| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: HTTP und TCP Request zur IP 174.35.7.4Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.02.2013, 01:34
| #1 |
 |  HTTP und TCP Request zur IP 174.35.7.4 Guten Abend, schon seit längerer Zeit sind mir eigenartige Requests auf die IP 174.35.7.4 aufgefallen. Im System selber sind keine Störungen zu bemerken. Per Wireshark habe ich einige Infos zusammengefügt die ich hier präsentieren möchte. Ich hoffe ich bekommen einen Rat wie ich vorgehen soll. Beispiel Requests Code:
ATTFilter Host : hxxp://h0-s1002.p7-fra.cdngp.net/login/
IP : 174.35.7.4
GET /login/favicon.ico HTTP/1.1\r\n
Auch über google lassen sich keine weiteren interessanten Infos über die Ip/Host herausfinden. Lg |
|
14.02.2013, 13:29
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | HTTP und TCP Request zur IP 174.35.7.4 Hallo,
__________________die IP gehört lt. utrace zu CDNetworks Kannst du damit etwas anfangen? Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ |
|
14.02.2013, 16:32
| #3 |
| | HTTP und TCP Request zur IP 174.35.7.4 zu CDNetworks fällt mir nichts ein.
__________________Da beide Inhalte zusammen nicht in einen Post passen, ist es hoffentlich ok das ich daraus 2 Post mache. OTL.txt Code:
ATTFilter OTL logfile created on: 14.02.2013 16:07:21 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 56,14% Memory free
8,00 Gb Paging File | 5,82 Gb Available in Paging File | 72,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 12,07 Gb Free Space | 12,36% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 26,32 Gb Free Space | 7,15% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\***\Desktop\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Users\***\AppData\Local\Apps\2.0\3B99J9HE.Y30\46B953WL.M7W\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe (SAP AG)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - D:\Programme\VMWare\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - D:\Programme\VMWare\vmware-ufad.exe (VMware, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Users\***\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e963e9f51746f8e23837be7760e187c6\System.Windows.Forms.ni.dll ()
MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - D:\Programme\FileZilla FTP Client\fzshellext.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MBAMService) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TunngleService) -- D:\Programme\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (OODefragAgent) -- D:\Programme\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (NWSAPAutoWorkstationUpdateSvc) -- C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe (SAP AG)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- D:\Programme\VMWare\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (ufad-ws60) -- D:\Programme\VMWare\vmware-ufad.exe (VMware, Inc.)
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (MSSQLServerADHelper100) -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (MSSQL$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avmaura) -- C:\Windows\SysNative\drivers\avmaura.sys (AVM Berlin)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (avmaudio) -- C:\Windows\SysNative\drivers\avmaudio.sys (AVM Berlin)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (VMparport) -- C:\Windows\SysNative\drivers\VMparport.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmusb) -- C:\Windows\SysNative\drivers\vmusb.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (vstor2-ws60) -- D:\Programme\VMWare\vstor2-ws60.sys (VMware, Inc.)
DRV - (VSPerfDrv100) -- D:\Programme\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (usbaudio) -- C:\Windows\SysWOW64\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (usbhub) -- C:\Windows\SysWOW64\drivers\usbhub.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A D0 55 5B 68 2F CC 01 [binary data]
IE - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000\..\SearchScopes\{5902D6C0-07D8-45DF-8B29-ACA8BF94BCEA}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledAddons: {df4e4df5-5cb7-46b0-9aef-6c784c3249f8}:1.2.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\AdobeReader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.11.05 18:15:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.12.01 20:35:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2011.11.09 16:16:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2013.02.07 17:21:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2013.01.10 00:12:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: D:\Programme\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Programme\Mozilla Firefox\components [2011.11.09 16:16:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2013.02.07 17:21:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2013.01.10 00:12:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: D:\Programme\Mozilla Thunderbird\plugins
[2011.06.20 17:41:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.10.19 21:31:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\9wbffpun.default\extensions
[2012.10.19 21:31:49 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\9wbffpun.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.09.07 01:56:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\9wbffpun.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.10.19 21:31:50 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.09.07 21:03:35 | 000,026,136 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
[2012.10.19 21:29:42 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin-1.xml
[2011.07.02 22:26:05 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin-2.xml
[2011.08.17 18:03:14 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin-3.xml
[2011.08.25 12:16:26 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin-4.xml
[2011.09.02 00:56:34 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin-5.xml
[2011.09.07 03:03:08 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin-6.xml
[2011.10.02 13:30:02 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin-7.xml
[2011.10.16 18:51:14 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin-8.xml
[2011.11.09 16:18:06 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\9wbffpun.default\searchplugins\icqplugin.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Programme\AdobeReader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = D:\Programme\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: MFireLauncher (Enabled) = D:\Programme\Mozilla Firefox\plugins\NPMFireLauncher.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = D:\Programme\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = D:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: NPOP7Plugin (Enabled) = D:\Programme\Mozilla Firefox\plugins\NPOP7PlugIn.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Zylom Plugin (Enabled) = D:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Disabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: AdBlock = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\
CHR - Extension: Cr!Box = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp\2.3_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012.09.03 13:30:24 | 000,002,189 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.org # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.org # misleading site
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [OODefragTray] D:\Programme\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000..\Run: [AVMUSBFernanschluss] C:\Users\***\AppData\Local\Apps\2.0\3B99J9HE.Y30\46B953WL.M7W\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe (AVM Berlin)
O4 - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000..\Run: [ManyCam] D:\Programme\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKU\S-1-5-21-1445763491-3315700046-3714806259-1000..\Run: [mapdisk] "C:\ARMA2\ArmAWork\mapdisk.bat" File not found
O4 - HKU\S-1-5-21-1445763491-3315700046-3714806259-1011..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1445763491-3315700046-3714806259-1011..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - D:\Programme\VMWare\x64\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - D:\Programme\VMWare\x64\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Programme\VMWare\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Programme\VMWare\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 10.11.2)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{439D770A-3C7E-4707-A4C6-CC05D22E3C3F}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1A245BF-4C43-4F70-B3A3-73E3A12FD383}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found
O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - d:\UNI\SAP\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - d:\UNI\SAP\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.05.31 18:56:31 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{d8667dfd-a42a-11e0-802d-b8e5dd9fe745}\Shell - "" = AutoRun
O33 - MountPoints2\{d8667dfd-a42a-11e0-802d-b8e5dd9fe745}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.02.14 16:03:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL (1).exe
[2013.02.13 09:43:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 09:43:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 09:43:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 09:43:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 09:43:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 09:43:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 09:43:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 09:43:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 09:43:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 09:43:33 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 09:43:33 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 09:43:33 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 09:43:31 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 09:43:30 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 09:43:30 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 09:42:37 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 09:42:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 09:42:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 09:42:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 09:42:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 09:42:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 09:42:30 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.13 09:42:24 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 09:42:23 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 09:42:22 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.08 23:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2013.02.08 23:37:44 | 000,000,000 | ---D | C] -- C:\Fraps
[2013.02.08 02:00:18 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\3DMark 11
[2013.02.08 02:00:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\IsolatedStorage
[2013.02.08 02:00:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Futuremark_Corporation
[2013.02.08 01:59:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2013.02.08 01:59:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013.02.08 01:59:09 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013.02.08 01:59:09 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013.02.08 01:59:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013.02.08 01:59:08 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.02.08 01:59:08 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.02.08 01:59:06 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013.02.08 01:59:06 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013.02.08 01:59:05 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.02.08 01:59:05 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.02.08 01:59:04 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.02.08 01:59:04 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.02.08 01:59:02 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.02.08 01:59:02 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.02.08 01:58:58 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.02.08 01:58:58 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.02.08 01:58:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2013.02.08 01:58:35 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2013.02.07 17:15:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.02.07 17:14:29 | 006,382,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.02.07 17:14:29 | 003,455,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.02.07 17:14:29 | 002,558,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.02.07 17:14:29 | 000,118,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.02.07 17:14:29 | 000,063,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.02.07 17:13:55 | 000,061,368 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.02.07 17:13:55 | 000,053,176 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.02.07 17:13:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.02.07 17:12:51 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2013.02.07 17:12:51 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.02.07 17:12:50 | 026,931,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.02.07 17:12:50 | 020,450,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.02.07 17:12:50 | 018,054,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.02.07 17:12:50 | 015,129,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.02.07 17:12:50 | 015,052,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.02.07 17:12:50 | 012,641,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.02.07 17:12:50 | 007,565,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.02.07 17:12:50 | 006,263,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.02.07 17:12:50 | 002,720,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.02.07 17:12:50 | 001,813,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2013.02.07 17:12:50 | 001,504,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2013.02.07 17:12:50 | 001,107,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.02.07 17:12:50 | 000,958,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.02.07 17:12:50 | 000,246,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.02.07 17:12:50 | 000,201,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.02.07 17:12:50 | 000,189,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.02.07 17:12:49 | 025,256,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.02.07 17:12:49 | 009,389,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.02.07 17:12:49 | 007,931,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.02.07 17:12:49 | 002,904,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.02.07 17:12:49 | 002,824,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.02.07 17:12:49 | 002,344,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.02.07 17:12:49 | 001,985,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.02.07 17:12:48 | 017,560,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.02.07 17:12:48 | 002,504,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.01.31 23:46:55 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\odbg110 (1)
[2013.01.31 23:14:29 | 000,000,000 | ---D | C] -- C:\CRYSIS2
[2013.01.31 23:06:38 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.01.31 23:06:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013.01.31 23:06:36 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.01.31 23:06:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.01.31 23:06:35 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.01.31 23:06:35 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.01.31 23:06:34 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013.01.31 23:06:31 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013.01.23 17:37:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BattlEye
[2013.01.23 17:34:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Bohemia Interactive Studio
========== Files - Modified Within 30 Days ==========
[2013.02.14 16:03:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL (1).exe
[2013.02.14 15:40:05 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1445763491-3315700046-3714806259-1000UA.job
[2013.02.14 15:31:17 | 000,013,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.14 15:31:17 | 000,013,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.14 15:22:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.14 15:22:06 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.14 15:22:05 | 000,803,250 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2013.02.14 01:39:59 | 017,755,181 | ---- | M] () -- C:\Users\***\Desktop\abc.pcap
[2013.02.13 19:41:13 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1445763491-3315700046-3714806259-1000Core.job
[2013.02.13 17:17:10 | 000,449,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.13 09:49:42 | 001,829,240 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.13 09:49:42 | 000,765,688 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.13 09:49:42 | 000,721,006 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.13 09:49:42 | 000,174,600 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.13 09:49:42 | 000,147,554 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.08 23:59:29 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.02.08 23:59:29 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.02.08 23:57:49 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.02.08 23:37:45 | 000,000,562 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013.02.08 01:58:42 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2013.01.31 23:46:50 | 001,333,471 | ---- | M] () -- C:\Users\***\Desktop\odbg110 (1).zip
[2013.01.28 23:37:40 | 000,001,047 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.01.22 00:48:13 | 000,020,624 | ---- | M] () -- C:\Users\***\Desktop\lul.jpg
========== Files Created - No Company Name ==========
[2013.02.14 01:39:59 | 017,755,181 | ---- | C] () -- C:\Users\***\Desktop\abc.pcap
[2013.02.08 23:37:45 | 000,000,562 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013.02.08 01:58:42 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2013.02.07 17:14:29 | 002,923,201 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.02.07 17:12:50 | 000,017,266 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.01.31 23:46:51 | 001,333,471 | ---- | C] () -- C:\Users\***\Desktop\odbg110 (1).zip
[2013.01.22 00:48:11 | 000,020,624 | ---- | C] () -- C:\Users\***\Desktop\lul.jpg
[2012.11.23 22:01:37 | 000,013,030 | ---- | C] () -- C:\Users\***\AppData\Roaming\PDOXUSRS.NET
[2012.10.04 13:02:53 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\h5menu32.dll
[2012.10.04 13:02:53 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\h5rtf32.dll
[2012.10.04 13:02:53 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\h5tool32.dll
[2012.10.04 13:02:52 | 001,064,960 | ---- | C] () -- C:\Windows\SysWow64\h5krnl32.dll
[2012.10.04 13:02:52 | 000,188,928 | ---- | C] () -- C:\Windows\SysWow64\h5icon32.dll
[2012.08.23 11:25:09 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.08.23 11:24:10 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012.06.09 17:13:31 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.06.04 19:10:34 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2012.04.10 10:37:09 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.03.12 18:33:50 | 000,000,144 | ---- | C] () -- C:\Users\***\mercurial.ini
[2012.03.11 14:42:05 | 001,063,895 | ---- | C] () -- C:\Users\***\bachelor-ss12.jpg
[2012.03.10 01:12:05 | 000,000,442 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.03.07 19:57:46 | 000,165,376 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2012.01.20 00:52:19 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.01.20 00:48:04 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.11.29 16:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.29 16:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.11.29 16:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.11.29 16:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.11.29 16:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.06 22:23:50 | 000,007,609 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2011.07.19 21:59:52 | 000,024,582 | ---- | C] () -- C:\Users\***\167654_130058137059177_100001649756883_202071_6955004_n.jpg
[2011.07.19 21:58:13 | 000,267,881 | ---- | C] () -- C:\Users\***\SP_A0135.jpg
[2011.07.11 14:03:23 | 000,282,296 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.07.11 14:03:04 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.07.11 14:03:04 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.07.02 23:17:52 | 000,265,216 | ---- | C] () -- C:\Windows\SysWow64\midas.dll
[2011.07.02 23:17:52 | 000,211,056 | ---- | C] () -- C:\Windows\SysWow64\dbclient.dll
[2011.07.02 23:14:10 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\wsihk32.dll
[2011.07.02 23:14:10 | 000,132,096 | ---- | C] () -- C:\Windows\SysWow64\wsiwin32.dll
[2011.07.02 23:11:23 | 000,177,152 | ---- | C] () -- C:\Windows\SysWow64\c5uninst.dll
[2011.07.02 23:11:23 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\IDUNINST.DLL
[2011.06.21 00:31:03 | 001,785,142 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.04.03 23:54:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2012.10.04 12:59:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2011.06.20 23:41:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\driveridentifier
[2013.02.14 15:23:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox
[2011.09.07 01:56:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2011.09.07 01:56:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.01.23 11:29:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2012.03.18 17:50:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HLSW
[2011.09.02 13:02:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2013.01.10 02:39:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ManyCam
[2012.04.10 10:25:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MindPlan_DOLS
[2012.02.22 20:32:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mumble
[2012.04.14 17:39:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++
[2011.09.18 23:30:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2012.11.29 22:47:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Origin
[2011.12.20 01:52:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pokerth
[2011.12.29 15:11:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung
[2013.01.10 00:37:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SAP
[2012.11.13 16:08:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\six-updater
[2012.07.11 20:47:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\six-zsync
[2011.12.07 21:52:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SPORE
[2013.01.07 13:23:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spotify
[2012.03.12 18:26:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011.12.29 15:41:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Temp
[2012.01.28 02:10:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2011.12.30 19:54:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2011.09.06 12:57:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2012.04.06 19:41:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tunngle
[2012.10.26 01:34:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft
[2012.06.06 11:55:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Westfälische Hochschule
[2011.10.10 02:59:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Wireshark
[2012.02.04 14:12:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\wsIRC
[2012.04.15 16:00:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Zylom
========== Purity Check ==========
< End of report >
|
|
14.02.2013, 16:33
| #4 |
| | HTTP und TCP Request zur IP 174.35.7.4 Extras.txt Code:
ATTFilter OTL Extras logfile created on: 14.02.2013 16:07:21 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 56,14% Memory free
8,00 Gb Paging File | 5,82 Gb Available in Paging File | 72,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 12,07 Gb Free Space | 12,36% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 26,32 Gb Free Space | 7,15% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- Reg Error: Value error. File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.js [@ = JSFile] -- Reg Error: Value error. File not found
[HKEY_USERS\S-1-5-21-1445763491-3315700046-3714806259-1000\SOFTWARE\Classes\<extension>]
.txt [@ = txtfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{149CA750-6B57-4CB1-9A9B-5F556F611F28}" = rport=137 | protocol=17 | dir=out | app=system |
"{28D5679E-5203-4EB0-967E-85EB0404F5DE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2F7230E9-DB6B-4EAF-8E1A-F58C0263706C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{32C89FAD-B4C7-417D-9F57-9F7ADDE68CDF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{36528F7B-70D3-4C44-A776-F5E9197BA79A}" = rport=139 | protocol=6 | dir=out | app=system |
"{402CF456-4696-4AAA-8299-7A9B45D66C18}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{41452D25-3154-4187-9FDF-20C15B813532}" = lport=6004 | protocol=17 | dir=in | app=d:\programme\microsoft office\office12\outlook.exe |
"{419E1792-CC3B-408D-BA49-F01893053D11}" = lport=138 | protocol=17 | dir=in | app=system |
"{5391E454-220C-4FB8-90A2-9C0105CA1017}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5936F4E1-DFE0-48FE-B19B-27361BE13BF9}" = rport=445 | protocol=6 | dir=out | app=system |
"{A4984FA5-71F1-4E0D-BC07-2AB10E6B5246}" = rport=138 | protocol=17 | dir=out | app=system |
"{A9ADCDD0-CD85-4AF0-8B5E-FFD3C9F0CC75}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B03B09CA-FD57-45D3-846F-7BC7835FDBA3}" = lport=445 | protocol=6 | dir=in | app=system |
"{CF44FF58-9CBC-4DF6-8DDB-32E77C6F0B0F}" = lport=139 | protocol=6 | dir=in | app=system |
"{FBDA900E-5FA4-4935-BBAF-4843FC637E10}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03889468-7B55-4AB9-871E-D3B62AB74FAC}" = protocol=17 | dir=in | app=d:\programme\tunngle\tnglctrl.exe |
"{06E7E0FB-1185-4DA3-A3C3-9285AD4F3CE1}" = protocol=17 | dir=in | app=d:\ihl_server\bin\hlds.exe |
"{0FB18A76-9235-4775-BFB2-622F717411E9}" = protocol=17 | dir=in | app=d:\programme\microsoft office\office12\onenote.exe |
"{16686C24-F353-408F-8D8B-3928F1BA636A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2\arma2.exe |
"{18250CD4-9EF1-47B3-A122-3A44446DD294}" = protocol=17 | dir=in | app=d:\programme\microsoft office\office12\groove.exe |
"{1865280F-A02B-4FF4-A406-CC6D9426AD23}" = protocol=6 | dir=in | app=d:\altes backup\desktop\c++\cremote\server\project1.exe |
"{19C33C21-EF3B-488E-A73F-65B88FB61CBD}" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{1A0E569E-28A3-4A90-87A1-DA3899C3C06E}" = protocol=6 | dir=in | app=d:\steam\steamapps\stayla_pro\counter-strike\hl.exe |
"{1E4F381F-419A-483B-825F-D4413539E919}" = protocol=17 | dir=in | app=d:\programme\hlsw\hlsw.exe |
"{1F8C00A9-CC81-4FCF-B496-404F5B955187}" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{23E0A25C-9F72-4B12-BC22-DCFA9913B1E1}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{254AC203-D768-44EA-AE0C-738F3B792D68}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{2583C3B1-6EB6-4FF5-94FE-BC95C3EDE90B}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{2B1E9EBA-276B-4D27-9F1A-BD997F28224E}" = protocol=17 | dir=in | app=d:\games\fifa 13\game\fifa13.exe |
"{2D5ABF8F-5D52-4169-AFAB-19F5407FDDD8}" = protocol=17 | dir=in | app=d:\steam\steamapps\stayla_pro\counter-strike\hl.exe |
"{306E6E27-43DA-4DF0-8C0B-A4AAA873B150}" = protocol=17 | dir=in | app=d:\hlserver\bin\hlds.exe |
"{33EBCB25-E67B-461E-968C-5D4E34224F4C}" = protocol=17 | dir=in | app=d:\steam\steamapps\stayla_pro\team fortress 2\hl2.exe |
"{37683216-347B-4C49-80C0-75180EC4CF14}" = protocol=6 | dir=in | app=d:\c++\secac\server\project1.exe |
"{3DC6BBBC-7822-427E-B8C6-5F8139E0B824}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{3E64079F-680A-40EC-B433-73092E5ECB0B}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"{48A8027B-2631-4DC2-9A34-402249817632}" = protocol=17 | dir=in | app=c:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{49923BF6-9C39-4634-BD5F-F530AB3603E4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4B8A141C-FFC4-44C6-BC8E-BA85061CBADC}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2\arma2.exe |
"{4D4BD2F5-A972-4071-8BEF-BB86CB43A6D6}" = protocol=17 | dir=in | app=d:\programme\tunngle\tunngle.exe |
"{5F779682-217D-4178-A6C1-B4D2467B3F61}" = protocol=17 | dir=in | app=d:\programme\mirc\mirc.exe |
"{62AEC200-E908-4F7B-8C08-49654463BAE9}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{662156F9-3CEB-4B2F-9BE4-C3DFA0978E16}" = protocol=6 | dir=in | app=d:\programme\six updater\tools\bin\rsync.exe |
"{6E3E61CA-F1EE-4500-BF3B-AE5640AAC361}" = protocol=6 | dir=in | app=d:\games\killingfloor\killingfloor\system\killingfloor.exe |
"{7052D64B-7D9D-4606-B213-327601F5998A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{74EE86A0-3AF2-4390-8A42-2C39AF6A4DA6}" = protocol=6 | dir=in | app=c:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{763FC18D-8720-4720-88D8-546520FF21D7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{79790253-FDA3-4985-96F1-E868AD6A3B51}" = protocol=6 | dir=in | app=d:\c++\sucht engine_dev_new_readysystem\project1.exe |
"{7AD6BC7C-5CB4-4166-A688-50959156B853}" = protocol=6 | dir=in | app=d:\programme\mirc\mirc.exe |
"{7CB8A992-F51D-4734-9E5D-45942872634E}" = protocol=17 | dir=in | app=d:\games\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{82D18665-1D95-46E2-818D-3E8E16E03E02}" = protocol=17 | dir=in | app=d:\programme\tunngle\tunngle.exe |
"{83F9F77C-DC63-4BDA-A8FB-A3ED560E83E8}" = protocol=17 | dir=in | app=d:\c++\sucht engine_dev_new_readysystem\project1.exe |
"{88905D56-D611-4FF1-BB6F-164F772A7B31}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{8A4E97A3-9B24-4D72-963E-1155ECD71738}" = protocol=17 | dir=in | app=d:\programme\six updater\tools\bin\rsync.exe |
"{8C1B0BE1-71F5-40E8-ADEF-6A5EAC3D0937}" = protocol=6 | dir=in | app=d:\hlserver\bin\hlds.exe |
"{8DB7EBF5-64BF-40F4-A7A8-F18AC83E68BB}" = protocol=17 | dir=in | app=c:\server\hlds.exe |
"{8F31EEE6-0A89-4867-A0B5-DA81F1C60F50}" = protocol=6 | dir=in | app=d:\ihl_server\bin\hlds.exe |
"{91EF2F98-5198-4A10-9DB3-21FDAF09EBD3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{92E88676-257C-429A-8156-2ED97018258A}" = protocol=6 | dir=in | app=d:\games\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{977E0A88-04AF-4760-B900-4F062BE111F9}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{99488472-11C3-40B2-9C79-CBE8D011DF12}" = protocol=6 | dir=in | app=d:\programme\hlsw\hlsw.exe |
"{9A5811E5-8AE9-4E84-8F8B-165AD2FDC1B4}" = protocol=17 | dir=in | app=d:\games\killingfloor\killingfloor\system\killingfloor.exe |
"{9D8499B3-4680-45EE-8F4B-6AA233B92C40}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{A1A27119-8E95-43A4-AEC8-98E2A60E72CC}" = protocol=6 | dir=in | app=c:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{A4C3C879-A2AE-405B-9E67-1142AA2272E8}" = protocol=6 | dir=in | app=d:\programme\borland\cbuilder5\examples\mfc\advanced\chatsrvr\chatsrvr.exe |
"{AB48DFA5-E801-434F-BC45-C0E6C5175334}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{AF39A4C8-138D-49DA-AE28-6D6085CCD676}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{B33AE1F8-675C-4B22-A1DE-14E699D95213}" = protocol=6 | dir=in | app=d:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"{B3614A92-3CC1-4BFE-864F-11AE1145186E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B4AA7A1B-449C-4B59-90FF-F4D5193E4768}" = protocol=17 | dir=in | app=d:\games\crysis 2\bin32\crysis2.exe |
"{B650B5B1-ED96-432F-B125-3DFCAFF005C3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{B83DBFCB-0884-4FC7-A1A7-6ABC823BB632}" = protocol=17 | dir=in | app=c:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{B86C22E8-DB25-430A-B0BF-43E3D9086A66}" = protocol=6 | dir=in | app=d:\games\fifa 13\game\fifa13.exe |
"{B9745856-18E1-4048-89E5-1681C7F82CCE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{BA31B29E-09CE-4BBB-A761-D5D78941D4D3}" = protocol=6 | dir=in | app=d:\programme\microsoft office\office12\onenote.exe |
"{BC04E8EE-91A0-4600-B512-0E548E44DC59}" = protocol=17 | dir=in | app=d:\programme\tunngle\tnglctrl.exe |
"{BC8DA661-90B0-4962-B678-1B6CDF7E0A98}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BCBBD36C-658A-462C-A099-FA7FEE32F207}" = protocol=17 | dir=in | app=d:\programme\gamers.irc\mirc.exe |
"{BCE7226F-B603-4DB5-8B27-171CE4B7EAD6}" = protocol=6 | dir=in | app=d:\steam\steamapps\seven_3377\counter-strike\hl.exe |
"{BD894B02-644B-4AED-ACA4-F028BCC11C48}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{BD9A6D6A-301A-49D5-B32E-5C3C36C171A3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BF97AAB2-8118-4BB8-88E5-9CC67D927CC6}" = protocol=6 | dir=in | app=d:\ihl_server_ssh\bin\hlds.exe |
"{C00D7262-D642-40BA-81CD-8D63439D399B}" = protocol=6 | dir=in | app=d:\programme\tunngle\tnglctrl.exe |
"{C1553200-70FF-4E8D-8C64-CE440248C184}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C6D5902C-FDDB-43BA-8E50-7C2A9CF6A702}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{C98BE900-2F84-4854-B0D5-8F318EBC3E84}" = protocol=17 | dir=in | app=d:\c++\secac\server\project1.exe |
"{CA3FE7AB-2768-4CB0-9EFD-BD1B686543D9}" = protocol=6 | dir=in | app=d:\steam\steamapps\stayla_pro\team fortress 2\hl2.exe |
"{D10CAC05-F2D1-42F4-8573-504A7AF849BD}" = protocol=6 | dir=in | app=c:\server\hlds.exe |
"{DDB874B2-31A8-4B83-AAC1-03DB97EAACEE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DFB68716-EDE5-4FFA-B0D5-5297D66F61A6}" = protocol=17 | dir=in | app=d:\altes backup\desktop\c++\cremote\server\project1.exe |
"{E08695E9-A3DD-400E-BCEA-C0B0DBC7D8E1}" = protocol=17 | dir=in | app=d:\ihl_server_ssh\bin\hlds.exe |
"{E09278DD-CB82-472E-BC14-A19820443801}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{E57892E0-2774-45AC-B132-E10BE1B9B867}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E611DFD7-1FFF-4C13-ADF7-982D8356757E}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{E8F2DA79-F714-408E-A4A3-F064FB3FDFAA}" = protocol=6 | dir=in | app=d:\programme\tunngle\tunngle.exe |
"{E90F9677-4A85-4827-BCF0-D94AECAA82A0}" = protocol=17 | dir=in | app=d:\steam\steamapps\seven_3377\counter-strike\hl.exe |
"{E9BFCFCB-A992-473C-9695-C020EEF0AA4D}" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"{EA135462-F2C5-43F0-9F86-EB462AA423A6}" = protocol=17 | dir=in | app=d:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"{F02C420A-F264-472A-89E1-9FFB743B7F46}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F086A5CA-414C-4DF0-871E-914AB111C2AF}" = protocol=6 | dir=in | app=d:\programme\gamers.irc\mirc.exe |
"{F0FF2711-35AE-49A5-B1BA-1C91CD356A13}" = protocol=6 | dir=in | app=d:\programme\tunngle\tnglctrl.exe |
"{F1FF16D0-D161-496F-A661-E20631549690}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{F47D8052-7B47-4D7D-9684-4770E65334FB}" = protocol=6 | dir=in | app=d:\programme\tunngle\tunngle.exe |
"{F7226F7D-15CA-427D-AB73-D70A268CBAA9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F7982E5D-8ECE-499A-9661-9AE6F897DB5B}" = protocol=17 | dir=in | app=d:\programme\borland\cbuilder5\examples\mfc\advanced\chatsrvr\chatsrvr.exe |
"{F7E50CB0-E98D-4F81-81A6-E8CF19B6D704}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{F8F66986-C338-4054-8DE3-000A902F25B9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{FADA0758-9B81-48BE-9604-C946AE784F52}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{FB588F0F-42BC-4C0F-8C01-47C19EF82251}" = protocol=6 | dir=in | app=d:\games\crysis 2\bin32\crysis2.exe |
"{FC09BFED-1515-4013-9044-FF935B678F63}" = protocol=6 | dir=in | app=d:\programme\microsoft office\office12\groove.exe |
"TCP Query User{178C9D4B-225C-40B6-87FD-0296FB52D1D6}C:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"TCP Query User{231EC6F8-134A-4E3E-9D8E-BF10388CE6FB}D:\altes backup\desktop\c++\cremote\server\project1.exe" = protocol=6 | dir=in | app=d:\altes backup\desktop\c++\cremote\server\project1.exe |
"TCP Query User{25E9E23B-8569-49E4-A676-3BFE6432009E}D:\programme\borland\cbuilder5\examples\mfc\advanced\chatsrvr\chatsrvr.exe" = protocol=6 | dir=in | app=d:\programme\borland\cbuilder5\examples\mfc\advanced\chatsrvr\chatsrvr.exe |
"TCP Query User{26DC40AA-9F69-41AA-AAF0-A82E6E26C958}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{2A254B37-EF3B-420E-B2A8-63CFDCD4B3BC}C:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"TCP Query User{3A6D7491-2157-42F0-8C54-D3BA9705BD15}D:\programme\mirc\mirc.exe" = protocol=6 | dir=in | app=d:\programme\mirc\mirc.exe |
"TCP Query User{40178F8B-7D57-41A1-871B-D6BA6AF98D8E}D:\programme\hlsw\hlsw.exe" = protocol=6 | dir=in | app=d:\programme\hlsw\hlsw.exe |
"TCP Query User{402FFB0E-F553-4D1F-8626-C2A18523BB0D}D:\games\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\games\crysis 2\bin32\crysis2.exe |
"TCP Query User{4098F6C6-BBB4-413E-8390-E877688A19FD}D:\c++\sucht engine_dev_new_readysystem\project1.exe" = protocol=6 | dir=in | app=d:\c++\sucht engine_dev_new_readysystem\project1.exe |
"TCP Query User{42481985-BE4E-4196-B099-E9FA4CB32BAE}D:\programme\cryptload1.1.8\routerclient.exe" = protocol=6 | dir=in | app=d:\programme\cryptload1.1.8\routerclient.exe |
"TCP Query User{4395A660-667B-44C9-B747-26A59886FA18}D:\hlserver\bin\hlds.exe" = protocol=6 | dir=in | app=d:\hlserver\bin\hlds.exe |
"TCP Query User{4695D89D-564D-40ED-8350-5691726C42CC}D:\steam\steamapps\seven_3377\counter-strike\hl.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\seven_3377\counter-strike\hl.exe |
"TCP Query User{595C75AB-367B-4188-804D-9A31F1FC307C}D:\games\killingfloor\killingfloor\system\killingfloor.exe" = protocol=6 | dir=in | app=d:\games\killingfloor\killingfloor\system\killingfloor.exe |
"TCP Query User{6A07514C-3800-4361-98B2-2444B935D4B0}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{6E48AEB6-D93E-481A-83CD-6DEA26722314}D:\games\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{7DD92243-D02B-4B0A-A85C-4E0C309DA3C6}D:\programme\gamers.irc\mirc.exe" = protocol=6 | dir=in | app=d:\programme\gamers.irc\mirc.exe |
"TCP Query User{9CC39B1C-7F1B-4939-A109-46106F51ABC2}C:\server\hlds.exe" = protocol=6 | dir=in | app=c:\server\hlds.exe |
"TCP Query User{9E4E1B0E-0DD4-4471-88A9-A12855C9A10A}D:\ihl_server_ssh\bin\hlds.exe" = protocol=6 | dir=in | app=d:\ihl_server_ssh\bin\hlds.exe |
"TCP Query User{A8054CF6-A5E3-4AB7-BD68-1372AF99846F}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"TCP Query User{B5E5A884-F1A6-4CE8-B60B-9C04A81BBBB7}D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"TCP Query User{D2E2E9B4-9C99-42FF-8CB1-C08C89748FCB}D:\ihl_server\bin\hlds.exe" = protocol=6 | dir=in | app=d:\ihl_server\bin\hlds.exe |
"TCP Query User{D9343A2C-B0B6-4C76-A9FA-DC60B07535B9}D:\games\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\games\fifa 12\game\fifa.exe |
"TCP Query User{E16BA9BD-EA22-46C6-86B9-E26877D2DAB1}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{E8ED9D10-143F-4E95-8A22-2B09EBF7879A}D:\c++\suchtengine\suchtengine.exe" = protocol=6 | dir=in | app=d:\c++\suchtengine\suchtengine.exe |
"TCP Query User{F65D47F3-309A-4A7F-B0CE-4AC629F99F4B}D:\programme\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=d:\programme\six updater\tools\bin\rsync.exe |
"TCP Query User{FB34CB81-1993-4147-8F0C-C9C75DE33263}D:\steam\steamapps\stayla_pro\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\stayla_pro\team fortress 2\hl2.exe |
"TCP Query User{FB7EF95F-2160-4CA0-B8BA-2310EDE57FB3}D:\c++\secac\server\project1.exe" = protocol=6 | dir=in | app=d:\c++\secac\server\project1.exe |
"UDP Query User{0ECC780E-5043-4E3B-BDEF-D4F191FE91E2}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"UDP Query User{0F88AD4B-A7EB-4EA3-B87E-73816BBF9098}C:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"UDP Query User{37C6957C-EF0F-4C36-BB95-B120D85A29EC}D:\programme\hlsw\hlsw.exe" = protocol=17 | dir=in | app=d:\programme\hlsw\hlsw.exe |
"UDP Query User{3C3E56D9-3464-4988-9AD2-50021A634F29}D:\programme\mirc\mirc.exe" = protocol=17 | dir=in | app=d:\programme\mirc\mirc.exe |
"UDP Query User{51A40157-BD16-4D01-AC15-35F86A6E62B2}D:\c++\suchtengine\suchtengine.exe" = protocol=17 | dir=in | app=d:\c++\suchtengine\suchtengine.exe |
"UDP Query User{562D8ADC-38AC-4BCB-8043-C8B87964C6EC}D:\hlserver\bin\hlds.exe" = protocol=17 | dir=in | app=d:\hlserver\bin\hlds.exe |
"UDP Query User{5ABA3F61-9293-4B2D-A961-03BBB996E034}D:\programme\cryptload1.1.8\routerclient.exe" = protocol=17 | dir=in | app=d:\programme\cryptload1.1.8\routerclient.exe |
"UDP Query User{5BDF20CB-6731-4CFC-81EC-E34FE9196BFB}D:\ihl_server_ssh\bin\hlds.exe" = protocol=17 | dir=in | app=d:\ihl_server_ssh\bin\hlds.exe |
"UDP Query User{687E574B-5D97-45DD-8078-9C4995BC1AB5}D:\programme\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=d:\programme\six updater\tools\bin\rsync.exe |
"UDP Query User{6FBED598-5618-4463-9DAF-22087D519357}C:\server\hlds.exe" = protocol=17 | dir=in | app=c:\server\hlds.exe |
"UDP Query User{798E80B7-DBFA-4000-B70F-427D1D855061}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{7FA830DF-781A-4E1D-8F81-7A71F3D54664}D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"UDP Query User{803DCF74-B73F-4527-B315-845CCB75C41C}D:\steam\steamapps\stayla_pro\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\stayla_pro\team fortress 2\hl2.exe |
"UDP Query User{8285AE5A-26C3-4A6E-91D1-90E00406DA2D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{8FE2579B-2764-4136-98CC-C6D5E7517203}D:\programme\borland\cbuilder5\examples\mfc\advanced\chatsrvr\chatsrvr.exe" = protocol=17 | dir=in | app=d:\programme\borland\cbuilder5\examples\mfc\advanced\chatsrvr\chatsrvr.exe |
"UDP Query User{91CDE9E6-F948-49C3-A9E0-4E12CFCB766A}D:\games\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\games\crysis 2\bin32\crysis2.exe |
"UDP Query User{9367F9B5-A75B-4655-A461-492D083E7148}D:\games\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{A0291CC8-3B9C-4311-B667-96877FCDE6EC}D:\games\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\games\fifa 12\game\fifa.exe |
"UDP Query User{AA8EA59B-CCD3-45E6-AE4E-6DE0F2DF32FE}D:\ihl_server\bin\hlds.exe" = protocol=17 | dir=in | app=d:\ihl_server\bin\hlds.exe |
"UDP Query User{AD277E29-4AC0-4085-869D-18586099D014}D:\steam\steamapps\seven_3377\counter-strike\hl.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\seven_3377\counter-strike\hl.exe |
"UDP Query User{B69F495D-5DE7-4733-B964-87CEA92A5548}D:\games\killingfloor\killingfloor\system\killingfloor.exe" = protocol=17 | dir=in | app=d:\games\killingfloor\killingfloor\system\killingfloor.exe |
"UDP Query User{BA973A09-E104-4A1B-99DC-1CB4EA0EFA45}D:\c++\secac\server\project1.exe" = protocol=17 | dir=in | app=d:\c++\secac\server\project1.exe |
"UDP Query User{BC147C11-7388-4C4E-B70E-63AF654DFD8C}D:\c++\sucht engine_dev_new_readysystem\project1.exe" = protocol=17 | dir=in | app=d:\c++\sucht engine_dev_new_readysystem\project1.exe |
"UDP Query User{CE0B6186-8754-44D8-AE5E-AE1303674474}D:\programme\gamers.irc\mirc.exe" = protocol=17 | dir=in | app=d:\programme\gamers.irc\mirc.exe |
"UDP Query User{CE56E1F9-845D-4F2A-A948-2943DE531765}D:\altes backup\desktop\c++\cremote\server\project1.exe" = protocol=17 | dir=in | app=d:\altes backup\desktop\c++\cremote\server\project1.exe |
"UDP Query User{E0D788B7-93E1-4307-97DD-804DDB51795F}C:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\apps\2.0\3b99j9he.y30\46b953wl.m7w\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"UDP Query User{F69B2312-8C64-43F7-A8F3-D491C50B097D}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00CE7326-01AA-44C5-A323-45E52C5D4D0D}" = O&O Defrag Professional
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1111706F-666A-4037-7777-211648764D10}" = JavaFX 2.1.1 (64-bit)
"{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}" = Microsoft SQL Server System CLR Types (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2222706F-666A-4037-7777-211648764D10}" = JavaFX 2.1.1 SDK (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{53952792-BF16-300E-ADF2-E7E4367E00CF}" = Visual Studio 2010 Prerequisites - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64) de
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{8476A22A-405F-3DCB-96CA-D98C6418C89B}" = Microsoft Visual Studio 2010 Performance Collection Tools - DEU
"{8583E7E3-2237-4981-B957-E28E5E9AB678}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A2AD24-BD44-3E39-A31F-CE928276577E}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A1F50E06-E514-393D-AAEB-2F989F0B7C68}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B9E62002-BD74-30EC-9049-93E0E003C736}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E1C1D175-C23E-38F4-9AC1-ABE5167022CF}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}" = Microsoft Sync Framework Services v1.0 SP1 (x64) de
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08DA8E46-ED67-451A-9246-50E0FF6959C9}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{4135C790-0387-36D7-9C2A-1B09A5900460}" = Microsoft Visual Studio 2010 Ultimate - DEU
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_VISPRO_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_VISPRO_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_VISPRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007
"{90120000-0054-0407-0000-0000000FF1CE}_VISPRO_{3CB0380B-0413-4C44-A63B-DCD6369EAF4E}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_VISPRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91F54E1D-804A-46D8-A56C-53EA9C4B3177}" = Microsoft Silverlight 3 SDK - Deutsch
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A47A9101-6EB5-4314-BDA1-297880FBB908}" = Microsoft redistributable runtime DLLs VS2008 SP1(x86)
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1" = MinGW-Get version 0.5-beta-20120426-1
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}" = Microsoft redistributable runtime DLLs VS2005 SP1(x86)
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Android SDK Tools" = Android SDK Tools
"avast" = avast! Free Antivirus
"BattlEye for OA" = BattlEye for OA Uninstall
"BinMake" = BinMake Uninstall
"BinPBO Personal Edition" = BinPBO Personal Edition Uninstall
"BI's Tools drive" = BI's Tools drive Uninstall
"CBuilder5" = Borland C++Builder 5
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.0
"Fraps" = Fraps
"FSM Editor Personal Edition" = FSM Editor Personal Edition Uninstall
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"Half-Life SDK v2.3 Source Code" = Half-Life SDK v2.3 Source Code
"HLSW_is1" = HLSW v1.4.0.2
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"ManyCam" = ManyCam 3.1.21
"Microsoft Visual Studio 2010 Ultimate - DEU" = Microsoft Visual Studio 2010 Ultimate - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mozilla Thunderbird 9.0.1 (x86 de)" = Mozilla Thunderbird 9.0.1 (x86 de)
"nbi-nb-base-7.0.0.0.0" = NetBeans IDE 7.0
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PokerStars" = PokerStars
"PokerTH 0.9-beta2" = PokerTH
"PunkBusterSvc" = PunkBuster Services
"RouterControl" = RouterControl 2.0
"SAP_Engineering Client Viewer 7.0" = Engineering Client Viewer 7.0
"SAP_JNet" = SAP JNet
"SAP_WUS" = SAPSetup Automatic Workstation Update Service
"SAPBI" = SAP Business Explorer
"SAPGUI710" = SAP GUI for Windows 7.20
"Steam App 10" = Counter-Strike
"Steam App 211" = Source SDK
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 440" = Team Fortress 2
"Tar-1.13-bin_is1" = Tar-1.13 Binaries (GnuWin32)
"Theme Park World" = Theme Park World
"Tunngle beta_is1" = Tunngle beta
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 1.1.11
"VMware_Workstation" = VMware Workstation
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.6.2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1445763491-3315700046-3714806259-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"f018cf21c0452c64" = FRITZ!Box USB-Fernanschluss
"Google Chrome" = Google Chrome
"Monopoly Deluxe" = Monopoly Deluxe
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.08.2012 13:52:22 | Computer Name = ***-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 03.08.2012 21:20:16 | Computer Name = ***-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 05.08.2012 11:17:33 | Computer Name = ***-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 05.08.2012 20:39:59 | Computer Name = ***-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 06.08.2012 18:44:32 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm Project1.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: ca8 Startzeit:
01cd7424c3e13b92 Endzeit: 0 Anwendungspfad: D:\c++\futurama_random\Project1.exe Berichts-ID:
3b2ff2c8-e018-11e1-9c54-005056c00008
Error - 06.08.2012 20:43:01 | Computer Name = ***-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 07.08.2012 21:21:35 | Computer Name = ***-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 09.08.2012 21:13:51 | Computer Name = ***-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 11.08.2012 23:45:20 | Computer Name = ***-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 13.08.2012 14:04:33 | Computer Name = ***-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
[ System Events ]
Error - 13.02.2013 14:24:17 | Computer Name = ***-PC | Source = Schannel | ID = 36887
Description = Es wurde eine schwerwiegende Warnung empfangen: 40.
Error - 13.02.2013 14:24:17 | Computer Name = ***-PC | Source = Schannel | ID = 36887
Description = Es wurde eine schwerwiegende Warnung empfangen: 40.
Error - 13.02.2013 15:24:07 | Computer Name = ***-PC | Source = Schannel | ID = 36887
Description = Es wurde eine schwerwiegende Warnung empfangen: 40.
Error - 13.02.2013 15:24:07 | Computer Name = ***-PC | Source = Schannel | ID = 36887
Description = Es wurde eine schwerwiegende Warnung empfangen: 40.
Error - 13.02.2013 17:24:07 | Computer Name = ***-PC | Source = Schannel | ID = 36887
Description = Es wurde eine schwerwiegende Warnung empfangen: 40.
Error - 13.02.2013 21:05:16 | Computer Name = ***-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von
der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte
Firmware verfügbar ist.
Error - 14.02.2013 06:41:32 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 14.02.2013 06:41:32 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 14.02.2013 10:22:43 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Bilderfassung (WIA)" ist vom Dienst "Shellhardwareerkennung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 14.02.2013 10:23:52 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
< End of report >
|
|
14.02.2013, 16:54
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HTTP und TCP Request zur IP 174.35.7.4Zitat:
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner? Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus. Anleitung MBAR: Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.02.2013, 17:57
| #6 | |
| | HTTP und TCP Request zur IP 174.35.7.4Zitat:
 .Malwarebytes Anti-Rootkit Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org
Database version: v2013.02.14.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-PC [administrator]
14.02.2013 17:48:27
mbar-log-2013-02-14 (17-48-27).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30472
Time elapsed: 8 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
15.02.2013, 00:21
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HTTP und TCP Request zur IP 174.35.7.4 aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2013, 01:48
| #8 |
| | HTTP und TCP Request zur IP 174.35.7.4 aswMBR ist nach mehrmaligen Durchläufen immer wieder abgestürzt. Der Scan Text wurde gelb und blieb meistens bei "C:\Program Files\HP\HP LaserJet 1020 driver\HP\HP LaserJet 1020 driver" hängen tdsKiller Code:
ATTFilter 01:40:22.0809 4660 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
01:40:23.0001 4660 ============================================================
01:40:23.0001 4660 Current date / time: 2013/02/16 01:40:23.0001
01:40:23.0001 4660 SystemInfo:
01:40:23.0001 4660
01:40:23.0001 4660 OS Version: 6.1.7601 ServicePack: 1.0
01:40:23.0001 4660 Product type: Workstation
01:40:23.0002 4660 ComputerName: ***-PC
01:40:23.0002 4660 UserName: ***
01:40:23.0002 4660 Windows directory: C:\Windows
01:40:23.0002 4660 System windows directory: C:\Windows
01:40:23.0002 4660 Running under WOW64
01:40:23.0002 4660 Processor architecture: Intel x64
01:40:23.0002 4660 Number of processors: 2
01:40:23.0002 4660 Page size: 0x1000
01:40:23.0002 4660 Boot type: Normal boot
01:40:23.0002 4660 ============================================================
01:40:23.0911 4660 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:40:23.0918 4660 ============================================================
01:40:23.0918 4660 \Device\Harddisk0\DR0:
01:40:23.0918 4660 MBR partitions:
01:40:23.0918 4660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
01:40:23.0931 4660 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x2E035936
01:40:23.0931 4660 ============================================================
01:40:23.0968 4660 C: <-> \Device\Harddisk0\DR0\Partition1
01:40:23.0998 4660 D: <-> \Device\Harddisk0\DR0\Partition2
01:40:23.0998 4660 ============================================================
01:40:23.0998 4660 Initialize success
01:40:23.0998 4660 ============================================================
01:40:45.0680 1736 ============================================================
01:40:45.0680 1736 Scan started
01:40:45.0680 1736 Mode: Manual; SigCheck; TDLFS;
01:40:45.0680 1736 ============================================================
01:40:46.0371 1736 ================ Scan system memory ========================
01:40:46.0371 1736 System memory - ok
01:40:46.0372 1736 ================ Scan services =============================
01:40:46.0494 1736 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:40:46.0561 1736 1394ohci - ok
01:40:46.0588 1736 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:40:46.0606 1736 ACPI - ok
01:40:46.0625 1736 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:40:46.0659 1736 AcpiPmi - ok
01:40:46.0730 1736 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:40:46.0742 1736 AdobeARMservice - ok
01:40:46.0786 1736 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:40:46.0806 1736 adp94xx - ok
01:40:46.0823 1736 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:40:46.0840 1736 adpahci - ok
01:40:46.0854 1736 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:40:46.0868 1736 adpu320 - ok
01:40:46.0895 1736 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:40:46.0936 1736 AeLookupSvc - ok
01:40:46.0972 1736 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:40:47.0008 1736 AFD - ok
01:40:47.0023 1736 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:40:47.0035 1736 agp440 - ok
01:40:47.0055 1736 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:40:47.0088 1736 ALG - ok
01:40:47.0105 1736 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:40:47.0117 1736 aliide - ok
01:40:47.0133 1736 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:40:47.0145 1736 amdide - ok
01:40:47.0164 1736 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:40:47.0190 1736 AmdK8 - ok
01:40:47.0194 1736 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:40:47.0216 1736 AmdPPM - ok
01:40:47.0241 1736 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:40:47.0253 1736 amdsata - ok
01:40:47.0268 1736 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:40:47.0282 1736 amdsbs - ok
01:40:47.0309 1736 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:40:47.0321 1736 amdxata - ok
01:40:47.0356 1736 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
01:40:47.0389 1736 androidusb - ok
01:40:47.0423 1736 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:40:47.0466 1736 AppID - ok
01:40:47.0470 1736 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:40:47.0509 1736 AppIDSvc - ok
01:40:47.0531 1736 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:40:47.0571 1736 Appinfo - ok
01:40:47.0704 1736 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:40:47.0715 1736 Apple Mobile Device - ok
01:40:47.0751 1736 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
01:40:47.0771 1736 AppMgmt - ok
01:40:47.0796 1736 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
01:40:47.0808 1736 arc - ok
01:40:47.0817 1736 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:40:47.0829 1736 arcsas - ok
01:40:47.0910 1736 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:40:47.0921 1736 aspnet_state - ok
01:40:47.0943 1736 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
01:40:47.0954 1736 aswFsBlk - ok
01:40:48.0002 1736 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
01:40:48.0013 1736 aswMonFlt - ok
01:40:48.0031 1736 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
01:40:48.0041 1736 aswRdr - ok
01:40:48.0101 1736 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
01:40:48.0124 1736 aswSnx - ok
01:40:48.0158 1736 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
01:40:48.0173 1736 aswSP - ok
01:40:48.0190 1736 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
01:40:48.0200 1736 aswTdi - ok
01:40:48.0221 1736 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:40:48.0268 1736 AsyncMac - ok
01:40:48.0280 1736 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:40:48.0292 1736 atapi - ok
01:40:48.0320 1736 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
01:40:48.0335 1736 atksgt - ok
01:40:48.0370 1736 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:40:48.0435 1736 AudioEndpointBuilder - ok
01:40:48.0444 1736 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:40:48.0480 1736 AudioSrv - ok
01:40:48.0576 1736 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
01:40:48.0586 1736 avast! Antivirus - ok
01:40:48.0613 1736 [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
01:40:48.0631 1736 avmaudio - ok
01:40:48.0666 1736 [ 6A300AD0E23A155B2C3A7FAB0D4AABD1 ] avmaura C:\Windows\system32\DRIVERS\avmaura.sys
01:40:48.0693 1736 avmaura - ok
01:40:48.0731 1736 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:40:48.0761 1736 AxInstSV - ok
01:40:48.0796 1736 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:40:48.0828 1736 b06bdrv - ok
01:40:48.0863 1736 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:40:48.0895 1736 b57nd60a - ok
01:40:48.0914 1736 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:40:48.0929 1736 BDESVC - ok
01:40:48.0942 1736 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:40:48.0984 1736 Beep - ok
01:40:49.0019 1736 [ C895B9AA6EE9DBDE5D98684425A14647 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
01:40:49.0048 1736 BEService ( UnsignedFile.Multi.Generic ) - warning
01:40:49.0049 1736 BEService - detected UnsignedFile.Multi.Generic (1)
01:40:49.0112 1736 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:40:49.0158 1736 BFE - ok
01:40:49.0177 1736 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
01:40:49.0252 1736 BITS - ok
01:40:49.0271 1736 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:40:49.0293 1736 blbdrive - ok
01:40:49.0356 1736 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:40:49.0373 1736 Bonjour Service - ok
01:40:49.0395 1736 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:40:49.0409 1736 bowser - ok
01:40:49.0463 1736 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:40:49.0523 1736 BrFiltLo - ok
01:40:49.0544 1736 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:40:49.0559 1736 BrFiltUp - ok
01:40:49.0599 1736 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
01:40:49.0614 1736 Browser - ok
01:40:49.0632 1736 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:40:49.0661 1736 Brserid - ok
01:40:49.0666 1736 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:40:49.0686 1736 BrSerWdm - ok
01:40:49.0690 1736 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:40:49.0732 1736 BrUsbMdm - ok
01:40:49.0736 1736 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:40:49.0749 1736 BrUsbSer - ok
01:40:49.0754 1736 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:40:49.0772 1736 BTHMODEM - ok
01:40:49.0794 1736 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:40:49.0839 1736 bthserv - ok
01:40:49.0854 1736 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:40:49.0886 1736 cdfs - ok
01:40:49.0918 1736 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:40:49.0944 1736 cdrom - ok
01:40:49.0959 1736 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:40:50.0013 1736 CertPropSvc - ok
01:40:50.0021 1736 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:40:50.0037 1736 circlass - ok
01:40:50.0061 1736 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:40:50.0080 1736 CLFS - ok
01:40:50.0121 1736 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:40:50.0133 1736 clr_optimization_v2.0.50727_32 - ok
01:40:50.0166 1736 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:40:50.0179 1736 clr_optimization_v2.0.50727_64 - ok
01:40:50.0226 1736 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:40:50.0238 1736 clr_optimization_v4.0.30319_32 - ok
01:40:50.0249 1736 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:40:50.0260 1736 clr_optimization_v4.0.30319_64 - ok
01:40:50.0268 1736 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:40:50.0289 1736 CmBatt - ok
01:40:50.0306 1736 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:40:50.0319 1736 cmdide - ok
01:40:50.0359 1736 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
01:40:50.0384 1736 CNG - ok
01:40:50.0394 1736 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:40:50.0406 1736 Compbatt - ok
01:40:50.0447 1736 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:40:50.0473 1736 CompositeBus - ok
01:40:50.0486 1736 COMSysApp - ok
01:40:50.0537 1736 cpuz135 - ok
01:40:50.0553 1736 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:40:50.0565 1736 crcdisk - ok
01:40:50.0612 1736 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:40:50.0636 1736 CryptSvc - ok
01:40:50.0675 1736 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
01:40:50.0710 1736 CSC - ok
01:40:50.0752 1736 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
01:40:50.0805 1736 CscService - ok
01:40:50.0843 1736 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:40:50.0896 1736 DcomLaunch - ok
01:40:50.0924 1736 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:40:50.0968 1736 defragsvc - ok
01:40:51.0012 1736 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:40:51.0052 1736 DfsC - ok
01:40:51.0092 1736 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
01:40:51.0103 1736 dg_ssudbus - ok
01:40:51.0127 1736 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:40:51.0152 1736 Dhcp - ok
01:40:51.0173 1736 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:40:51.0205 1736 discache - ok
01:40:51.0235 1736 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:40:51.0248 1736 Disk - ok
01:40:51.0279 1736 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:40:51.0310 1736 Dnscache - ok
01:40:51.0340 1736 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:40:51.0383 1736 dot3svc - ok
01:40:51.0395 1736 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:40:51.0439 1736 DPS - ok
01:40:51.0467 1736 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:40:51.0498 1736 drmkaud - ok
01:40:51.0536 1736 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
01:40:51.0548 1736 dtsoftbus01 - ok
01:40:51.0590 1736 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:40:51.0613 1736 DXGKrnl - ok
01:40:51.0642 1736 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:40:51.0686 1736 EapHost - ok
01:40:51.0751 1736 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:40:51.0846 1736 ebdrv - ok
01:40:51.0872 1736 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:40:51.0900 1736 EFS - ok
01:40:51.0940 1736 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:40:51.0994 1736 ehRecvr - ok
01:40:52.0006 1736 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:40:52.0033 1736 ehSched - ok
01:40:52.0064 1736 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:40:52.0085 1736 elxstor - ok
01:40:52.0098 1736 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:40:52.0126 1736 ErrDev - ok
01:40:52.0147 1736 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:40:52.0204 1736 EventSystem - ok
01:40:52.0209 1736 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:40:52.0261 1736 exfat - ok
01:40:52.0277 1736 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:40:52.0319 1736 fastfat - ok
01:40:52.0361 1736 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:40:52.0396 1736 Fax - ok
01:40:52.0407 1736 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:40:52.0422 1736 fdc - ok
01:40:52.0454 1736 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:40:52.0495 1736 fdPHost - ok
01:40:52.0505 1736 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:40:52.0538 1736 FDResPub - ok
01:40:52.0542 1736 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:40:52.0555 1736 FileInfo - ok
01:40:52.0558 1736 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:40:52.0602 1736 Filetrace - ok
01:40:52.0620 1736 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:40:52.0639 1736 flpydisk - ok
01:40:52.0646 1736 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:40:52.0662 1736 FltMgr - ok
01:40:52.0698 1736 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:40:52.0745 1736 FontCache - ok
01:40:52.0771 1736 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:40:52.0781 1736 FontCache3.0.0.0 - ok
01:40:52.0800 1736 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:40:52.0812 1736 FsDepends - ok
01:40:52.0835 1736 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:40:52.0847 1736 Fs_Rec - ok
01:40:52.0916 1736 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
01:40:52.0927 1736 Futuremark SystemInfo Service - ok
01:40:52.0969 1736 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:40:52.0987 1736 fvevol - ok
01:40:53.0008 1736 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:40:53.0020 1736 gagp30kx - ok
01:40:53.0052 1736 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:40:53.0106 1736 gpsvc - ok
01:40:53.0133 1736 [ D5FA01185A7D5A65724FD87B34E53F5B ] hcmon C:\Windows\system32\drivers\hcmon.sys
01:40:53.0142 1736 hcmon - ok
01:40:53.0159 1736 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:40:53.0171 1736 hcw85cir - ok
01:40:53.0221 1736 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:40:53.0240 1736 HdAudAddService - ok
01:40:53.0264 1736 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:40:53.0285 1736 HDAudBus - ok
01:40:53.0289 1736 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:40:53.0308 1736 HidBatt - ok
01:40:53.0313 1736 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:40:53.0329 1736 HidBth - ok
01:40:53.0351 1736 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:40:53.0377 1736 HidIr - ok
01:40:53.0398 1736 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
01:40:53.0440 1736 hidserv - ok
01:40:53.0469 1736 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:40:53.0482 1736 HidUsb - ok
01:40:53.0499 1736 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:40:53.0532 1736 hkmsvc - ok
01:40:53.0543 1736 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:40:53.0566 1736 HomeGroupListener - ok
01:40:53.0594 1736 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:40:53.0615 1736 HomeGroupProvider - ok
01:40:53.0626 1736 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:40:53.0639 1736 HpSAMD - ok
01:40:53.0682 1736 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:40:53.0735 1736 HTTP - ok
01:40:53.0745 1736 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:40:53.0756 1736 hwpolicy - ok
01:40:53.0780 1736 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:40:53.0794 1736 i8042prt - ok
01:40:53.0819 1736 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:40:53.0838 1736 iaStorV - ok
01:40:53.0872 1736 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:40:53.0910 1736 idsvc - ok
01:40:53.0936 1736 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:40:53.0948 1736 iirsp - ok
01:40:53.0972 1736 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:40:54.0037 1736 IKEEXT - ok
01:40:54.0053 1736 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:40:54.0065 1736 intelide - ok
01:40:54.0079 1736 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:40:54.0093 1736 intelppm - ok
01:40:54.0118 1736 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:40:54.0151 1736 IPBusEnum - ok
01:40:54.0171 1736 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:40:54.0209 1736 IpFilterDriver - ok
01:40:54.0248 1736 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:40:54.0287 1736 iphlpsvc - ok
01:40:54.0297 1736 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:40:54.0312 1736 IPMIDRV - ok
01:40:54.0323 1736 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:40:54.0362 1736 IPNAT - ok
01:40:54.0375 1736 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:40:54.0399 1736 IRENUM - ok
01:40:54.0409 1736 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:40:54.0427 1736 isapnp - ok
01:40:54.0462 1736 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:40:54.0478 1736 iScsiPrt - ok
01:40:54.0511 1736 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
01:40:54.0523 1736 kbdclass - ok
01:40:54.0570 1736 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
01:40:54.0583 1736 kbdhid - ok
01:40:54.0618 1736 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:40:54.0632 1736 KeyIso - ok
01:40:54.0657 1736 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:40:54.0670 1736 KSecDD - ok
01:40:54.0694 1736 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:40:54.0708 1736 KSecPkg - ok
01:40:54.0723 1736 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:40:54.0755 1736 ksthunk - ok
01:40:54.0783 1736 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:40:54.0834 1736 KtmRm - ok
01:40:54.0868 1736 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:40:54.0915 1736 LanmanServer - ok
01:40:54.0937 1736 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:40:54.0975 1736 LanmanWorkstation - ok
01:40:55.0019 1736 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
01:40:55.0030 1736 LHidFilt - ok
01:40:55.0058 1736 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
01:40:55.0068 1736 lirsgt - ok
01:40:55.0085 1736 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:40:55.0126 1736 lltdio - ok
01:40:55.0152 1736 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:40:55.0201 1736 lltdsvc - ok
01:40:55.0214 1736 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:40:55.0247 1736 lmhosts - ok
01:40:55.0251 1736 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
01:40:55.0261 1736 LMouFilt - ok
01:40:55.0284 1736 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:40:55.0296 1736 LSI_FC - ok
01:40:55.0301 1736 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:40:55.0314 1736 LSI_SAS - ok
01:40:55.0329 1736 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:40:55.0341 1736 LSI_SAS2 - ok
01:40:55.0347 1736 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:40:55.0360 1736 LSI_SCSI - ok
01:40:55.0375 1736 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:40:55.0416 1736 luafv - ok
01:40:55.0439 1736 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
01:40:55.0464 1736 ManyCam - ok
01:40:55.0511 1736 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
01:40:55.0522 1736 MBAMProtector - ok
01:40:55.0621 1736 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
01:40:55.0634 1736 MBAMScheduler - ok
01:40:55.0672 1736 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
01:40:55.0689 1736 MBAMService - ok
01:40:55.0747 1736 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
01:40:55.0759 1736 mcaudrv_simple - ok
01:40:55.0781 1736 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:40:55.0806 1736 Mcx2Svc - ok
01:40:55.0815 1736 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:40:55.0826 1736 megasas - ok
01:40:55.0839 1736 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:40:55.0855 1736 MegaSR - ok
01:40:56.0064 1736 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
01:40:56.0075 1736 Microsoft Office Groove Audit Service - ok
01:40:56.0125 1736 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:40:56.0167 1736 MMCSS - ok
01:40:56.0179 1736 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:40:56.0223 1736 Modem - ok
01:40:56.0248 1736 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:40:56.0280 1736 monitor - ok
01:40:56.0306 1736 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:40:56.0318 1736 mouclass - ok
01:40:56.0334 1736 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:40:56.0347 1736 mouhid - ok
01:40:56.0372 1736 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:40:56.0386 1736 mountmgr - ok
01:40:56.0414 1736 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:40:56.0428 1736 mpio - ok
01:40:56.0439 1736 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:40:56.0473 1736 mpsdrv - ok
01:40:56.0505 1736 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:40:56.0572 1736 MpsSvc - ok
01:40:56.0588 1736 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:40:56.0606 1736 MRxDAV - ok
01:40:56.0630 1736 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:40:56.0652 1736 mrxsmb - ok
01:40:56.0669 1736 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:40:56.0690 1736 mrxsmb10 - ok
01:40:56.0695 1736 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:40:56.0725 1736 mrxsmb20 - ok
01:40:56.0754 1736 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:40:56.0766 1736 msahci - ok
01:40:56.0776 1736 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:40:56.0790 1736 msdsm - ok
01:40:56.0809 1736 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:40:56.0834 1736 MSDTC - ok
01:40:56.0846 1736 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:40:56.0878 1736 Msfs - ok
01:40:56.0888 1736 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:40:56.0922 1736 mshidkmdf - ok
01:40:56.0926 1736 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:40:56.0937 1736 msisadrv - ok
01:40:56.0966 1736 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:40:57.0001 1736 MSiSCSI - ok
01:40:57.0005 1736 msiserver - ok
01:40:57.0027 1736 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:40:57.0073 1736 MSKSSRV - ok
01:40:57.0096 1736 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:40:57.0141 1736 MSPCLOCK - ok
01:40:57.0154 1736 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:40:57.0197 1736 MSPQM - ok
01:40:57.0210 1736 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:40:57.0229 1736 MsRPC - ok
01:40:57.0238 1736 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:40:57.0250 1736 mssmbios - ok
01:40:57.0301 1736 MSSQL$SQLEXPRESS - ok
01:40:57.0329 1736 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
01:40:57.0341 1736 MSSQLServerADHelper100 - ok
01:40:57.0357 1736 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:40:57.0400 1736 MSTEE - ok
01:40:57.0410 1736 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:40:57.0425 1736 MTConfig - ok
01:40:57.0444 1736 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:40:57.0456 1736 Mup - ok
01:40:57.0481 1736 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:40:57.0532 1736 napagent - ok
01:40:57.0558 1736 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:40:57.0588 1736 NativeWifiP - ok
01:40:57.0641 1736 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:40:57.0682 1736 NDIS - ok
01:40:57.0701 1736 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:40:57.0733 1736 NdisCap - ok
01:40:57.0752 1736 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:40:57.0787 1736 NdisTapi - ok
01:40:57.0802 1736 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:40:57.0833 1736 Ndisuio - ok
01:40:57.0842 1736 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:40:57.0889 1736 NdisWan - ok
01:40:57.0912 1736 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:40:57.0943 1736 NDProxy - ok
01:40:57.0956 1736 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:40:57.0999 1736 NetBIOS - ok
01:40:58.0018 1736 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:40:58.0060 1736 NetBT - ok
01:40:58.0079 1736 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:40:58.0093 1736 Netlogon - ok
01:40:58.0134 1736 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:40:58.0181 1736 Netman - ok
01:40:58.0209 1736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:40:58.0222 1736 NetMsmqActivator - ok
01:40:58.0226 1736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:40:58.0237 1736 NetPipeActivator - ok
01:40:58.0258 1736 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:40:58.0313 1736 netprofm - ok
01:40:58.0318 1736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:40:58.0328 1736 NetTcpActivator - ok
01:40:58.0332 1736 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:40:58.0343 1736 NetTcpPortSharing - ok
01:40:58.0361 1736 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:40:58.0373 1736 nfrd960 - ok
01:40:58.0416 1736 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:40:58.0449 1736 NlaSvc - ok
01:40:58.0496 1736 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
01:40:58.0505 1736 NPF - ok
01:40:58.0509 1736 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:40:58.0541 1736 Npfs - ok
01:40:58.0549 1736 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:40:58.0587 1736 nsi - ok
01:40:58.0590 1736 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:40:58.0628 1736 nsiproxy - ok
01:40:58.0688 1736 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:40:58.0746 1736 Ntfs - ok
01:40:58.0767 1736 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:40:58.0804 1736 Null - ok
01:40:58.0849 1736 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
01:40:58.0861 1736 NVHDA - ok
01:40:59.0093 1736 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:40:59.0237 1736 nvlddmkm - ok
01:40:59.0265 1736 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:40:59.0279 1736 nvraid - ok
01:40:59.0293 1736 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:40:59.0307 1736 nvstor - ok
01:40:59.0374 1736 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe
01:40:59.0416 1736 nvsvc - ok
01:40:59.0483 1736 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:40:59.0509 1736 nvUpdatusService - ok
01:40:59.0549 1736 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:40:59.0562 1736 nv_agp - ok
01:40:59.0704 1736 [ 1A128004775CA3E04FDB315563459D3B ] NWSAPAutoWorkstationUpdateSvc C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
01:40:59.0715 1736 NWSAPAutoWorkstationUpdateSvc - ok
01:40:59.0813 1736 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:40:59.0832 1736 odserv - ok
01:40:59.0864 1736 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:40:59.0877 1736 ohci1394 - ok
01:40:59.0997 1736 [ 6AAF515829C68C2CC52994FBD32D3F6C ] OODefragAgent D:\Programme\OO Software\Defrag\oodag.exe
01:41:00.0046 1736 OODefragAgent - ok
01:41:00.0083 1736 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:41:00.0095 1736 ose - ok
01:41:00.0119 1736 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:41:00.0145 1736 p2pimsvc - ok
01:41:00.0161 1736 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:41:00.0188 1736 p2psvc - ok
01:41:00.0218 1736 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:41:00.0233 1736 Parport - ok
01:41:00.0256 1736 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:41:00.0269 1736 partmgr - ok
01:41:00.0287 1736 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:41:00.0318 1736 PcaSvc - ok
01:41:00.0335 1736 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:41:00.0349 1736 pci - ok
01:41:00.0357 1736 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:41:00.0369 1736 pciide - ok
01:41:00.0385 1736 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:41:00.0400 1736 pcmcia - ok
01:41:00.0404 1736 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:41:00.0418 1736 pcw - ok
01:41:00.0441 1736 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:41:00.0500 1736 PEAUTH - ok
01:41:00.0549 1736 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
01:41:00.0608 1736 PeerDistSvc - ok
01:41:00.0670 1736 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:41:00.0697 1736 PerfHost - ok
01:41:00.0739 1736 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:41:00.0813 1736 pla - ok
01:41:00.0845 1736 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:41:00.0873 1736 PlugPlay - ok
01:41:00.0902 1736 PnkBstrA - ok
01:41:00.0913 1736 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:41:00.0937 1736 PNRPAutoReg - ok
01:41:00.0957 1736 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:41:00.0974 1736 PNRPsvc - ok
01:41:00.0996 1736 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:41:01.0042 1736 PolicyAgent - ok
01:41:01.0066 1736 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:41:01.0108 1736 Power - ok
01:41:01.0144 1736 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:41:01.0175 1736 PptpMiniport - ok
01:41:01.0193 1736 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:41:01.0214 1736 Processor - ok
01:41:01.0251 1736 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:41:01.0282 1736 ProfSvc - ok
01:41:01.0299 1736 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:41:01.0313 1736 ProtectedStorage - ok
01:41:01.0357 1736 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:41:01.0412 1736 ql2300 - ok
01:41:01.0422 1736 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:41:01.0435 1736 ql40xx - ok
01:41:01.0441 1736 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:41:01.0474 1736 QWAVE - ok
01:41:01.0484 1736 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:41:01.0508 1736 QWAVEdrv - ok
01:41:01.0517 1736 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:41:01.0549 1736 RasAcd - ok
01:41:01.0576 1736 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:41:01.0609 1736 RasAgileVpn - ok
01:41:01.0613 1736 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:41:01.0659 1736 RasAuto - ok
01:41:01.0675 1736 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:41:01.0715 1736 Rasl2tp - ok
01:41:01.0733 1736 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:41:01.0778 1736 RasMan - ok
01:41:01.0783 1736 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:41:01.0819 1736 RasPppoe - ok
01:41:01.0824 1736 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:41:01.0862 1736 RasSstp - ok
01:41:01.0874 1736 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:41:01.0909 1736 rdbss - ok
01:41:01.0913 1736 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:41:01.0937 1736 rdpbus - ok
01:41:01.0949 1736 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:41:01.0981 1736 RDPCDD - ok
01:41:02.0007 1736 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
01:41:02.0022 1736 RDPDR - ok
01:41:02.0038 1736 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:41:02.0079 1736 RDPENCDD - ok
01:41:02.0085 1736 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:41:02.0117 1736 RDPREFMP - ok
01:41:02.0149 1736 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:41:02.0175 1736 RdpVideoMiniport - ok
01:41:02.0205 1736 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:41:02.0226 1736 RDPWD - ok
01:41:02.0256 1736 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:41:02.0271 1736 rdyboost - ok
01:41:02.0297 1736 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:41:02.0338 1736 RemoteAccess - ok
01:41:02.0354 1736 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:41:02.0401 1736 RemoteRegistry - ok
01:41:02.0412 1736 RivaTuner64 - ok
01:41:02.0449 1736 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
01:41:02.0460 1736 rpcapd - ok
01:41:02.0496 1736 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:41:02.0540 1736 RpcEptMapper - ok
01:41:02.0548 1736 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:41:02.0578 1736 RpcLocator - ok
01:41:02.0611 1736 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:41:02.0648 1736 RpcSs - ok
01:41:02.0686 1736 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
01:41:02.0701 1736 RsFx0103 - ok
01:41:02.0724 1736 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:41:02.0756 1736 rspndr - ok
01:41:02.0791 1736 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
01:41:02.0807 1736 RTL8167 - ok
01:41:02.0831 1736 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
01:41:02.0843 1736 s3cap - ok
01:41:02.0859 1736 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:41:02.0873 1736 SamSs - ok
01:41:02.0889 1736 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:41:02.0902 1736 sbp2port - ok
01:41:02.0910 1736 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:41:02.0947 1736 SCardSvr - ok
01:41:02.0960 1736 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:41:03.0005 1736 scfilter - ok
01:41:03.0041 1736 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:41:03.0099 1736 Schedule - ok
01:41:03.0119 1736 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:41:03.0150 1736 SCPolicySvc - ok
01:41:03.0170 1736 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:41:03.0194 1736 SDRSVC - ok
01:41:03.0213 1736 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:41:03.0245 1736 secdrv - ok
01:41:03.0259 1736 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:41:03.0297 1736 seclogon - ok
01:41:03.0313 1736 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
01:41:03.0372 1736 SENS - ok
01:41:03.0376 1736 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:41:03.0409 1736 SensrSvc - ok
01:41:03.0428 1736 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:41:03.0442 1736 Serenum - ok
01:41:03.0458 1736 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:41:03.0478 1736 Serial - ok
01:41:03.0492 1736 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:41:03.0518 1736 sermouse - ok
01:41:03.0538 1736 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:41:03.0584 1736 SessionEnv - ok
01:41:03.0603 1736 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:41:03.0626 1736 sffdisk - ok
01:41:03.0642 1736 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:41:03.0666 1736 sffp_mmc - ok
01:41:03.0678 1736 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:41:03.0703 1736 sffp_sd - ok
01:41:03.0716 1736 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
01:41:03.0730 1736 sfloppy - ok
01:41:03.0744 1736 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:41:03.0797 1736 SharedAccess - ok
01:41:03.0822 1736 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:41:03.0861 1736 ShellHWDetection - ok
01:41:03.0877 1736 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:41:03.0889 1736 SiSRaid2 - ok
01:41:03.0898 1736 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
01:41:03.0911 1736 SiSRaid4 - ok
01:41:03.0974 1736 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:41:03.0985 1736 SkypeUpdate - ok
01:41:04.0006 1736 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:41:04.0044 1736 Smb - ok
01:41:04.0088 1736 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:41:04.0105 1736 SNMPTRAP - ok
01:41:04.0115 1736 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:41:04.0126 1736 spldr - ok
01:41:04.0156 1736 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
01:41:04.0207 1736 Spooler - ok
01:41:04.0289 1736 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:41:04.0352 1736 sppsvc - ok
01:41:04.0357 1736 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:41:04.0392 1736 sppuinotify - ok
01:41:04.0484 1736 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
01:41:04.0502 1736 SQLAgent$SQLEXPRESS - ok
01:41:04.0555 1736 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
01:41:04.0569 1736 SQLBrowser - ok
01:41:04.0601 1736 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
01:41:04.0613 1736 SQLWriter - ok
01:41:04.0649 1736 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:41:04.0680 1736 srv - ok
01:41:04.0700 1736 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:41:04.0731 1736 srv2 - ok
01:41:04.0752 1736 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:41:04.0774 1736 srvnet - ok
01:41:04.0803 1736 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
01:41:04.0828 1736 ssadbus - ok
01:41:04.0868 1736 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
01:41:04.0880 1736 ssadmdfl - ok
01:41:04.0916 1736 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
01:41:04.0947 1736 ssadmdm - ok
01:41:04.0981 1736 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
01:41:04.0992 1736 sscdbus - ok
01:41:05.0027 1736 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
01:41:05.0036 1736 sscdmdfl - ok
01:41:05.0068 1736 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
01:41:05.0080 1736 sscdmdm - ok
01:41:05.0124 1736 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:41:05.0219 1736 SSDPSRV - ok
01:41:05.0234 1736 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:41:05.0271 1736 SstpSvc - ok
01:41:05.0312 1736 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
01:41:05.0359 1736 ssudmdm - ok
01:41:05.0382 1736 Steam Client Service - ok
01:41:05.0474 1736 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:41:05.0496 1736 Stereo Service - ok
01:41:05.0511 1736 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
01:41:05.0524 1736 stexstor - ok
01:41:05.0572 1736 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:41:05.0609 1736 stisvc - ok
01:41:05.0656 1736 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
01:41:05.0670 1736 storflt - ok
01:41:05.0691 1736 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
01:41:05.0717 1736 StorSvc - ok
01:41:05.0747 1736 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
01:41:05.0759 1736 storvsc - ok
01:41:05.0784 1736 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
01:41:05.0796 1736 swenum - ok
01:41:05.0828 1736 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:41:05.0883 1736 swprv - ok
01:41:05.0940 1736 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:41:06.0022 1736 SysMain - ok
01:41:06.0032 1736 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:41:06.0061 1736 TabletInputService - ok
01:41:06.0093 1736 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
01:41:06.0113 1736 tap0901t ( UnsignedFile.Multi.Generic ) - warning
01:41:06.0113 1736 tap0901t - detected UnsignedFile.Multi.Generic (1)
01:41:06.0120 1736 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:41:06.0159 1736 TapiSrv - ok
01:41:06.0171 1736 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:41:06.0212 1736 TBS - ok
01:41:06.0277 1736 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:41:06.0346 1736 Tcpip - ok
01:41:06.0414 1736 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:41:06.0448 1736 TCPIP6 - ok
01:41:06.0477 1736 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:41:06.0498 1736 tcpipreg - ok
01:41:06.0543 1736 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:41:06.0567 1736 TDPIPE - ok
01:41:06.0601 1736 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:41:06.0628 1736 TDTCP - ok
01:41:06.0656 1736 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:41:06.0698 1736 tdx - ok
01:41:06.0723 1736 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
01:41:06.0736 1736 TermDD - ok
01:41:06.0772 1736 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:41:06.0844 1736 TermService - ok
01:41:06.0869 1736 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:41:06.0897 1736 Themes - ok
01:41:06.0930 1736 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:41:06.0963 1736 THREADORDER - ok
01:41:06.0985 1736 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:41:07.0033 1736 TrkWks - ok
01:41:07.0065 1736 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:41:07.0102 1736 TrustedInstaller - ok
01:41:07.0126 1736 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:41:07.0157 1736 tssecsrv - ok
01:41:07.0193 1736 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:41:07.0218 1736 TsUsbFlt - ok
01:41:07.0248 1736 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:41:07.0280 1736 tunnel - ok
01:41:07.0376 1736 [ 7A34128510EEB13CF8583531C8FB081C ] TunngleService D:\Programme\Tunngle\TnglCtrl.exe
01:41:07.0441 1736 TunngleService ( UnsignedFile.Multi.Generic ) - warning
01:41:07.0441 1736 TunngleService - detected UnsignedFile.Multi.Generic (1)
01:41:07.0460 1736 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
01:41:07.0472 1736 uagp35 - ok
01:41:07.0493 1736 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:41:07.0537 1736 udfs - ok
01:41:07.0565 1736 ufad-ws60 - ok
01:41:07.0585 1736 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:41:07.0602 1736 UI0Detect - ok
01:41:07.0660 1736 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:41:07.0672 1736 uliagpkx - ok
01:41:07.0688 1736 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
01:41:07.0702 1736 umbus - ok
01:41:07.0711 1736 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
01:41:07.0732 1736 UmPass - ok
01:41:07.0742 1736 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
01:41:07.0760 1736 UmRdpService - ok
01:41:07.0775 1736 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:41:07.0819 1736 upnphost - ok
01:41:07.0850 1736 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
01:41:07.0863 1736 USBAAPL64 - ok
01:41:07.0928 1736 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
01:41:07.0944 1736 usbaudio - ok
01:41:07.0957 1736 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:41:07.0971 1736 usbccgp - ok
01:41:08.0013 1736 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:41:08.0029 1736 usbcir - ok
01:41:08.0059 1736 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:41:08.0083 1736 usbehci - ok
01:41:08.0113 1736 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:41:08.0165 1736 usbhub - ok
01:41:08.0176 1736 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:41:08.0200 1736 usbohci - ok
01:41:08.0210 1736 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:41:08.0225 1736 usbprint - ok
01:41:08.0252 1736 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:41:08.0266 1736 USBSTOR - ok
01:41:08.0303 1736 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:41:08.0321 1736 usbuhci - ok
01:41:08.0351 1736 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
01:41:08.0378 1736 usbvideo - ok
01:41:08.0409 1736 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:41:08.0456 1736 UxSms - ok
01:41:08.0494 1736 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:41:08.0507 1736 VaultSvc - ok
01:41:08.0536 1736 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:41:08.0548 1736 vdrvroot - ok
01:41:08.0592 1736 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:41:08.0663 1736 vds - ok
01:41:08.0684 1736 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:41:08.0700 1736 vga - ok
01:41:08.0727 1736 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:41:08.0768 1736 VgaSave - ok
01:41:08.0799 1736 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:41:08.0814 1736 vhdmp - ok
01:41:08.0835 1736 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:41:08.0847 1736 viaide - ok
01:41:08.0929 1736 [ 7AC6239C65DADE55DEFD573B98616C3F ] VMAuthdService D:\Programme\VMWare\vmware-authd.exe
01:41:08.0939 1736 VMAuthdService - ok
01:41:08.0965 1736 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
01:41:08.0980 1736 vmbus - ok
01:41:09.0008 1736 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
01:41:09.0020 1736 VMBusHID - ok
01:41:09.0044 1736 [ 312AEC23A85424543AF898A59209B479 ] vmci C:\Windows\system32\drivers\vmci.sys
01:41:09.0054 1736 vmci - ok
01:41:09.0109 1736 [ FFC30CAEEB2FC5FEE8568CFF74EDEAED ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
01:41:09.0118 1736 vmkbd - ok
01:41:09.0132 1736 [ 9D54F1339E78C95BF3D9939EBCB66378 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
01:41:09.0142 1736 VMnetAdapter - ok
01:41:09.0153 1736 [ FB54EF3AA613D2832FD3812E7CB2FC75 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
01:41:09.0162 1736 VMnetBridge - ok
01:41:09.0165 1736 VMnetDHCP - ok
01:41:09.0196 1736 [ 56D547BFC3F1619FA82EC9EF5D24E802 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
01:41:09.0205 1736 VMnetuserif - ok
01:41:09.0209 1736 [ EF8B30EE8528E12DAF28069B378C0D8B ] VMparport C:\Windows\system32\drivers\VMparport.sys
01:41:09.0219 1736 VMparport - ok
01:41:09.0263 1736 [ 415B167695C4B5960A13098622EF3D80 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
01:41:09.0272 1736 vmusb - ok
01:41:09.0331 1736 [ 19368F7C4DC6EF444B826249FC8A0E30 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
01:41:09.0347 1736 VMUSBArbService - ok
01:41:09.0352 1736 VMware NAT Service - ok
01:41:09.0357 1736 [ 62CD5A87FDE14701506D4E0DD8F13D2E ] vmx86 C:\Windows\system32\drivers\vmx86.sys
01:41:09.0367 1736 vmx86 - ok
01:41:09.0371 1736 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:41:09.0384 1736 volmgr - ok
01:41:09.0400 1736 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:41:09.0418 1736 volmgrx - ok
01:41:09.0425 1736 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:41:09.0441 1736 volsnap - ok
01:41:09.0470 1736 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
01:41:09.0484 1736 vsmraid - ok
01:41:09.0646 1736 [ 1928B9CA20F51BFBBAD54D2C2C447B13 ] VSPerfDrv100 D:\Programme\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
01:41:09.0658 1736 VSPerfDrv100 - ok
01:41:09.0737 1736 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:41:09.0836 1736 VSS - ok
01:41:09.0859 1736 [ E61C910E2DDF4797C1B1F9239636E894 ] vstor2-ws60 D:\Programme\VMWare\vstor2-ws60.sys
01:41:09.0868 1736 vstor2-ws60 - ok
01:41:09.0872 1736 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
01:41:09.0921 1736 vwifibus - ok
01:41:09.0947 1736 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:41:10.0002 1736 W32Time - ok
01:41:10.0021 1736 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
01:41:10.0040 1736 WacomPen - ok
01:41:10.0059 1736 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:41:10.0094 1736 WANARP - ok
01:41:10.0114 1736 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:41:10.0146 1736 Wanarpv6 - ok
01:41:10.0233 1736 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:41:10.0335 1736 wbengine - ok
01:41:10.0415 1736 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:41:10.0437 1736 WbioSrvc - ok
01:41:10.0460 1736 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:41:10.0485 1736 wcncsvc - ok
01:41:10.0489 1736 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:41:10.0505 1736 WcsPlugInService - ok
01:41:10.0519 1736 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
01:41:10.0532 1736 Wd - ok
01:41:10.0564 1736 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:41:10.0606 1736 Wdf01000 - ok
01:41:10.0629 1736 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:41:10.0655 1736 WdiServiceHost - ok
01:41:10.0658 1736 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:41:10.0678 1736 WdiSystemHost - ok
01:41:10.0719 1736 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:41:10.0745 1736 WebClient - ok
01:41:10.0751 1736 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:41:10.0800 1736 Wecsvc - ok
01:41:10.0805 1736 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:41:10.0841 1736 wercplsupport - ok
01:41:10.0868 1736 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:41:10.0912 1736 WerSvc - ok
01:41:10.0923 1736 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:41:10.0955 1736 WfpLwf - ok
01:41:10.0967 1736 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:41:10.0979 1736 WIMMount - ok
01:41:10.0993 1736 WinDefend - ok
01:41:10.0999 1736 WinHttpAutoProxySvc - ok
01:41:11.0055 1736 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:41:11.0090 1736 Winmgmt - ok
01:41:11.0158 1736 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:41:11.0239 1736 WinRM - ok
01:41:11.0303 1736 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:41:11.0331 1736 WinUsb - ok
01:41:11.0363 1736 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:41:11.0456 1736 Wlansvc - ok
01:41:11.0532 1736 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:41:11.0569 1736 wlidsvc - ok
01:41:11.0616 1736 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:41:11.0630 1736 WmiAcpi - ok
01:41:11.0637 1736 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:41:11.0673 1736 wmiApSrv - ok
01:41:11.0716 1736 WMPNetworkSvc - ok
01:41:11.0720 1736 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:41:11.0736 1736 WPCSvc - ok
01:41:11.0756 1736 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:41:11.0775 1736 WPDBusEnum - ok
01:41:11.0779 1736 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:41:11.0821 1736 ws2ifsl - ok
01:41:11.0826 1736 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
01:41:11.0850 1736 wscsvc - ok
01:41:11.0853 1736 WSearch - ok
01:41:11.0924 1736 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
01:41:12.0003 1736 wuauserv - ok
01:41:12.0054 1736 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:41:12.0081 1736 WudfPf - ok
01:41:12.0124 1736 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:41:12.0153 1736 WUDFRd - ok
01:41:12.0185 1736 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:41:12.0213 1736 wudfsvc - ok
01:41:12.0246 1736 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:41:12.0273 1736 WwanSvc - ok
01:41:12.0317 1736 ================ Scan global ===============================
01:41:12.0333 1736 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:41:12.0369 1736 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
01:41:12.0386 1736 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
01:41:12.0423 1736 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:41:12.0445 1736 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:41:12.0452 1736 [Global] - ok
01:41:12.0452 1736 ================ Scan MBR ==================================
01:41:12.0459 1736 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:41:12.0704 1736 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
01:41:12.0704 1736 \Device\Harddisk0\DR0 - detected TDSS File System (1)
01:41:12.0704 1736 ================ Scan VBR ==================================
01:41:12.0706 1736 [ 59BFD5E60D032AF47E13FDC54466F8B6 ] \Device\Harddisk0\DR0\Partition1
01:41:12.0708 1736 \Device\Harddisk0\DR0\Partition1 - ok
01:41:12.0753 1736 [ BD6CE09BFD40686DC56FB7D112BF745C ] \Device\Harddisk0\DR0\Partition2
01:41:12.0754 1736 \Device\Harddisk0\DR0\Partition2 - ok
01:41:12.0755 1736 ============================================================
01:41:12.0755 1736 Scan finished
01:41:12.0755 1736 ============================================================
01:41:12.0762 3976 Detected object count: 4
01:41:12.0762 3976 Actual detected object count: 4
01:42:37.0128 3976 BEService ( UnsignedFile.Multi.Generic ) - skipped by user
01:42:37.0128 3976 BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:42:37.0130 3976 tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user
01:42:37.0130 3976 tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:42:37.0131 3976 TunngleService ( UnsignedFile.Multi.Generic ) - skipped by user
01:42:37.0131 3976 TunngleService ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:42:37.0132 3976 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
01:42:37.0132 3976 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
01:42:39.0836 4356 Deinitialize success
|
|
16.02.2013, 18:19
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HTTP und TCP Request zur IP 174.35.7.4Code:
ATTFilter 01:42:37.0132 3976 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
01:42:37.0132 3976 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2013, 19:08
| #10 |
| | HTTP und TCP Request zur IP 174.35.7.4 aswMBR wollte mal wieder nicht .. Muss bei aswMBR unter AV scan was besonders ausgewählt werden ? In der Anleitung steht dazu leider nichts. comboFix Code:
ATTFilter ComboFix 13-02-15.01 - *** 16.02.2013 18:37:22.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4094.2857 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\Trojaner Pr³fung\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\***\4.0
c:\users\***\AppData\Local\assembly\tmp
c:\windows\IsUn0407.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-01-16 bis 2013-02-16 ))))))))))))))))))))))))))))))
.
.
2013-02-16 17:44 . 2013-02-16 17:44 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2013-02-16 17:43 . 2013-02-16 17:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-16 12:16 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A85B3866-217B-4105-AEF0-6F3E3270132E}\mpengine.dll
2013-02-13 08:45 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 08:45 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 08:42 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 08:42 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 08:42 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 08:42 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 08:42 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 08:42 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 08:42 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 08:42 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 08:42 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 08:42 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 08:42 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 08:42 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-08 22:37 . 2013-02-08 22:37 -------- d-----w- C:\Fraps
2013-02-08 01:00 . 2013-02-08 01:00 -------- d-----w- c:\users\***\AppData\Local\IsolatedStorage
2013-02-08 01:00 . 2013-02-08 01:00 -------- d-----w- c:\users\***\AppData\Local\Futuremark_Corporation
2013-02-08 00:58 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2013-02-08 00:58 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2013-02-08 00:58 . 2013-02-08 00:58 -------- d-----w- c:\program files\Futuremark
2013-02-07 16:15 . 2013-02-07 16:15 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-02-07 16:15 . 2013-02-07 16:15 -------- d-----w- c:\users\UpdatusUser
2013-02-07 16:14 . 2012-12-29 08:40 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-07 16:14 . 2012-12-29 08:40 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-07 16:14 . 2012-12-29 08:40 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2013-02-07 16:14 . 2012-12-29 08:40 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2013-02-07 16:14 . 2012-12-29 08:40 63928 ----a-w- c:\windows\system32\nvshext.dll
2013-02-07 16:14 . 2012-12-29 08:40 2558392 ----a-w- c:\windows\system32\nvsvcr.dll
2013-02-07 16:14 . 2012-12-29 08:40 118712 ----a-w- c:\windows\system32\nvmctray.dll
2013-02-07 16:13 . 2012-12-29 10:34 61368 ----a-w- c:\windows\system32\OpenCL.dll
2013-02-07 16:13 . 2012-12-29 10:34 53176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-02-07 16:13 . 2013-02-07 16:13 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-01-31 22:14 . 2013-01-31 22:17 -------- d-----w- C:\CRYSIS2
2013-01-31 22:06 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2013-01-31 22:06 . 2009-09-04 16:29 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2013-01-31 22:06 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\SysWow64\d3dcsx_42.dll
2013-01-31 22:06 . 2009-09-04 16:29 5554512 ----a-w- c:\windows\system32\d3dcsx_42.dll
2013-01-31 22:06 . 2009-09-04 16:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2013-01-31 22:06 . 2009-09-04 16:29 285024 ----a-w- c:\windows\system32\d3dx11_42.dll
2013-01-31 22:06 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-01-31 22:06 . 2009-09-04 16:29 2475352 ----a-w- c:\windows\system32\D3DX9_42.dll
2013-01-23 16:37 . 2013-01-23 16:37 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2013-01-23 16:34 . 2013-01-23 16:34 -------- d-----w- c:\programdata\Bohemia Interactive Studio
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-13 08:51 . 2011-06-20 20:11 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-02-08 22:59 . 2011-07-11 13:04 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-02-08 22:59 . 2011-07-11 13:03 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-02-08 22:57 . 2011-07-11 13:03 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-01-17 00:28 . 2011-06-20 16:44 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-12 02:30 . 2013-01-13 23:16 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-04 04:43 . 2013-02-13 08:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-29 01:54 . 2012-12-29 01:54 550328 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-12-26 13:11 . 2012-12-26 13:11 116480 ----a-w- c:\windows\system32\drivers\avmaura.sys
2012-12-16 17:11 . 2013-01-08 00:08 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2013-01-08 00:08 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2013-01-08 00:08 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2013-01-08 00:08 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-12 21:02 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-12 21:02 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 13:05 . 2011-07-11 13:03 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-07 12:26 . 2013-01-12 21:02 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-12 21:02 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-12 21:02 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-12 21:02 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-12 21:02 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-12 21:02 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-12 21:02 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-12 21:02 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-12 21:02 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-12 21:02 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-12 21:02 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-12 21:02 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-12 21:02 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-12 21:02 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-12 21:02 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-12 21:02 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-12 21:02 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-12 21:02 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-12 21:02 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-12 21:02 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-12 21:02 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-12 21:02 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-12 21:02 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-12 21:02 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-12 21:02 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-12 21:02 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-12 21:02 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-12 21:02 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-12 21:02 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-12 21:02 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-12 21:01 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-12 21:01 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-12 21:01 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:43 . 2013-01-12 21:01 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-12 21:01 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-12 21:01 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-12 21:01 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:53 . 2013-01-12 21:01 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-12 21:01 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-12 21:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2006-05-03 11:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 12:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 14:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVMUSBFernanschluss"="c:\users\***\AppData\Local\Apps\2.0\3B99J9HE.Y30\46B953WL.M7W\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [2012-12-26 139264]
"ManyCam"="d:\programme\ManyCam\Bin\ManyCam.exe" [2012-12-05 5379472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer7"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"GrooveMonitor"="d:\programme\Microsoft Office\Office12\GrooveMonitor.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SAP_WUS_UNT"="c:\program files (x86)\SAP\SAPsetup\Setup\Updater\NwSapSetupUserNotificationTool.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-12-08 36328]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe [2013-01-23 45056]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RivaTuner64;RivaTuner64;d:\programme\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TunngleService;TunngleService;d:\programme\Tunngle\TnglCtrl.exe [2012-02-14 736104]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 VSPerfDrv100;Performance Tools Driver 10.0;d:\programme\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-21 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-02 254528]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 MBAMScheduler;MBAMScheduler;d:\programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;d:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service;c:\program files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2011-06-20 129904]
S2 OODefragAgent;O&O Defrag;d:\programme\OO Software\Defrag\oodag.exe [2011-09-18 3271496]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2011-03-25 81008]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys [2011-06-21 116096]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys [2012-12-26 116480]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-10-11 29696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1445763491-3315700046-3714806259-1000Core.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-03 17:12]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1445763491-3315700046-3714806259-1000UA.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-03 17:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"="d:\programme\OO Software\Defrag\oodtray.exe" [2011-09-18 3993416]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\9wbffpun.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q=
FF - ExtSQL: !HIDDEN! 2010-01-06 17:10; {800b5000-a755-47e1-992b-48a1c1357f07}; d:\programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.id - 14e0ed65000000000000001a4d4bfa57
FF - user.js: extensions.BabylonToolbar_i.hardId - 14e0ed65000000000000001a4d4bfa57
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15358
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.170:47
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108298
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-mapdisk - c:\arma2\ArmAWork\mapdisk.bat
AddRemove-BI's Tools drive - c:\arma2\ArmAWork\UnInstall.exe
AddRemove-BinMake - c:\arma2\BinMake\UnInstall.exe
AddRemove-BinPBO Personal Edition - c:\arma2\UnInstall.exe
AddRemove-CBuilder5 - c:\windows\IsUn0407.exe
AddRemove-FSM Editor Personal Edition - c:\arma2\FSM Editor Personal Edition\UnInstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-Theme Park World - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1445763491-3315700046-3714806259-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:e7,70,92,00,e7,d6,15,34,b2,0a,ac,f1,61,0e,43,5b,48,94,35,42,0e,6a,69,
9e,9d,46,a8,3e,80,02,39,0d,2b,9e,04,5b,ac,dd,5f,cc,d1,72,b2,4b,1a,53,53,c0,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-1445763491-3315700046-3714806259-1000\Software\SecuROM\License information*]
"datasecu"=hex:0a,a0,9a,43,26,03,20,6c,92,43,82,83,98,b8,92,23,0e,a5,b1,b2,5f,
bd,25,b6,33,9f,19,5e,79,7a,ff,20,57,ff,dd,91,31,5c,65,16,61,e2,44,0d,f8,5f,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="655568A2999824FA9498D53FE8A33F6442E42700EB8BF733A2BEE977C5CB1840F1A87C4C2FB7B9922EE9C422B92638EFE79DF2D1A6EA433D24205073CC2CF133C33B273292F3715608AFAE7B6FA2BF4E1E86137286AD7105C0B686B9C9251516DF1C600EB415940DE837D42A0DB2347E0CC5B30440D31C5CA0263ED342C375AE1289836B8B570E95DCFCDB5F9BDA1C119D38617F8C5501A8B2478D1F410D285B67FC50AF15696E5D31344AA4259AA0AA83EC8D30281B816528276ECB52F7E88A329C680D4BF0E86B7B448DD13A628E85B0280D36538225A1740640DE87EE97BD88C7548F3485D6D591C67797ED1755EFDEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808FEBC9E127BECC74C9DB7CE019D40AA5C3E3840714D56E17C929339C582CC33182FA798BA2EE45A081AFC023BF8E7BCDF4D0F478B95CC44797885430A6EB46B4897F7208B217520355736D73E4EB2F788473A8EA12F08A872620CBA0D8CC75F8E5FCE20C46E405E0C59CA94A334176FD6C01A994D6AB99FD4A04E4777794ED539B53F83C19F45AF60CED5081844F1333B8471BCAC8A354D563DD8E3FB46B4A7DD7EBF0A64B42CC14497D3D74F08C065ED8F6824E3C7716BECEE1CDD4CF88C42545027C7911E3ED51447297DFE0027BF661489CA18CE8B44D227EBD9200A8AA5B777B525B0C1E74369271A45DE1EEA0C64764405F4BEC3398986814DB3678768E8730ADC2FFABDF4A83553CE2EC9F7A86AD0EC7628ABFCBE51657883477080358C772C7EFC967468F49EE111ADDCDC0A3E70B919E59E3EDCB3CBD11B1D7A16C68AEB846E8FD66530B74A38D2A3A8CDB7695747BCE391B5AEFA7AF286FC4F8DED0E6B5FE4DE718F719E50AB325A6E9ECBB9BA15815CF732E637E3228DB4AB50138845EEEC681293E71BFD791F9D66CCF6C20484DC0F32A8C7B92C8DC990C0E9ACADFDC867AB5538626152BD5EBF39F67B5A51DF993D1AAEAA1AB0C32B67338CC9754BE607AECDE640EB82FB0A98095E319973CF552FFB817BB47F3B738E9C8B8A9B9BA5D2F900AEFA76761A0DFDE76C03DF706581AD9601B928594AB96289E125A10CC7289869BF9B824C62A9D0DAA9704E811363099F327BD636AF6943FAAAE24BF070361DF3F03FD65384F3715FC60C4C94B19592BDBAE669418A409466281F9F52AA019A05BC1AF91111D4C46315FE82CAFB07228D68B949D6DDD13DB4BE4E6C6A635F2B70BF713ABBFE88B5CA0D8260F99077921FA944A60B9405A942F5F2BF2AEC7EE9803D202A42A9A1B0EBC8E6972A73FB4176936AF3247A144961FCA7EF34FA5DF8F41A141C45CD03A991870F1E1C0C81910B5DA3E91DBE8E8FD42498136029CF7CFC5FCE2C1710E5937BABF1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
d:\programme\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
d:\programme\VMWare\vmware-ufad.exe
c:\windows\SysWOW64\vmnat.exe
d:\programme\VMWare\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-16 18:50:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-02-16 17:50
.
Vor Suchlauf: 16 Verzeichnis(se), 13.270.872.064 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 15.731.802.112 Bytes frei
.
- - End Of File - - 45FD1796CF4169326CA9F2A8FE007C1C
Code:
ATTFilter 19:01:31.0834 4732 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:01:31.0946 4732 ============================================================
19:01:31.0946 4732 Current date / time: 2013/02/16 19:01:31.0946
19:01:31.0946 4732 SystemInfo:
19:01:31.0946 4732
19:01:31.0946 4732 OS Version: 6.1.7601 ServicePack: 1.0
19:01:31.0946 4732 Product type: Workstation
19:01:31.0947 4732 ComputerName: ***-PC
19:01:31.0947 4732 UserName: ***
19:01:31.0947 4732 Windows directory: C:\Windows
19:01:31.0947 4732 System windows directory: C:\Windows
19:01:31.0947 4732 Running under WOW64
19:01:31.0947 4732 Processor architecture: Intel x64
19:01:31.0947 4732 Number of processors: 2
19:01:31.0947 4732 Page size: 0x1000
19:01:31.0947 4732 Boot type: Normal boot
19:01:31.0947 4732 ============================================================
19:01:32.0742 4732 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:01:32.0748 4732 ============================================================
19:01:32.0748 4732 \Device\Harddisk0\DR0:
19:01:32.0748 4732 MBR partitions:
19:01:32.0748 4732 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
19:01:32.0763 4732 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x2E035936
19:01:32.0763 4732 ============================================================
19:01:32.0799 4732 C: <-> \Device\Harddisk0\DR0\Partition1
19:01:32.0829 4732 D: <-> \Device\Harddisk0\DR0\Partition2
19:01:32.0829 4732 ============================================================
19:01:32.0829 4732 Initialize success
19:01:32.0829 4732 ============================================================
19:01:38.0982 4980 ============================================================
19:01:38.0982 4980 Scan started
19:01:38.0982 4980 Mode: Manual; SigCheck; TDLFS;
19:01:38.0982 4980 ============================================================
19:01:39.0652 4980 ================ Scan system memory ========================
19:01:39.0652 4980 System memory - ok
19:01:39.0653 4980 ================ Scan services =============================
19:01:39.0773 4980 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:01:39.0841 4980 1394ohci - ok
19:01:39.0866 4980 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:01:39.0884 4980 ACPI - ok
19:01:39.0895 4980 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:01:39.0929 4980 AcpiPmi - ok
19:01:40.0001 4980 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:01:40.0013 4980 AdobeARMservice - ok
19:01:40.0056 4980 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:01:40.0076 4980 adp94xx - ok
19:01:40.0102 4980 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:01:40.0119 4980 adpahci - ok
19:01:40.0132 4980 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:01:40.0146 4980 adpu320 - ok
19:01:40.0174 4980 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:01:40.0214 4980 AeLookupSvc - ok
19:01:40.0251 4980 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:01:40.0286 4980 AFD - ok
19:01:40.0310 4980 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:01:40.0322 4980 agp440 - ok
19:01:40.0341 4980 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:01:40.0375 4980 ALG - ok
19:01:40.0392 4980 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:01:40.0404 4980 aliide - ok
19:01:40.0420 4980 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:01:40.0432 4980 amdide - ok
19:01:40.0451 4980 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:01:40.0476 4980 AmdK8 - ok
19:01:40.0480 4980 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:01:40.0503 4980 AmdPPM - ok
19:01:40.0527 4980 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:01:40.0540 4980 amdsata - ok
19:01:40.0555 4980 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:01:40.0570 4980 amdsbs - ok
19:01:40.0596 4980 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:01:40.0608 4980 amdxata - ok
19:01:40.0642 4980 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
19:01:40.0675 4980 androidusb - ok
19:01:40.0702 4980 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:01:40.0744 4980 AppID - ok
19:01:40.0748 4980 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:01:40.0787 4980 AppIDSvc - ok
19:01:40.0810 4980 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:01:40.0850 4980 Appinfo - ok
19:01:40.0983 4980 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:01:40.0994 4980 Apple Mobile Device - ok
19:01:41.0029 4980 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:01:41.0058 4980 AppMgmt - ok
19:01:41.0083 4980 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:01:41.0096 4980 arc - ok
19:01:41.0104 4980 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:01:41.0116 4980 arcsas - ok
19:01:41.0197 4980 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:01:41.0218 4980 aspnet_state - ok
19:01:41.0238 4980 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:01:41.0249 4980 aswFsBlk - ok
19:01:41.0289 4980 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:01:41.0300 4980 aswMonFlt - ok
19:01:41.0318 4980 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:01:41.0329 4980 aswRdr - ok
19:01:41.0388 4980 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:01:41.0412 4980 aswSnx - ok
19:01:41.0453 4980 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:01:41.0468 4980 aswSP - ok
19:01:41.0485 4980 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:01:41.0496 4980 aswTdi - ok
19:01:41.0516 4980 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:01:41.0562 4980 AsyncMac - ok
19:01:41.0575 4980 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:01:41.0587 4980 atapi - ok
19:01:41.0615 4980 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:01:41.0630 4980 atksgt - ok
19:01:41.0665 4980 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:01:41.0728 4980 AudioEndpointBuilder - ok
19:01:41.0738 4980 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:01:41.0774 4980 AudioSrv - ok
19:01:41.0871 4980 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:01:41.0881 4980 avast! Antivirus - ok
19:01:41.0908 4980 [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
19:01:41.0926 4980 avmaudio - ok
19:01:41.0961 4980 [ 6A300AD0E23A155B2C3A7FAB0D4AABD1 ] avmaura C:\Windows\system32\DRIVERS\avmaura.sys
19:01:41.0989 4980 avmaura - ok
19:01:42.0026 4980 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:01:42.0056 4980 AxInstSV - ok
19:01:42.0091 4980 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:01:42.0123 4980 b06bdrv - ok
19:01:42.0158 4980 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:01:42.0190 4980 b57nd60a - ok
19:01:42.0210 4980 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:01:42.0233 4980 BDESVC - ok
19:01:42.0246 4980 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:01:42.0287 4980 Beep - ok
19:01:42.0323 4980 [ C895B9AA6EE9DBDE5D98684425A14647 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:01:42.0352 4980 BEService ( UnsignedFile.Multi.Generic ) - warning
19:01:42.0352 4980 BEService - detected UnsignedFile.Multi.Generic (1)
19:01:42.0415 4980 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:01:42.0461 4980 BFE - ok
19:01:42.0481 4980 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:01:42.0563 4980 BITS - ok
19:01:42.0583 4980 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:01:42.0604 4980 blbdrive - ok
19:01:42.0668 4980 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:01:42.0685 4980 Bonjour Service - ok
19:01:42.0707 4980 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:01:42.0720 4980 bowser - ok
19:01:42.0741 4980 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:01:42.0776 4980 BrFiltLo - ok
19:01:42.0780 4980 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:01:42.0795 4980 BrFiltUp - ok
19:01:42.0834 4980 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:01:42.0874 4980 BridgeMP - ok
19:01:42.0911 4980 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:01:42.0926 4980 Browser - ok
19:01:42.0943 4980 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:01:42.0973 4980 Brserid - ok
19:01:42.0977 4980 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:01:42.0997 4980 BrSerWdm - ok
19:01:43.0002 4980 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:01:43.0044 4980 BrUsbMdm - ok
19:01:43.0047 4980 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:01:43.0061 4980 BrUsbSer - ok
19:01:43.0065 4980 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:01:43.0084 4980 BTHMODEM - ok
19:01:43.0110 4980 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:01:43.0150 4980 bthserv - ok
19:01:43.0160 4980 catchme - ok
19:01:43.0173 4980 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:01:43.0206 4980 cdfs - ok
19:01:43.0238 4980 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:01:43.0264 4980 cdrom - ok
19:01:43.0279 4980 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:01:43.0333 4980 CertPropSvc - ok
19:01:43.0350 4980 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:01:43.0365 4980 circlass - ok
19:01:43.0398 4980 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:01:43.0416 4980 CLFS - ok
19:01:43.0458 4980 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:01:43.0471 4980 clr_optimization_v2.0.50727_32 - ok
19:01:43.0502 4980 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:01:43.0515 4980 clr_optimization_v2.0.50727_64 - ok
19:01:43.0563 4980 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:01:43.0662 4980 clr_optimization_v4.0.30319_32 - ok
19:01:43.0677 4980 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:01:43.0711 4980 clr_optimization_v4.0.30319_64 - ok
19:01:43.0728 4980 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:01:43.0750 4980 CmBatt - ok
19:01:43.0767 4980 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:01:43.0779 4980 cmdide - ok
19:01:43.0820 4980 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
19:01:43.0845 4980 CNG - ok
19:01:43.0855 4980 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:01:43.0867 4980 Compbatt - ok
19:01:43.0900 4980 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:01:43.0926 4980 CompositeBus - ok
19:01:43.0939 4980 COMSysApp - ok
19:01:43.0990 4980 cpuz135 - ok
19:01:44.0006 4980 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:01:44.0018 4980 crcdisk - ok
19:01:44.0065 4980 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:01:44.0089 4980 CryptSvc - ok
19:01:44.0119 4980 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:01:44.0154 4980 CSC - ok
19:01:44.0188 4980 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:01:44.0225 4980 CscService - ok
19:01:44.0254 4980 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:01:44.0308 4980 DcomLaunch - ok
19:01:44.0335 4980 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:01:44.0379 4980 defragsvc - ok
19:01:44.0415 4980 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:01:44.0455 4980 DfsC - ok
19:01:44.0495 4980 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:01:44.0507 4980 dg_ssudbus - ok
19:01:44.0530 4980 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:01:44.0554 4980 Dhcp - ok
19:01:44.0576 4980 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:01:44.0608 4980 discache - ok
19:01:44.0638 4980 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:01:44.0651 4980 Disk - ok
19:01:44.0674 4980 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:01:44.0705 4980 Dnscache - ok
19:01:44.0735 4980 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:01:44.0778 4980 dot3svc - ok
19:01:44.0790 4980 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:01:44.0834 4980 DPS - ok
19:01:44.0861 4980 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:01:44.0893 4980 drmkaud - ok
19:01:44.0930 4980 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:01:44.0943 4980 dtsoftbus01 - ok
19:01:44.0968 4980 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:01:44.0991 4980 DXGKrnl - ok
19:01:45.0020 4980 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:01:45.0064 4980 EapHost - ok
19:01:45.0130 4980 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:01:45.0224 4980 ebdrv - ok
19:01:45.0275 4980 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:01:45.0303 4980 EFS - ok
19:01:45.0343 4980 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:01:45.0397 4980 ehRecvr - ok
19:01:45.0409 4980 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:01:45.0436 4980 ehSched - ok
19:01:45.0467 4980 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:01:45.0488 4980 elxstor - ok
19:01:45.0501 4980 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:01:45.0529 4980 ErrDev - ok
19:01:45.0550 4980 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:01:45.0606 4980 EventSystem - ok
19:01:45.0612 4980 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:01:45.0663 4980 exfat - ok
19:01:45.0680 4980 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:01:45.0722 4980 fastfat - ok
19:01:45.0756 4980 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:01:45.0791 4980 Fax - ok
19:01:45.0802 4980 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:01:45.0815 4980 fdc - ok
19:01:45.0824 4980 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:01:45.0864 4980 fdPHost - ok
19:01:45.0875 4980 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:01:45.0908 4980 FDResPub - ok
19:01:45.0912 4980 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:01:45.0925 4980 FileInfo - ok
19:01:45.0929 4980 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:01:45.0971 4980 Filetrace - ok
19:01:45.0990 4980 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:01:46.0009 4980 flpydisk - ok
19:01:46.0016 4980 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:01:46.0033 4980 FltMgr - ok
19:01:46.0068 4980 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:01:46.0114 4980 FontCache - ok
19:01:46.0140 4980 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:01:46.0151 4980 FontCache3.0.0.0 - ok
19:01:46.0170 4980 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:01:46.0182 4980 FsDepends - ok
19:01:46.0205 4980 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:01:46.0217 4980 Fs_Rec - ok
19:01:46.0285 4980 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
19:01:46.0297 4980 Futuremark SystemInfo Service - ok
19:01:46.0339 4980 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:01:46.0357 4980 fvevol - ok
19:01:46.0377 4980 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:01:46.0390 4980 gagp30kx - ok
19:01:46.0422 4980 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:01:46.0475 4980 gpsvc - ok
19:01:46.0494 4980 [ D5FA01185A7D5A65724FD87B34E53F5B ] hcmon C:\Windows\system32\drivers\hcmon.sys
19:01:46.0505 4980 hcmon - ok
19:01:46.0520 4980 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:01:46.0533 4980 hcw85cir - ok
19:01:46.0574 4980 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:01:46.0594 4980 HdAudAddService - ok
19:01:46.0609 4980 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:01:46.0630 4980 HDAudBus - ok
19:01:46.0634 4980 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:01:46.0653 4980 HidBatt - ok
19:01:46.0657 4980 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:01:46.0673 4980 HidBth - ok
19:01:46.0687 4980 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:01:46.0713 4980 HidIr - ok
19:01:46.0735 4980 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:01:46.0776 4980 hidserv - ok
19:01:46.0805 4980 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:01:46.0818 4980 HidUsb - ok
19:01:46.0836 4980 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:01:46.0869 4980 hkmsvc - ok
19:01:46.0879 4980 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:01:46.0902 4980 HomeGroupListener - ok
19:01:46.0923 4980 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:01:46.0943 4980 HomeGroupProvider - ok
19:01:46.0955 4980 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:01:46.0967 4980 HpSAMD - ok
19:01:47.0010 4980 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:01:47.0063 4980 HTTP - ok
19:01:47.0073 4980 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:01:47.0085 4980 hwpolicy - ok
19:01:47.0108 4980 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:01:47.0122 4980 i8042prt - ok
19:01:47.0148 4980 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:01:47.0166 4980 iaStorV - ok
19:01:47.0200 4980 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:01:47.0238 4980 idsvc - ok
19:01:47.0264 4980 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:01:47.0276 4980 iirsp - ok
19:01:47.0300 4980 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:01:47.0366 4980 IKEEXT - ok
19:01:47.0382 4980 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:01:47.0394 4980 intelide - ok
19:01:47.0407 4980 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:01:47.0422 4980 intelppm - ok
19:01:47.0462 4980 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:01:47.0497 4980 IPBusEnum - ok
19:01:47.0515 4980 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:01:47.0554 4980 IpFilterDriver - ok
19:01:47.0717 4980 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:01:47.0756 4980 iphlpsvc - ok
19:01:47.0791 4980 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:01:47.0806 4980 IPMIDRV - ok
19:01:47.0817 4980 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:01:47.0856 4980 IPNAT - ok
19:01:47.0869 4980 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:01:47.0893 4980 IRENUM - ok
19:01:47.0903 4980 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:01:47.0915 4980 isapnp - ok
19:01:47.0931 4980 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:01:47.0947 4980 iScsiPrt - ok
19:01:47.0972 4980 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:01:47.0984 4980 kbdclass - ok
19:01:47.0998 4980 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:01:48.0011 4980 kbdhid - ok
19:01:48.0030 4980 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:01:48.0044 4980 KeyIso - ok
19:01:48.0068 4980 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:01:48.0081 4980 KSecDD - ok
19:01:48.0105 4980 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:01:48.0119 4980 KSecPkg - ok
19:01:48.0134 4980 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:01:48.0165 4980 ksthunk - ok
19:01:48.0194 4980 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:01:48.0245 4980 KtmRm - ok
19:01:48.0279 4980 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:01:48.0325 4980 LanmanServer - ok
19:01:48.0348 4980 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:01:48.0386 4980 LanmanWorkstation - ok
19:01:48.0430 4980 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:01:48.0442 4980 LHidFilt - ok
19:01:48.0469 4980 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:01:48.0480 4980 lirsgt - ok
19:01:48.0497 4980 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:01:48.0538 4980 lltdio - ok
19:01:48.0563 4980 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:01:48.0612 4980 lltdsvc - ok
19:01:48.0625 4980 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:01:48.0658 4980 lmhosts - ok
19:01:48.0662 4980 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:01:48.0673 4980 LMouFilt - ok
19:01:48.0695 4980 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:01:48.0708 4980 LSI_FC - ok
19:01:48.0712 4980 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:01:48.0725 4980 LSI_SAS - ok
19:01:48.0740 4980 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:01:48.0752 4980 LSI_SAS2 - ok
19:01:48.0757 4980 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:01:48.0770 4980 LSI_SCSI - ok
19:01:48.0787 4980 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:01:48.0827 4980 luafv - ok
19:01:48.0851 4980 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
19:01:48.0875 4980 ManyCam - ok
19:01:48.0914 4980 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:01:48.0926 4980 MBAMProtector - ok
19:01:49.0024 4980 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:01:49.0037 4980 MBAMScheduler - ok
19:01:49.0074 4980 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
19:01:49.0092 4980 MBAMService - ok
19:01:49.0133 4980 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
19:01:49.0160 4980 mcaudrv_simple - ok
19:01:49.0184 4980 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:01:49.0209 4980 Mcx2Svc - ok
19:01:49.0218 4980 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:01:49.0229 4980 megasas - ok
19:01:49.0242 4980 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:01:49.0258 4980 MegaSR - ok
19:01:49.0467 4980 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
19:01:49.0506 4980 Microsoft Office Groove Audit Service - ok
19:01:49.0536 4980 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:01:49.0578 4980 MMCSS - ok
19:01:49.0591 4980 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:01:49.0634 4980 Modem - ok
19:01:49.0659 4980 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:01:49.0691 4980 monitor - ok
19:01:49.0718 4980 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:01:49.0730 4980 mouclass - ok
19:01:49.0746 4980 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:01:49.0759 4980 mouhid - ok
19:01:49.0784 4980 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:01:49.0796 4980 mountmgr - ok
19:01:49.0825 4980 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:01:49.0839 4980 mpio - ok
19:01:49.0850 4980 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:01:49.0883 4980 mpsdrv - ok
19:01:49.0918 4980 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:01:49.0984 4980 MpsSvc - ok
19:01:50.0000 4980 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:01:50.0018 4980 MRxDAV - ok
19:01:50.0042 4980 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:01:50.0064 4980 mrxsmb - ok
19:01:50.0082 4980 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:01:50.0102 4980 mrxsmb10 - ok
19:01:50.0107 4980 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:01:50.0137 4980 mrxsmb20 - ok
19:01:50.0166 4980 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:01:50.0178 4980 msahci - ok
19:01:50.0189 4980 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:01:50.0202 4980 msdsm - ok
19:01:50.0222 4980 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:01:50.0247 4980 MSDTC - ok
19:01:50.0258 4980 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:01:50.0290 4980 Msfs - ok
19:01:50.0300 4980 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:01:50.0334 4980 mshidkmdf - ok
19:01:50.0338 4980 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:01:50.0350 4980 msisadrv - ok
19:01:50.0370 4980 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:01:50.0412 4980 MSiSCSI - ok
19:01:50.0416 4980 msiserver - ok
19:01:50.0464 4980 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:01:50.0502 4980 MSKSSRV - ok
19:01:50.0516 4980 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:01:50.0561 4980 MSPCLOCK - ok
19:01:50.0574 4980 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:01:50.0617 4980 MSPQM - ok
19:01:50.0631 4980 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:01:50.0649 4980 MsRPC - ok
19:01:50.0659 4980 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:01:50.0671 4980 mssmbios - ok
19:01:50.0722 4980 MSSQL$SQLEXPRESS - ok
19:01:50.0750 4980 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:01:50.0762 4980 MSSQLServerADHelper100 - ok
19:01:50.0778 4980 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:01:50.0820 4980 MSTEE - ok
19:01:50.0831 4980 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:01:50.0844 4980 MTConfig - ok
19:01:50.0864 4980 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:01:50.0877 4980 Mup - ok
19:01:50.0901 4980 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:01:50.0951 4980 napagent - ok
19:01:50.0978 4980 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:01:51.0008 4980 NativeWifiP - ok
19:01:51.0062 4980 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:01:51.0102 4980 NDIS - ok
19:01:51.0122 4980 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:01:51.0154 4980 NdisCap - ok
19:01:51.0172 4980 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:01:51.0208 4980 NdisTapi - ok
19:01:51.0222 4980 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:01:51.0254 4980 Ndisuio - ok
19:01:51.0262 4980 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:01:51.0301 4980 NdisWan - ok
19:01:51.0324 4980 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:01:51.0363 4980 NDProxy - ok
19:01:51.0377 4980 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:01:51.0420 4980 NetBIOS - ok
19:01:51.0439 4980 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:01:51.0481 4980 NetBT - ok
19:01:51.0499 4980 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:01:51.0514 4980 Netlogon - ok
19:01:51.0555 4980 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:01:51.0601 4980 Netman - ok
19:01:51.0630 4980 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:51.0658 4980 NetMsmqActivator - ok
19:01:51.0662 4980 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:51.0673 4980 NetPipeActivator - ok
19:01:51.0695 4980 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:01:51.0750 4980 netprofm - ok
19:01:51.0754 4980 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:51.0766 4980 NetTcpActivator - ok
19:01:51.0770 4980 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:51.0781 4980 NetTcpPortSharing - ok
19:01:51.0798 4980 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:01:51.0810 4980 nfrd960 - ok
19:01:51.0845 4980 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:01:51.0878 4980 NlaSvc - ok
19:01:51.0924 4980 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
19:01:51.0935 4980 NPF - ok
19:01:51.0942 4980 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:01:51.0974 4980 Npfs - ok
19:01:51.0986 4980 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:01:52.0024 4980 nsi - ok
19:01:52.0036 4980 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:01:52.0073 4980 nsiproxy - ok
19:01:52.0134 4980 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:01:52.0191 4980 Ntfs - ok
19:01:52.0213 4980 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:01:52.0249 4980 Null - ok
19:01:52.0294 4980 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:01:52.0307 4980 NVHDA - ok
19:01:52.0539 4980 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:01:52.0684 4980 nvlddmkm - ok
19:01:52.0711 4980 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:01:52.0724 4980 nvraid - ok
19:01:52.0747 4980 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:01:52.0761 4980 nvstor - ok
19:01:52.0811 4980 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:01:52.0853 4980 nvsvc - ok
19:01:52.0920 4980 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:01:52.0965 4980 nvUpdatusService - ok
19:01:53.0002 4980 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:01:53.0016 4980 nv_agp - ok
19:01:53.0150 4980 [ 1A128004775CA3E04FDB315563459D3B ] NWSAPAutoWorkstationUpdateSvc C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
19:01:53.0161 4980 NWSAPAutoWorkstationUpdateSvc - ok
19:01:53.0259 4980 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:01:53.0278 4980 odserv - ok
19:01:53.0310 4980 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:01:53.0323 4980 ohci1394 - ok
19:01:53.0442 4980 [ 6AAF515829C68C2CC52994FBD32D3F6C ] OODefragAgent D:\Programme\OO Software\Defrag\oodag.exe
19:01:53.0490 4980 OODefragAgent - ok
19:01:53.0520 4980 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:01:53.0533 4980 ose - ok
19:01:53.0556 4980 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:01:53.0582 4980 p2pimsvc - ok
19:01:53.0598 4980 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:01:53.0626 4980 p2psvc - ok
19:01:53.0656 4980 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:01:53.0669 4980 Parport - ok
19:01:53.0693 4980 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:01:53.0706 4980 partmgr - ok
19:01:53.0724 4980 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:01:53.0755 4980 PcaSvc - ok
19:01:53.0772 4980 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:01:53.0786 4980 pci - ok
19:01:53.0794 4980 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:01:53.0806 4980 pciide - ok
19:01:53.0823 4980 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:01:53.0838 4980 pcmcia - ok
19:01:53.0842 4980 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:01:53.0854 4980 pcw - ok
19:01:53.0878 4980 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:01:53.0936 4980 PEAUTH - ok
19:01:53.0986 4980 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:01:54.0045 4980 PeerDistSvc - ok
19:01:54.0107 4980 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:01:54.0134 4980 PerfHost - ok
19:01:54.0176 4980 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:01:54.0251 4980 pla - ok
19:01:54.0282 4980 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:01:54.0311 4980 PlugPlay - ok
19:01:54.0339 4980 PnkBstrA - ok
19:01:54.0350 4980 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:01:54.0374 4980 PNRPAutoReg - ok
19:01:54.0394 4980 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:01:54.0411 4980 PNRPsvc - ok
19:01:54.0434 4980 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:01:54.0478 4980 PolicyAgent - ok
19:01:54.0502 4980 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:01:54.0544 4980 Power - ok
19:01:54.0571 4980 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:01:54.0603 4980 PptpMiniport - ok
19:01:54.0621 4980 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:01:54.0642 4980 Processor - ok
19:01:54.0671 4980 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:01:54.0701 4980 ProfSvc - ok
19:01:54.0719 4980 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:01:54.0733 4980 ProtectedStorage - ok
19:01:54.0776 4980 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:01:54.0832 4980 ql2300 - ok
19:01:54.0842 4980 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:01:54.0855 4980 ql40xx - ok
19:01:54.0861 4980 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:01:54.0893 4980 QWAVE - ok
19:01:54.0904 4980 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:01:54.0928 4980 QWAVEdrv - ok
19:01:54.0937 4980 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:01:54.0968 4980 RasAcd - ok
19:01:54.0996 4980 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:01:55.0028 4980 RasAgileVpn - ok
19:01:55.0032 4980 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:01:55.0077 4980 RasAuto - ok
19:01:55.0095 4980 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:01:55.0134 4980 Rasl2tp - ok
19:01:55.0153 4980 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:01:55.0197 4980 RasMan - ok
19:01:55.0202 4980 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:01:55.0239 4980 RasPppoe - ok
19:01:55.0243 4980 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:01:55.0282 4980 RasSstp - ok
19:01:55.0294 4980 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:01:55.0329 4980 rdbss - ok
19:01:55.0333 4980 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:01:55.0356 4980 rdpbus - ok
19:01:55.0369 4980 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:01:55.0401 4980 RDPCDD - ok
19:01:55.0452 4980 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:01:55.0476 4980 RDPDR - ok
19:01:55.0480 4980 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:01:55.0535 4980 RDPENCDD - ok
19:01:55.0540 4980 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:01:55.0573 4980 RDPREFMP - ok
19:01:55.0602 4980 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:01:55.0629 4980 RdpVideoMiniport - ok
19:01:55.0692 4980 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:01:55.0724 4980 RDPWD - ok
19:01:55.0751 4980 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:01:55.0767 4980 rdyboost - ok
19:01:55.0800 4980 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:01:55.0841 4980 RemoteAccess - ok
19:01:55.0875 4980 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:01:55.0929 4980 RemoteRegistry - ok
19:01:55.0938 4980 RivaTuner64 - ok
19:01:55.0977 4980 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
19:01:55.0988 4980 rpcapd - ok
19:01:56.0007 4980 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:01:56.0051 4980 RpcEptMapper - ok
19:01:56.0059 4980 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:01:56.0089 4980 RpcLocator - ok
19:01:56.0163 4980 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:01:56.0200 4980 RpcSs - ok
19:01:56.0279 4980 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
19:01:56.0294 4980 RsFx0103 - ok
19:01:56.0318 4980 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:01:56.0359 4980 rspndr - ok
19:01:56.0393 4980 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:01:56.0410 4980 RTL8167 - ok
19:01:56.0441 4980 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:01:56.0454 4980 s3cap - ok
19:01:56.0470 4980 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:01:56.0484 4980 SamSs - ok
19:01:56.0508 4980 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:01:56.0521 4980 sbp2port - ok
19:01:56.0560 4980 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:01:56.0614 4980 SCardSvr - ok
19:01:56.0644 4980 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:01:56.0689 4980 scfilter - ok
19:01:56.0865 4980 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:01:56.0935 4980 Schedule - ok
19:01:56.0953 4980 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:01:56.0984 4980 SCPolicySvc - ok
19:01:57.0047 4980 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:01:57.0078 4980 SDRSVC - ok
19:01:57.0097 4980 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:01:57.0129 4980 secdrv - ok
19:01:57.0144 4980 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:01:57.0182 4980 seclogon - ok
19:01:57.0222 4980 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:01:57.0302 4980 SENS - ok
19:01:57.0306 4980 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:01:57.0444 4980 SensrSvc - ok
19:01:57.0554 4980 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:01:57.0568 4980 Serenum - ok
19:01:57.0591 4980 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:01:57.0645 4980 Serial - ok
19:01:57.0683 4980 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:01:57.0759 4980 sermouse - ok
19:01:57.0796 4980 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:01:57.0850 4980 SessionEnv - ok
19:01:57.0952 4980 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:01:57.0992 4980 sffdisk - ok
19:01:58.0007 4980 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:01:58.0042 4980 sffp_mmc - ok
19:01:58.0060 4980 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:01:58.0085 4980 sffp_sd - ok
19:01:58.0099 4980 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:01:58.0112 4980 sfloppy - ok
19:01:58.0133 4980 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:01:58.0187 4980 SharedAccess - ok
19:01:58.0210 4980 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:01:58.0264 4980 ShellHWDetection - ok
19:01:58.0284 4980 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:01:58.0296 4980 SiSRaid2 - ok
19:01:58.0305 4980 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:01:58.0318 4980 SiSRaid4 - ok
19:01:58.0383 4980 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:01:58.0394 4980 SkypeUpdate - ok
19:01:58.0413 4980 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:01:58.0451 4980 Smb - ok
19:01:58.0478 4980 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:01:58.0494 4980 SNMPTRAP - ok
19:01:58.0505 4980 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:01:58.0517 4980 spldr - ok
19:01:58.0547 4980 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:01:58.0597 4980 Spooler - ok
19:01:58.0680 4980 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:01:58.0743 4980 sppsvc - ok
19:01:58.0757 4980 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:01:58.0805 4980 sppuinotify - ok
19:01:58.0891 4980 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:01:58.0909 4980 SQLAgent$SQLEXPRESS - ok
19:01:58.0954 4980 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:01:58.0968 4980 SQLBrowser - ok
19:01:58.0983 4980 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:01:58.0995 4980 SQLWriter - ok
19:01:59.0110 4980 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:01:59.0145 4980 srv - ok
19:01:59.0165 4980 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:01:59.0196 4980 srv2 - ok
19:01:59.0217 4980 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:01:59.0239 4980 srvnet - ok
19:01:59.0277 4980 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
19:01:59.0302 4980 ssadbus - ok
19:01:59.0341 4980 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
19:01:59.0354 4980 ssadmdfl - ok
19:01:59.0389 4980 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
19:01:59.0420 4980 ssadmdm - ok
19:01:59.0446 4980 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
19:01:59.0458 4980 sscdbus - ok
19:01:59.0492 4980 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
19:01:59.0501 4980 sscdmdfl - ok
19:01:59.0567 4980 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
19:01:59.0578 4980 sscdmdm - ok
19:01:59.0623 4980 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:01:59.0666 4980 SSDPSRV - ok
19:01:59.0674 4980 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:01:59.0714 4980 SstpSvc - ok
19:01:59.0752 4980 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:01:59.0765 4980 ssudmdm - ok
19:01:59.0789 4980 Steam Client Service - ok
19:01:59.0923 4980 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:01:59.0950 4980 Stereo Service - ok
19:01:59.0959 4980 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:01:59.0971 4980 stexstor - ok
19:02:00.0004 4980 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:02:00.0039 4980 stisvc - ok
19:02:00.0063 4980 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:02:00.0076 4980 storflt - ok
19:02:00.0105 4980 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
19:02:00.0132 4980 StorSvc - ok
19:02:00.0146 4980 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:02:00.0158 4980 storvsc - ok
19:02:00.0166 4980 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:02:00.0178 4980 swenum - ok
19:02:00.0193 4980 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:02:00.0240 4980 swprv - ok
19:02:00.0289 4980 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:02:00.0354 4980 SysMain - ok
19:02:00.0364 4980 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:02:00.0394 4980 TabletInputService - ok
19:02:00.0425 4980 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
19:02:00.0445 4980 tap0901t ( UnsignedFile.Multi.Generic ) - warning
19:02:00.0445 4980 tap0901t - detected UnsignedFile.Multi.Generic (1)
19:02:00.0452 4980 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:02:00.0500 4980 TapiSrv - ok
19:02:00.0520 4980 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:02:00.0561 4980 TBS - ok
19:02:00.0701 4980 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:02:00.0761 4980 Tcpip - ok
19:02:00.0828 4980 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:02:00.0862 4980 TCPIP6 - ok
19:02:00.0893 4980 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:02:00.0914 4980 tcpipreg - ok
19:02:00.0933 4980 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:02:00.0957 4980 TDPIPE - ok
19:02:00.0991 4980 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:02:01.0019 4980 TDTCP - ok
19:02:01.0038 4980 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:02:01.0080 4980 tdx - ok
19:02:01.0097 4980 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:02:01.0109 4980 TermDD - ok
19:02:01.0129 4980 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:02:01.0193 4980 TermService - ok
19:02:01.0218 4980 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:02:01.0246 4980 Themes - ok
19:02:01.0262 4980 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:02:01.0296 4980 THREADORDER - ok
19:02:01.0309 4980 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:02:01.0356 4980 TrkWks - ok
19:02:01.0397 4980 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:02:01.0444 4980 TrustedInstaller - ok
19:02:01.0473 4980 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:02:01.0503 4980 tssecsrv - ok
19:02:01.0550 4980 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:02:01.0592 4980 TsUsbFlt - ok
19:02:01.0621 4980 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:02:01.0658 4980 tunnel - ok
19:02:02.0057 4980 [ 7A34128510EEB13CF8583531C8FB081C ] TunngleService D:\Programme\Tunngle\TnglCtrl.exe
19:02:02.0121 4980 TunngleService ( UnsignedFile.Multi.Generic ) - warning
19:02:02.0122 4980 TunngleService - detected UnsignedFile.Multi.Generic (1)
19:02:02.0141 4980 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:02:02.0153 4980 uagp35 - ok
19:02:02.0176 4980 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:02:02.0226 4980 udfs - ok
19:02:02.0431 4980 ufad-ws60 - ok
19:02:02.0465 4980 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:02:02.0497 4980 UI0Detect - ok
19:02:02.0523 4980 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:02:02.0536 4980 uliagpkx - ok
19:02:02.0552 4980 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:02:02.0566 4980 umbus - ok
19:02:02.0574 4980 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:02:02.0595 4980 UmPass - ok
19:02:02.0617 4980 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:02:02.0636 4980 UmRdpService - ok
19:02:02.0652 4980 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:02:02.0691 4980 upnphost - ok
19:02:02.0722 4980 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:02:02.0735 4980 USBAAPL64 - ok
19:02:02.0775 4980 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:02:02.0791 4980 usbaudio - ok
19:02:02.0804 4980 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:02:02.0818 4980 usbccgp - ok
19:02:02.0859 4980 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:02:02.0875 4980 usbcir - ok
19:02:02.0939 4980 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:02:02.0979 4980 usbehci - ok
19:02:03.0010 4980 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:02:03.0037 4980 usbhub - ok
19:02:03.0048 4980 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:02:03.0072 4980 usbohci - ok
19:02:03.0081 4980 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:02:03.0097 4980 usbprint - ok
19:02:03.0124 4980 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:02:03.0151 4980 USBSTOR - ok
19:02:03.0175 4980 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:02:03.0210 4980 usbuhci - ok
19:02:03.0239 4980 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:02:03.0266 4980 usbvideo - ok
19:02:03.0280 4980 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:02:03.0328 4980 UxSms - ok
19:02:03.0341 4980 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:02:03.0355 4980 VaultSvc - ok
19:02:03.0391 4980 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:02:03.0404 4980 vdrvroot - ok
19:02:03.0440 4980 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:02:03.0493 4980 vds - ok
19:02:03.0506 4980 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:02:03.0522 4980 vga - ok
19:02:03.0540 4980 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:02:03.0582 4980 VgaSave - ok
19:02:03.0613 4980 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:02:03.0631 4980 vhdmp - ok
19:02:03.0641 4980 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:02:03.0653 4980 viaide - ok
19:02:03.0692 4980 [ 7AC6239C65DADE55DEFD573B98616C3F ] VMAuthdService D:\Programme\VMWare\vmware-authd.exe
19:02:03.0703 4980 VMAuthdService - ok
19:02:03.0729 4980 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:02:03.0754 4980 vmbus - ok
19:02:03.0763 4980 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:02:03.0786 4980 VMBusHID - ok
19:02:03.0799 4980 [ 312AEC23A85424543AF898A59209B479 ] vmci C:\Windows\system32\drivers\vmci.sys
19:02:03.0810 4980 vmci - ok
19:02:03.0831 4980 [ FFC30CAEEB2FC5FEE8568CFF74EDEAED ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
19:02:03.0841 4980 vmkbd - ok
19:02:03.0855 4980 [ 9D54F1339E78C95BF3D9939EBCB66378 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
19:02:03.0865 4980 VMnetAdapter - ok
19:02:03.0873 4980 [ FB54EF3AA613D2832FD3812E7CB2FC75 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
19:02:03.0884 4980 VMnetBridge - ok
19:02:03.0887 4980 VMnetDHCP - ok
19:02:03.0894 4980 [ 56D547BFC3F1619FA82EC9EF5D24E802 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
19:02:03.0903 4980 VMnetuserif - ok
19:02:03.0907 4980 [ EF8B30EE8528E12DAF28069B378C0D8B ] VMparport C:\Windows\system32\drivers\VMparport.sys
19:02:03.0917 4980 VMparport - ok
19:02:03.0952 4980 [ 415B167695C4B5960A13098622EF3D80 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
19:02:03.0962 4980 vmusb - ok
19:02:03.0996 4980 [ 19368F7C4DC6EF444B826249FC8A0E30 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
19:02:04.0011 4980 VMUSBArbService - ok
19:02:04.0017 4980 VMware NAT Service - ok
19:02:04.0022 4980 [ 62CD5A87FDE14701506D4E0DD8F13D2E ] vmx86 C:\Windows\system32\drivers\vmx86.sys
19:02:04.0032 4980 vmx86 - ok
19:02:04.0036 4980 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:02:04.0049 4980 volmgr - ok
19:02:04.0065 4980 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:02:04.0082 4980 volmgrx - ok
19:02:04.0095 4980 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:02:04.0121 4980 volsnap - ok
19:02:04.0159 4980 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:02:04.0173 4980 vsmraid - ok
19:02:04.0551 4980 [ 1928B9CA20F51BFBBAD54D2C2C447B13 ] VSPerfDrv100 D:\Programme\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
19:02:04.0580 4980 VSPerfDrv100 - ok
19:02:04.0627 4980 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:02:04.0699 4980 VSS - ok
19:02:04.0730 4980 [ E61C910E2DDF4797C1B1F9239636E894 ] vstor2-ws60 D:\Programme\VMWare\vstor2-ws60.sys
19:02:04.0740 4980 vstor2-ws60 - ok
19:02:04.0744 4980 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:02:04.0776 4980 vwifibus - ok
19:02:04.0794 4980 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:02:04.0857 4980 W32Time - ok
19:02:04.0884 4980 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:02:04.0904 4980 WacomPen - ok
19:02:04.0930 4980 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:02:04.0966 4980 WANARP - ok
19:02:04.0978 4980 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:02:05.0009 4980 Wanarpv6 - ok
19:02:05.0046 4980 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:02:05.0107 4980 wbengine - ok
19:02:05.0113 4980 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:02:05.0134 4980 WbioSrvc - ok
19:02:05.0146 4980 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:02:05.0171 4980 wcncsvc - ok
19:02:05.0174 4980 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:02:05.0191 4980 WcsPlugInService - ok
19:02:05.0200 4980 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:02:05.0212 4980 Wd - ok
19:02:05.0245 4980 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:02:05.0287 4980 Wdf01000 - ok
19:02:05.0302 4980 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:02:05.0327 4980 WdiServiceHost - ok
19:02:05.0330 4980 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:02:05.0351 4980 WdiSystemHost - ok
19:02:05.0398 4980 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:02:05.0434 4980 WebClient - ok
19:02:05.0451 4980 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:02:05.0497 4980 Wecsvc - ok
19:02:05.0501 4980 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:02:05.0537 4980 wercplsupport - ok
19:02:05.0552 4980 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:02:05.0593 4980 WerSvc - ok
19:02:05.0604 4980 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:02:05.0636 4980 WfpLwf - ok
19:02:05.0648 4980 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:02:05.0660 4980 WIMMount - ok
19:02:05.0682 4980 WinDefend - ok
19:02:05.0688 4980 WinHttpAutoProxySvc - ok
19:02:05.0785 4980 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:02:05.0820 4980 Winmgmt - ok
19:02:06.0113 4980 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:02:06.0186 4980 WinRM - ok
19:02:06.0216 4980 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:02:06.0245 4980 WinUsb - ok
19:02:06.0268 4980 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:02:06.0337 4980 Wlansvc - ok
19:02:06.0468 4980 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:02:06.0506 4980 wlidsvc - ok
19:02:06.0538 4980 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:02:06.0569 4980 WmiAcpi - ok
19:02:06.0601 4980 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:02:06.0645 4980 wmiApSrv - ok
19:02:06.0671 4980 WMPNetworkSvc - ok
19:02:06.0674 4980 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:02:06.0691 4980 WPCSvc - ok
19:02:06.0711 4980 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:02:06.0730 4980 WPDBusEnum - ok
19:02:06.0756 4980 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:02:06.0792 4980 ws2ifsl - ok
19:02:06.0797 4980 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:02:06.0821 4980 wscsvc - ok
19:02:06.0824 4980 WSearch - ok
19:02:07.0028 4980 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:02:07.0104 4980 wuauserv - ok
19:02:07.0133 4980 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:02:07.0160 4980 WudfPf - ok
19:02:07.0195 4980 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:02:07.0224 4980 WUDFRd - ok
19:02:07.0247 4980 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:02:07.0276 4980 wudfsvc - ok
19:02:07.0292 4980 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:02:07.0319 4980 WwanSvc - ok
19:02:07.0338 4980 ================ Scan global ===============================
19:02:07.0354 4980 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:02:07.0391 4980 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:02:07.0413 4980 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:02:07.0429 4980 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:02:07.0443 4980 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:02:07.0450 4980 [Global] - ok
19:02:07.0451 4980 ================ Scan MBR ==================================
19:02:07.0464 4980 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:02:11.0168 4980 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:02:11.0168 4980 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:02:11.0168 4980 ================ Scan VBR ==================================
19:02:11.0190 4980 [ 59BFD5E60D032AF47E13FDC54466F8B6 ] \Device\Harddisk0\DR0\Partition1
19:02:11.0243 4980 \Device\Harddisk0\DR0\Partition1 - ok
19:02:11.0277 4980 [ BD6CE09BFD40686DC56FB7D112BF745C ] \Device\Harddisk0\DR0\Partition2
19:02:11.0320 4980 \Device\Harddisk0\DR0\Partition2 - ok
19:02:11.0320 4980 ============================================================
19:02:11.0320 4980 Scan finished
19:02:11.0320 4980 ============================================================
19:02:11.0329 4492 Detected object count: 4
19:02:11.0329 4492 Actual detected object count: 4
19:03:03.0127 4492 BEService ( UnsignedFile.Multi.Generic ) - skipped by user
19:03:03.0127 4492 BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:03:03.0127 4492 tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user
19:03:03.0127 4492 tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:03:03.0128 4492 TunngleService ( UnsignedFile.Multi.Generic ) - skipped by user
19:03:03.0128 4492 TunngleService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:03:03.0129 4492 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:03:03.0130 4492 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:03:08.0227 5072 Deinitialize success
|
|
16.02.2013, 19:46
| #11 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HTTP und TCP Request zur IP 174.35.7.4Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2013, 19:56
| #12 |
| | HTTP und TCP Request zur IP 174.35.7.4Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-16 19:54:10
-----------------------------
19:54:10.973 OS Version: Windows x64 6.1.7601 Service Pack 1
19:54:10.973 Number of processors: 2 586 0xF0B
19:54:10.973 ComputerName: ***-PC UserName: ***
19:54:11.425 Initialize success
19:54:11.488 AVAST engine defs: 13021600
19:54:15.357 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
19:54:15.357 Disk 0 Vendor: WDC_WD5000AAKS-65YGA0 12.01C02 Size: 476940MB BusType: 3
19:54:15.388 Disk 0 MBR read successfully
19:54:15.388 Disk 0 MBR scan
19:54:15.388 Disk 0 Windows 7 default MBR code
19:54:15.388 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 99998 MB offset 63
19:54:15.403 Disk 0 Partition - 00 0F Extended LBA 376939 MB offset 204796620
19:54:15.419 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 376939 MB offset 204796683
19:54:15.450 Disk 0 scanning C:\Windows\system32\drivers
19:54:22.205 Service scanning
19:54:34.903 Modules scanning
19:54:34.903 Disk 0 trace - called modules:
19:54:34.903 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
19:54:34.919 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004627060]
19:54:34.919 3 CLASSPNP.SYS[fffff8800199343f] -> nt!IofCallDriver -> [0xfffffa80041a0e40]
19:54:34.935 5 ACPI.sys[fffff88000f3b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa80041eb060]
19:54:34.950 Scan finished successfully
19:55:22.827 Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\Trojaner Prüfung\MBR.dat"
19:55:22.842 The log file has been saved successfully to "C:\Users\***\Desktop\Trojaner Prüfung\aswMBR.txt"
|
|
16.02.2013, 20:06
| #13 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HTTP und TCP Request zur IP 174.35.7.4Zitat:
Um das zu tun musst du den TDSS-Killer neu starten und einen neuen Scan machen. Wenn du danach die Ergebnisse siehst, stellst du bitte diesen Eintrag auf CURE bzw. DELETE (je nachdem was dir angeboten wird, alle anderen bitte auf SKIP lassen! ) und klickst dann unten rechts auf continue Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2013, 20:18
| #14 |
| | HTTP und TCP Request zur IP 174.35.7.4Code:
ATTFilter 20:15:04.0055 5040 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:15:04.0198 5040 ============================================================
20:15:04.0198 5040 Current date / time: 2013/02/16 20:15:04.0198
20:15:04.0198 5040 SystemInfo:
20:15:04.0198 5040
20:15:04.0198 5040 OS Version: 6.1.7601 ServicePack: 1.0
20:15:04.0198 5040 Product type: Workstation
20:15:04.0199 5040 ComputerName: ***-PC
20:15:04.0199 5040 UserName: ***
20:15:04.0199 5040 Windows directory: C:\Windows
20:15:04.0199 5040 System windows directory: C:\Windows
20:15:04.0199 5040 Running under WOW64
20:15:04.0199 5040 Processor architecture: Intel x64
20:15:04.0199 5040 Number of processors: 2
20:15:04.0199 5040 Page size: 0x1000
20:15:04.0199 5040 Boot type: Normal boot
20:15:04.0199 5040 ============================================================
20:15:06.0028 5040 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:15:06.0033 5040 ============================================================
20:15:06.0033 5040 \Device\Harddisk0\DR0:
20:15:06.0033 5040 MBR partitions:
20:15:06.0033 5040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
20:15:06.0048 5040 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x2E035936
20:15:06.0048 5040 ============================================================
20:15:06.0085 5040 C: <-> \Device\Harddisk0\DR0\Partition1
20:15:06.0115 5040 D: <-> \Device\Harddisk0\DR0\Partition2
20:15:06.0115 5040 ============================================================
20:15:06.0115 5040 Initialize success
20:15:06.0115 5040 ============================================================
20:15:14.0869 4236 ============================================================
20:15:14.0869 4236 Scan started
20:15:14.0869 4236 Mode: Manual; SigCheck; TDLFS;
20:15:14.0869 4236 ============================================================
20:15:16.0092 4236 ================ Scan system memory ========================
20:15:16.0092 4236 System memory - ok
20:15:16.0093 4236 ================ Scan services =============================
20:15:16.0221 4236 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:15:16.0289 4236 1394ohci - ok
20:15:16.0323 4236 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:15:16.0341 4236 ACPI - ok
20:15:16.0351 4236 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:15:16.0386 4236 AcpiPmi - ok
20:15:16.0449 4236 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:15:16.0461 4236 AdobeARMservice - ok
20:15:16.0504 4236 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:15:16.0526 4236 adp94xx - ok
20:15:16.0542 4236 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:15:16.0559 4236 adpahci - ok
20:15:16.0572 4236 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:15:16.0587 4236 adpu320 - ok
20:15:16.0614 4236 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:15:16.0654 4236 AeLookupSvc - ok
20:15:16.0691 4236 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:15:16.0734 4236 AFD - ok
20:15:16.0758 4236 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:15:16.0771 4236 agp440 - ok
20:15:16.0790 4236 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:15:16.0823 4236 ALG - ok
20:15:16.0840 4236 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:15:16.0852 4236 aliide - ok
20:15:16.0868 4236 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:15:16.0881 4236 amdide - ok
20:15:16.0891 4236 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:15:16.0916 4236 AmdK8 - ok
20:15:16.0920 4236 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:15:16.0943 4236 AmdPPM - ok
20:15:16.0967 4236 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:15:16.0981 4236 amdsata - ok
20:15:16.0995 4236 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:15:17.0010 4236 amdsbs - ok
20:15:17.0036 4236 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:15:17.0047 4236 amdxata - ok
20:15:17.0082 4236 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
20:15:17.0115 4236 androidusb - ok
20:15:17.0150 4236 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:15:17.0192 4236 AppID - ok
20:15:17.0199 4236 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:15:17.0235 4236 AppIDSvc - ok
20:15:17.0258 4236 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:15:17.0298 4236 Appinfo - ok
20:15:17.0431 4236 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:15:17.0442 4236 Apple Mobile Device - ok
20:15:17.0478 4236 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
20:15:17.0506 4236 AppMgmt - ok
20:15:17.0531 4236 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:15:17.0545 4236 arc - ok
20:15:17.0569 4236 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:15:17.0582 4236 arcsas - ok
20:15:17.0670 4236 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:15:17.0732 4236 aspnet_state - ok
20:15:17.0753 4236 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:15:17.0764 4236 aswFsBlk - ok
20:15:17.0803 4236 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:15:17.0814 4236 aswMonFlt - ok
20:15:17.0832 4236 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:15:17.0843 4236 aswRdr - ok
20:15:17.0903 4236 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:15:17.0925 4236 aswSnx - ok
20:15:17.0943 4236 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:15:17.0958 4236 aswSP - ok
20:15:17.0974 4236 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:15:17.0985 4236 aswTdi - ok
20:15:18.0005 4236 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:18.0052 4236 AsyncMac - ok
20:15:18.0065 4236 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:15:18.0077 4236 atapi - ok
20:15:18.0105 4236 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
20:15:18.0120 4236 atksgt - ok
20:15:18.0155 4236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:15:18.0218 4236 AudioEndpointBuilder - ok
20:15:18.0228 4236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:15:18.0264 4236 AudioSrv - ok
20:15:18.0360 4236 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:15:18.0371 4236 avast! Antivirus - ok
20:15:18.0389 4236 [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
20:15:18.0408 4236 avmaudio - ok
20:15:18.0442 4236 [ 6A300AD0E23A155B2C3A7FAB0D4AABD1 ] avmaura C:\Windows\system32\DRIVERS\avmaura.sys
20:15:18.0470 4236 avmaura - ok
20:15:18.0499 4236 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:15:18.0529 4236 AxInstSV - ok
20:15:18.0572 4236 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:15:18.0604 4236 b06bdrv - ok
20:15:18.0639 4236 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:15:18.0672 4236 b57nd60a - ok
20:15:18.0691 4236 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:15:18.0714 4236 BDESVC - ok
20:15:18.0727 4236 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:15:18.0769 4236 Beep - ok
20:15:18.0804 4236 [ C895B9AA6EE9DBDE5D98684425A14647 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
20:15:18.0833 4236 BEService ( UnsignedFile.Multi.Generic ) - warning
20:15:18.0833 4236 BEService - detected UnsignedFile.Multi.Generic (1)
20:15:18.0897 4236 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:15:18.0942 4236 BFE - ok
20:15:18.0962 4236 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
20:15:19.0044 4236 BITS - ok
20:15:19.0064 4236 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:15:19.0086 4236 blbdrive - ok
20:15:19.0149 4236 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:15:19.0166 4236 Bonjour Service - ok
20:15:19.0188 4236 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:15:19.0202 4236 bowser - ok
20:15:19.0231 4236 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:15:19.0266 4236 BrFiltLo - ok
20:15:19.0269 4236 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:15:19.0284 4236 BrFiltUp - ok
20:15:19.0357 4236 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:15:19.0398 4236 BridgeMP - ok
20:15:19.0433 4236 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:15:19.0448 4236 Browser - ok
20:15:19.0466 4236 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:15:19.0496 4236 Brserid - ok
20:15:19.0500 4236 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:15:19.0520 4236 BrSerWdm - ok
20:15:19.0524 4236 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:15:19.0566 4236 BrUsbMdm - ok
20:15:19.0570 4236 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:15:19.0584 4236 BrUsbSer - ok
20:15:19.0588 4236 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:15:19.0615 4236 BTHMODEM - ok
20:15:19.0641 4236 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:15:19.0682 4236 bthserv - ok
20:15:19.0691 4236 catchme - ok
20:15:19.0705 4236 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:15:19.0743 4236 cdfs - ok
20:15:19.0778 4236 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:15:19.0804 4236 cdrom - ok
20:15:19.0819 4236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:15:19.0873 4236 CertPropSvc - ok
20:15:19.0889 4236 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:15:19.0906 4236 circlass - ok
20:15:19.0937 4236 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:15:19.0955 4236 CLFS - ok
20:15:19.0997 4236 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:20.0011 4236 clr_optimization_v2.0.50727_32 - ok
20:15:20.0042 4236 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:15:20.0055 4236 clr_optimization_v2.0.50727_64 - ok
20:15:20.0102 4236 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:15:20.0210 4236 clr_optimization_v4.0.30319_32 - ok
20:15:20.0225 4236 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:15:20.0259 4236 clr_optimization_v4.0.30319_64 - ok
20:15:20.0276 4236 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:15:20.0297 4236 CmBatt - ok
20:15:20.0315 4236 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:15:20.0327 4236 cmdide - ok
20:15:20.0367 4236 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
20:15:20.0393 4236 CNG - ok
20:15:20.0403 4236 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:15:20.0415 4236 Compbatt - ok
20:15:20.0447 4236 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:15:20.0474 4236 CompositeBus - ok
20:15:20.0487 4236 COMSysApp - ok
20:15:20.0538 4236 cpuz135 - ok
20:15:20.0554 4236 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:15:20.0566 4236 crcdisk - ok
20:15:20.0613 4236 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:15:20.0637 4236 CryptSvc - ok
20:15:20.0667 4236 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
20:15:20.0701 4236 CSC - ok
20:15:20.0735 4236 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
20:15:20.0773 4236 CscService - ok
20:15:20.0802 4236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:15:20.0855 4236 DcomLaunch - ok
20:15:20.0891 4236 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:15:20.0935 4236 defragsvc - ok
20:15:20.0971 4236 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:15:21.0011 4236 DfsC - ok
20:15:21.0051 4236 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:15:21.0064 4236 dg_ssudbus - ok
20:15:21.0094 4236 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:15:21.0119 4236 Dhcp - ok
20:15:21.0140 4236 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:15:21.0172 4236 discache - ok
20:15:21.0203 4236 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:15:21.0215 4236 Disk - ok
20:15:21.0238 4236 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:15:21.0269 4236 Dnscache - ok
20:15:21.0299 4236 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:15:21.0342 4236 dot3svc - ok
20:15:21.0354 4236 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:15:21.0399 4236 DPS - ok
20:15:21.0426 4236 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:15:21.0457 4236 drmkaud - ok
20:15:21.0503 4236 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:15:21.0515 4236 dtsoftbus01 - ok
20:15:21.0549 4236 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:15:21.0572 4236 DXGKrnl - ok
20:15:21.0601 4236 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:15:21.0654 4236 EapHost - ok
20:15:21.0727 4236 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:15:21.0822 4236 ebdrv - ok
20:15:21.0847 4236 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:15:21.0876 4236 EFS - ok
20:15:21.0915 4236 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:15:21.0969 4236 ehRecvr - ok
20:15:21.0982 4236 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:15:22.0000 4236 ehSched - ok
20:15:22.0032 4236 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:15:22.0060 4236 elxstor - ok
20:15:22.0074 4236 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:15:22.0101 4236 ErrDev - ok
20:15:22.0123 4236 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:15:22.0179 4236 EventSystem - ok
20:15:22.0184 4236 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:15:22.0236 4236 exfat - ok
20:15:22.0253 4236 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:15:22.0294 4236 fastfat - ok
20:15:22.0329 4236 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:15:22.0363 4236 Fax - ok
20:15:22.0375 4236 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:15:22.0388 4236 fdc - ok
20:15:22.0392 4236 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:15:22.0429 4236 fdPHost - ok
20:15:22.0439 4236 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:15:22.0472 4236 FDResPub - ok
20:15:22.0477 4236 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:15:22.0489 4236 FileInfo - ok
20:15:22.0492 4236 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:15:22.0536 4236 Filetrace - ok
20:15:22.0554 4236 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:22.0573 4236 flpydisk - ok
20:15:22.0580 4236 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:15:22.0595 4236 FltMgr - ok
20:15:22.0632 4236 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:15:22.0679 4236 FontCache - ok
20:15:22.0705 4236 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:15:22.0716 4236 FontCache3.0.0.0 - ok
20:15:22.0734 4236 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:15:22.0747 4236 FsDepends - ok
20:15:22.0769 4236 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:15:22.0781 4236 Fs_Rec - ok
20:15:22.0850 4236 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
20:15:22.0862 4236 Futuremark SystemInfo Service - ok
20:15:22.0903 4236 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:15:22.0921 4236 fvevol - ok
20:15:22.0942 4236 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:15:22.0955 4236 gagp30kx - ok
20:15:22.0986 4236 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:15:23.0040 4236 gpsvc - ok
20:15:23.0058 4236 [ D5FA01185A7D5A65724FD87B34E53F5B ] hcmon C:\Windows\system32\drivers\hcmon.sys
20:15:23.0070 4236 hcmon - ok
20:15:23.0084 4236 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:15:23.0098 4236 hcw85cir - ok
20:15:23.0130 4236 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:15:23.0151 4236 HdAudAddService - ok
20:15:23.0174 4236 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:15:23.0194 4236 HDAudBus - ok
20:15:23.0198 4236 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:15:23.0217 4236 HidBatt - ok
20:15:23.0222 4236 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:15:23.0238 4236 HidBth - ok
20:15:23.0251 4236 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:15:23.0278 4236 HidIr - ok
20:15:23.0299 4236 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
20:15:23.0340 4236 hidserv - ok
20:15:23.0370 4236 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:15:23.0392 4236 HidUsb - ok
20:15:23.0409 4236 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:15:23.0442 4236 hkmsvc - ok
20:15:23.0467 4236 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:15:23.0499 4236 HomeGroupListener - ok
20:15:23.0520 4236 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:15:23.0549 4236 HomeGroupProvider - ok
20:15:23.0585 4236 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:15:23.0598 4236 HpSAMD - ok
20:15:23.0641 4236 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:15:23.0694 4236 HTTP - ok
20:15:23.0704 4236 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:15:23.0715 4236 hwpolicy - ok
20:15:23.0723 4236 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:15:23.0737 4236 i8042prt - ok
20:15:23.0762 4236 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:15:23.0781 4236 iaStorV - ok
20:15:23.0814 4236 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:15:23.0868 4236 idsvc - ok
20:15:23.0895 4236 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:15:23.0907 4236 iirsp - ok
20:15:23.0931 4236 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:15:23.0996 4236 IKEEXT - ok
20:15:24.0012 4236 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:15:24.0024 4236 intelide - ok
20:15:24.0038 4236 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:15:24.0051 4236 intelppm - ok
20:15:24.0077 4236 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:15:24.0117 4236 IPBusEnum - ok
20:15:24.0171 4236 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:24.0209 4236 IpFilterDriver - ok
20:15:24.0298 4236 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:15:24.0337 4236 iphlpsvc - ok
20:15:24.0356 4236 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:15:24.0370 4236 IPMIDRV - ok
20:15:24.0381 4236 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:15:24.0422 4236 IPNAT - ok
20:15:24.0445 4236 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:15:24.0466 4236 IRENUM - ok
20:15:24.0476 4236 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:15:24.0488 4236 isapnp - ok
20:15:24.0504 4236 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:15:24.0521 4236 iScsiPrt - ok
20:15:24.0545 4236 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:15:24.0556 4236 kbdclass - ok
20:15:24.0570 4236 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:15:24.0584 4236 kbdhid - ok
20:15:24.0602 4236 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:15:24.0616 4236 KeyIso - ok
20:15:24.0641 4236 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:15:24.0654 4236 KSecDD - ok
20:15:24.0678 4236 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:15:24.0691 4236 KSecPkg - ok
20:15:24.0707 4236 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:15:24.0739 4236 ksthunk - ok
20:15:24.0767 4236 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:15:24.0817 4236 KtmRm - ok
20:15:24.0852 4236 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:15:24.0890 4236 LanmanServer - ok
20:15:24.0912 4236 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:15:24.0950 4236 LanmanWorkstation - ok
20:15:24.0995 4236 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:15:25.0007 4236 LHidFilt - ok
20:15:25.0042 4236 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
20:15:25.0052 4236 lirsgt - ok
20:15:25.0069 4236 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:15:25.0110 4236 lltdio - ok
20:15:25.0136 4236 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:15:25.0185 4236 lltdsvc - ok
20:15:25.0198 4236 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:15:25.0230 4236 lmhosts - ok
20:15:25.0244 4236 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:15:25.0258 4236 LMouFilt - ok
20:15:25.0284 4236 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:15:25.0298 4236 LSI_FC - ok
20:15:25.0302 4236 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:15:25.0316 4236 LSI_SAS - ok
20:15:25.0329 4236 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:15:25.0342 4236 LSI_SAS2 - ok
20:15:25.0346 4236 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:15:25.0360 4236 LSI_SCSI - ok
20:15:25.0393 4236 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:15:25.0433 4236 luafv - ok
20:15:25.0456 4236 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
20:15:25.0481 4236 ManyCam - ok
20:15:25.0528 4236 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:15:25.0539 4236 MBAMProtector - ok
20:15:25.0780 4236 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:15:25.0796 4236 MBAMScheduler - ok
20:15:25.0954 4236 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
20:15:25.0993 4236 MBAMService - ok
20:15:26.0029 4236 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
20:15:26.0056 4236 mcaudrv_simple - ok
20:15:26.0081 4236 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:15:26.0113 4236 Mcx2Svc - ok
20:15:26.0122 4236 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:15:26.0135 4236 megasas - ok
20:15:26.0155 4236 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:15:26.0172 4236 MegaSR - ok
20:15:26.0620 4236 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
20:15:26.0659 4236 Microsoft Office Groove Audit Service - ok
20:15:26.0698 4236 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:15:26.0740 4236 MMCSS - ok
20:15:26.0753 4236 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:15:26.0803 4236 Modem - ok
20:15:26.0829 4236 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:15:26.0861 4236 monitor - ok
20:15:26.0888 4236 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:15:26.0900 4236 mouclass - ok
20:15:26.0916 4236 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:15:26.0929 4236 mouhid - ok
20:15:26.0954 4236 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:15:26.0967 4236 mountmgr - ok
20:15:27.0002 4236 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:15:27.0017 4236 mpio - ok
20:15:27.0029 4236 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:15:27.0061 4236 mpsdrv - ok
20:15:27.0104 4236 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:15:27.0186 4236 MpsSvc - ok
20:15:27.0202 4236 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:15:27.0221 4236 MRxDAV - ok
20:15:27.0253 4236 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:27.0291 4236 mrxsmb - ok
20:15:27.0316 4236 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:27.0337 4236 mrxsmb10 - ok
20:15:27.0342 4236 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:27.0372 4236 mrxsmb20 - ok
20:15:27.0401 4236 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:15:27.0415 4236 msahci - ok
20:15:27.0424 4236 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:15:27.0438 4236 msdsm - ok
20:15:27.0465 4236 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:15:27.0490 4236 MSDTC - ok
20:15:27.0510 4236 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:15:27.0542 4236 Msfs - ok
20:15:27.0552 4236 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:15:27.0594 4236 mshidkmdf - ok
20:15:27.0598 4236 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:15:27.0610 4236 msisadrv - ok
20:15:27.0647 4236 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:15:27.0688 4236 MSiSCSI - ok
20:15:27.0692 4236 msiserver - ok
20:15:27.0708 4236 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:15:27.0753 4236 MSKSSRV - ok
20:15:27.0768 4236 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:27.0814 4236 MSPCLOCK - ok
20:15:27.0826 4236 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:15:27.0869 4236 MSPQM - ok
20:15:27.0899 4236 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:15:27.0926 4236 MsRPC - ok
20:15:27.0944 4236 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:15:27.0956 4236 mssmbios - ok
20:15:28.0022 4236 MSSQL$SQLEXPRESS - ok
20:15:28.0052 4236 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:15:28.0091 4236 MSSQLServerADHelper100 - ok
20:15:28.0104 4236 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:15:28.0147 4236 MSTEE - ok
20:15:28.0157 4236 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:15:28.0179 4236 MTConfig - ok
20:15:28.0199 4236 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:15:28.0212 4236 Mup - ok
20:15:28.0270 4236 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:15:28.0344 4236 napagent - ok
20:15:28.0371 4236 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:15:28.0402 4236 NativeWifiP - ok
20:15:28.0455 4236 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:15:28.0501 4236 NDIS - ok
20:15:28.0515 4236 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:15:28.0548 4236 NdisCap - ok
20:15:28.0565 4236 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:28.0600 4236 NdisTapi - ok
20:15:28.0616 4236 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:28.0648 4236 Ndisuio - ok
20:15:28.0664 4236 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:28.0719 4236 NdisWan - ok
20:15:28.0759 4236 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:15:28.0822 4236 NDProxy - ok
20:15:28.0837 4236 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:15:28.0879 4236 NetBIOS - ok
20:15:28.0890 4236 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:15:28.0932 4236 NetBT - ok
20:15:28.0950 4236 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:15:28.0964 4236 Netlogon - ok
20:15:29.0006 4236 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:15:29.0053 4236 Netman - ok
20:15:29.0073 4236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:15:29.0109 4236 NetMsmqActivator - ok
20:15:29.0113 4236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:15:29.0124 4236 NetPipeActivator - ok
20:15:29.0146 4236 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:15:29.0201 4236 netprofm - ok
20:15:29.0206 4236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:15:29.0216 4236 NetTcpActivator - ok
20:15:29.0220 4236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:15:29.0231 4236 NetTcpPortSharing - ok
20:15:29.0249 4236 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:15:29.0262 4236 nfrd960 - ok
20:15:29.0296 4236 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:15:29.0330 4236 NlaSvc - ok
20:15:29.0377 4236 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
20:15:29.0386 4236 NPF - ok
20:15:29.0394 4236 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:15:29.0427 4236 Npfs - ok
20:15:29.0455 4236 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:15:29.0500 4236 nsi - ok
20:15:29.0529 4236 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:15:29.0567 4236 nsiproxy - ok
20:15:29.0960 4236 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:15:30.0007 4236 Ntfs - ok
20:15:30.0022 4236 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:15:30.0067 4236 Null - ok
20:15:30.0120 4236 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:15:30.0133 4236 NVHDA - ok
20:15:31.0203 4236 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:15:31.0350 4236 nvlddmkm - ok
20:15:31.0459 4236 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:15:31.0501 4236 nvraid - ok
20:15:31.0561 4236 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:15:31.0577 4236 nvstor - ok
20:15:31.0632 4236 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:15:31.0675 4236 nvsvc - ok
20:15:31.0808 4236 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:15:31.0834 4236 nvUpdatusService - ok
20:15:31.0882 4236 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:15:31.0896 4236 nv_agp - ok
20:15:32.0129 4236 [ 1A128004775CA3E04FDB315563459D3B ] NWSAPAutoWorkstationUpdateSvc C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
20:15:32.0139 4236 NWSAPAutoWorkstationUpdateSvc - ok
20:15:32.0363 4236 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:15:32.0381 4236 odserv - ok
20:15:32.0413 4236 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:15:32.0436 4236 ohci1394 - ok
20:15:32.0762 4236 [ 6AAF515829C68C2CC52994FBD32D3F6C ] OODefragAgent D:\Programme\OO Software\Defrag\oodag.exe
20:15:32.0810 4236 OODefragAgent - ok
20:15:32.0839 4236 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:15:32.0852 4236 ose - ok
20:15:32.0875 4236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:15:32.0901 4236 p2pimsvc - ok
20:15:32.0917 4236 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:15:32.0945 4236 p2psvc - ok
20:15:32.0975 4236 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:15:32.0989 4236 Parport - ok
20:15:33.0013 4236 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:15:33.0025 4236 partmgr - ok
20:15:33.0043 4236 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:15:33.0066 4236 PcaSvc - ok
20:15:33.0083 4236 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:15:33.0097 4236 pci - ok
20:15:33.0106 4236 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:15:33.0117 4236 pciide - ok
20:15:33.0134 4236 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:15:33.0150 4236 pcmcia - ok
20:15:33.0154 4236 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:15:33.0166 4236 pcw - ok
20:15:33.0190 4236 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:15:33.0247 4236 PEAUTH - ok
20:15:33.0297 4236 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:15:33.0356 4236 PeerDistSvc - ok
20:15:33.0419 4236 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:15:33.0446 4236 PerfHost - ok
20:15:33.0512 4236 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:15:33.0587 4236 pla - ok
20:15:33.0618 4236 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:15:33.0646 4236 PlugPlay - ok
20:15:33.0675 4236 PnkBstrA - ok
20:15:33.0686 4236 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:15:33.0710 4236 PNRPAutoReg - ok
20:15:33.0730 4236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:15:33.0747 4236 PNRPsvc - ok
20:15:33.0769 4236 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:15:33.0814 4236 PolicyAgent - ok
20:15:33.0838 4236 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:15:33.0880 4236 Power - ok
20:15:33.0907 4236 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:15:33.0939 4236 PptpMiniport - ok
20:15:33.0965 4236 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:15:33.0987 4236 Processor - ok
20:15:34.0024 4236 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:15:34.0054 4236 ProfSvc - ok
20:15:34.0071 4236 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:15:34.0085 4236 ProtectedStorage - ok
20:15:34.0129 4236 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:15:34.0184 4236 ql2300 - ok
20:15:34.0194 4236 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:15:34.0208 4236 ql40xx - ok
20:15:34.0214 4236 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:15:34.0246 4236 QWAVE - ok
20:15:34.0257 4236 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:15:34.0280 4236 QWAVEdrv - ok
20:15:34.0289 4236 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:15:34.0321 4236 RasAcd - ok
20:15:34.0348 4236 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:15:34.0381 4236 RasAgileVpn - ok
20:15:34.0385 4236 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:15:34.0430 4236 RasAuto - ok
20:15:34.0448 4236 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:15:34.0487 4236 Rasl2tp - ok
20:15:34.0505 4236 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:15:34.0550 4236 RasMan - ok
20:15:34.0562 4236 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:15:34.0599 4236 RasPppoe - ok
20:15:34.0604 4236 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:15:34.0642 4236 RasSstp - ok
20:15:34.0655 4236 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:15:34.0692 4236 rdbss - ok
20:15:34.0696 4236 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:15:34.0717 4236 rdpbus - ok
20:15:34.0729 4236 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:15:34.0762 4236 RDPCDD - ok
20:15:34.0788 4236 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:15:34.0803 4236 RDPDR - ok
20:15:34.0818 4236 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:15:34.0859 4236 RDPENCDD - ok
20:15:34.0864 4236 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:15:34.0896 4236 RDPREFMP - ok
20:15:34.0930 4236 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:15:34.0956 4236 RdpVideoMiniport - ok
20:15:34.0986 4236 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:15:35.0002 4236 RDPWD - ok
20:15:35.0037 4236 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:15:35.0052 4236 rdyboost - ok
20:15:35.0077 4236 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:15:35.0118 4236 RemoteAccess - ok
20:15:35.0134 4236 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:15:35.0182 4236 RemoteRegistry - ok
20:15:35.0191 4236 RivaTuner64 - ok
20:15:35.0229 4236 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
20:15:35.0242 4236 rpcapd - ok
20:15:35.0260 4236 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:15:35.0303 4236 RpcEptMapper - ok
20:15:35.0312 4236 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:15:35.0342 4236 RpcLocator - ok
20:15:35.0375 4236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:15:35.0413 4236 RpcSs - ok
20:15:35.0449 4236 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
20:15:35.0465 4236 RsFx0103 - ok
20:15:35.0488 4236 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:15:35.0529 4236 rspndr - ok
20:15:35.0563 4236 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:15:35.0579 4236 RTL8167 - ok
20:15:35.0603 4236 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:15:35.0616 4236 s3cap - ok
20:15:35.0631 4236 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:15:35.0645 4236 SamSs - ok
20:15:35.0661 4236 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:15:35.0675 4236 sbp2port - ok
20:15:35.0682 4236 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:15:35.0718 4236 SCardSvr - ok
20:15:35.0733 4236 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:15:35.0776 4236 scfilter - ok
20:15:35.0813 4236 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:15:35.0872 4236 Schedule - ok
20:15:35.0891 4236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:15:35.0922 4236 SCPolicySvc - ok
20:15:35.0951 4236 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:15:35.0974 4236 SDRSVC - ok
20:15:35.0994 4236 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:15:36.0025 4236 secdrv - ok
20:15:36.0040 4236 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:15:36.0078 4236 seclogon - ok
20:15:36.0093 4236 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
20:15:36.0152 4236 SENS - ok
20:15:36.0157 4236 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:15:36.0189 4236 SensrSvc - ok
20:15:36.0218 4236 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:15:36.0231 4236 Serenum - ok
20:15:36.0238 4236 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:15:36.0259 4236 Serial - ok
20:15:36.0272 4236 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:15:36.0298 4236 sermouse - ok
20:15:36.0319 4236 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:15:36.0364 4236 SessionEnv - ok
20:15:36.0384 4236 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:15:36.0415 4236 sffdisk - ok
20:15:36.0430 4236 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:15:36.0455 4236 sffp_mmc - ok
20:15:36.0467 4236 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:15:36.0491 4236 sffp_sd - ok
20:15:36.0505 4236 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:15:36.0518 4236 sfloppy - ok
20:15:36.0532 4236 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:15:36.0577 4236 SharedAccess - ok
20:15:36.0602 4236 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:15:36.0642 4236 ShellHWDetection - ok
20:15:36.0657 4236 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:15:36.0670 4236 SiSRaid2 - ok
20:15:36.0678 4236 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:15:36.0692 4236 SiSRaid4 - ok
20:15:36.0754 4236 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:15:36.0765 4236 SkypeUpdate - ok
20:15:36.0786 4236 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:15:36.0824 4236 Smb - ok
20:15:36.0868 4236 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:15:36.0884 4236 SNMPTRAP - ok
20:15:36.0895 4236 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:15:36.0907 4236 spldr - ok
20:15:36.0937 4236 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:15:36.0987 4236 Spooler - ok
20:15:37.0070 4236 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:15:37.0160 4236 sppsvc - ok
20:15:37.0174 4236 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:15:37.0209 4236 sppuinotify - ok
20:15:37.0314 4236 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:15:37.0332 4236 SQLAgent$SQLEXPRESS - ok
20:15:37.0377 4236 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:15:37.0392 4236 SQLBrowser - ok
20:15:37.0406 4236 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:15:37.0418 4236 SQLWriter - ok
20:15:37.0438 4236 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:15:37.0468 4236 srv - ok
20:15:37.0488 4236 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:15:37.0519 4236 srv2 - ok
20:15:37.0541 4236 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:15:37.0562 4236 srvnet - ok
20:15:37.0592 4236 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:15:37.0617 4236 ssadbus - ok
20:15:37.0656 4236 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:15:37.0670 4236 ssadmdfl - ok
20:15:37.0705 4236 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:15:37.0735 4236 ssadmdm - ok
20:15:37.0761 4236 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
20:15:37.0774 4236 sscdbus - ok
20:15:37.0815 4236 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
20:15:37.0825 4236 sscdmdfl - ok
20:15:37.0857 4236 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
20:15:37.0870 4236 sscdmdm - ok
20:15:37.0913 4236 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:15:37.0957 4236 SSDPSRV - ok
20:15:37.0965 4236 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:15:38.0006 4236 SstpSvc - ok
20:15:38.0042 4236 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:15:38.0056 4236 ssudmdm - ok
20:15:38.0080 4236 Steam Client Service - ok
20:15:38.0171 4236 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:15:38.0188 4236 Stereo Service - ok
20:15:38.0208 4236 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:15:38.0221 4236 stexstor - ok
20:15:38.0253 4236 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:15:38.0287 4236 stisvc - ok
20:15:38.0304 4236 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:15:38.0316 4236 storflt - ok
20:15:38.0330 4236 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
20:15:38.0356 4236 StorSvc - ok
20:15:38.0370 4236 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:15:38.0382 4236 storvsc - ok
20:15:38.0390 4236 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:15:38.0402 4236 swenum - ok
20:15:38.0417 4236 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:15:38.0464 4236 swprv - ok
20:15:38.0513 4236 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:15:38.0578 4236 SysMain - ok
20:15:38.0588 4236 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:15:38.0618 4236 TabletInputService - ok
20:15:38.0649 4236 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
20:15:38.0669 4236 tap0901t ( UnsignedFile.Multi.Generic ) - warning
20:15:38.0670 4236 tap0901t - detected UnsignedFile.Multi.Generic (1)
20:15:38.0676 4236 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:15:38.0723 4236 TapiSrv - ok
20:15:38.0736 4236 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:15:38.0777 4236 TBS - ok
20:15:39.0116 4236 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:15:39.0172 4236 Tcpip - ok
20:15:39.0203 4236 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:15:39.0237 4236 TCPIP6 - ok
20:15:39.0258 4236 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:15:39.0278 4236 tcpipreg - ok
20:15:39.0298 4236 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:15:39.0322 4236 TDPIPE - ok
20:15:39.0356 4236 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:15:39.0384 4236 TDTCP - ok
20:15:39.0412 4236 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:15:39.0478 4236 tdx - ok
20:15:39.0520 4236 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:15:39.0532 4236 TermDD - ok
20:15:39.0585 4236 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:15:39.0692 4236 TermService - ok
20:15:39.0707 4236 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:15:39.0736 4236 Themes - ok
20:15:39.0760 4236 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:15:39.0793 4236 THREADORDER - ok
20:15:39.0807 4236 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:15:39.0854 4236 TrkWks - ok
20:15:39.0886 4236 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:15:39.0924 4236 TrustedInstaller - ok
20:15:39.0939 4236 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:15:39.0971 4236 tssecsrv - ok
20:15:39.0998 4236 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:15:40.0023 4236 TsUsbFlt - ok
20:15:40.0053 4236 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:15:40.0086 4236 tunnel - ok
20:15:40.0173 4236 [ 7A34128510EEB13CF8583531C8FB081C ] TunngleService D:\Programme\Tunngle\TnglCtrl.exe
20:15:40.0229 4236 TunngleService ( UnsignedFile.Multi.Generic ) - warning
20:15:40.0230 4236 TunngleService - detected UnsignedFile.Multi.Generic (1)
20:15:40.0249 4236 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:15:40.0262 4236 uagp35 - ok
20:15:40.0282 4236 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:15:40.0326 4236 udfs - ok
20:15:40.0354 4236 ufad-ws60 - ok
20:15:40.0374 4236 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:15:40.0398 4236 UI0Detect - ok
20:15:40.0424 4236 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:15:40.0438 4236 uliagpkx - ok
20:15:40.0469 4236 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:15:40.0484 4236 umbus - ok
20:15:40.0500 4236 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:15:40.0520 4236 UmPass - ok
20:15:40.0531 4236 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
20:15:40.0549 4236 UmRdpService - ok
20:15:40.0564 4236 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:15:40.0607 4236 upnphost - ok
20:15:40.0639 4236 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:15:40.0652 4236 USBAAPL64 - ok
20:15:40.0684 4236 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:15:40.0701 4236 usbaudio - ok
20:15:40.0713 4236 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:15:40.0727 4236 usbccgp - ok
20:15:40.0752 4236 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:15:40.0768 4236 usbcir - ok
20:15:40.0798 4236 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:15:40.0821 4236 usbehci - ok
20:15:40.0844 4236 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:15:40.0871 4236 usbhub - ok
20:15:40.0882 4236 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:15:40.0906 4236 usbohci - ok
20:15:40.0915 4236 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:15:40.0931 4236 usbprint - ok
20:15:40.0950 4236 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:15:40.0964 4236 USBSTOR - ok
20:15:40.0976 4236 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:15:40.0994 4236 usbuhci - ok
20:15:41.0024 4236 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:15:41.0050 4236 usbvideo - ok
20:15:41.0064 4236 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:15:41.0112 4236 UxSms - ok
20:15:41.0125 4236 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:15:41.0138 4236 VaultSvc - ok
20:15:41.0159 4236 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:15:41.0171 4236 vdrvroot - ok
20:15:41.0199 4236 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:15:41.0252 4236 vds - ok
20:15:41.0266 4236 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:15:41.0281 4236 vga - ok
20:15:41.0291 4236 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:15:41.0333 4236 VgaSave - ok
20:15:41.0355 4236 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:15:41.0371 4236 vhdmp - ok
20:15:41.0383 4236 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:15:41.0395 4236 viaide - ok
20:15:41.0435 4236 [ 7AC6239C65DADE55DEFD573B98616C3F ] VMAuthdService D:\Programme\VMWare\vmware-authd.exe
20:15:41.0446 4236 VMAuthdService - ok
20:15:41.0471 4236 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:15:41.0486 4236 vmbus - ok
20:15:41.0498 4236 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:15:41.0511 4236 VMBusHID - ok
20:15:41.0534 4236 [ 312AEC23A85424543AF898A59209B479 ] vmci C:\Windows\system32\drivers\vmci.sys
20:15:41.0545 4236 vmci - ok
20:15:41.0565 4236 [ FFC30CAEEB2FC5FEE8568CFF74EDEAED ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
20:15:41.0575 4236 vmkbd - ok
20:15:41.0589 4236 [ 9D54F1339E78C95BF3D9939EBCB66378 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
20:15:41.0599 4236 VMnetAdapter - ok
20:15:41.0603 4236 [ FB54EF3AA613D2832FD3812E7CB2FC75 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
20:15:41.0613 4236 VMnetBridge - ok
20:15:41.0617 4236 VMnetDHCP - ok
20:15:41.0628 4236 [ 56D547BFC3F1619FA82EC9EF5D24E802 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
20:15:41.0638 4236 VMnetuserif - ok
20:15:41.0642 4236 [ EF8B30EE8528E12DAF28069B378C0D8B ] VMparport C:\Windows\system32\drivers\VMparport.sys
20:15:41.0652 4236 VMparport - ok
20:15:41.0678 4236 [ 415B167695C4B5960A13098622EF3D80 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
20:15:41.0689 4236 vmusb - ok
20:15:41.0722 4236 [ 19368F7C4DC6EF444B826249FC8A0E30 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
20:15:41.0737 4236 VMUSBArbService - ok
20:15:41.0742 4236 VMware NAT Service - ok
20:15:41.0747 4236 [ 62CD5A87FDE14701506D4E0DD8F13D2E ] vmx86 C:\Windows\system32\drivers\vmx86.sys
20:15:41.0758 4236 vmx86 - ok
20:15:41.0761 4236 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:15:41.0774 4236 volmgr - ok
20:15:41.0791 4236 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:15:41.0808 4236 volmgrx - ok
20:15:41.0815 4236 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:15:41.0831 4236 volsnap - ok
20:15:41.0860 4236 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:15:41.0875 4236 vsmraid - ok
20:15:42.0037 4236 [ 1928B9CA20F51BFBBAD54D2C2C447B13 ] VSPerfDrv100 D:\Programme\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
20:15:42.0050 4236 VSPerfDrv100 - ok
20:15:42.0110 4236 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:15:42.0186 4236 VSS - ok
20:15:42.0216 4236 [ E61C910E2DDF4797C1B1F9239636E894 ] vstor2-ws60 D:\Programme\VMWare\vstor2-ws60.sys
20:15:42.0226 4236 vstor2-ws60 - ok
20:15:42.0229 4236 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:15:42.0262 4236 vwifibus - ok
20:15:42.0280 4236 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:15:42.0334 4236 W32Time - ok
20:15:42.0353 4236 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:15:42.0373 4236 WacomPen - ok
20:15:42.0391 4236 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:15:42.0427 4236 WANARP - ok
20:15:42.0438 4236 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:15:42.0470 4236 Wanarpv6 - ok
20:15:42.0507 4236 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:15:42.0567 4236 wbengine - ok
20:15:42.0573 4236 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:15:42.0594 4236 WbioSrvc - ok
20:15:42.0607 4236 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:15:42.0631 4236 wcncsvc - ok
20:15:42.0635 4236 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:15:42.0651 4236 WcsPlugInService - ok
20:15:42.0660 4236 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:15:42.0673 4236 Wd - ok
20:15:42.0706 4236 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:15:42.0747 4236 Wdf01000 - ok
20:15:42.0762 4236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:15:42.0788 4236 WdiServiceHost - ok
20:15:42.0791 4236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:15:42.0811 4236 WdiSystemHost - ok
20:15:42.0836 4236 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:15:42.0862 4236 WebClient - ok
20:15:42.0879 4236 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:15:42.0924 4236 Wecsvc - ok
20:15:42.0929 4236 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:15:42.0965 4236 wercplsupport - ok
20:15:42.0976 4236 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:15:43.0020 4236 WerSvc - ok
20:15:43.0031 4236 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:15:43.0063 4236 WfpLwf - ok
20:15:43.0075 4236 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:15:43.0088 4236 WIMMount - ok
20:15:43.0093 4236 WinDefend - ok
20:15:43.0099 4236 WinHttpAutoProxySvc - ok
20:15:43.0146 4236 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:15:43.0181 4236 Winmgmt - ok
20:15:43.0233 4236 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:15:43.0314 4236 WinRM - ok
20:15:43.0336 4236 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:15:43.0365 4236 WinUsb - ok
20:15:43.0389 4236 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:15:43.0457 4236 Wlansvc - ok
20:15:43.0532 4236 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:15:43.0569 4236 wlidsvc - ok
20:15:43.0592 4236 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:15:43.0606 4236 WmiAcpi - ok
20:15:43.0613 4236 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:15:43.0641 4236 wmiApSrv - ok
20:15:43.0658 4236 WMPNetworkSvc - ok
20:15:43.0662 4236 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:15:43.0678 4236 WPCSvc - ok
20:15:43.0699 4236 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:15:43.0717 4236 WPDBusEnum - ok
20:15:43.0744 4236 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:15:43.0780 4236 ws2ifsl - ok
20:15:43.0784 4236 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
20:15:43.0809 4236 wscsvc - ok
20:15:43.0812 4236 WSearch - ok
20:15:43.0883 4236 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:15:43.0963 4236 wuauserv - ok
20:15:43.0996 4236 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:15:44.0023 4236 WudfPf - ok
20:15:44.0066 4236 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:15:44.0096 4236 WUDFRd - ok
20:15:44.0119 4236 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:15:44.0147 4236 wudfsvc - ok
20:15:44.0164 4236 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:15:44.0191 4236 WwanSvc - ok
20:15:44.0209 4236 ================ Scan global ===============================
20:15:44.0226 4236 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:15:44.0262 4236 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:15:44.0278 4236 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:15:44.0307 4236 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:15:44.0329 4236 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:15:44.0336 4236 [Global] - ok
20:15:44.0337 4236 ================ Scan MBR ==================================
20:15:44.0343 4236 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:15:45.0221 4236 \Device\Harddisk0\DR0 - ok
20:15:45.0221 4236 ================ Scan VBR ==================================
20:15:45.0256 4236 [ 59BFD5E60D032AF47E13FDC54466F8B6 ] \Device\Harddisk0\DR0\Partition1
20:15:45.0257 4236 \Device\Harddisk0\DR0\Partition1 - ok
20:15:45.0259 4236 [ BD6CE09BFD40686DC56FB7D112BF745C ] \Device\Harddisk0\DR0\Partition2
20:15:45.0261 4236 \Device\Harddisk0\DR0\Partition2 - ok
20:15:45.0261 4236 ============================================================
20:15:45.0261 4236 Scan finished
20:15:45.0261 4236 ============================================================
20:15:45.0418 4208 Detected object count: 3
20:15:45.0418 4208 Actual detected object count: 3
20:15:51.0709 4208 BEService ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:51.0709 4208 BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:51.0710 4208 tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:51.0710 4208 tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:51.0711 4208 TunngleService ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:51.0711 4208 TunngleService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:53.0705 5028 Deinitialize success
|
|
16.02.2013, 20:21
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HTTP und TCP Request zur IP 174.35.7.4 adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu HTTP und TCP Request zur IP 174.35.7.4 |
| abend, avast, code, eigenartige, google, guten, hoffe, infos, installier, installierte, interessante, längerer, nichts, störungen, system, tcp, tiere, vorgehen, weiteren, wireshark |
Linear-Darstellung
