| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: White Screen beim Starten von Windows 7Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.05.2013, 14:02
| #16 |
| /// Malware-holic   |  White Screen beim Starten von Windows 7 Stick raus, neustarten, von der cd, stick rein, Scannen wie auf seite 1 beschrieben, log ganz normal speichern und auf den usb stick packen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.05.2013, 14:14
| #17 |
 | White Screen beim Starten von Windows 7 Gut endlich Stick gefunden und deinen Text in diese Textbox kopiert. Hab auf Run Scan gemacht... braucht aber schon ne ganze Zeit, öffnet er mit wieder so eine TxT Datei wenn der Scan fertig ist, oder wie stell ich fest, das der Scan gelaufen ist?
__________________Jetzt kommt OPLPE Out of memory |
|
08.05.2013, 14:15
| #18 |
| /// Malware-holic | White Screen beim Starten von Windows 7 er öffnet ne textdatei
__________________
__________________ |
|
08.05.2013, 14:22
| #19 |
| | White Screen beim Starten von Windows 7 kann es denn jetzt zum fehler kommen, weil ich vorhin den scan durchgeführt habe ohne deinen Text einzufügen? während des scans hängt er sehr lange bei Manual File Scan - Getting folder structure... dann kommt das fehlerfeld mit Out of memory |
|
08.05.2013, 14:30
| #20 |
| /// Malware-holic | White Screen beim Starten von Windows 7 dann machs ohne script
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.05.2013, 14:31
| #21 |
| | White Screen beim Starten von Windows 7 Es befindet sich unter C:\ kein OTL Ordner sondern nur eine OTL.txt datei, welche aber vom ersten Scan stammen muss der Uhrzeit nach zu urteilen |
|
08.05.2013, 14:45
| #22 |
| /// Malware-holic | White Screen beim Starten von Windows 7 dann poste die halt
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.05.2013, 14:49
| #23 |
| | White Screen beim Starten von Windows 7 Ich boote nochmal von der CD das Desktop und teste es nochmal von vorne, mit Skript, kommt der Fehler mit Skript wieder, führe ich das ganze nochmal ohne Skript durch und poste dir die txt Datei Also mit Skript wieder der gleiche Fehler, lasse den Scan jetzt ohne Skript laufen... OTL Logfile: Code:
ATTFilter OTL logfile created on: 5/8/2013 11:01:48 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107.13 Gb Total Space | 36.55 Gb Free Space | 34.12% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 347.56 Gb Free Space | 74.62% Space Free | Partition Type: NTFS
Drive F: | 506.36 Mb Total Space | 506.35 Mb Free Space | 100.00% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/09/27 21:38:16 | 000,239,616 | ---- | M] (AMD) [Auto] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 13:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/13 12:07:30 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/28 12:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/10/02 07:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/02/02 07:21:36 | 001,524,728 | ---- | M] (G Data Software AG) [Auto] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012/01/27 10:01:06 | 000,471,048 | ---- | M] (G Data Software AG) [On_Demand] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2012/01/27 00:07:28 | 001,765,352 | ---- | M] (G Data Software AG) [On_Demand] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2012/01/27 00:01:08 | 002,006,872 | ---- | M] (G Data Software AG) [Auto] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2012/01/26 23:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2011/03/16 05:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/01/26 05:26:48 | 000,573,224 | ---- | M] (Nero AG) [Auto] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2010/11/05 17:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/05 14:01:30 | 000,151,552 | ---- | M] () [Auto] -- C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe -- (Marvell RAID)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/08 20:38:52 | 000,024,635 | ---- | M] (Apache Software Foundation) [Auto] -- C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe -- (MRUWebService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/05/07 15:50:18 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System] -- C:\Windows\System32\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2012/12/21 11:07:24 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2012/12/21 11:07:21 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2012/12/21 11:07:21 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2012/12/21 11:07:20 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System] -- C:\Windows\System32\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2012/12/21 11:07:20 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot] -- C:\Windows\System32\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2012/12/13 08:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/27 22:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/27 21:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/05/14 02:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/10/25 23:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/10/19 11:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/09/22 19:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/04/27 04:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/04/27 04:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Daniel_Korn_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
IE - HKU\Daniel_Korn_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = WEB.DE - E-Mail-Adresse kostenlos, FreeMail, Nachrichten & Services
IE - HKU\Daniel_Korn_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Daniel_Korn_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll (McAfee, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Daniel Korn\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Daniel Korn\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Daniel_Korn_ON_C\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MRUTray] C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe ()
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\Daniel_Korn_ON_C..\Run: [Steam] File not found
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\Daniel_Korn_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\Daniel_Korn_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Daniel_Korn_ON_C Winlogon: Shell - (C:\Users\Daniel Korn\AppData\Roaming\skype.dat) - C:\Users\Daniel Korn\AppData\Roaming\skype.dat ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/05/08 10:16:06 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/05/07 15:50:18 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2013/05/05 14:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/05/05 14:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/04/13 09:52:43 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/04/13 09:52:43 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2013/04/13 09:52:43 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/04/13 09:52:43 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/04/13 09:52:43 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/04/13 09:52:43 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/04/13 09:52:43 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/04/13 09:52:43 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/04/13 09:52:43 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/04/13 09:52:43 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/04/13 09:52:43 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/04/13 09:52:43 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/04/13 09:52:43 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/04/13 09:52:43 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/04/13 09:52:43 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/04/13 09:52:43 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/04/13 09:52:43 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2013/04/13 09:52:43 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/04/13 09:52:43 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/04/13 09:52:43 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/04/13 09:52:43 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/04/13 09:52:43 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2013/04/13 09:52:43 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/04/13 09:52:43 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/04/13 09:52:43 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/04/13 09:52:43 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2013/04/13 09:52:43 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/04/13 09:52:43 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/04/13 09:52:43 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/04/13 09:52:43 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/04/13 09:52:43 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/04/13 09:52:43 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/04/13 09:52:43 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/04/13 09:52:43 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2013/04/13 09:52:43 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/04/13 09:52:43 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2013/04/13 09:52:43 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/04/13 09:52:43 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/04/13 09:52:43 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/04/13 09:52:43 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/04/13 09:52:43 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/04/13 09:52:43 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/04/13 09:52:43 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/04/13 09:52:43 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/04/13 09:52:43 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/04/13 09:52:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/04/13 09:52:43 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/04/13 09:52:43 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2013/04/13 09:52:43 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/04/13 09:52:43 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/04/13 09:52:43 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/04/13 09:52:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2013/04/13 09:52:43 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/04/13 09:52:43 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2013/04/13 09:52:43 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/04/13 09:52:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/13 09:52:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/04/13 09:52:43 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/04/13 09:52:43 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/04/13 09:52:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/04/13 09:52:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/04/13 09:52:43 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/04/13 09:52:43 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/04/13 09:52:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/04/13 09:52:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/04/13 09:52:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/04/13 09:52:43 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/04/13 09:52:43 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2013/04/13 09:52:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/04/13 09:52:43 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/04/13 09:52:43 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/04/13 09:52:43 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2013/04/13 09:52:43 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/04/13 09:52:43 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/04/13 09:51:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2013/04/13 09:51:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013/04/13 09:51:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013/04/13 09:51:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2013/04/13 09:51:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbGD.sys
[2013/04/13 09:51:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2013/04/13 09:51:05 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2013/04/13 09:51:05 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe
[2013/04/13 09:51:05 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/04/13 09:51:05 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2013/04/13 09:51:05 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013/04/13 09:51:05 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/04/13 09:51:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2013/04/13 09:51:05 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2013/04/13 09:51:05 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/04/13 09:51:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2013/04/13 09:51:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2013/04/13 09:51:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/04/13 09:51:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013/04/13 09:51:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2013/04/13 09:51:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/04/13 09:51:05 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2013/04/13 09:51:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/04/13 09:51:04 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll
[2013/04/13 09:51:04 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/04/13 09:50:31 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013/04/13 09:50:31 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/04/13 09:50:31 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013/04/13 09:50:31 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/04/13 09:50:27 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/04/13 09:50:27 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/04/13 09:50:25 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/04/13 09:50:25 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2013/04/13 09:50:25 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013/04/13 09:50:25 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/04/13 09:50:25 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/04/13 09:50:25 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2013/04/13 09:50:25 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/04/13 09:50:25 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2013/04/13 09:50:25 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/13 09:50:25 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/13 09:50:25 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/13 09:50:25 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/13 09:50:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/13 09:50:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/13 09:50:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/13 09:50:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/13 09:50:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/13 09:50:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/13 09:50:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/13 09:50:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/13 09:50:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/13 09:50:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/13 09:50:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/13 09:50:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/13 09:50:25 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/13 09:50:25 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/13 09:50:24 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/04/13 09:50:24 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013/04/13 09:50:24 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/04/13 09:50:24 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/04/13 09:50:24 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2013/04/13 09:50:24 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/04/13 09:50:24 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/04/13 09:50:24 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10.dll
[2013/04/13 09:50:24 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/04/13 09:50:24 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2013/04/13 09:50:24 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/04/13 09:50:24 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/04/13 09:50:24 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2013/04/13 09:50:24 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10core.dll
[2013/04/13 09:50:24 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2013/04/13 09:50:23 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/04/13 09:50:23 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2013/04/13 09:50:23 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2013/04/13 09:50:23 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013/04/13 09:48:32 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2013/04/13 09:48:30 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/04/13 09:48:30 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013/04/10 10:44:44 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/04/10 10:44:44 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/04/10 10:44:44 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/04/10 10:44:43 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
[2013/04/10 10:44:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/04/10 10:44:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
========== Files - Modified Within 30 Days ==========
[2013/05/08 16:38:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/08 11:34:18 | 000,693,478 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2013/05/08 11:34:18 | 000,691,216 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2013/05/08 11:34:18 | 000,654,150 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/05/08 11:34:18 | 000,616,032 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/08 11:34:18 | 000,137,086 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2013/05/08 11:34:18 | 000,132,964 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2013/05/08 11:34:18 | 000,130,022 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/05/08 11:34:18 | 000,106,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/08 11:30:11 | 2134,446,079 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/08 10:20:37 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/05/08 10:17:53 | 000,000,008 | ---- | M] () -- C:\Windows\mvraidver.dat
[2013/05/08 06:36:48 | 000,025,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/08 06:36:48 | 000,025,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/08 06:36:33 | 001,066,027 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2013/05/08 06:36:33 | 000,054,743 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2013/05/08 06:36:26 | 000,000,000 | ---- | M] () -- C:\Users\Daniel Korn\AppData\Roaming\skype.ini
[2013/05/07 16:03:08 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/07 15:50:18 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2013/05/07 11:43:00 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4193580082-2909346723-1066986195-1001UA.job
[2013/05/05 14:14:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/05/02 10:59:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/04/13 10:13:38 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/04/13 09:52:43 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/04/13 09:52:43 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2013/04/13 09:52:43 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/04/13 09:52:43 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/04/13 09:52:43 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/04/13 09:52:43 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/04/13 09:52:43 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/04/13 09:52:43 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/04/13 09:52:43 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/04/13 09:52:43 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/04/13 09:52:43 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/04/13 09:52:43 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/04/13 09:52:43 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/04/13 09:52:43 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/04/13 09:52:43 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/04/13 09:52:43 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/04/13 09:52:43 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2013/04/13 09:52:43 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/04/13 09:52:43 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/04/13 09:52:43 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/04/13 09:52:43 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/04/13 09:52:43 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2013/04/13 09:52:43 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/04/13 09:52:43 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/04/13 09:52:43 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/04/13 09:52:43 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2013/04/13 09:52:43 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/04/13 09:52:43 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/04/13 09:52:43 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/04/13 09:52:43 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/04/13 09:52:43 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/04/13 09:52:43 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/04/13 09:52:43 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/04/13 09:52:43 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2013/04/13 09:52:43 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/04/13 09:52:43 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2013/04/13 09:52:43 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/04/13 09:52:43 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/04/13 09:52:43 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/04/13 09:52:43 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/04/13 09:52:43 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/04/13 09:52:43 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/04/13 09:52:43 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/04/13 09:52:43 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/04/13 09:52:43 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/04/13 09:52:43 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/04/13 09:52:43 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/04/13 09:52:43 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2013/04/13 09:52:43 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/04/13 09:52:43 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/04/13 09:52:43 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/04/13 09:52:43 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2013/04/13 09:52:43 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/04/13 09:52:43 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2013/04/13 09:52:43 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/04/13 09:52:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/13 09:52:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/04/13 09:52:43 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/04/13 09:52:43 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/04/13 09:52:43 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/04/13 09:52:43 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/04/13 09:52:43 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/04/13 09:52:43 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/04/13 09:52:43 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/04/13 09:52:43 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/04/13 09:52:43 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/04/13 09:52:43 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/04/13 09:52:43 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2013/04/13 09:52:43 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/04/13 09:52:43 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/04/13 09:52:43 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/13 09:52:43 | 000,025,185 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013/04/13 09:52:43 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/04/13 09:52:43 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2013/04/13 09:52:43 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/04/13 09:52:43 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/04/10 13:33:00 | 000,311,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013/05/08 10:20:37 | 000,002,054 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/05/07 11:38:44 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Korn\AppData\Roaming\skype.ini
[2013/04/13 09:52:43 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/13 09:52:43 | 000,025,185 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/12/21 16:27:55 | 001,066,027 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012/09/27 21:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/09/27 21:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/08/17 07:42:00 | 000,100,984 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/05/02 09:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/01/11 11:07:30 | 000,098,304 | ---- | C] () -- C:\Users\Daniel Korn\AppData\Roaming\skype.dat
[2011/09/12 19:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/08/30 08:27:23 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/04/08 14:16:11 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/04/06 02:26:19 | 000,000,008 | ---- | C] () -- C:\Windows\mvraidver.dat
[2011/04/06 02:26:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/02/17 06:55:20 | 000,002,048 | ---- | C] () -- C:\Windows\hidcon.exe
[2010/11/20 23:24:49 | 000,252,928 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2009/09/30 13:18:26 | 000,050,360 | ---- | C] () -- C:\Windows\php.ini
[2009/09/29 17:16:26 | 000,000,127 | ---- | C] () -- C:\Windows\zraidtray.ini
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2013/03/01 18:10:15 | 000,000,000 | ---D | M] -- C:\Users\Daniel Korn\AppData\Roaming\Fatshark
[2012/05/06 15:10:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel Korn\AppData\Roaming\LolClient
[2011/08/16 07:01:27 | 000,000,000 | ---D | M] -- C:\Users\Daniel Korn\AppData\Roaming\Mumble
[2013/03/11 13:57:43 | 000,000,000 | ---D | M] -- C:\Users\Daniel Korn\AppData\Roaming\Omerta Demo
[2013/01/19 08:20:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel Korn\AppData\Roaming\Ubisoft
[2013/02/28 12:59:22 | 000,000,000 | ---D | M] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/12/26 05:49:31 | 000,000,000 | ---D | M] -- C:\ProgramData\AMD
[2011/02/15 04:10:14 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/04/20 09:06:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Battle.net
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/02/15 04:10:14 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2011/04/08 15:26:43 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core
[2011/04/08 15:26:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2011/02/15 04:10:14 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/12/21 11:14:33 | 000,000,000 | ---D | M] -- C:\ProgramData\G DATA
[2011/04/08 15:08:08 | 000,000,000 | ---D | M] -- C:\ProgramData\LightScribe
[2012/05/17 10:45:36 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
[2013/01/19 08:23:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Solidshield
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/02/15 04:10:14 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/12/28 13:40:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2011/02/15 04:10:14 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/08/15 03:31:15 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2013/05/07 11:42:52 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Kannst du damit was anfangen? |
|
08.05.2013, 16:25
| #24 |
| /// Malware-holic | White Screen beim Starten von Windows 7 Währe ja blöd, wenn ich logs anfordere mit denen ich nichts anfangen kann.... auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein: Code:
ATTFilter :OTL
O20 - HKU\Daniel_Korn_ON_C Winlogon: Shell - (C:\Users\Daniel Korn\AppData\Roaming\skype.dat) - C:\Users\Daniel Korn\AppData\Roaming\skype.dat ()
[2013/05/08 06:36:26 | 000,000,000 | ---- | M] () -- C:\Users\Daniel Korn\AppData\Roaming\skype.ini
:Files
:Commands
[EMPTYFLASH]
[emptytemp]
dieses speicherst du auf nem usb stick als fix.txt nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist. • Klicke nun bitte auf den Fix Button. es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick. wenn dies nicht funktioniert, bitte den fix manuell eintragen. dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen, log posten bitte. ps: bitte den modus im Bios wieder umändern. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.05.2013, 17:12
| #25 |
| | White Screen beim Starten von Windows 7 Klar kannst du damit was anfangen, für mich ist das einfach nur alles Chinesisch =). Hab den fix durchgeführt. Der PC ist dannach nicht heruntergefahren, hat mir aber ein Dokument namens "05092013_005208.log erstellt und angezeigt, welches ich nochmals in ein Textdoc gespeichert habe. Beides .txt und.log habe ich auf den USB-Stick gezogen. Welche der Dateien soll ich dir jetzt wohin laden? Den PC habe ich übrigens manuell herunter gefahren, die CD raus und der PC ist in Windows gestartet, vieln vieln Dank schonmal. Soll ich dir dann jetzt denn Textinhalt der .log datei hier rein kopieren, damit du drüber schaun kannst, sowas wie eine "neue" OTL.txt hat es mir nach dem hochfahren nicht erstellt. ALs ich gerade wie beschrieben versucht habe den _OTL ordner zu zippen (vermute ich), gibt mir GDATA einen Virenalarm an da ich quasi dadurch versuche auf eine infizierte Datei zuzugreifen. Soll ich die Datei desinfizieren oder löschen oder in Quarantäne verschieben? |
|
08.05.2013, 17:30
| #26 |
| /// Malware-holic | White Screen beim Starten von Windows 7 dann lass das mit dem Zippen etc weg. Fixlog brauch ich nicht. Weiter hiermit: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.05.2013, 17:33
| #27 |
| | White Screen beim Starten von Windows 7 Aber soll ich die Datei jetzt löschen oder in Quarantäne verschieben oder so? |
|
08.05.2013, 17:36
| #28 |
| /// Malware-holic | White Screen beim Starten von Windows 7 verschieb sie halt in quarantäne oder wir löschen sie später
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.05.2013, 17:46
| #29 |
| | White Screen beim Starten von Windows 7 18:42:52.0791 1708 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 18:42:54.0793 1708 ============================================================ 18:42:54.0793 1708 Current date / time: 2013/05/08 18:42:54.0793 18:42:54.0793 1708 SystemInfo: 18:42:54.0793 1708 18:42:54.0793 1708 OS Version: 6.1.7601 ServicePack: 1.0 18:42:54.0793 1708 Product type: Workstation 18:42:54.0793 1708 ComputerName: DMASTERK 18:42:54.0793 1708 UserName: Daniel Korn 18:42:54.0793 1708 Windows directory: C:\Windows 18:42:54.0793 1708 System windows directory: C:\Windows 18:42:54.0793 1708 Running under WOW64 18:42:54.0793 1708 Processor architecture: Intel x64 18:42:54.0793 1708 Number of processors: 8 18:42:54.0793 1708 Page size: 0x1000 18:42:54.0793 1708 Boot type: Normal boot 18:42:54.0793 1708 ============================================================ 18:43:12.0560 1708 Drive \Device\Harddisk0\DR0 - Size: 0x1AC882A000 (107.13 Gb), SectorSize: 0x200, Cylinders: 0x36A1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:43:12.0580 1708 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:43:12.0586 1708 ============================================================ 18:43:12.0586 1708 \Device\Harddisk0\DR0: 18:43:12.0586 1708 MBR partitions: 18:43:12.0586 1708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xD643800 18:43:12.0586 1708 \Device\Harddisk1\DR1: 18:43:12.0586 1708 MBR partitions: 18:43:12.0586 1708 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800 18:43:12.0586 1708 ============================================================ 18:43:12.0587 1708 C: <-> \Device\Harddisk0\DR0\Partition1 18:43:12.0604 1708 D: <-> \Device\Harddisk1\DR1\Partition1 18:43:12.0604 1708 ============================================================ 18:43:12.0604 1708 Initialize success 18:43:12.0604 1708 ============================================================ 18:43:23.0285 3180 ============================================================ 18:43:23.0285 3180 Scan started 18:43:23.0285 3180 Mode: Manual; SigCheck; TDLFS; 18:43:23.0285 3180 ============================================================ 18:43:23.0349 3180 ================ Scan system memory ======================== 18:43:23.0349 3180 System memory - ok 18:43:23.0350 3180 ================ Scan services ============================= 18:43:23.0381 3180 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:43:23.0430 3180 1394ohci - ok 18:43:23.0436 3180 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:43:23.0449 3180 ACPI - ok 18:43:23.0452 3180 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:43:23.0465 3180 AcpiPmi - ok 18:43:23.0469 3180 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:43:23.0477 3180 AdobeARMservice - ok 18:43:23.0499 3180 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:43:23.0509 3180 AdobeFlashPlayerUpdateSvc - ok 18:43:23.0516 3180 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 18:43:23.0533 3180 adp94xx - ok 18:43:23.0539 3180 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 18:43:23.0553 3180 adpahci - ok 18:43:23.0557 3180 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 18:43:23.0569 3180 adpu320 - ok 18:43:23.0573 3180 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:43:23.0598 3180 AeLookupSvc - ok 18:43:23.0605 3180 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 18:43:23.0622 3180 AFD - ok 18:43:23.0625 3180 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:43:23.0634 3180 agp440 - ok 18:43:23.0637 3180 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 18:43:23.0649 3180 ALG - ok 18:43:23.0651 3180 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 18:43:23.0660 3180 aliide - ok 18:43:23.0665 3180 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 18:43:23.0681 3180 AMD External Events Utility - ok 18:43:23.0683 3180 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 18:43:23.0691 3180 amdide - ok 18:43:23.0694 3180 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 18:43:23.0706 3180 AmdK8 - ok 18:43:23.0843 3180 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 18:43:24.0031 3180 amdkmdag - ok 18:43:24.0041 3180 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 18:43:24.0057 3180 amdkmdap - ok 18:43:24.0060 3180 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 18:43:24.0071 3180 AmdPPM - ok 18:43:24.0074 3180 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 18:43:24.0084 3180 amdsata - ok 18:43:24.0087 3180 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 18:43:24.0098 3180 amdsbs - ok 18:43:24.0101 3180 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 18:43:24.0109 3180 amdxata - ok 18:43:24.0112 3180 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 18:43:24.0136 3180 AppID - ok 18:43:24.0139 3180 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:43:24.0162 3180 AppIDSvc - ok 18:43:24.0166 3180 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 18:43:24.0191 3180 Appinfo - ok 18:43:24.0201 3180 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:43:24.0209 3180 Apple Mobile Device - ok 18:43:24.0214 3180 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 18:43:24.0227 3180 AppMgmt - ok 18:43:24.0231 3180 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 18:43:24.0241 3180 arc - ok 18:43:24.0244 3180 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 18:43:24.0254 3180 arcsas - ok 18:43:24.0256 3180 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:43:24.0280 3180 AsyncMac - ok 18:43:24.0283 3180 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 18:43:24.0291 3180 atapi - ok 18:43:24.0295 3180 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 18:43:24.0306 3180 AtiHDAudioService - ok 18:43:24.0316 3180 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:43:24.0343 3180 AudioEndpointBuilder - ok 18:43:24.0352 3180 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:43:24.0378 3180 AudioSrv - ok 18:43:24.0397 3180 [ BF3B991E0E22F9E6A82CCF6512CB51D0 ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe 18:43:24.0418 3180 AVKProxy - ok 18:43:24.0425 3180 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe 18:43:24.0436 3180 AVKService - ok 18:43:24.0461 3180 [ BD66948F382D077AC9833B6414D1F06E ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe 18:43:24.0506 3180 AVKWCtl - ok 18:43:24.0510 3180 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:43:24.0525 3180 AxInstSV - ok 18:43:24.0531 3180 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 18:43:24.0547 3180 b06bdrv - ok 18:43:24.0553 3180 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:43:24.0568 3180 b57nd60a - ok 18:43:24.0572 3180 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 18:43:24.0584 3180 BDESVC - ok 18:43:24.0586 3180 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 18:43:24.0608 3180 Beep - ok 18:43:24.0619 3180 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 18:43:24.0646 3180 BFE - ok 18:43:24.0658 3180 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 18:43:24.0688 3180 BITS - ok 18:43:24.0691 3180 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 18:43:24.0701 3180 blbdrive - ok 18:43:24.0710 3180 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 18:43:24.0722 3180 Bonjour Service - ok 18:43:24.0725 3180 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:43:24.0736 3180 bowser - ok 18:43:24.0738 3180 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 18:43:24.0750 3180 BrFiltLo - ok 18:43:24.0752 3180 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 18:43:24.0763 3180 BrFiltUp - ok 18:43:24.0769 3180 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 18:43:24.0781 3180 Browser - ok 18:43:24.0787 3180 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:43:24.0803 3180 Brserid - ok 18:43:24.0805 3180 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:43:24.0817 3180 BrSerWdm - ok 18:43:24.0819 3180 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:43:24.0831 3180 BrUsbMdm - ok 18:43:24.0833 3180 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:43:24.0842 3180 BrUsbSer - ok 18:43:24.0845 3180 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 18:43:24.0857 3180 BTHMODEM - ok 18:43:24.0862 3180 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 18:43:24.0886 3180 bthserv - ok 18:43:24.0889 3180 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:43:24.0914 3180 cdfs - ok 18:43:24.0919 3180 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:43:24.0932 3180 cdrom - ok 18:43:24.0935 3180 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 18:43:24.0960 3180 CertPropSvc - ok 18:43:24.0963 3180 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 18:43:24.0975 3180 circlass - ok 18:43:24.0981 3180 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 18:43:24.0995 3180 CLFS - ok 18:43:25.0001 3180 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:43:25.0010 3180 clr_optimization_v2.0.50727_32 - ok 18:43:25.0016 3180 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:43:25.0026 3180 clr_optimization_v2.0.50727_64 - ok 18:43:25.0034 3180 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:43:25.0047 3180 clr_optimization_v4.0.30319_32 - ok 18:43:25.0053 3180 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:43:25.0061 3180 clr_optimization_v4.0.30319_64 - ok 18:43:25.0064 3180 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 18:43:25.0074 3180 CmBatt - ok 18:43:25.0076 3180 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:43:25.0085 3180 cmdide - ok 18:43:25.0091 3180 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 18:43:25.0117 3180 CNG - ok 18:43:25.0119 3180 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 18:43:25.0127 3180 Compbatt - ok 18:43:25.0130 3180 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 18:43:25.0142 3180 CompositeBus - ok 18:43:25.0144 3180 COMSysApp - ok 18:43:25.0146 3180 cpuz135 - ok 18:43:25.0149 3180 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 18:43:25.0157 3180 crcdisk - ok 18:43:25.0162 3180 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:43:25.0174 3180 CryptSvc - ok 18:43:25.0183 3180 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 18:43:25.0201 3180 CSC - ok 18:43:25.0211 3180 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 18:43:25.0225 3180 CscService - ok 18:43:25.0234 3180 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:43:25.0260 3180 DcomLaunch - ok 18:43:25.0266 3180 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 18:43:25.0295 3180 defragsvc - ok 18:43:25.0298 3180 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:43:25.0322 3180 DfsC - ok 18:43:25.0328 3180 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 18:43:25.0339 3180 Dhcp - ok 18:43:25.0342 3180 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 18:43:25.0365 3180 discache - ok 18:43:25.0368 3180 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 18:43:25.0377 3180 Disk - ok 18:43:25.0380 3180 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 18:43:25.0391 3180 dmvsc - ok 18:43:25.0395 3180 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:43:25.0406 3180 Dnscache - ok 18:43:25.0411 3180 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 18:43:25.0438 3180 dot3svc - ok 18:43:25.0442 3180 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 18:43:25.0465 3180 DPS - ok 18:43:25.0468 3180 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:43:25.0479 3180 drmkaud - ok 18:43:25.0493 3180 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:43:25.0512 3180 DXGKrnl - ok 18:43:25.0515 3180 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 18:43:25.0527 3180 E1G60 - ok 18:43:25.0531 3180 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 18:43:25.0555 3180 EapHost - ok 18:43:25.0595 3180 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 18:43:25.0655 3180 ebdrv - ok 18:43:25.0658 3180 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 18:43:25.0668 3180 EFS - ok 18:43:25.0678 3180 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:43:25.0698 3180 ehRecvr - ok 18:43:25.0701 3180 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 18:43:25.0713 3180 ehSched - ok 18:43:25.0721 3180 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 18:43:25.0740 3180 elxstor - ok 18:43:25.0742 3180 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:43:25.0752 3180 ErrDev - ok 18:43:25.0761 3180 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 18:43:25.0787 3180 EventSystem - ok 18:43:25.0792 3180 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 18:43:25.0819 3180 exfat - ok 18:43:25.0823 3180 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:43:25.0849 3180 fastfat - ok 18:43:25.0860 3180 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 18:43:25.0874 3180 Fax - ok 18:43:25.0876 3180 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 18:43:25.0887 3180 fdc - ok 18:43:25.0889 3180 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 18:43:25.0913 3180 fdPHost - ok 18:43:25.0915 3180 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 18:43:25.0938 3180 FDResPub - ok 18:43:25.0942 3180 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:43:25.0950 3180 FileInfo - ok 18:43:25.0953 3180 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:43:25.0976 3180 Filetrace - ok 18:43:25.0979 3180 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 18:43:25.0989 3180 flpydisk - ok 18:43:25.0994 3180 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:43:26.0005 3180 FltMgr - ok 18:43:26.0017 3180 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 18:43:26.0036 3180 FontCache - ok 18:43:26.0039 3180 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:43:26.0047 3180 FontCache3.0.0.0 - ok 18:43:26.0050 3180 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:43:26.0059 3180 FsDepends - ok 18:43:26.0061 3180 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 18:43:26.0069 3180 fssfltr - ok 18:43:26.0087 3180 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 18:43:26.0119 3180 fsssvc - ok 18:43:26.0121 3180 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:43:26.0129 3180 Fs_Rec - ok 18:43:26.0133 3180 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:43:26.0146 3180 fvevol - ok 18:43:26.0149 3180 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 18:43:26.0158 3180 gagp30kx - ok 18:43:26.0161 3180 [ 116F4672A804DA33E1159C005AE88B9C ] GDBehave C:\Windows\system32\drivers\GDBehave.sys 18:43:26.0169 3180 GDBehave - ok 18:43:26.0192 3180 [ CC011FABE68CDC2EC9B0DEA07B8414C9 ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe 18:43:26.0230 3180 GDFwSvc - ok 18:43:26.0235 3180 [ E02AC68F1FC31D38EAD729E00BD68C93 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys 18:43:26.0243 3180 GDMnIcpt - ok 18:43:26.0245 3180 [ 290DDB8C97249F99569B77E9DF2F76FC ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys 18:43:26.0253 3180 GDPkIcpt - ok 18:43:26.0260 3180 [ B7D4DF09A86A5DC98F74A2FA2875C154 ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe 18:43:26.0271 3180 GDScan - ok 18:43:26.0275 3180 [ E64C471DBD91ADEB0B4C78C204326ECD ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys 18:43:26.0282 3180 gdwfpcd - ok 18:43:26.0285 3180 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys 18:43:26.0291 3180 GEARAspiWDM - ok 18:43:26.0302 3180 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 18:43:26.0330 3180 gpsvc - ok 18:43:26.0334 3180 [ 9580CBF03D2EE08BD1C0D701AAE4092A ] GRD C:\Windows\system32\drivers\GRD.sys 18:43:26.0346 3180 GRD - ok 18:43:26.0349 3180 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:43:26.0359 3180 hcw85cir - ok 18:43:26.0365 3180 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:43:26.0381 3180 HdAudAddService - ok 18:43:26.0384 3180 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 18:43:26.0395 3180 HDAudBus - ok 18:43:26.0398 3180 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 18:43:26.0408 3180 HidBatt - ok 18:43:26.0411 3180 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 18:43:26.0424 3180 HidBth - ok 18:43:26.0426 3180 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 18:43:26.0438 3180 HidIr - ok 18:43:26.0441 3180 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 18:43:26.0465 3180 hidserv - ok 18:43:26.0468 3180 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:43:26.0477 3180 HidUsb - ok 18:43:26.0480 3180 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:43:26.0504 3180 hkmsvc - ok 18:43:26.0509 3180 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:43:26.0522 3180 HomeGroupListener - ok 18:43:26.0527 3180 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:43:26.0537 3180 HomeGroupProvider - ok 18:43:26.0541 3180 [ 3CD18F0B3681FB267E67763CC3152D4E ] HookCentre C:\Windows\system32\drivers\HookCentre.sys 18:43:26.0548 3180 HookCentre - ok 18:43:26.0551 3180 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:43:26.0561 3180 HpSAMD - ok 18:43:26.0572 3180 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:43:26.0607 3180 HTTP - ok 18:43:26.0609 3180 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:43:26.0617 3180 hwpolicy - ok 18:43:26.0620 3180 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 18:43:26.0631 3180 i8042prt - ok 18:43:26.0638 3180 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys 18:43:26.0649 3180 iaStor - ok 18:43:26.0652 3180 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 18:43:26.0659 3180 IAStorDataMgrSvc - ok 18:43:26.0665 3180 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:43:26.0680 3180 iaStorV - ok 18:43:26.0683 3180 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 18:43:26.0690 3180 IDriverT ( UnsignedFile.Multi.Generic ) - warning 18:43:26.0690 3180 IDriverT - detected UnsignedFile.Multi.Generic (1) 18:43:26.0699 3180 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:43:26.0720 3180 idsvc - ok 18:43:26.0722 3180 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 18:43:26.0731 3180 iirsp - ok 18:43:26.0743 3180 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 18:43:26.0780 3180 IKEEXT - ok 18:43:26.0817 3180 [ 9297BC7FB61F58670EE176DD18F4DD92 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 18:43:26.0856 3180 IntcAzAudAddService - ok 18:43:26.0858 3180 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 18:43:26.0867 3180 intelide - ok 18:43:26.0870 3180 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys 18:43:26.0879 3180 intelppm - ok 18:43:26.0882 3180 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:43:26.0907 3180 IPBusEnum - ok 18:43:26.0911 3180 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:43:26.0935 3180 IpFilterDriver - ok 18:43:26.0942 3180 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:43:26.0960 3180 iphlpsvc - ok 18:43:26.0962 3180 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:43:26.0974 3180 IPMIDRV - ok 18:43:26.0977 3180 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:43:27.0002 3180 IPNAT - ok 18:43:27.0010 3180 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 18:43:27.0023 3180 iPod Service - ok 18:43:27.0026 3180 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:43:27.0039 3180 IRENUM - ok 18:43:27.0041 3180 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:43:27.0050 3180 isapnp - ok 18:43:27.0055 3180 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 18:43:27.0069 3180 iScsiPrt - ok 18:43:27.0071 3180 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:43:27.0079 3180 kbdclass - ok 18:43:27.0082 3180 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:43:27.0092 3180 kbdhid - ok 18:43:27.0095 3180 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 18:43:27.0103 3180 KeyIso - ok 18:43:27.0106 3180 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:43:27.0116 3180 KSecDD - ok 18:43:27.0119 3180 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:43:27.0134 3180 KSecPkg - ok 18:43:27.0136 3180 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:43:27.0160 3180 ksthunk - ok 18:43:27.0166 3180 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 18:43:27.0195 3180 KtmRm - ok 18:43:27.0200 3180 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 18:43:27.0227 3180 LanmanServer - ok 18:43:27.0231 3180 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:43:27.0255 3180 LanmanWorkstation - ok 18:43:27.0260 3180 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 18:43:27.0264 3180 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 18:43:27.0264 3180 LightScribeService - detected UnsignedFile.Multi.Generic (1) 18:43:27.0266 3180 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:43:27.0290 3180 lltdio - ok 18:43:27.0295 3180 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:43:27.0323 3180 lltdsvc - ok 18:43:27.0326 3180 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:43:27.0350 3180 lmhosts - ok 18:43:27.0354 3180 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 18:43:27.0365 3180 LSI_FC - ok 18:43:27.0369 3180 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 18:43:27.0379 3180 LSI_SAS - ok 18:43:27.0381 3180 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 18:43:27.0390 3180 LSI_SAS2 - ok 18:43:27.0394 3180 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 18:43:27.0405 3180 LSI_SCSI - ok 18:43:27.0408 3180 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 18:43:27.0432 3180 luafv - ok 18:43:27.0437 3180 [ 846A29C351FF5CB67C5960E2C21695AF ] Marvell RAID C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe 18:43:27.0442 3180 Marvell RAID ( UnsignedFile.Multi.Generic ) - warning 18:43:27.0442 3180 Marvell RAID - detected UnsignedFile.Multi.Generic (1) 18:43:27.0448 3180 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe 18:43:27.0457 3180 McComponentHostService - ok 18:43:27.0460 3180 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:43:27.0472 3180 Mcx2Svc - ok 18:43:27.0475 3180 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 18:43:27.0483 3180 megasas - ok 18:43:27.0488 3180 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 18:43:27.0501 3180 MegaSR - ok 18:43:27.0504 3180 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys 18:43:27.0511 3180 MEIx64 - ok 18:43:27.0514 3180 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 18:43:27.0539 3180 MMCSS - ok 18:43:27.0541 3180 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 18:43:27.0565 3180 Modem - ok 18:43:27.0569 3180 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:43:27.0579 3180 monitor - ok 18:43:27.0582 3180 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:43:27.0590 3180 mouclass - ok 18:43:27.0593 3180 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:43:27.0603 3180 mouhid - ok 18:43:27.0606 3180 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:43:27.0615 3180 mountmgr - ok 18:43:27.0619 3180 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 18:43:27.0630 3180 mpio - ok 18:43:27.0633 3180 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:43:27.0657 3180 mpsdrv - ok 18:43:27.0668 3180 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:43:27.0697 3180 MpsSvc - ok 18:43:27.0700 3180 [ 8881574868E648689B7AA88A88716E17 ] MRUWebService C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe 18:43:27.0705 3180 MRUWebService ( UnsignedFile.Multi.Generic ) - warning 18:43:27.0705 3180 MRUWebService - detected UnsignedFile.Multi.Generic (1) 18:43:27.0709 3180 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:43:27.0724 3180 MRxDAV - ok 18:43:27.0729 3180 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:43:27.0741 3180 mrxsmb - ok 18:43:27.0747 3180 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:43:27.0761 3180 mrxsmb10 - ok 18:43:27.0764 3180 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:43:27.0776 3180 mrxsmb20 - ok 18:43:27.0778 3180 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 18:43:27.0787 3180 msahci - ok 18:43:27.0790 3180 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:43:27.0800 3180 msdsm - ok 18:43:27.0804 3180 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 18:43:27.0817 3180 MSDTC - ok 18:43:27.0821 3180 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:43:27.0845 3180 Msfs - ok 18:43:27.0847 3180 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:43:27.0870 3180 mshidkmdf - ok 18:43:27.0872 3180 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:43:27.0880 3180 msisadrv - ok 18:43:27.0884 3180 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:43:27.0910 3180 MSiSCSI - ok 18:43:27.0912 3180 msiserver - ok 18:43:27.0914 3180 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:43:27.0938 3180 MSKSSRV - ok 18:43:27.0940 3180 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:43:27.0964 3180 MSPCLOCK - ok 18:43:27.0966 3180 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:43:27.0990 3180 MSPQM - ok 18:43:27.0996 3180 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:43:28.0010 3180 MsRPC - ok 18:43:28.0013 3180 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 18:43:28.0021 3180 mssmbios - ok 18:43:28.0023 3180 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:43:28.0047 3180 MSTEE - ok 18:43:28.0049 3180 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 18:43:28.0060 3180 MTConfig - ok 18:43:28.0062 3180 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 18:43:28.0071 3180 Mup - ok 18:43:28.0078 3180 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 18:43:28.0109 3180 napagent - ok 18:43:28.0115 3180 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:43:28.0134 3180 NativeWifiP - ok 18:43:28.0143 3180 [ 2A66DD37F5A44CD4548FA89E4088FD01 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 18:43:28.0155 3180 NAUpdate - ok 18:43:28.0166 3180 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 18:43:28.0188 3180 NDIS - ok 18:43:28.0192 3180 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:43:28.0216 3180 NdisCap - ok 18:43:28.0219 3180 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:43:28.0242 3180 NdisTapi - ok 18:43:28.0244 3180 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:43:28.0267 3180 Ndisuio - ok 18:43:28.0272 3180 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:43:28.0297 3180 NdisWan - ok 18:43:28.0300 3180 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:43:28.0324 3180 NDProxy - ok 18:43:28.0326 3180 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:43:28.0350 3180 NetBIOS - ok 18:43:28.0355 3180 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:43:28.0382 3180 NetBT - ok 18:43:28.0384 3180 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 18:43:28.0393 3180 Netlogon - ok 18:43:28.0400 3180 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 18:43:28.0429 3180 Netman - ok 18:43:28.0437 3180 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 18:43:28.0463 3180 netprofm - ok 18:43:28.0466 3180 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:43:28.0475 3180 NetTcpPortSharing - ok 18:43:28.0478 3180 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 18:43:28.0488 3180 nfrd960 - ok 18:43:28.0493 3180 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:43:28.0504 3180 NlaSvc - ok 18:43:28.0507 3180 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:43:28.0531 3180 Npfs - ok 18:43:28.0533 3180 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 18:43:28.0556 3180 nsi - ok 18:43:28.0559 3180 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:43:28.0583 3180 nsiproxy - ok 18:43:28.0601 3180 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:43:28.0653 3180 Ntfs - ok 18:43:28.0655 3180 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 18:43:28.0678 3180 Null - ok 18:43:28.0681 3180 [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys 18:43:28.0689 3180 nusb3hub - ok 18:43:28.0693 3180 [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys 18:43:28.0702 3180 nusb3xhc - ok 18:43:28.0705 3180 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:43:28.0716 3180 nvraid - ok 18:43:28.0719 3180 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:43:28.0730 3180 nvstor - ok 18:43:28.0733 3180 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:43:28.0743 3180 nv_agp - ok 18:43:28.0753 3180 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:43:28.0770 3180 odserv - ok 18:43:28.0773 3180 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:43:28.0783 3180 ohci1394 - ok 18:43:28.0788 3180 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:43:28.0798 3180 ose - ok 18:43:28.0804 3180 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:43:28.0816 3180 p2pimsvc - ok 18:43:28.0823 3180 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 18:43:28.0840 3180 p2psvc - ok 18:43:28.0844 3180 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 18:43:28.0856 3180 Parport - ok 18:43:28.0859 3180 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:43:28.0867 3180 partmgr - ok 18:43:28.0872 3180 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 18:43:28.0886 3180 PcaSvc - ok 18:43:28.0890 3180 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 18:43:28.0901 3180 pci - ok 18:43:28.0903 3180 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 18:43:28.0912 3180 pciide - ok 18:43:28.0916 3180 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 18:43:28.0928 3180 pcmcia - ok 18:43:28.0931 3180 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 18:43:28.0939 3180 pcw - ok 18:43:28.0949 3180 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:43:28.0981 3180 PEAUTH - ok 18:43:28.0999 3180 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 18:43:29.0028 3180 PeerDistSvc - ok 18:43:29.0052 3180 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:43:29.0064 3180 PerfHost - ok 18:43:29.0083 3180 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 18:43:29.0126 3180 pla - ok 18:43:29.0134 3180 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:43:29.0147 3180 PlugPlay - ok 18:43:29.0149 3180 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:43:29.0160 3180 PNRPAutoReg - ok 18:43:29.0166 3180 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:43:29.0177 3180 PNRPsvc - ok 18:43:29.0184 3180 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:43:29.0210 3180 PolicyAgent - ok 18:43:29.0215 3180 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 18:43:29.0242 3180 Power - ok 18:43:29.0245 3180 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:43:29.0270 3180 PptpMiniport - ok 18:43:29.0273 3180 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 18:43:29.0284 3180 Processor - ok 18:43:29.0289 3180 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 18:43:29.0300 3180 ProfSvc - ok 18:43:29.0303 3180 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:43:29.0311 3180 ProtectedStorage - ok 18:43:29.0315 3180 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:43:29.0340 3180 Psched - ok 18:43:29.0361 3180 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 18:43:29.0397 3180 ql2300 - ok 18:43:29.0401 3180 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 18:43:29.0411 3180 ql40xx - ok 18:43:29.0416 3180 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 18:43:29.0432 3180 QWAVE - ok 18:43:29.0435 3180 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:43:29.0448 3180 QWAVEdrv - ok 18:43:29.0450 3180 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:43:29.0473 3180 RasAcd - ok 18:43:29.0477 3180 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:43:29.0500 3180 RasAgileVpn - ok 18:43:29.0504 3180 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 18:43:29.0530 3180 RasAuto - ok 18:43:29.0533 3180 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:43:29.0557 3180 Rasl2tp - ok 18:43:29.0563 3180 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 18:43:29.0592 3180 RasMan - ok 18:43:29.0595 3180 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:43:29.0621 3180 RasPppoe - ok 18:43:29.0624 3180 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:43:29.0649 3180 RasSstp - ok 18:43:29.0655 3180 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:43:29.0684 3180 rdbss - ok 18:43:29.0686 3180 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 18:43:29.0698 3180 rdpbus - ok 18:43:29.0700 3180 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:43:29.0723 3180 RDPCDD - ok 18:43:29.0728 3180 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 18:43:29.0740 3180 RDPDR - ok 18:43:29.0742 3180 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:43:29.0765 3180 RDPENCDD - ok 18:43:29.0768 3180 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:43:29.0791 3180 RDPREFMP - ok 18:43:29.0795 3180 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 18:43:29.0804 3180 RdpVideoMiniport - ok 18:43:29.0809 3180 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:43:29.0822 3180 RDPWD - ok 18:43:29.0827 3180 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:43:29.0838 3180 rdyboost - ok 18:43:29.0841 3180 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:43:29.0867 3180 RemoteAccess - ok 18:43:29.0871 3180 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:43:29.0898 3180 RemoteRegistry - ok 18:43:29.0901 3180 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:43:29.0925 3180 RpcEptMapper - ok 18:43:29.0927 3180 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 18:43:29.0938 3180 RpcLocator - ok 18:43:29.0945 3180 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 18:43:29.0971 3180 RpcSs - ok 18:43:29.0975 3180 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:43:30.0000 3180 rspndr - ok 18:43:30.0008 3180 [ 2777226EE8BF50B059D7A7C90177E99C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 18:43:30.0019 3180 RTL8167 - ok 18:43:30.0021 3180 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 18:43:30.0030 3180 s3cap - ok 18:43:30.0033 3180 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 18:43:30.0041 3180 SamSs - ok 18:43:30.0045 3180 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:43:30.0055 3180 sbp2port - ok 18:43:30.0059 3180 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:43:30.0086 3180 SCardSvr - ok 18:43:30.0088 3180 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:43:30.0112 3180 scfilter - ok 18:43:30.0125 3180 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 18:43:30.0164 3180 Schedule - ok 18:43:30.0167 3180 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 18:43:30.0189 3180 SCPolicySvc - ok 18:43:30.0194 3180 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:43:30.0207 3180 SDRSVC - ok 18:43:30.0210 3180 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:43:30.0233 3180 secdrv - ok 18:43:30.0236 3180 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 18:43:30.0260 3180 seclogon - ok 18:43:30.0263 3180 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 18:43:30.0287 3180 SENS - ok 18:43:30.0289 3180 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:43:30.0300 3180 SensrSvc - ok 18:43:30.0303 3180 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 18:43:30.0313 3180 Serenum - ok 18:43:30.0316 3180 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 18:43:30.0328 3180 Serial - ok 18:43:30.0330 3180 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 18:43:30.0341 3180 sermouse - ok 18:43:30.0347 3180 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 18:43:30.0373 3180 SessionEnv - ok 18:43:30.0375 3180 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:43:30.0386 3180 sffdisk - ok 18:43:30.0389 3180 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:43:30.0401 3180 sffp_mmc - ok 18:43:30.0404 3180 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:43:30.0416 3180 sffp_sd - ok 18:43:30.0418 3180 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 18:43:30.0428 3180 sfloppy - ok 18:43:30.0435 3180 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:43:30.0464 3180 SharedAccess - ok 18:43:30.0470 3180 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:43:30.0499 3180 ShellHWDetection - ok 18:43:30.0501 3180 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 18:43:30.0510 3180 SiSRaid2 - ok 18:43:30.0513 3180 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 18:43:30.0523 3180 SiSRaid4 - ok 18:43:30.0561 3180 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 18:43:30.0598 3180 Skype C2C Service - ok 18:43:30.0604 3180 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 18:43:30.0612 3180 SkypeUpdate - ok 18:43:30.0615 3180 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:43:30.0641 3180 Smb - ok 18:43:30.0646 3180 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:43:30.0656 3180 SNMPTRAP - ok 18:43:30.0659 3180 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 18:43:30.0667 3180 spldr - ok 18:43:30.0675 3180 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 18:43:30.0690 3180 Spooler - ok 18:43:30.0747 3180 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 18:43:30.0804 3180 sppsvc - ok 18:43:30.0808 3180 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:43:30.0833 3180 sppuinotify - ok 18:43:30.0841 3180 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 18:43:30.0857 3180 srv - ok 18:43:30.0865 3180 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:43:30.0880 3180 srv2 - ok 18:43:30.0884 3180 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:43:30.0896 3180 srvnet - ok 18:43:30.0901 3180 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:43:30.0926 3180 SSDPSRV - ok 18:43:30.0929 3180 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:43:30.0953 3180 SstpSvc - ok 18:43:30.0955 3180 Steam Client Service - ok 18:43:30.0958 3180 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 18:43:30.0967 3180 stexstor - ok 18:43:30.0977 3180 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 18:43:30.0994 3180 stisvc - ok 18:43:30.0997 3180 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 18:43:31.0005 3180 storflt - ok 18:43:31.0008 3180 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 18:43:31.0018 3180 StorSvc - ok 18:43:31.0021 3180 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 18:43:31.0030 3180 storvsc - ok 18:43:31.0032 3180 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 18:43:31.0040 3180 swenum - ok 18:43:31.0048 3180 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 18:43:31.0079 3180 swprv - ok 18:43:31.0101 3180 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 18:43:31.0127 3180 SysMain - ok 18:43:31.0131 3180 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:43:31.0145 3180 TabletInputService - ok 18:43:31.0151 3180 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 18:43:31.0179 3180 TapiSrv - ok 18:43:31.0182 3180 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 18:43:31.0207 3180 TBS - ok 18:43:31.0226 3180 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:43:31.0285 3180 Tcpip - ok 18:43:31.0305 3180 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:43:31.0331 3180 TCPIP6 - ok 18:43:31.0335 3180 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:43:31.0345 3180 tcpipreg - ok 18:43:31.0348 3180 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:43:31.0358 3180 TDPIPE - ok 18:43:31.0361 3180 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:43:31.0370 3180 TDTCP - ok 18:43:31.0373 3180 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:43:31.0398 3180 tdx - ok 18:43:31.0401 3180 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 18:43:31.0410 3180 TermDD - ok 18:43:31.0422 3180 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 18:43:31.0457 3180 TermService - ok 18:43:31.0460 3180 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 18:43:31.0474 3180 Themes - ok 18:43:31.0476 3180 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 18:43:31.0500 3180 THREADORDER - ok 18:43:31.0503 3180 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 18:43:31.0529 3180 TrkWks - ok 18:43:31.0533 3180 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:43:31.0557 3180 TrustedInstaller - ok 18:43:31.0561 3180 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:43:31.0584 3180 tssecsrv - ok 18:43:31.0587 3180 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:43:31.0598 3180 TsUsbFlt - ok 18:43:31.0601 3180 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 18:43:31.0611 3180 TsUsbGD - ok 18:43:31.0614 3180 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:43:31.0639 3180 tunnel - ok 18:43:31.0642 3180 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 18:43:31.0652 3180 uagp35 - ok 18:43:31.0657 3180 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:43:31.0685 3180 udfs - ok 18:43:31.0690 3180 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:43:31.0701 3180 UI0Detect - ok 18:43:31.0704 3180 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:43:31.0713 3180 uliagpkx - ok 18:43:31.0715 3180 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:43:31.0726 3180 umbus - ok 18:43:31.0728 3180 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 18:43:31.0738 3180 UmPass - ok 18:43:31.0743 3180 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 18:43:31.0757 3180 UmRdpService - ok 18:43:31.0763 3180 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 18:43:31.0793 3180 upnphost - ok 18:43:31.0796 3180 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 18:43:31.0810 3180 USBAAPL64 - ok 18:43:31.0814 3180 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:43:31.0825 3180 usbccgp - ok 18:43:31.0829 3180 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:43:31.0842 3180 usbcir - ok 18:43:31.0845 3180 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 18:43:31.0854 3180 usbehci - ok 18:43:31.0860 3180 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:43:31.0874 3180 usbhub - ok 18:43:31.0876 3180 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:43:31.0887 3180 usbohci - ok 18:43:31.0889 3180 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 18:43:31.0901 3180 usbprint - ok 18:43:31.0904 3180 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:43:31.0915 3180 USBSTOR - ok 18:43:31.0918 3180 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:43:31.0928 3180 usbuhci - ok 18:43:31.0930 3180 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 18:43:31.0955 3180 UxSms - ok 18:43:31.0957 3180 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 18:43:31.0966 3180 VaultSvc - ok 18:43:31.0969 3180 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:43:31.0977 3180 vdrvroot - ok 18:43:31.0985 3180 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 18:43:32.0016 3180 vds - ok 18:43:32.0018 3180 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:43:32.0030 3180 vga - ok 18:43:32.0032 3180 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 18:43:32.0056 3180 VgaSave - ok 18:43:32.0061 3180 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:43:32.0073 3180 vhdmp - ok 18:43:32.0075 3180 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 18:43:32.0084 3180 viaide - ok 18:43:32.0088 3180 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 18:43:32.0099 3180 vmbus - ok 18:43:32.0102 3180 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 18:43:32.0112 3180 VMBusHID - ok 18:43:32.0115 3180 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:43:32.0123 3180 volmgr - ok 18:43:32.0130 3180 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:43:32.0144 3180 volmgrx - ok 18:43:32.0149 3180 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:43:32.0162 3180 volsnap - ok 18:43:32.0166 3180 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 18:43:32.0177 3180 vsmraid - ok 18:43:32.0197 3180 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 18:43:32.0243 3180 VSS - ok 18:43:32.0246 3180 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 18:43:32.0258 3180 vwifibus - ok 18:43:32.0265 3180 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 18:43:32.0295 3180 W32Time - ok 18:43:32.0299 3180 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 18:43:32.0310 3180 WacomPen - ok 18:43:32.0313 3180 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:43:32.0337 3180 WANARP - ok 18:43:32.0339 3180 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:43:32.0363 3180 Wanarpv6 - ok 18:43:32.0378 3180 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 18:43:32.0406 3180 WatAdminSvc - ok 18:43:32.0426 3180 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 18:43:32.0459 3180 wbengine - ok 18:43:32.0464 3180 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:43:32.0480 3180 WbioSrvc - ok 18:43:32.0486 3180 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:43:32.0505 3180 wcncsvc - ok 18:43:32.0508 3180 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:43:32.0519 3180 WcsPlugInService - ok 18:43:32.0522 3180 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 18:43:32.0530 3180 Wd - ok 18:43:32.0540 3180 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:43:32.0561 3180 Wdf01000 - ok 18:43:32.0564 3180 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:43:32.0580 3180 WdiServiceHost - ok 18:43:32.0583 3180 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:43:32.0596 3180 WdiSystemHost - ok 18:43:32.0601 3180 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 18:43:32.0618 3180 WebClient - ok 18:43:32.0623 3180 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:43:32.0651 3180 Wecsvc - ok 18:43:32.0654 3180 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:43:32.0678 3180 wercplsupport - ok 18:43:32.0681 3180 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 18:43:32.0706 3180 WerSvc - ok 18:43:32.0708 3180 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:43:32.0731 3180 WfpLwf - ok 18:43:32.0734 3180 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:43:32.0742 3180 WIMMount - ok 18:43:32.0744 3180 WinDefend - ok 18:43:32.0747 3180 WinHttpAutoProxySvc - ok 18:43:32.0756 3180 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:43:32.0818 3180 Winmgmt - ok 18:43:32.0851 3180 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 18:43:32.0917 3180 WinRM - ok 18:43:32.0923 3180 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 18:43:32.0936 3180 WinUsb - ok 18:43:32.0948 3180 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 18:43:32.0975 3180 Wlansvc - ok 18:43:32.0979 3180 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 18:43:32.0988 3180 wlcrasvc - ok 18:43:33.0016 3180 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:43:33.0050 3180 wlidsvc - ok 18:43:33.0053 3180 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 18:43:33.0063 3180 WmiAcpi - ok 18:43:33.0069 3180 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:43:33.0083 3180 wmiApSrv - ok 18:43:33.0085 3180 WMPNetworkSvc - ok 18:43:33.0088 3180 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:43:33.0099 3180 WPCSvc - ok 18:43:33.0103 3180 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:43:33.0117 3180 WPDBusEnum - ok 18:43:33.0119 3180 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:43:33.0143 3180 ws2ifsl - ok 18:43:33.0146 3180 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 18:43:33.0161 3180 wscsvc - ok 18:43:33.0163 3180 WSearch - ok 18:43:33.0193 3180 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 18:43:33.0242 3180 wuauserv - ok 18:43:33.0246 3180 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:43:33.0257 3180 WudfPf - ok 18:43:33.0261 3180 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:43:33.0273 3180 WUDFRd - ok 18:43:33.0276 3180 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:43:33.0287 3180 wudfsvc - ok 18:43:33.0292 3180 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 18:43:33.0310 3180 WwanSvc - ok 18:43:33.0312 3180 ================ Scan global =============================== 18:43:33.0314 3180 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 18:43:33.0319 3180 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 18:43:33.0325 3180 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 18:43:33.0328 3180 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 18:43:33.0335 3180 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 18:43:33.0337 3180 [Global] - ok 18:43:33.0337 3180 ================ Scan MBR ================================== 18:43:33.0339 3180 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:43:33.0447 3180 \Device\Harddisk0\DR0 - ok 18:43:33.0470 3180 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 18:43:33.0537 3180 \Device\Harddisk1\DR1 - ok 18:43:33.0537 3180 ================ Scan VBR ================================== 18:43:33.0540 3180 [ AB871585A2E09BA0F49F5A460A4B561E ] \Device\Harddisk0\DR0\Partition1 18:43:33.0541 3180 \Device\Harddisk0\DR0\Partition1 - ok 18:43:33.0544 3180 [ 0BB0EAEDB94E3BA8CD9318C82C7F6AF0 ] \Device\Harddisk1\DR1\Partition1 18:43:33.0545 3180 \Device\Harddisk1\DR1\Partition1 - ok 18:43:33.0546 3180 ============================================================ 18:43:33.0546 3180 Scan finished 18:43:33.0546 3180 ============================================================ 18:43:33.0552 5548 Detected object count: 4 18:43:33.0552 5548 Actual detected object count: 4 18:44:07.0319 5548 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 18:44:07.0320 5548 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:44:07.0322 5548 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 18:44:07.0322 5548 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:44:07.0323 5548 Marvell RAID ( UnsignedFile.Multi.Generic ) - skipped by user 18:44:07.0323 5548 Marvell RAID ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:44:07.0324 5548 MRUWebService ( UnsignedFile.Multi.Generic ) - skipped by user 18:44:07.0324 5548 MRUWebService ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
08.05.2013, 17:49
| #30 |
| /// Malware-holic | White Screen beim Starten von Windows 7 Passt. Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu White Screen beim Starten von Windows 7 |
| abgesicherten, anderen, angezeigt, beim starten, data, eingabeaufforderung, festplatte, festplatten, heute, hochfahren, icons, laufen, löschen, maus, modus, passwort, platte, schöne, screen, starten, taskmanager, wallpaper, white, windows, windows 7 |
WARNUNG an die MITLESER: 
Linear-Darstellung
