012-1723.gen in c:/documents and settings/.../appdata/locallow/sun/java/deployment/cache/6.0/1/3935ec1-7693a783
    Plagegeister aller Art und deren Bekämpfung - 14.12.2012 (2)
  13. HEUR:Exploit.Java.CVE-2012-4681.gen
    Log-Analyse und Auswertung - 26.11.2012 (23)
  14. HEUR:Exploit.Java.CVE-2012-4681.gen" sowie mehrfach Exploit.Java.CVE-2012-0507.ou mit kaspersky gefunden in C:Dokumente und Einstellungen ge
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (11)
  15. HEUR:Exploit.Java.CVE-2012-4681.gen -wie entfernen
    Mülltonne - 15.11.2012 (1)
  16. HEUR:Exploit Java. CVE-2012-4681.gen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (24)
  17. Trijaner-Downloader.JS.Agent.gmg+Heur:Exploit.Java.CVE.2012-4681.ger
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)

Zum Thema Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? - Hallo Habe mir wohl schon vor längerer Zeit diesen Virus eingefangen und im Internet versucht mir einige Beseitigungsvorschläge einzuholen. Aber da ich nicht so viel Ahnung habe mit speziellen Fachbegriffen, - Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?...
Archiv
Du betrachtest: Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.