| |
| |||||||
Log-Analyse und Auswertung: Habe ich einen Virus ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
16.05.2013, 20:45
| #1 |
 |  Habe ich einen Virus ? Hallo, leider hat meine Freundin aus dem Netz eine Datei video.exe angeklickt. Die Seite war nicht wirklich vertrauenswürdig. Wir haben auf Ihrem PC zwar noch keine Probleme, jedoch würde ich euch bitten, mal einen Blick auf die Logs zu werfen. Ich danke schon mal im Voraus LG Jörg |
|
16.05.2013, 22:22
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Habe ich einen Virus ? Hallo,
__________________Zitat:
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?
__________________ |
|
17.05.2013, 06:13
| #3 |
| | Habe ich einen Virus ? Hallo,
__________________war auf dem Acer Laptop installiert. Wir haben zu Hause aber auch ein kleines Netzwerk. LG Jörg |
|
17.05.2013, 06:54
| #4 |
| | Habe ich einen Virus ? Malewarebytes hat etwas gefunden. Die Datei video.exe, unt diese wurde entfernt. Siehe Log Ist der PC jetz wieder sauber ? Danke! Lg Jörg |
|
17.05.2013, 10:40
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe ich einen Virus ? Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.05.2013, 12:44
| #6 |
| | Habe ich einen Virus ? Hier das Log: Combofix Logfile: Code:
ATTFilter ComboFix 13-05-16.02 - Sandra 17.05.2013 13:21:26.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.2973.1542 [GMT 2:00]
ausgeführt von:: c:\users\Sandra\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\Sandra\AppData\Roaming\MfKLNPvLp.exe
c:\users\Sandra\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Sandra\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-04-17 bis 2013-05-17 ))))))))))))))))))))))))))))))
.
.
2013-05-17 11:28 . 2013-05-17 11:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-17 11:16 . 2013-05-17 11:16 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys
2013-05-17 09:51 . 2012-06-11 16:53 770384 ----a-w- c:\program files\Mozilla Firefox\updated\msvcr100.dll
2013-05-17 09:51 . 2012-06-11 16:53 421200 ----a-w- c:\program files\Mozilla Firefox\updated\msvcp100.dll
2013-05-17 09:51 . 2013-05-17 09:52 920472 ----a-w- c:\program files\Mozilla Firefox\updated\firefox.exe
2013-05-17 09:51 . 2013-05-17 09:52 74136 ----a-w- c:\program files\Mozilla Firefox\updated\breakpadinjector.dll
2013-05-17 09:51 . 2013-05-17 09:52 279448 ----a-w- c:\program files\Mozilla Firefox\updated\freebl3.dll
2013-05-17 09:51 . 2013-05-17 09:52 19352 ----a-w- c:\program files\Mozilla Firefox\updated\AccessibleMarshal.dll
2013-05-17 09:51 . 2013-05-17 09:52 116120 ----a-w- c:\program files\Mozilla Firefox\updated\crashreporter.exe
2013-05-17 09:51 . 2012-03-28 12:46 2106216 ----a-w- c:\program files\Mozilla Firefox\updated\D3DCompiler_43.dll
2013-05-17 09:51 . 2012-01-23 14:17 143360 ----a-w- c:\program files\Mozilla Firefox\updated\BabyFox.dll
2013-05-17 05:50 . 2013-05-17 05:50 -------- d-----w- c:\program files\Common Files\Java
2013-05-17 05:19 . 2013-04-04 03:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-16 14:24 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\mpengine.dll
2013-05-15 13:57 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 11:28 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 11:28 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 11:28 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 11:28 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 11:28 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 11:27 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 11:27 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 11:27 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-14 19:58 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-29 18:06 . 2013-04-29 18:06 -------- d-----w- c:\windows\system32\SupportAppXL
2013-04-29 18:06 . 2013-04-29 18:12 -------- d-----w- c:\program files\MODEM Mobiler Anschluss
2013-04-24 12:28 . 2013-04-24 12:27 706640 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{951A51F1-628D-4EFA-887F-0E28A1C4EC9C}\gapaengine.dll
2013-04-24 12:22 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-18 20:13 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine(2).dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-14 19:56 . 2012-05-18 19:16 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-14 19:56 . 2012-01-20 19:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-06 15:57 . 2013-01-17 14:02 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-05-02 15:28 . 2011-11-05 10:01 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-25 08:50 . 2012-11-14 13:06 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-04-13 04:45 . 2013-05-15 11:28 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 11:28 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-04 12:50 . 2013-03-08 14:59 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-19 05:04 . 2013-04-10 09:18 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 09:18 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 09:18 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 09:18 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-08 18:21 . 2012-11-09 20:16 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-08 18:21 . 2012-11-09 20:16 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-18 16:33 . 2013-02-18 16:33 53248 ----a-r- c:\users\Sandra\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-04-12 16:40 . 2013-04-12 16:39 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="c:\program files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe" [2009-12-31 110592]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-10 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2009-07-20 484920]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-09-24 825864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-17 1565992]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-26 698912]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-09-15 206208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"DataCardMonitor"="c:\program files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe" [2012-01-06 253952]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2010-4-10 704032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 KinoniSvc;Kinoni Service;c:\program files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\McSACore.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 MpKslf7f30ce2;MpKslf7f30ce2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [x]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NETw5s32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 32-Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSLF7F30CE2
*Deregistered* - BMLoad
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 23:36 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-18 19:56]
.
2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-05 10:12]
.
2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-05 10:12]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.at/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=extensa_5635&r=27051111d506l0473z2i5i5741u495
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.10
TCP: Interfaces\{0055F8EE-D9A6-4CD6-986E-2B6E60A99052}: NameServer = 213.162.69.169 213.162.69.170
TCP: Interfaces\{5A8D70E7-C4E4-44C2-A11D-61244551D09F}: NameServer = 8.8.8.8,208.67.222.222
FF - ProfilePath - c:\users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\wla9cndx.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SiteRanker - c:\program files\SiteRanker\SiteRankTray.exe
AddRemove-{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1 - c:\program files\SiteRanker\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-17 13:30:09
ComboFix-quarantined-files.txt 2013-05-17 11:30
.
Vor Suchlauf: 9 Verzeichnis(se), 98.124.234.752 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 102.007.644.160 Bytes frei
.
- - End Of File - - F5805D7B99E8DC67C7E414532978B4DC
Danke! LG Jörg |
|
17.05.2013, 13:14
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe ich einen Virus ? Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2013, 14:05
| #8 |
| | Habe ich einen Virus ? hier der Logfile von aswMBR: aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2013-05-17 14:45:05 ----------------------------- 14:45:05.431 OS Version: Windows 6.1.7601 Service Pack 1 14:45:05.432 Number of processors: 2 586 0x170A 14:45:05.434 ComputerName: SANDRA-PC UserName: Sandra 14:45:06.322 Initialize success 14:47:04.208 AVAST engine defs: 13051700 14:47:17.523 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 14:47:17.533 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3 14:47:17.673 Disk 0 MBR read successfully 14:47:17.673 Disk 0 MBR scan 14:47:17.693 Disk 0 Windows 7 default MBR code 14:47:17.703 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 24576 MB offset 2048 14:47:17.733 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 50333696 14:47:17.763 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 142279 MB offset 50538496 14:47:17.803 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 138288 MB offset 341925888 14:47:17.823 Disk 0 scanning sectors +625139712 14:47:18.023 Disk 0 scanning C:\Windows\system32\drivers 14:47:38.716 Service scanning 14:48:02.006 Service MpKslf7f30ce2 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys **LOCKED** 32 14:48:40.735 Modules scanning 14:49:10.341 Disk 0 trace - called modules: 14:49:10.361 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys 14:49:10.361 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86849030] 14:49:10.371 3 CLASSPNP.SYS[8b38c59e] -> nt!IofCallDriver -> [0x85e4e630] 14:49:10.371 5 ACPI.sys[8acb83d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85a1e028] 14:49:11.351 AVAST engine scan C:\Windows 14:49:16.465 AVAST engine scan C:\Windows\system32 14:54:32.277 AVAST engine scan C:\Windows\system32\drivers 14:55:01.574 AVAST engine scan C:\Users\Sandra 14:58:44.721 Disk 0 MBR has been saved successfully to "C:\Users\Sandra\Desktop\MBR.dat" 14:58:44.733 The log file has been saved successfully to "C:\Users\Sandra\Desktop\aswMBR.txt" die anderen Beiden haben nichts gefunden. Danke! LG Jörg |
|
17.05.2013, 14:13
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe ich einen Virus ? Bitte meine Anleitungen richtig lesen! Die Logs sollten immer gepostet werden und das auch in CODE-Tags!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2013, 14:44
| #10 |
| | Habe ich einen Virus ? sorry .... Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.17.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Sandra :: SANDRA-PC [administrator]
17.05.2013 14:36:55
mbar-log-2013-05-17 (14-36-55).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29360
Time elapsed: 11 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-17 14:45:05
-----------------------------
14:45:05.431 OS Version: Windows 6.1.7601 Service Pack 1
14:45:05.432 Number of processors: 2 586 0x170A
14:45:05.434 ComputerName: SANDRA-PC UserName: Sandra
14:45:06.322 Initialize success
14:47:04.208 AVAST engine defs: 13051700
14:47:17.523 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:47:17.533 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
14:47:17.673 Disk 0 MBR read successfully
14:47:17.673 Disk 0 MBR scan
14:47:17.693 Disk 0 Windows 7 default MBR code
14:47:17.703 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 24576 MB offset 2048
14:47:17.733 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 50333696
14:47:17.763 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 142279 MB offset 50538496
14:47:17.803 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 138288 MB offset 341925888
14:47:17.823 Disk 0 scanning sectors +625139712
14:47:18.023 Disk 0 scanning C:\Windows\system32\drivers
14:47:38.716 Service scanning
14:48:02.006 Service MpKslf7f30ce2 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys **LOCKED** 32
14:48:40.735 Modules scanning
14:49:10.341 Disk 0 trace - called modules:
14:49:10.361 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
14:49:10.361 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86849030]
14:49:10.371 3 CLASSPNP.SYS[8b38c59e] -> nt!IofCallDriver -> [0x85e4e630]
14:49:10.371 5 ACPI.sys[8acb83d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85a1e028]
14:49:11.351 AVAST engine scan C:\Windows
14:49:16.465 AVAST engine scan C:\Windows\system32
14:54:32.277 AVAST engine scan C:\Windows\system32\drivers
14:55:01.574 AVAST engine scan C:\Users\Sandra
14:58:44.721 Disk 0 MBR has been saved successfully to "C:\Users\Sandra\Desktop\MBR.dat"
14:58:44.733 The log file has been saved successfully to "C:\Users\Sandra\Desktop\aswMBR.txt"
Code:
ATTFilter 15:42:12.0142 4944 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:42:12.0312 4944 ============================================================
15:42:12.0312 4944 Current date / time: 2013/05/17 15:42:12.0312
15:42:12.0312 4944 SystemInfo:
15:42:12.0312 4944
15:42:12.0312 4944 OS Version: 6.1.7601 ServicePack: 1.0
15:42:12.0312 4944 Product type: Workstation
15:42:12.0312 4944 ComputerName: SANDRA-PC
15:42:12.0313 4944 UserName: Sandra
15:42:12.0313 4944 Windows directory: C:\Windows
15:42:12.0313 4944 System windows directory: C:\Windows
15:42:12.0313 4944 Processor architecture: Intel x86
15:42:12.0313 4944 Number of processors: 2
15:42:12.0313 4944 Page size: 0x1000
15:42:12.0313 4944 Boot type: Normal boot
15:42:12.0313 4944 ============================================================
15:42:13.0170 4944 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:42:13.0184 4944 ============================================================
15:42:13.0184 4944 \Device\Harddisk0\DR0:
15:42:13.0185 4944 MBR partitions:
15:42:13.0185 4944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3000800, BlocksNum 0x32000
15:42:13.0185 4944 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3032800, BlocksNum 0x115E3800
15:42:13.0185 4944 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x14616000, BlocksNum 0x10E18000
15:42:13.0185 4944 ============================================================
15:42:13.0215 4944 C: <-> \Device\Harddisk0\DR0\Partition2
15:42:13.0252 4944 D: <-> \Device\Harddisk0\DR0\Partition3
15:42:13.0252 4944 ============================================================
15:42:13.0253 4944 Initialize success
15:42:13.0253 4944 ============================================================
15:42:16.0495 7724 ============================================================
15:42:16.0495 7724 Scan started
15:42:16.0495 7724 Mode: Manual;
15:42:16.0495 7724 ============================================================
15:42:16.0871 7724 ================ Scan system memory ========================
15:42:16.0872 7724 System memory - ok
15:42:16.0872 7724 ================ Scan services =============================
15:42:17.0084 7724 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:42:17.0086 7724 1394ohci - ok
15:42:17.0151 7724 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:42:17.0154 7724 ACPI - ok
15:42:17.0208 7724 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:42:17.0209 7724 AcpiPmi - ok
15:42:17.0322 7724 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:42:17.0324 7724 AdobeARMservice - ok
15:42:17.0427 7724 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:42:17.0431 7724 AdobeFlashPlayerUpdateSvc - ok
15:42:17.0487 7724 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:42:17.0492 7724 adp94xx - ok
15:42:17.0530 7724 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:42:17.0533 7724 adpahci - ok
15:42:17.0549 7724 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:42:17.0551 7724 adpu320 - ok
15:42:17.0588 7724 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:42:17.0589 7724 AeLookupSvc - ok
15:42:17.0630 7724 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:42:17.0634 7724 AFD - ok
15:42:17.0668 7724 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:42:17.0669 7724 agp440 - ok
15:42:17.0708 7724 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:42:17.0710 7724 aic78xx - ok
15:42:17.0750 7724 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:42:17.0751 7724 ALG - ok
15:42:17.0797 7724 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:42:17.0798 7724 aliide - ok
15:42:17.0815 7724 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:42:17.0816 7724 amdagp - ok
15:42:17.0834 7724 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:42:17.0835 7724 amdide - ok
15:42:17.0865 7724 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:42:17.0866 7724 AmdK8 - ok
15:42:17.0880 7724 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:42:17.0881 7724 AmdPPM - ok
15:42:17.0929 7724 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:42:17.0929 7724 amdsata - ok
15:42:17.0968 7724 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:42:17.0970 7724 amdsbs - ok
15:42:17.0984 7724 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:42:17.0984 7724 amdxata - ok
15:42:18.0026 7724 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:42:18.0027 7724 AppID - ok
15:42:18.0080 7724 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:42:18.0082 7724 AppIDSvc - ok
15:42:18.0113 7724 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
15:42:18.0113 7724 Appinfo - ok
15:42:18.0190 7724 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:42:18.0191 7724 Apple Mobile Device - ok
15:42:18.0239 7724 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:42:18.0240 7724 AppMgmt - ok
15:42:18.0282 7724 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:42:18.0283 7724 arc - ok
15:42:18.0292 7724 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:42:18.0293 7724 arcsas - ok
15:42:18.0414 7724 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:42:18.0415 7724 aspnet_state - ok
15:42:18.0435 7724 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:42:18.0436 7724 AsyncMac - ok
15:42:18.0495 7724 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:42:18.0496 7724 atapi - ok
15:42:18.0566 7724 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:42:18.0571 7724 AudioEndpointBuilder - ok
15:42:18.0599 7724 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:42:18.0604 7724 Audiosrv - ok
15:42:18.0668 7724 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
15:42:18.0669 7724 avgtp - ok
15:42:18.0712 7724 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:42:18.0714 7724 AxInstSV - ok
15:42:18.0771 7724 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:42:18.0776 7724 b06bdrv - ok
15:42:18.0814 7724 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:42:18.0817 7724 b57nd60x - ok
15:42:18.0898 7724 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
15:42:18.0899 7724 BcmSqlStartupSvc - ok
15:42:18.0942 7724 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:42:18.0944 7724 BDESVC - ok
15:42:18.0980 7724 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:42:18.0981 7724 Beep - ok
15:42:19.0055 7724 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:42:19.0061 7724 BFE - ok
15:42:19.0113 7724 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
15:42:19.0122 7724 BITS - ok
15:42:19.0149 7724 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:42:19.0150 7724 blbdrive - ok
15:42:19.0188 7724 [ D002033C1A37F6AF51B5F0BA6D0211BC ] BMLoad C:\Windows\system32\drivers\BMLoad.sys
15:42:19.0189 7724 BMLoad - ok
15:42:19.0261 7724 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:42:19.0265 7724 Bonjour Service - ok
15:42:19.0296 7724 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:42:19.0297 7724 bowser - ok
15:42:19.0314 7724 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:42:19.0315 7724 BrFiltLo - ok
15:42:19.0325 7724 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:42:19.0326 7724 BrFiltUp - ok
15:42:19.0365 7724 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:42:19.0367 7724 BridgeMP - ok
15:42:19.0410 7724 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:42:19.0412 7724 Browser - ok
15:42:19.0444 7724 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:42:19.0448 7724 Brserid - ok
15:42:19.0461 7724 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:42:19.0463 7724 BrSerWdm - ok
15:42:19.0482 7724 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:42:19.0483 7724 BrUsbMdm - ok
15:42:19.0501 7724 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:42:19.0502 7724 BrUsbSer - ok
15:42:19.0521 7724 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:42:19.0522 7724 BTHMODEM - ok
15:42:19.0567 7724 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:42:19.0568 7724 bthserv - ok
15:42:19.0837 7724 catchme - ok
15:42:19.0994 7724 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:42:19.0996 7724 cdfs - ok
15:42:20.0044 7724 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:42:20.0046 7724 cdrom - ok
15:42:20.0089 7724 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:42:20.0091 7724 CertPropSvc - ok
15:42:20.0106 7724 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:42:20.0107 7724 circlass - ok
15:42:20.0133 7724 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:42:20.0135 7724 CLFS - ok
15:42:20.0256 7724 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:42:20.0258 7724 clr_optimization_v2.0.50727_32 - ok
15:42:20.0354 7724 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:42:20.0356 7724 clr_optimization_v4.0.30319_32 - ok
15:42:20.0382 7724 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:42:20.0383 7724 CmBatt - ok
15:42:20.0417 7724 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:42:20.0418 7724 cmdide - ok
15:42:20.0454 7724 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
15:42:20.0458 7724 CNG - ok
15:42:20.0536 7724 [ 720A32C2D7BE2F21C1213A2EC9C16CDD ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
15:42:20.0541 7724 CnxtHdAudService - ok
15:42:20.0582 7724 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:42:20.0583 7724 Compbatt - ok
15:42:20.0632 7724 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:42:20.0633 7724 CompositeBus - ok
15:42:20.0647 7724 COMSysApp - ok
15:42:20.0672 7724 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:42:20.0672 7724 crcdisk - ok
15:42:20.0710 7724 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:42:20.0711 7724 CryptSvc - ok
15:42:20.0747 7724 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
15:42:20.0752 7724 CSC - ok
15:42:20.0801 7724 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
15:42:20.0805 7724 CscService - ok
15:42:20.0828 7724 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:42:20.0832 7724 DcomLaunch - ok
15:42:20.0861 7724 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:42:20.0863 7724 defragsvc - ok
15:42:20.0912 7724 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:42:20.0912 7724 DfsC - ok
15:42:20.0969 7724 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:42:20.0971 7724 Dhcp - ok
15:42:20.0994 7724 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:42:20.0995 7724 discache - ok
15:42:21.0025 7724 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:42:21.0026 7724 Disk - ok
15:42:21.0081 7724 [ C701324C9E0C25DD9D60311BD87FBC84 ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
15:42:21.0082 7724 DKbFltr - ok
15:42:21.0119 7724 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:42:21.0121 7724 Dnscache - ok
15:42:21.0164 7724 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:42:21.0167 7724 dot3svc - ok
15:42:21.0209 7724 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:42:21.0211 7724 DPS - ok
15:42:21.0241 7724 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:42:21.0242 7724 drmkaud - ok
15:42:21.0296 7724 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:42:21.0302 7724 DXGKrnl - ok
15:42:21.0330 7724 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:42:21.0332 7724 EapHost - ok
15:42:21.0421 7724 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:42:21.0443 7724 ebdrv - ok
15:42:21.0488 7724 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:42:21.0490 7724 EFS - ok
15:42:21.0565 7724 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:42:21.0571 7724 ehRecvr - ok
15:42:21.0612 7724 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:42:21.0613 7724 ehSched - ok
15:42:21.0683 7724 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:42:21.0688 7724 elxstor - ok
15:42:21.0773 7724 [ C8505E1FD7FC441B933D3B0C29EE0F5D ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
15:42:21.0779 7724 ePowerSvc - ok
15:42:21.0804 7724 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:42:21.0805 7724 ErrDev - ok
15:42:21.0855 7724 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:42:21.0858 7724 EventSystem - ok
15:42:21.0931 7724 [ 7C18A6C99F4119D361A5CA028E788648 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
15:42:21.0934 7724 ewusbnet - ok
15:42:21.0954 7724 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:42:21.0957 7724 exfat - ok
15:42:21.0984 7724 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:42:21.0987 7724 fastfat - ok
15:42:22.0049 7724 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:42:22.0059 7724 Fax - ok
15:42:22.0072 7724 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:42:22.0073 7724 fdc - ok
15:42:22.0102 7724 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:42:22.0103 7724 fdPHost - ok
15:42:22.0114 7724 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:42:22.0116 7724 FDResPub - ok
15:42:22.0141 7724 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:42:22.0142 7724 FileInfo - ok
15:42:22.0158 7724 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:42:22.0159 7724 Filetrace - ok
15:42:22.0290 7724 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
15:42:22.0305 7724 FirebirdServerMAGIXInstance - ok
15:42:22.0342 7724 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:42:22.0342 7724 flpydisk - ok
15:42:22.0376 7724 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:42:22.0378 7724 FltMgr - ok
15:42:22.0435 7724 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
15:42:22.0445 7724 FontCache - ok
15:42:22.0497 7724 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:42:22.0498 7724 FontCache3.0.0.0 - ok
15:42:22.0518 7724 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:42:22.0519 7724 FsDepends - ok
15:42:22.0553 7724 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:42:22.0554 7724 Fs_Rec - ok
15:42:22.0611 7724 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:42:22.0613 7724 fvevol - ok
15:42:22.0660 7724 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:42:22.0661 7724 gagp30kx - ok
15:42:22.0695 7724 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:42:22.0695 7724 GEARAspiWDM - ok
15:42:22.0746 7724 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:42:22.0752 7724 gpsvc - ok
15:42:22.0822 7724 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files\Acer\Registration\GREGsvc.exe
15:42:22.0822 7724 GREGService - ok
15:42:22.0881 7724 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:42:22.0883 7724 gupdate - ok
15:42:22.0902 7724 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:42:22.0904 7724 gupdatem - ok
15:42:22.0984 7724 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:42:22.0987 7724 gusvc - ok
15:42:23.0014 7724 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:42:23.0015 7724 hcw85cir - ok
15:42:23.0067 7724 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:42:23.0070 7724 HdAudAddService - ok
15:42:23.0102 7724 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:42:23.0104 7724 HDAudBus - ok
15:42:23.0123 7724 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:42:23.0124 7724 HidBatt - ok
15:42:23.0147 7724 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:42:23.0148 7724 HidBth - ok
15:42:23.0176 7724 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:42:23.0176 7724 HidIr - ok
15:42:23.0221 7724 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
15:42:23.0222 7724 hidserv - ok
15:42:23.0285 7724 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:42:23.0286 7724 HidUsb - ok
15:42:23.0320 7724 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:42:23.0322 7724 hkmsvc - ok
15:42:23.0353 7724 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:42:23.0356 7724 HomeGroupListener - ok
15:42:23.0394 7724 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:42:23.0397 7724 HomeGroupProvider - ok
15:42:23.0429 7724 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:42:23.0430 7724 HpSAMD - ok
15:42:23.0483 7724 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:42:23.0486 7724 HTTP - ok
15:42:23.0542 7724 [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:42:23.0544 7724 hwdatacard - ok
15:42:23.0590 7724 [ DE3FF0AB0C551D7E00E250E81169996A ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO32.SYS
15:42:23.0590 7724 HWiNFO32 - ok
15:42:23.0621 7724 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:42:23.0622 7724 hwpolicy - ok
15:42:23.0672 7724 [ A259D3619AA23D4562581067F85E2006 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
15:42:23.0673 7724 hwusbdev - ok
15:42:23.0737 7724 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:42:23.0739 7724 i8042prt - ok
15:42:23.0796 7724 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:42:23.0799 7724 IAANTMON - ok
15:42:23.0836 7724 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:42:23.0839 7724 iaStor - ok
15:42:23.0886 7724 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:42:23.0889 7724 iaStorV - ok
15:42:23.0956 7724 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:42:23.0963 7724 idsvc - ok
15:42:24.0185 7724 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:42:24.0238 7724 igfx - ok
15:42:24.0286 7724 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:42:24.0287 7724 iirsp - ok
15:42:24.0349 7724 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:42:24.0357 7724 IKEEXT - ok
15:42:24.0389 7724 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:42:24.0390 7724 intelide - ok
15:42:24.0411 7724 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:42:24.0411 7724 intelppm - ok
15:42:24.0446 7724 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:42:24.0447 7724 IPBusEnum - ok
15:42:24.0456 7724 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:42:24.0456 7724 IpFilterDriver - ok
15:42:24.0498 7724 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:42:24.0503 7724 iphlpsvc - ok
15:42:24.0539 7724 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:42:24.0540 7724 IPMIDRV - ok
15:42:24.0560 7724 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:42:24.0561 7724 IPNAT - ok
15:42:24.0617 7724 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:42:24.0626 7724 iPod Service - ok
15:42:24.0649 7724 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:42:24.0650 7724 IRENUM - ok
15:42:24.0687 7724 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:42:24.0688 7724 isapnp - ok
15:42:24.0715 7724 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:42:24.0717 7724 iScsiPrt - ok
15:42:24.0793 7724 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:42:24.0794 7724 IviRegMgr - ok
15:42:24.0839 7724 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:42:24.0841 7724 kbdclass - ok
15:42:24.0878 7724 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:42:24.0880 7724 kbdhid - ok
15:42:24.0899 7724 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:42:24.0902 7724 KeyIso - ok
15:42:25.0000 7724 [ EDF96FDBA037497E5D4B8A7BA8A1A4B8 ] KinoniSvc C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
15:42:25.0005 7724 KinoniSvc - ok
15:42:25.0036 7724 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:42:25.0038 7724 KSecDD - ok
15:42:25.0080 7724 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:42:25.0082 7724 KSecPkg - ok
15:42:25.0125 7724 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:42:25.0131 7724 KtmRm - ok
15:42:25.0187 7724 [ 3705B2273E8EFC9A707864AB7324B614 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
15:42:25.0188 7724 L1C - ok
15:42:25.0207 7724 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
15:42:25.0213 7724 LanmanServer - ok
15:42:25.0251 7724 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:42:25.0254 7724 LanmanWorkstation - ok
15:42:25.0292 7724 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:42:25.0292 7724 lltdio - ok
15:42:25.0332 7724 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:42:25.0335 7724 lltdsvc - ok
15:42:25.0353 7724 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:42:25.0355 7724 lmhosts - ok
15:42:25.0385 7724 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:42:25.0386 7724 LSI_FC - ok
15:42:25.0423 7724 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:42:25.0424 7724 LSI_SAS - ok
15:42:25.0444 7724 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:42:25.0445 7724 LSI_SAS2 - ok
15:42:25.0473 7724 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:42:25.0474 7724 LSI_SCSI - ok
15:42:25.0509 7724 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:42:25.0511 7724 luafv - ok
15:42:25.0560 7724 [ BA1347822D01B2D29C14CF09663A6457 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
15:42:25.0564 7724 LVRS - ok
15:42:25.0711 7724 [ E2C99D3B692BA2173114C9DF79313B70 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
15:42:25.0753 7724 LVUVC - ok
15:42:25.0818 7724 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:42:25.0819 7724 MBAMProtector - ok
15:42:25.0882 7724 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:42:25.0886 7724 MBAMScheduler - ok
15:42:25.0934 7724 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:42:25.0938 7724 MBAMService - ok
15:42:26.0047 7724 [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\progra~1\mcafee\sitead~1\McSACore.exe
15:42:26.0048 7724 McAfee SiteAdvisor Service - ok
15:42:26.0092 7724 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:42:26.0096 7724 Mcx2Svc - ok
15:42:26.0119 7724 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:42:26.0121 7724 megasas - ok
15:42:26.0148 7724 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:42:26.0151 7724 MegaSR - ok
15:42:26.0183 7724 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:42:26.0186 7724 MMCSS - ok
15:42:26.0201 7724 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:42:26.0202 7724 Modem - ok
15:42:26.0223 7724 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:42:26.0225 7724 monitor - ok
15:42:26.0259 7724 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:42:26.0260 7724 mouclass - ok
15:42:26.0301 7724 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:42:26.0302 7724 mouhid - ok
15:42:26.0332 7724 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:42:26.0333 7724 mountmgr - ok
15:42:26.0404 7724 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:42:26.0406 7724 MozillaMaintenance - ok
15:42:26.0468 7724 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:42:26.0471 7724 MpFilter - ok
15:42:26.0489 7724 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:42:26.0491 7724 mpio - ok
15:42:26.0636 7724 [ A69630D039C38018689190234F866D77 ] MpKslf7f30ce2 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys
15:42:26.0637 7724 MpKslf7f30ce2 - ok
15:42:26.0668 7724 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:42:26.0669 7724 mpsdrv - ok
15:42:26.0724 7724 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:42:26.0732 7724 MpsSvc - ok
15:42:26.0774 7724 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:42:26.0776 7724 MRxDAV - ok
15:42:26.0826 7724 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:42:26.0827 7724 mrxsmb - ok
15:42:26.0850 7724 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:42:26.0853 7724 mrxsmb10 - ok
15:42:26.0871 7724 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:42:26.0873 7724 mrxsmb20 - ok
15:42:26.0904 7724 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:42:26.0906 7724 msahci - ok
15:42:26.0984 7724 [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe
15:42:26.0986 7724 MSCamSvc - ok
15:42:27.0030 7724 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:42:27.0032 7724 msdsm - ok
15:42:27.0050 7724 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:42:27.0054 7724 MSDTC - ok
15:42:27.0098 7724 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:42:27.0098 7724 Msfs - ok
15:42:27.0114 7724 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:42:27.0115 7724 mshidkmdf - ok
15:42:27.0173 7724 [ 5119FFC2A6B51089CDB0EFDC75808C97 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
15:42:27.0174 7724 MSHUSBVideo - ok
15:42:27.0201 7724 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:42:27.0202 7724 msisadrv - ok
15:42:27.0256 7724 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:42:27.0260 7724 MSiSCSI - ok
15:42:27.0267 7724 msiserver - ok
15:42:27.0312 7724 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:42:27.0313 7724 MSKSSRV - ok
15:42:27.0386 7724 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:42:27.0387 7724 MsMpSvc - ok
15:42:27.0405 7724 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:42:27.0406 7724 MSPCLOCK - ok
15:42:27.0436 7724 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:42:27.0437 7724 MSPQM - ok
15:42:27.0450 7724 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:42:27.0453 7724 MsRPC - ok
15:42:27.0492 7724 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:42:27.0493 7724 mssmbios - ok
15:42:27.0559 7724 MSSQL$MSSMLBIZ - ok
15:42:27.0590 7724 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:42:27.0591 7724 MSSQLServerADHelper - ok
15:42:27.0621 7724 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:42:27.0622 7724 MSTEE - ok
15:42:27.0635 7724 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:42:27.0635 7724 MTConfig - ok
15:42:27.0651 7724 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:42:27.0652 7724 Mup - ok
15:42:27.0693 7724 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:42:27.0697 7724 napagent - ok
15:42:27.0744 7724 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:42:27.0746 7724 NativeWifiP - ok
15:42:27.0792 7724 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:42:27.0797 7724 NDIS - ok
15:42:27.0818 7724 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:42:27.0818 7724 NdisCap - ok
15:42:27.0847 7724 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:42:27.0848 7724 NdisTapi - ok
15:42:27.0883 7724 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:42:27.0883 7724 Ndisuio - ok
15:42:27.0921 7724 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:27.0923 7724 NdisWan - ok
15:42:27.0958 7724 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:42:27.0959 7724 NDProxy - ok
15:42:28.0006 7724 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
15:42:28.0007 7724 Netaapl - ok
15:42:28.0056 7724 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:42:28.0057 7724 NetBIOS - ok
15:42:28.0087 7724 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:42:28.0089 7724 NetBT - ok
15:42:28.0099 7724 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:42:28.0102 7724 Netlogon - ok
15:42:28.0153 7724 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:42:28.0159 7724 Netman - ok
15:42:28.0212 7724 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:42:28.0214 7724 NetMsmqActivator - ok
15:42:28.0222 7724 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:42:28.0224 7724 NetPipeActivator - ok
15:42:28.0257 7724 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:42:28.0261 7724 netprofm - ok
15:42:28.0269 7724 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:42:28.0271 7724 NetTcpActivator - ok
15:42:28.0278 7724 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:42:28.0280 7724 NetTcpPortSharing - ok
15:42:28.0460 7724 [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
15:42:28.0519 7724 NETw5s32 - ok
15:42:28.0642 7724 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
15:42:28.0667 7724 netw5v32 - ok
15:42:28.0699 7724 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:42:28.0700 7724 nfrd960 - ok
15:42:28.0731 7724 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:42:28.0732 7724 NisDrv - ok
15:42:28.0763 7724 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
15:42:28.0765 7724 NisSrv - ok
15:42:28.0797 7724 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:42:28.0800 7724 NlaSvc - ok
15:42:28.0827 7724 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:42:28.0828 7724 Npfs - ok
15:42:28.0847 7724 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:42:28.0849 7724 nsi - ok
15:42:28.0865 7724 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:42:28.0866 7724 nsiproxy - ok
15:42:28.0931 7724 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:42:28.0941 7724 Ntfs - ok
15:42:29.0030 7724 [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:42:29.0031 7724 NTIBackupSvc - ok
15:42:29.0078 7724 [ 94E08DCC43F46471D96953E712B6D82B ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
15:42:29.0078 7724 NTIDrvr - ok
15:42:29.0090 7724 [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:42:29.0092 7724 NTISchedulerSvc - ok
15:42:29.0120 7724 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:42:29.0121 7724 Null - ok
15:42:29.0132 7724 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:42:29.0133 7724 nvraid - ok
15:42:29.0171 7724 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:42:29.0172 7724 nvstor - ok
15:42:29.0216 7724 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:42:29.0218 7724 nv_agp - ok
15:42:29.0307 7724 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:42:29.0312 7724 odserv - ok
15:42:29.0345 7724 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:42:29.0347 7724 ohci1394 - ok
15:42:29.0393 7724 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:42:29.0395 7724 ose - ok
15:42:29.0441 7724 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:42:29.0445 7724 p2pimsvc - ok
15:42:29.0464 7724 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:42:29.0467 7724 p2psvc - ok
15:42:29.0499 7724 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:42:29.0500 7724 Parport - ok
15:42:29.0534 7724 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:42:29.0535 7724 partmgr - ok
15:42:29.0549 7724 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:42:29.0550 7724 Parvdm - ok
15:42:29.0584 7724 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:42:29.0587 7724 PcaSvc - ok
15:42:29.0624 7724 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:42:29.0626 7724 pci - ok
15:42:29.0667 7724 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:42:29.0668 7724 pciide - ok
15:42:29.0698 7724 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:42:29.0700 7724 pcmcia - ok
15:42:29.0713 7724 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:42:29.0713 7724 pcw - ok
15:42:29.0741 7724 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:42:29.0747 7724 PEAUTH - ok
15:42:29.0798 7724 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:42:29.0806 7724 PeerDistSvc - ok
15:42:29.0890 7724 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:42:29.0902 7724 pla - ok
15:42:29.0948 7724 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:42:29.0954 7724 PlugPlay - ok
15:42:29.0991 7724 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:42:29.0993 7724 PNRPAutoReg - ok
15:42:30.0008 7724 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:42:30.0011 7724 PNRPsvc - ok
15:42:30.0056 7724 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:42:30.0062 7724 PolicyAgent - ok
15:42:30.0105 7724 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:42:30.0108 7724 Power - ok
15:42:30.0141 7724 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:42:30.0142 7724 PptpMiniport - ok
15:42:30.0161 7724 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:42:30.0162 7724 Processor - ok
15:42:30.0200 7724 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:42:30.0203 7724 ProfSvc - ok
15:42:30.0208 7724 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:42:30.0211 7724 ProtectedStorage - ok
15:42:30.0232 7724 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:42:30.0233 7724 Psched - ok
15:42:30.0268 7724 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
15:42:30.0271 7724 PSI_SVC_2 - ok
15:42:30.0314 7724 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:42:30.0323 7724 ql2300 - ok
15:42:30.0340 7724 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:42:30.0341 7724 ql40xx - ok
15:42:30.0377 7724 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:42:30.0382 7724 QWAVE - ok
15:42:30.0415 7724 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:42:30.0416 7724 QWAVEdrv - ok
15:42:30.0435 7724 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:42:30.0436 7724 RasAcd - ok
15:42:30.0488 7724 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:42:30.0489 7724 RasAgileVpn - ok
15:42:30.0519 7724 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:42:30.0524 7724 RasAuto - ok
15:42:30.0542 7724 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:42:30.0544 7724 Rasl2tp - ok
15:42:30.0606 7724 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:42:30.0613 7724 RasMan - ok
15:42:30.0626 7724 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:42:30.0628 7724 RasPppoe - ok
15:42:30.0655 7724 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:42:30.0656 7724 RasSstp - ok
15:42:30.0691 7724 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:42:30.0693 7724 rdbss - ok
15:42:30.0702 7724 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:42:30.0703 7724 rdpbus - ok
15:42:30.0733 7724 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:42:30.0734 7724 RDPCDD - ok
15:42:30.0766 7724 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:42:30.0767 7724 RDPDR - ok
15:42:30.0796 7724 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:42:30.0797 7724 RDPENCDD - ok
15:42:30.0811 7724 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:42:30.0811 7724 RDPREFMP - ok
15:42:30.0848 7724 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:42:30.0849 7724 RDPWD - ok
15:42:30.0898 7724 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:42:30.0899 7724 rdyboost - ok
15:42:30.0931 7724 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
15:42:30.0932 7724 regi - ok
15:42:30.0960 7724 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:42:30.0962 7724 RemoteAccess - ok
15:42:30.0990 7724 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:42:30.0993 7724 RemoteRegistry - ok
15:42:31.0030 7724 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
15:42:31.0031 7724 RimUsb - ok
15:42:31.0065 7724 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:42:31.0067 7724 RpcEptMapper - ok
15:42:31.0103 7724 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:42:31.0105 7724 RpcLocator - ok
15:42:31.0150 7724 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:42:31.0154 7724 RpcSs - ok
15:42:31.0187 7724 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:42:31.0188 7724 rspndr - ok
15:42:31.0226 7724 [ 96F8DD546677AA5102150ACC140377B3 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:42:31.0228 7724 RSUSBSTOR - ok
15:42:31.0279 7724 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
15:42:31.0281 7724 RS_Service - ok
15:42:31.0289 7724 RtsUIR - ok
15:42:31.0334 7724 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:42:31.0335 7724 s3cap - ok
15:42:31.0344 7724 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:42:31.0347 7724 SamSs - ok
15:42:31.0407 7724 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:42:31.0409 7724 sbp2port - ok
15:42:31.0439 7724 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:42:31.0444 7724 SCardSvr - ok
15:42:31.0483 7724 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:42:31.0485 7724 scfilter - ok
15:42:31.0536 7724 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:42:31.0548 7724 Schedule - ok
15:42:31.0600 7724 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:42:31.0601 7724 SCPolicySvc - ok
15:42:31.0640 7724 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:42:31.0645 7724 SDRSVC - ok
15:42:31.0690 7724 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:42:31.0690 7724 secdrv - ok
15:42:31.0723 7724 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:42:31.0727 7724 seclogon - ok
15:42:31.0758 7724 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
15:42:31.0762 7724 SENS - ok
15:42:31.0786 7724 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:42:31.0790 7724 SensrSvc - ok
15:42:31.0796 7724 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:42:31.0797 7724 Serenum - ok
15:42:31.0813 7724 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:42:31.0814 7724 Serial - ok
15:42:31.0853 7724 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:42:31.0854 7724 sermouse - ok
15:42:31.0895 7724 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:42:31.0898 7724 SessionEnv - ok
15:42:31.0933 7724 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:42:31.0934 7724 sffdisk - ok
15:42:31.0945 7724 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:42:31.0945 7724 sffp_mmc - ok
15:42:31.0953 7724 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:42:31.0954 7724 sffp_sd - ok
15:42:31.0980 7724 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:42:31.0980 7724 sfloppy - ok
15:42:32.0027 7724 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:42:32.0030 7724 SharedAccess - ok
15:42:32.0077 7724 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:42:32.0081 7724 ShellHWDetection - ok
15:42:32.0102 7724 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:42:32.0102 7724 sisagp - ok
15:42:32.0130 7724 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:42:32.0131 7724 SiSRaid2 - ok
15:42:32.0141 7724 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:42:32.0142 7724 SiSRaid4 - ok
15:42:32.0196 7724 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:42:32.0197 7724 SkypeUpdate - ok
15:42:32.0228 7724 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:42:32.0229 7724 Smb - ok
15:42:32.0288 7724 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:42:32.0290 7724 SNMPTRAP - ok
15:42:32.0319 7724 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:42:32.0320 7724 spldr - ok
15:42:32.0369 7724 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:42:32.0373 7724 Spooler - ok
15:42:32.0484 7724 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:42:32.0511 7724 sppsvc - ok
15:42:32.0539 7724 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:42:32.0542 7724 sppuinotify - ok
15:42:32.0582 7724 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:42:32.0584 7724 SQLBrowser - ok
15:42:32.0614 7724 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:42:32.0615 7724 SQLWriter - ok
15:42:32.0658 7724 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:42:32.0662 7724 srv - ok
15:42:32.0689 7724 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:42:32.0693 7724 srv2 - ok
15:42:32.0716 7724 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:42:32.0718 7724 srvnet - ok
15:42:32.0750 7724 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:42:32.0756 7724 SSDPSRV - ok
15:42:32.0767 7724 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:42:32.0773 7724 SstpSvc - ok
15:42:32.0797 7724 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:42:32.0797 7724 stexstor - ok
15:42:32.0849 7724 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:42:32.0858 7724 StiSvc - ok
15:42:32.0895 7724 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:42:32.0896 7724 storflt - ok
15:42:32.0927 7724 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
15:42:32.0930 7724 StorSvc - ok
15:42:32.0945 7724 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:42:32.0946 7724 storvsc - ok
15:42:32.0973 7724 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:42:32.0973 7724 swenum - ok
15:42:32.0993 7724 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:42:32.0997 7724 swprv - ok
15:42:33.0029 7724 [ 85AA36B9C4C07CABC1B4E57E11E60E24 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:42:33.0030 7724 SynTP - ok
15:42:33.0083 7724 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:42:33.0092 7724 SysMain - ok
15:42:33.0128 7724 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:42:33.0131 7724 TabletInputService - ok
15:42:33.0166 7724 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:42:33.0170 7724 TapiSrv - ok
15:42:33.0202 7724 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:42:33.0204 7724 TBS - ok
15:42:33.0258 7724 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:42:33.0266 7724 Tcpip - ok
15:42:33.0314 7724 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:42:33.0322 7724 TCPIP6 - ok
15:42:33.0367 7724 [ DCFEB82CA988598CEB8F83148616038E ] tcpipBM C:\Windows\system32\drivers\tcpipBM.sys
15:42:33.0367 7724 tcpipBM - ok
15:42:33.0403 7724 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:42:33.0403 7724 tcpipreg - ok
15:42:33.0450 7724 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:42:33.0451 7724 TDPIPE - ok
15:42:33.0469 7724 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:42:33.0470 7724 TDTCP - ok
15:42:33.0509 7724 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:42:33.0510 7724 tdx - ok
15:42:33.0616 7724 [ 01A402D34732CA3DA91786ADCC765069 ] TeamViewer6 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
15:42:33.0631 7724 TeamViewer6 - ok
15:42:33.0663 7724 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:42:33.0664 7724 TermDD - ok
15:42:33.0712 7724 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:42:33.0721 7724 TermService - ok
15:42:33.0754 7724 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:42:33.0756 7724 Themes - ok
15:42:33.0772 7724 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:42:33.0774 7724 THREADORDER - ok
15:42:33.0807 7724 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:42:33.0810 7724 TrkWks - ok
15:42:33.0866 7724 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:42:33.0869 7724 TrustedInstaller - ok
15:42:33.0904 7724 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:42:33.0906 7724 tssecsrv - ok
15:42:33.0956 7724 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:42:33.0958 7724 TsUsbFlt - ok
15:42:34.0006 7724 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:42:34.0007 7724 tunnel - ok
15:42:34.0034 7724 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:42:34.0035 7724 uagp35 - ok
15:42:34.0069 7724 [ 91096BD971BF7C1C4CA58C1CE594BB24 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
15:42:34.0070 7724 UBHelper - ok
15:42:34.0110 7724 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:42:34.0113 7724 udfs - ok
15:42:34.0157 7724 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:42:34.0162 7724 UI0Detect - ok
15:42:34.0205 7724 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:42:34.0207 7724 uliagpkx - ok
15:42:34.0248 7724 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
15:42:34.0249 7724 umbus - ok
15:42:34.0281 7724 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:42:34.0282 7724 UmPass - ok
15:42:34.0324 7724 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
15:42:34.0330 7724 UmRdpService - ok
15:42:34.0415 7724 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:42:34.0418 7724 Updater Service - ok
15:42:34.0464 7724 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:42:34.0471 7724 upnphost - ok
15:42:34.0515 7724 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
15:42:34.0516 7724 USBAAPL - ok
15:42:34.0563 7724 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:42:34.0565 7724 usbaudio - ok
15:42:34.0604 7724 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:42:34.0605 7724 usbccgp - ok
15:42:34.0610 7724 USBCCID - ok
15:42:34.0649 7724 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:42:34.0650 7724 usbcir - ok
15:42:34.0675 7724 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:42:34.0675 7724 usbehci - ok
15:42:34.0699 7724 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:42:34.0701 7724 usbhub - ok
15:42:34.0737 7724 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:42:34.0737 7724 usbohci - ok
15:42:34.0772 7724 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:42:34.0772 7724 usbprint - ok
15:42:34.0811 7724 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:42:34.0812 7724 USBSTOR - ok
15:42:34.0851 7724 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:42:34.0852 7724 usbuhci - ok
15:42:34.0897 7724 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:42:34.0899 7724 usbvideo - ok
15:42:34.0919 7724 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:42:34.0923 7724 UxSms - ok
15:42:34.0944 7724 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:42:34.0946 7724 VaultSvc - ok
15:42:34.0984 7724 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:42:34.0985 7724 vdrvroot - ok
15:42:35.0038 7724 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:42:35.0047 7724 vds - ok
15:42:35.0078 7724 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:42:35.0079 7724 vga - ok
15:42:35.0094 7724 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:42:35.0095 7724 VgaSave - ok
15:42:35.0131 7724 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:42:35.0133 7724 vhdmp - ok
15:42:35.0163 7724 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:42:35.0163 7724 viaagp - ok
15:42:35.0174 7724 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:42:35.0175 7724 ViaC7 - ok
15:42:35.0214 7724 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:42:35.0214 7724 viaide - ok
15:42:35.0247 7724 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:42:35.0248 7724 vmbus - ok
15:42:35.0281 7724 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:42:35.0282 7724 VMBusHID - ok
15:42:35.0298 7724 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:42:35.0299 7724 volmgr - ok
15:42:35.0316 7724 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:42:35.0318 7724 volmgrx - ok
15:42:35.0335 7724 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:42:35.0337 7724 volsnap - ok
15:42:35.0374 7724 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:42:35.0376 7724 vsmraid - ok
15:42:35.0429 7724 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:42:35.0444 7724 VSS - ok
15:42:35.0568 7724 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
15:42:35.0573 7724 vToolbarUpdater13.2.0 - ok
15:42:35.0593 7724 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:42:35.0594 7724 vwifibus - ok
15:42:35.0613 7724 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:42:35.0614 7724 vwififlt - ok
15:42:35.0655 7724 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:42:35.0656 7724 vwifimp - ok
15:42:35.0689 7724 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:42:35.0693 7724 W32Time - ok
15:42:35.0710 7724 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:42:35.0711 7724 WacomPen - ok
15:42:35.0751 7724 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:42:35.0752 7724 WANARP - ok
15:42:35.0757 7724 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:42:35.0758 7724 Wanarpv6 - ok
15:42:35.0828 7724 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:42:35.0836 7724 WatAdminSvc - ok
15:42:35.0889 7724 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:42:35.0899 7724 wbengine - ok
15:42:35.0937 7724 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:42:35.0941 7724 WbioSrvc - ok
15:42:35.0982 7724 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:42:35.0986 7724 wcncsvc - ok
15:42:35.0996 7724 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:42:35.0999 7724 WcsPlugInService - ok
15:42:36.0018 7724 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:42:36.0019 7724 Wd - ok
15:42:36.0050 7724 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:42:36.0054 7724 Wdf01000 - ok
15:42:36.0076 7724 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:42:36.0080 7724 WdiServiceHost - ok
15:42:36.0084 7724 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:42:36.0087 7724 WdiSystemHost - ok
15:42:36.0119 7724 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:42:36.0123 7724 WebClient - ok
15:42:36.0145 7724 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:42:36.0149 7724 Wecsvc - ok
15:42:36.0161 7724 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:42:36.0164 7724 wercplsupport - ok
15:42:36.0204 7724 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:42:36.0207 7724 WerSvc - ok
15:42:36.0237 7724 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:42:36.0238 7724 WfpLwf - ok
15:42:36.0268 7724 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:42:36.0270 7724 WIMMount - ok
15:42:36.0354 7724 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:42:36.0361 7724 WinDefend - ok
15:42:36.0375 7724 WinHttpAutoProxySvc - ok
15:42:36.0456 7724 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:42:36.0459 7724 Winmgmt - ok
15:42:36.0517 7724 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:42:36.0530 7724 WinRM - ok
15:42:36.0592 7724 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:42:36.0593 7724 WinUsb - ok
15:42:36.0640 7724 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:42:36.0649 7724 Wlansvc - ok
15:42:36.0697 7724 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:42:36.0698 7724 WmiAcpi - ok
15:42:36.0730 7724 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:42:36.0732 7724 wmiApSrv - ok
15:42:36.0820 7724 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:42:36.0832 7724 WMPNetworkSvc - ok
15:42:36.0864 7724 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:42:36.0869 7724 WPCSvc - ok
15:42:36.0910 7724 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:42:36.0916 7724 WPDBusEnum - ok
15:42:36.0944 7724 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:42:36.0945 7724 ws2ifsl - ok
15:42:36.0962 7724 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
15:42:36.0967 7724 wscsvc - ok
15:42:36.0975 7724 WSearch - ok
15:42:37.0043 7724 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:42:37.0058 7724 wuauserv - ok
15:42:37.0087 7724 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:42:37.0088 7724 WudfPf - ok
15:42:37.0119 7724 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:42:37.0120 7724 WUDFRd - ok
15:42:37.0179 7724 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:42:37.0185 7724 wudfsvc - ok
15:42:37.0224 7724 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:42:37.0230 7724 WwanSvc - ok
15:42:37.0289 7724 ================ Scan global ===============================
15:42:37.0326 7724 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:42:37.0356 7724 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:42:37.0366 7724 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:42:37.0392 7724 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:42:37.0433 7724 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:42:37.0440 7724 [Global] - ok
15:42:37.0441 7724 ================ Scan MBR ==================================
15:42:37.0458 7724 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:42:37.0816 7724 \Device\Harddisk0\DR0 - ok
15:42:37.0817 7724 ================ Scan VBR ==================================
15:42:37.0821 7724 [ 33A3B1F5CF41265473F927A5413DCAE6 ] \Device\Harddisk0\DR0\Partition1
15:42:37.0823 7724 \Device\Harddisk0\DR0\Partition1 - ok
15:42:37.0842 7724 [ 9CC830D2E32D535FDDF0A116EB300FBD ] \Device\Harddisk0\DR0\Partition2
15:42:37.0844 7724 \Device\Harddisk0\DR0\Partition2 - ok
15:42:37.0870 7724 [ 40A423095DE5FDF089143EF149A0CA3D ] \Device\Harddisk0\DR0\Partition3
15:42:37.0873 7724 \Device\Harddisk0\DR0\Partition3 - ok
15:42:37.0875 7724 ============================================================
15:42:37.0875 7724 Scan finished
15:42:37.0875 7724 ============================================================
15:42:37.0891 5468 Detected object count: 0
15:42:37.0891 5468 Actual detected object count: 0
Danke! LG Jörg |
|
17.05.2013, 15:49
| #11 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe ich einen Virus ?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2013, 19:48
| #12 |
| | Habe ich einen Virus ? ich sollte wirklich sorgfältiger lesen ..... Code:
ATTFilter 20:44:04.0110 6020 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:44:04.0291 6020 ============================================================
20:44:04.0291 6020 Current date / time: 2013/05/17 20:44:04.0291
20:44:04.0291 6020 SystemInfo:
20:44:04.0291 6020
20:44:04.0291 6020 OS Version: 6.1.7601 ServicePack: 1.0
20:44:04.0291 6020 Product type: Workstation
20:44:04.0292 6020 ComputerName: SANDRA-PC
20:44:04.0292 6020 UserName: Sandra
20:44:04.0292 6020 Windows directory: C:\Windows
20:44:04.0292 6020 System windows directory: C:\Windows
20:44:04.0292 6020 Processor architecture: Intel x86
20:44:04.0292 6020 Number of processors: 2
20:44:04.0292 6020 Page size: 0x1000
20:44:04.0292 6020 Boot type: Normal boot
20:44:04.0292 6020 ============================================================
20:44:05.0152 6020 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:44:05.0154 6020 ============================================================
20:44:05.0154 6020 \Device\Harddisk0\DR0:
20:44:05.0155 6020 MBR partitions:
20:44:05.0155 6020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3000800, BlocksNum 0x32000
20:44:05.0155 6020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3032800, BlocksNum 0x115E3800
20:44:05.0155 6020 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x14616000, BlocksNum 0x10E18000
20:44:05.0155 6020 ============================================================
20:44:05.0185 6020 C: <-> \Device\Harddisk0\DR0\Partition2
20:44:05.0223 6020 D: <-> \Device\Harddisk0\DR0\Partition3
20:44:05.0223 6020 ============================================================
20:44:05.0223 6020 Initialize success
20:44:05.0223 6020 ============================================================
20:44:43.0473 7684 ============================================================
20:44:43.0473 7684 Scan started
20:44:43.0473 7684 Mode: Manual; SigCheck; TDLFS;
20:44:43.0473 7684 ============================================================
20:44:43.0774 7684 ================ Scan system memory ========================
20:44:43.0775 7684 System memory - ok
20:44:43.0775 7684 ================ Scan services =============================
20:44:43.0998 7684 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:44:44.0128 7684 1394ohci - ok
20:44:44.0220 7684 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:44:44.0244 7684 ACPI - ok
20:44:44.0322 7684 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:44:44.0378 7684 AcpiPmi - ok
20:44:44.0503 7684 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:44:44.0526 7684 AdobeARMservice - ok
20:44:44.0652 7684 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:44:44.0678 7684 AdobeFlashPlayerUpdateSvc - ok
20:44:44.0768 7684 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:44:44.0803 7684 adp94xx - ok
20:44:44.0854 7684 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:44:44.0871 7684 adpahci - ok
20:44:44.0885 7684 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:44:44.0900 7684 adpu320 - ok
20:44:44.0958 7684 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:44:45.0011 7684 AeLookupSvc - ok
20:44:45.0078 7684 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:44:45.0106 7684 AFD - ok
20:44:45.0159 7684 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:44:45.0172 7684 agp440 - ok
20:44:45.0211 7684 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:44:45.0224 7684 aic78xx - ok
20:44:45.0264 7684 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:44:45.0288 7684 ALG - ok
20:44:45.0344 7684 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:44:45.0356 7684 aliide - ok
20:44:45.0373 7684 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:44:45.0386 7684 amdagp - ok
20:44:45.0404 7684 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:44:45.0416 7684 amdide - ok
20:44:45.0445 7684 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:44:45.0470 7684 AmdK8 - ok
20:44:45.0483 7684 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:44:45.0513 7684 AmdPPM - ok
20:44:45.0565 7684 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:44:45.0588 7684 amdsata - ok
20:44:45.0616 7684 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:44:45.0630 7684 amdsbs - ok
20:44:45.0642 7684 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:44:45.0654 7684 amdxata - ok
20:44:45.0696 7684 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:44:45.0803 7684 AppID - ok
20:44:45.0861 7684 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:44:45.0921 7684 AppIDSvc - ok
20:44:45.0949 7684 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
20:44:46.0009 7684 Appinfo - ok
20:44:46.0104 7684 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:44:46.0123 7684 Apple Mobile Device - ok
20:44:46.0164 7684 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:44:46.0207 7684 AppMgmt - ok
20:44:46.0252 7684 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:44:46.0265 7684 arc - ok
20:44:46.0318 7684 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:44:46.0340 7684 arcsas - ok
20:44:46.0494 7684 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:44:46.0515 7684 aspnet_state - ok
20:44:46.0538 7684 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:44:46.0668 7684 AsyncMac - ok
20:44:46.0731 7684 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:44:46.0753 7684 atapi - ok
20:44:46.0800 7684 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:44:46.0848 7684 AudioEndpointBuilder - ok
20:44:46.0876 7684 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:44:46.0907 7684 Audiosrv - ok
20:44:46.0960 7684 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
20:44:46.0988 7684 avgtp - ok
20:44:47.0026 7684 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:44:47.0095 7684 AxInstSV - ok
20:44:47.0140 7684 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:44:47.0200 7684 b06bdrv - ok
20:44:47.0241 7684 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:44:47.0276 7684 b57nd60x - ok
20:44:47.0356 7684 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
20:44:47.0376 7684 BcmSqlStartupSvc - ok
20:44:47.0412 7684 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:44:47.0465 7684 BDESVC - ok
20:44:47.0494 7684 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:44:47.0538 7684 Beep - ok
20:44:47.0602 7684 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:44:47.0667 7684 BFE - ok
20:44:47.0714 7684 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
20:44:47.0761 7684 BITS - ok
20:44:47.0785 7684 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:44:47.0811 7684 blbdrive - ok
20:44:47.0857 7684 [ D002033C1A37F6AF51B5F0BA6D0211BC ] BMLoad C:\Windows\system32\drivers\BMLoad.sys
20:44:47.0876 7684 BMLoad ( UnsignedFile.Multi.Generic ) - warning
20:44:47.0876 7684 BMLoad - detected UnsignedFile.Multi.Generic (1)
20:44:47.0942 7684 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:44:47.0967 7684 Bonjour Service - ok
20:44:48.0012 7684 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:44:48.0058 7684 bowser - ok
20:44:48.0105 7684 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:44:48.0171 7684 BrFiltLo - ok
20:44:48.0206 7684 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:44:48.0259 7684 BrFiltUp - ok
20:44:48.0313 7684 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:44:48.0381 7684 BridgeMP - ok
20:44:48.0435 7684 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:44:48.0459 7684 Browser - ok
20:44:48.0491 7684 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:44:48.0545 7684 Brserid - ok
20:44:48.0564 7684 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:44:48.0592 7684 BrSerWdm - ok
20:44:48.0607 7684 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:44:48.0632 7684 BrUsbMdm - ok
20:44:48.0648 7684 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:44:48.0678 7684 BrUsbSer - ok
20:44:48.0702 7684 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:44:48.0730 7684 BTHMODEM - ok
20:44:48.0792 7684 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:44:48.0820 7684 bthserv - ok
20:44:49.0087 7684 catchme - ok
20:44:49.0253 7684 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:44:49.0312 7684 cdfs - ok
20:44:49.0347 7684 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:44:49.0380 7684 cdrom - ok
20:44:49.0425 7684 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:44:49.0460 7684 CertPropSvc - ok
20:44:49.0487 7684 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:44:49.0503 7684 circlass - ok
20:44:49.0525 7684 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:44:49.0540 7684 CLFS - ok
20:44:49.0637 7684 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:44:49.0656 7684 clr_optimization_v2.0.50727_32 - ok
20:44:49.0757 7684 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:44:49.0778 7684 clr_optimization_v4.0.30319_32 - ok
20:44:49.0807 7684 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:44:49.0846 7684 CmBatt - ok
20:44:49.0875 7684 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:44:49.0897 7684 cmdide - ok
20:44:49.0933 7684 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:44:49.0965 7684 CNG - ok
20:44:50.0038 7684 [ 720A32C2D7BE2F21C1213A2EC9C16CDD ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
20:44:50.0075 7684 CnxtHdAudService - ok
20:44:50.0118 7684 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:44:50.0140 7684 Compbatt - ok
20:44:50.0180 7684 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:44:50.0225 7684 CompositeBus - ok
20:44:50.0249 7684 COMSysApp - ok
20:44:50.0263 7684 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:44:50.0276 7684 crcdisk - ok
20:44:50.0324 7684 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:44:50.0382 7684 CryptSvc - ok
20:44:50.0417 7684 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:44:50.0471 7684 CSC - ok
20:44:50.0504 7684 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:44:50.0539 7684 CscService - ok
20:44:50.0575 7684 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:44:50.0615 7684 DcomLaunch - ok
20:44:50.0641 7684 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:44:50.0691 7684 defragsvc - ok
20:44:50.0748 7684 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:44:50.0793 7684 DfsC - ok
20:44:50.0839 7684 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:44:50.0861 7684 Dhcp - ok
20:44:50.0886 7684 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:44:50.0928 7684 discache - ok
20:44:50.0972 7684 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:44:50.0985 7684 Disk - ok
20:44:51.0039 7684 [ C701324C9E0C25DD9D60311BD87FBC84 ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
20:44:51.0048 7684 DKbFltr - ok
20:44:51.0088 7684 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:44:51.0151 7684 Dnscache - ok
20:44:51.0189 7684 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:44:51.0236 7684 dot3svc - ok
20:44:51.0267 7684 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:44:51.0309 7684 DPS - ok
20:44:51.0355 7684 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:44:51.0383 7684 drmkaud - ok
20:44:51.0430 7684 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:44:51.0455 7684 DXGKrnl - ok
20:44:51.0488 7684 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:44:51.0537 7684 EapHost - ok
20:44:51.0662 7684 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:44:51.0745 7684 ebdrv - ok
20:44:51.0780 7684 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:44:51.0837 7684 EFS - ok
20:44:51.0923 7684 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:44:51.0974 7684 ehRecvr - ok
20:44:52.0003 7684 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:44:52.0060 7684 ehSched - ok
20:44:52.0107 7684 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:44:52.0132 7684 elxstor - ok
20:44:52.0221 7684 [ C8505E1FD7FC441B933D3B0C29EE0F5D ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:44:52.0253 7684 ePowerSvc - ok
20:44:52.0285 7684 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:44:52.0324 7684 ErrDev - ok
20:44:52.0392 7684 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:44:52.0448 7684 EventSystem - ok
20:44:52.0512 7684 [ 7C18A6C99F4119D361A5CA028E788648 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
20:44:52.0544 7684 ewusbnet - ok
20:44:52.0557 7684 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:44:52.0617 7684 exfat - ok
20:44:52.0642 7684 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:44:52.0684 7684 fastfat - ok
20:44:52.0740 7684 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:44:52.0804 7684 Fax - ok
20:44:52.0819 7684 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:44:52.0852 7684 fdc - ok
20:44:52.0872 7684 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:44:52.0917 7684 fdPHost - ok
20:44:52.0940 7684 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:44:52.0982 7684 FDResPub - ok
20:44:53.0011 7684 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:44:53.0024 7684 FileInfo - ok
20:44:53.0039 7684 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:44:53.0085 7684 Filetrace - ok
20:44:53.0203 7684 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
20:44:53.0245 7684 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
20:44:53.0245 7684 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
20:44:53.0267 7684 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:44:53.0293 7684 flpydisk - ok
20:44:53.0323 7684 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:44:53.0338 7684 FltMgr - ok
20:44:53.0401 7684 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
20:44:53.0469 7684 FontCache - ok
20:44:53.0544 7684 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:44:53.0561 7684 FontCache3.0.0.0 - ok
20:44:53.0587 7684 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:44:53.0600 7684 FsDepends - ok
20:44:53.0634 7684 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:44:53.0646 7684 Fs_Rec - ok
20:44:53.0702 7684 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:44:53.0719 7684 fvevol - ok
20:44:53.0751 7684 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:44:53.0765 7684 gagp30kx - ok
20:44:53.0808 7684 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:44:53.0824 7684 GEARAspiWDM - ok
20:44:53.0872 7684 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:44:53.0931 7684 gpsvc - ok
20:44:54.0035 7684 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files\Acer\Registration\GREGsvc.exe
20:44:54.0051 7684 GREGService - ok
20:44:54.0117 7684 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:44:54.0136 7684 gupdate - ok
20:44:54.0173 7684 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:44:54.0191 7684 gupdatem - ok
20:44:54.0254 7684 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:44:54.0270 7684 gusvc - ok
20:44:54.0305 7684 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:44:54.0351 7684 hcw85cir - ok
20:44:54.0403 7684 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:44:54.0446 7684 HdAudAddService - ok
20:44:54.0471 7684 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:44:54.0502 7684 HDAudBus - ok
20:44:54.0537 7684 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:44:54.0563 7684 HidBatt - ok
20:44:54.0583 7684 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:44:54.0612 7684 HidBth - ok
20:44:54.0634 7684 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:44:54.0664 7684 HidIr - ok
20:44:54.0690 7684 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
20:44:54.0743 7684 hidserv - ok
20:44:54.0787 7684 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:44:54.0814 7684 HidUsb - ok
20:44:54.0845 7684 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:44:54.0882 7684 hkmsvc - ok
20:44:54.0911 7684 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:44:54.0978 7684 HomeGroupListener - ok
20:44:55.0019 7684 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:44:55.0077 7684 HomeGroupProvider - ok
20:44:55.0121 7684 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:44:55.0144 7684 HpSAMD - ok
20:44:55.0198 7684 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:44:55.0250 7684 HTTP - ok
20:44:55.0300 7684 [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:44:55.0352 7684 hwdatacard - ok
20:44:55.0403 7684 [ DE3FF0AB0C551D7E00E250E81169996A ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO32.SYS
20:44:55.0423 7684 HWiNFO32 - ok
20:44:55.0457 7684 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:44:55.0479 7684 hwpolicy - ok
20:44:55.0530 7684 [ A259D3619AA23D4562581067F85E2006 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
20:44:55.0555 7684 hwusbdev - ok
20:44:55.0618 7684 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:44:55.0631 7684 i8042prt - ok
20:44:55.0688 7684 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:44:55.0714 7684 IAANTMON - ok
20:44:55.0750 7684 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:44:55.0775 7684 iaStor - ok
20:44:55.0822 7684 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:44:55.0839 7684 iaStorV - ok
20:44:55.0903 7684 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:44:55.0941 7684 idsvc - ok
20:44:56.0165 7684 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:44:56.0323 7684 igfx - ok
20:44:56.0367 7684 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:44:56.0379 7684 iirsp - ok
20:44:56.0439 7684 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:44:56.0491 7684 IKEEXT - ok
20:44:56.0514 7684 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:44:56.0526 7684 intelide - ok
20:44:56.0558 7684 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:44:56.0571 7684 intelppm - ok
20:44:56.0615 7684 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:44:56.0661 7684 IPBusEnum - ok
20:44:56.0680 7684 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:44:56.0727 7684 IpFilterDriver - ok
20:44:56.0780 7684 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:44:56.0838 7684 iphlpsvc - ok
20:44:56.0875 7684 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:44:56.0899 7684 IPMIDRV - ok
20:44:56.0929 7684 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:44:56.0971 7684 IPNAT - ok
20:44:57.0031 7684 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:44:57.0053 7684 iPod Service - ok
20:44:57.0075 7684 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:44:57.0139 7684 IRENUM - ok
20:44:57.0169 7684 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:44:57.0182 7684 isapnp - ok
20:44:57.0219 7684 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:44:57.0235 7684 iScsiPrt - ok
20:44:57.0318 7684 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:44:57.0338 7684 IviRegMgr - ok
20:44:57.0376 7684 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:44:57.0389 7684 kbdclass - ok
20:44:57.0415 7684 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:44:57.0438 7684 kbdhid - ok
20:44:57.0458 7684 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:44:57.0472 7684 KeyIso - ok
20:44:57.0570 7684 [ EDF96FDBA037497E5D4B8A7BA8A1A4B8 ] KinoniSvc C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
20:44:57.0603 7684 KinoniSvc ( UnsignedFile.Multi.Generic ) - warning
20:44:57.0603 7684 KinoniSvc - detected UnsignedFile.Multi.Generic (1)
20:44:57.0639 7684 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:44:57.0653 7684 KSecDD - ok
20:44:57.0694 7684 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:44:57.0709 7684 KSecPkg - ok
20:44:57.0750 7684 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:44:57.0797 7684 KtmRm - ok
20:44:57.0857 7684 [ 3705B2273E8EFC9A707864AB7324B614 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
20:44:57.0910 7684 L1C - ok
20:44:57.0955 7684 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
20:44:58.0006 7684 LanmanServer - ok
20:44:58.0043 7684 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:44:58.0087 7684 LanmanWorkstation - ok
20:44:58.0151 7684 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:44:58.0212 7684 lltdio - ok
20:44:58.0259 7684 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:44:58.0315 7684 lltdsvc - ok
20:44:58.0334 7684 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:44:58.0369 7684 lmhosts - ok
20:44:58.0399 7684 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:44:58.0413 7684 LSI_FC - ok
20:44:58.0438 7684 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:44:58.0452 7684 LSI_SAS - ok
20:44:58.0470 7684 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:44:58.0483 7684 LSI_SAS2 - ok
20:44:58.0499 7684 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:44:58.0512 7684 LSI_SCSI - ok
20:44:58.0545 7684 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:44:58.0585 7684 luafv - ok
20:44:58.0664 7684 [ BA1347822D01B2D29C14CF09663A6457 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
20:44:58.0688 7684 LVRS - ok
20:44:58.0818 7684 [ E2C99D3B692BA2173114C9DF79313B70 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
20:44:58.0895 7684 LVUVC - ok
20:44:58.0955 7684 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:44:58.0977 7684 MBAMProtector - ok
20:44:59.0041 7684 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:44:59.0064 7684 MBAMScheduler - ok
20:44:59.0104 7684 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:44:59.0124 7684 MBAMService - ok
20:44:59.0217 7684 [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\progra~1\mcafee\sitead~1\McSACore.exe
20:44:59.0236 7684 McAfee SiteAdvisor Service - ok
20:44:59.0274 7684 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:44:59.0289 7684 Mcx2Svc - ok
20:44:59.0312 7684 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:44:59.0325 7684 megasas - ok
20:44:59.0363 7684 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:44:59.0389 7684 MegaSR - ok
20:44:59.0419 7684 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:44:59.0463 7684 MMCSS - ok
20:44:59.0494 7684 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:44:59.0521 7684 Modem - ok
20:44:59.0538 7684 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:44:59.0572 7684 monitor - ok
20:44:59.0607 7684 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:44:59.0620 7684 mouclass - ok
20:44:59.0638 7684 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:44:59.0667 7684 mouhid - ok
20:44:59.0702 7684 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:44:59.0716 7684 mountmgr - ok
20:44:59.0785 7684 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:44:59.0807 7684 MozillaMaintenance - ok
20:44:59.0872 7684 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:44:59.0901 7684 MpFilter - ok
20:44:59.0915 7684 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:44:59.0928 7684 mpio - ok
20:45:00.0051 7684 [ A69630D039C38018689190234F866D77 ] MpKslf7f30ce2 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys
20:45:00.0065 7684 MpKslf7f30ce2 - ok
20:45:00.0093 7684 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:45:00.0145 7684 mpsdrv - ok
20:45:00.0192 7684 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:45:00.0237 7684 MpsSvc - ok
20:45:00.0264 7684 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:45:00.0304 7684 MRxDAV - ok
20:45:00.0351 7684 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:45:00.0395 7684 mrxsmb - ok
20:45:00.0442 7684 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:45:00.0487 7684 mrxsmb10 - ok
20:45:00.0541 7684 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:45:00.0577 7684 mrxsmb20 - ok
20:45:00.0630 7684 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:45:00.0653 7684 msahci - ok
20:45:00.0732 7684 [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe
20:45:00.0752 7684 MSCamSvc - ok
20:45:00.0789 7684 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:45:00.0802 7684 msdsm - ok
20:45:00.0819 7684 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:45:00.0850 7684 MSDTC - ok
20:45:00.0890 7684 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:45:00.0918 7684 Msfs - ok
20:45:00.0929 7684 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:45:00.0969 7684 mshidkmdf - ok
20:45:01.0021 7684 [ 5119FFC2A6B51089CDB0EFDC75808C97 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
20:45:01.0032 7684 MSHUSBVideo - ok
20:45:01.0060 7684 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:45:01.0073 7684 msisadrv - ok
20:45:01.0115 7684 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:45:01.0154 7684 MSiSCSI - ok
20:45:01.0158 7684 msiserver - ok
20:45:01.0215 7684 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:45:01.0262 7684 MSKSSRV - ok
20:45:01.0345 7684 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:45:01.0370 7684 MsMpSvc - ok
20:45:01.0397 7684 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:45:01.0459 7684 MSPCLOCK - ok
20:45:01.0495 7684 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:45:01.0538 7684 MSPQM - ok
20:45:01.0564 7684 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:45:01.0579 7684 MsRPC - ok
20:45:01.0607 7684 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:45:01.0619 7684 mssmbios - ok
20:45:01.0684 7684 MSSQL$MSSMLBIZ - ok
20:45:01.0716 7684 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:45:01.0734 7684 MSSQLServerADHelper - ok
20:45:01.0769 7684 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:45:01.0818 7684 MSTEE - ok
20:45:01.0827 7684 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:45:01.0856 7684 MTConfig - ok
20:45:01.0877 7684 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:45:01.0890 7684 Mup - ok
20:45:01.0930 7684 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:45:01.0960 7684 napagent - ok
20:45:02.0003 7684 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:45:02.0023 7684 NativeWifiP - ok
20:45:02.0062 7684 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:45:02.0086 7684 NDIS - ok
20:45:02.0110 7684 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:45:02.0146 7684 NdisCap - ok
20:45:02.0173 7684 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:45:02.0212 7684 NdisTapi - ok
20:45:02.0253 7684 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:45:02.0278 7684 Ndisuio - ok
20:45:02.0313 7684 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:45:02.0350 7684 NdisWan - ok
20:45:02.0383 7684 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:45:02.0409 7684 NDProxy - ok
20:45:02.0453 7684 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
20:45:02.0497 7684 Netaapl - ok
20:45:02.0537 7684 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:45:02.0586 7684 NetBIOS - ok
20:45:02.0612 7684 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:45:02.0639 7684 NetBT - ok
20:45:02.0647 7684 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:45:02.0661 7684 Netlogon - ok
20:45:02.0711 7684 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:45:02.0757 7684 Netman - ok
20:45:02.0793 7684 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:45:02.0804 7684 NetMsmqActivator - ok
20:45:02.0811 7684 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:45:02.0823 7684 NetPipeActivator - ok
20:45:02.0838 7684 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:45:02.0870 7684 netprofm - ok
20:45:02.0875 7684 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:45:02.0888 7684 NetTcpActivator - ok
20:45:02.0892 7684 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:45:02.0904 7684 NetTcpPortSharing - ok
20:45:03.0062 7684 [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
20:45:03.0164 7684 NETw5s32 - ok
20:45:03.0291 7684 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
20:45:03.0372 7684 netw5v32 - ok
20:45:03.0413 7684 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:45:03.0426 7684 nfrd960 - ok
20:45:03.0456 7684 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:45:03.0472 7684 NisDrv - ok
20:45:03.0499 7684 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
20:45:03.0518 7684 NisSrv - ok
20:45:03.0556 7684 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:45:03.0585 7684 NlaSvc - ok
20:45:03.0609 7684 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:45:03.0636 7684 Npfs - ok
20:45:03.0684 7684 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:45:03.0723 7684 nsi - ok
20:45:03.0735 7684 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:45:03.0777 7684 nsiproxy - ok
20:45:03.0831 7684 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:45:03.0864 7684 Ntfs - ok
20:45:03.0945 7684 [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
20:45:03.0962 7684 NTIBackupSvc - ok
20:45:04.0003 7684 [ 94E08DCC43F46471D96953E712B6D82B ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
20:45:04.0020 7684 NTIDrvr - ok
20:45:04.0038 7684 [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
20:45:04.0058 7684 NTISchedulerSvc - ok
20:45:04.0079 7684 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:45:04.0107 7684 Null - ok
20:45:04.0136 7684 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:45:04.0149 7684 nvraid - ok
20:45:04.0185 7684 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:45:04.0209 7684 nvstor - ok
20:45:04.0252 7684 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:45:04.0277 7684 nv_agp - ok
20:45:04.0365 7684 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:45:04.0387 7684 odserv - ok
20:45:04.0425 7684 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:45:04.0459 7684 ohci1394 - ok
20:45:04.0529 7684 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:45:04.0549 7684 ose - ok
20:45:04.0599 7684 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:45:04.0663 7684 p2pimsvc - ok
20:45:04.0689 7684 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:45:04.0732 7684 p2psvc - ok
20:45:04.0768 7684 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:45:04.0791 7684 Parport - ok
20:45:04.0825 7684 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:45:04.0838 7684 partmgr - ok
20:45:04.0852 7684 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:45:04.0878 7684 Parvdm - ok
20:45:04.0920 7684 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:45:04.0938 7684 PcaSvc - ok
20:45:04.0971 7684 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:45:04.0986 7684 pci - ok
20:45:05.0025 7684 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:45:05.0038 7684 pciide - ok
20:45:05.0067 7684 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:45:05.0083 7684 pcmcia - ok
20:45:05.0115 7684 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:45:05.0137 7684 pcw - ok
20:45:05.0177 7684 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:45:05.0229 7684 PEAUTH - ok
20:45:05.0292 7684 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:45:05.0357 7684 PeerDistSvc - ok
20:45:05.0441 7684 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:45:05.0516 7684 pla - ok
20:45:05.0562 7684 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:45:05.0587 7684 PlugPlay - ok
20:45:05.0626 7684 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:45:05.0665 7684 PNRPAutoReg - ok
20:45:05.0689 7684 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:45:05.0718 7684 PNRPsvc - ok
20:45:05.0757 7684 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:45:05.0799 7684 PolicyAgent - ok
20:45:05.0840 7684 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:45:05.0869 7684 Power - ok
20:45:05.0898 7684 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:45:05.0926 7684 PptpMiniport - ok
20:45:05.0941 7684 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:45:05.0954 7684 Processor - ok
20:45:06.0003 7684 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:45:06.0058 7684 ProfSvc - ok
20:45:06.0069 7684 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:45:06.0087 7684 ProtectedStorage - ok
20:45:06.0123 7684 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:45:06.0151 7684 Psched - ok
20:45:06.0181 7684 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:45:06.0193 7684 PSI_SVC_2 - ok
20:45:06.0227 7684 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:45:06.0272 7684 ql2300 - ok
20:45:06.0286 7684 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:45:06.0301 7684 ql40xx - ok
20:45:06.0335 7684 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:45:06.0354 7684 QWAVE - ok
20:45:06.0384 7684 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:45:06.0400 7684 QWAVEdrv - ok
20:45:06.0415 7684 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:45:06.0455 7684 RasAcd - ok
20:45:06.0501 7684 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:45:06.0562 7684 RasAgileVpn - ok
20:45:06.0599 7684 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:45:06.0628 7684 RasAuto - ok
20:45:06.0644 7684 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:45:06.0672 7684 Rasl2tp - ok
20:45:06.0719 7684 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:45:06.0777 7684 RasMan - ok
20:45:06.0795 7684 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:45:06.0823 7684 RasPppoe - ok
20:45:06.0857 7684 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:45:06.0896 7684 RasSstp - ok
20:45:06.0926 7684 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:45:06.0971 7684 rdbss - ok
20:45:06.0994 7684 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:45:07.0009 7684 rdpbus - ok
20:45:07.0047 7684 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:45:07.0072 7684 RDPCDD - ok
20:45:07.0101 7684 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:45:07.0143 7684 RDPDR - ok
20:45:07.0176 7684 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:45:07.0213 7684 RDPENCDD - ok
20:45:07.0235 7684 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:45:07.0262 7684 RDPREFMP - ok
20:45:07.0294 7684 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:45:07.0335 7684 RDPWD - ok
20:45:07.0378 7684 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:45:07.0393 7684 rdyboost - ok
20:45:07.0423 7684 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
20:45:07.0432 7684 regi - ok
20:45:07.0462 7684 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:45:07.0501 7684 RemoteAccess - ok
20:45:07.0537 7684 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:45:07.0583 7684 RemoteRegistry - ok
20:45:07.0610 7684 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
20:45:07.0660 7684 RimUsb - ok
20:45:07.0689 7684 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:45:07.0732 7684 RpcEptMapper - ok
20:45:07.0761 7684 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:45:07.0791 7684 RpcLocator - ok
20:45:07.0830 7684 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:45:07.0861 7684 RpcSs - ok
20:45:07.0900 7684 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:45:07.0927 7684 rspndr - ok
20:45:07.0985 7684 [ 96F8DD546677AA5102150ACC140377B3 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:45:08.0025 7684 RSUSBSTOR - ok
20:45:08.0070 7684 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
20:45:08.0090 7684 RS_Service - ok
20:45:08.0095 7684 RtsUIR - ok
20:45:08.0125 7684 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:45:08.0174 7684 s3cap - ok
20:45:08.0191 7684 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:45:08.0210 7684 SamSs - ok
20:45:08.0254 7684 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:45:08.0272 7684 sbp2port - ok
20:45:08.0307 7684 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:45:08.0358 7684 SCardSvr - ok
20:45:08.0397 7684 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:45:08.0422 7684 scfilter - ok
20:45:08.0469 7684 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:45:08.0518 7684 Schedule - ok
20:45:08.0547 7684 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:45:08.0572 7684 SCPolicySvc - ok
20:45:08.0608 7684 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:45:08.0661 7684 SDRSVC - ok
20:45:08.0703 7684 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:45:08.0754 7684 secdrv - ok
20:45:08.0792 7684 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:45:08.0835 7684 seclogon - ok
20:45:08.0894 7684 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
20:45:08.0942 7684 SENS - ok
20:45:08.0977 7684 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:45:09.0039 7684 SensrSvc - ok
20:45:09.0064 7684 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:45:09.0078 7684 Serenum - ok
20:45:09.0093 7684 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:45:09.0126 7684 Serial - ok
20:45:09.0156 7684 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:45:09.0192 7684 sermouse - ok
20:45:09.0231 7684 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:45:09.0272 7684 SessionEnv - ok
20:45:09.0302 7684 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:45:09.0326 7684 sffdisk - ok
20:45:09.0347 7684 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:45:09.0380 7684 sffp_mmc - ok
20:45:09.0400 7684 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:45:09.0415 7684 sffp_sd - ok
20:45:09.0449 7684 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:45:09.0485 7684 sfloppy - ok
20:45:09.0540 7684 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:45:09.0587 7684 SharedAccess - ok
20:45:09.0624 7684 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:45:09.0674 7684 ShellHWDetection - ok
20:45:09.0693 7684 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:45:09.0706 7684 sisagp - ok
20:45:09.0743 7684 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:45:09.0756 7684 SiSRaid2 - ok
20:45:09.0777 7684 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:45:09.0791 7684 SiSRaid4 - ok
20:45:09.0854 7684 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:45:09.0875 7684 SkypeUpdate - ok
20:45:09.0897 7684 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:45:09.0924 7684 Smb - ok
20:45:09.0979 7684 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:45:10.0020 7684 SNMPTRAP - ok
20:45:10.0043 7684 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:45:10.0056 7684 spldr - ok
20:45:10.0104 7684 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:45:10.0126 7684 Spooler - ok
20:45:10.0228 7684 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:45:10.0316 7684 sppsvc - ok
20:45:10.0341 7684 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:45:10.0384 7684 sppuinotify - ok
20:45:10.0429 7684 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:45:10.0452 7684 SQLBrowser - ok
20:45:10.0494 7684 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:45:10.0504 7684 SQLWriter - ok
20:45:10.0538 7684 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:45:10.0599 7684 srv - ok
20:45:10.0624 7684 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:45:10.0651 7684 srv2 - ok
20:45:10.0673 7684 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:45:10.0703 7684 srvnet - ok
20:45:10.0730 7684 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:45:10.0761 7684 SSDPSRV - ok
20:45:10.0769 7684 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:45:10.0798 7684 SstpSvc - ok
20:45:10.0832 7684 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:45:10.0845 7684 stexstor - ok
20:45:10.0894 7684 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:45:10.0927 7684 StiSvc - ok
20:45:10.0963 7684 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:45:10.0985 7684 storflt - ok
20:45:11.0018 7684 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
20:45:11.0036 7684 StorSvc - ok
20:45:11.0047 7684 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:45:11.0061 7684 storvsc - ok
20:45:11.0097 7684 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:45:11.0110 7684 swenum - ok
20:45:11.0129 7684 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:45:11.0169 7684 swprv - ok
20:45:11.0220 7684 [ 85AA36B9C4C07CABC1B4E57E11E60E24 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:45:11.0243 7684 SynTP - ok
20:45:11.0300 7684 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:45:11.0342 7684 SysMain - ok
20:45:11.0375 7684 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:45:11.0395 7684 TabletInputService - ok
20:45:11.0435 7684 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:45:11.0474 7684 TapiSrv - ok
20:45:11.0515 7684 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:45:11.0560 7684 TBS - ok
20:45:11.0604 7684 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:45:11.0649 7684 Tcpip - ok
20:45:11.0682 7684 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:45:11.0714 7684 TCPIP6 - ok
20:45:11.0758 7684 [ DCFEB82CA988598CEB8F83148616038E ] tcpipBM C:\Windows\system32\drivers\tcpipBM.sys
20:45:11.0773 7684 tcpipBM ( UnsignedFile.Multi.Generic ) - warning
20:45:11.0773 7684 tcpipBM - detected UnsignedFile.Multi.Generic (1)
20:45:11.0805 7684 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:45:11.0817 7684 tcpipreg - ok
20:45:11.0852 7684 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:45:11.0885 7684 TDPIPE - ok
20:45:11.0905 7684 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:45:11.0917 7684 TDTCP - ok
20:45:11.0955 7684 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:45:12.0018 7684 tdx - ok
20:45:12.0144 7684 [ 01A402D34732CA3DA91786ADCC765069 ] TeamViewer6 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
20:45:12.0194 7684 TeamViewer6 - ok
20:45:12.0232 7684 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:45:12.0245 7684 TermDD - ok
20:45:12.0290 7684 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:45:12.0322 7684 TermService - ok
20:45:12.0378 7684 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:45:12.0408 7684 Themes - ok
20:45:12.0441 7684 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:45:12.0469 7684 THREADORDER - ok
20:45:12.0498 7684 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:45:12.0537 7684 TrkWks - ok
20:45:12.0602 7684 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:45:12.0669 7684 TrustedInstaller - ok
20:45:12.0706 7684 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:45:12.0744 7684 tssecsrv - ok
20:45:12.0781 7684 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:45:12.0826 7684 TsUsbFlt - ok
20:45:12.0874 7684 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:45:12.0916 7684 tunnel - ok
20:45:12.0947 7684 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:45:12.0960 7684 uagp35 - ok
20:45:12.0993 7684 [ 91096BD971BF7C1C4CA58C1CE594BB24 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
20:45:13.0003 7684 UBHelper - ok
20:45:13.0046 7684 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:45:13.0105 7684 udfs - ok
20:45:13.0148 7684 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:45:13.0178 7684 UI0Detect - ok
20:45:13.0218 7684 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:45:13.0232 7684 uliagpkx - ok
20:45:13.0272 7684 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
20:45:13.0298 7684 umbus - ok
20:45:13.0327 7684 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:45:13.0367 7684 UmPass - ok
20:45:13.0404 7684 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:45:13.0443 7684 UmRdpService - ok
20:45:13.0540 7684 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:45:13.0561 7684 Updater Service - ok
20:45:13.0598 7684 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:45:13.0643 7684 upnphost - ok
20:45:13.0683 7684 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:45:13.0708 7684 USBAAPL - ok
20:45:13.0754 7684 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:45:13.0769 7684 usbaudio - ok
20:45:13.0795 7684 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:45:13.0820 7684 usbccgp - ok
20:45:13.0826 7684 USBCCID - ok
20:45:13.0863 7684 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:45:13.0880 7684 usbcir - ok
20:45:13.0910 7684 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:45:13.0923 7684 usbehci - ok
20:45:13.0935 7684 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:45:13.0951 7684 usbhub - ok
20:45:13.0983 7684 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:45:14.0014 7684 usbohci - ok
20:45:14.0052 7684 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:45:14.0067 7684 usbprint - ok
20:45:14.0080 7684 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:45:14.0129 7684 USBSTOR - ok
20:45:14.0164 7684 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:45:14.0195 7684 usbuhci - ok
20:45:14.0243 7684 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:45:14.0260 7684 usbvideo - ok
20:45:14.0277 7684 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:45:14.0304 7684 UxSms - ok
20:45:14.0324 7684 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:45:14.0337 7684 VaultSvc - ok
20:45:14.0364 7684 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:45:14.0377 7684 vdrvroot - ok
20:45:14.0416 7684 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:45:14.0448 7684 vds - ok
20:45:14.0480 7684 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:45:14.0495 7684 vga - ok
20:45:14.0507 7684 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:45:14.0545 7684 VgaSave - ok
20:45:14.0579 7684 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:45:14.0593 7684 vhdmp - ok
20:45:14.0621 7684 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:45:14.0635 7684 viaagp - ok
20:45:14.0655 7684 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:45:14.0682 7684 ViaC7 - ok
20:45:14.0717 7684 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:45:14.0738 7684 viaide - ok
20:45:14.0772 7684 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:45:14.0787 7684 vmbus - ok
20:45:14.0817 7684 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:45:14.0854 7684 VMBusHID - ok
20:45:14.0879 7684 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:45:14.0893 7684 volmgr - ok
20:45:14.0919 7684 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:45:14.0936 7684 volmgrx - ok
20:45:14.0949 7684 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:45:14.0966 7684 volsnap - ok
20:45:14.0999 7684 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:45:15.0013 7684 vsmraid - ok
20:45:15.0062 7684 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:45:15.0115 7684 VSS - ok
20:45:15.0237 7684 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
20:45:15.0266 7684 vToolbarUpdater13.2.0 - ok
20:45:15.0285 7684 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:45:15.0319 7684 vwifibus - ok
20:45:15.0338 7684 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:45:15.0354 7684 vwififlt - ok
20:45:15.0391 7684 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:45:15.0407 7684 vwifimp - ok
20:45:15.0436 7684 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:45:15.0485 7684 W32Time - ok
20:45:15.0513 7684 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:45:15.0552 7684 WacomPen - ok
20:45:15.0599 7684 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:45:15.0652 7684 WANARP - ok
20:45:15.0656 7684 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:45:15.0683 7684 Wanarpv6 - ok
20:45:15.0764 7684 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:45:15.0799 7684 WatAdminSvc - ok
20:45:15.0859 7684 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:45:15.0913 7684 wbengine - ok
20:45:15.0951 7684 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:45:15.0970 7684 WbioSrvc - ok
20:45:16.0007 7684 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:45:16.0057 7684 wcncsvc - ok
20:45:16.0076 7684 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:45:16.0121 7684 WcsPlugInService - ok
20:45:16.0144 7684 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:45:16.0157 7684 Wd - ok
20:45:16.0187 7684 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:45:16.0209 7684 Wdf01000 - ok
20:45:16.0231 7684 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:45:16.0276 7684 WdiServiceHost - ok
20:45:16.0280 7684 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:45:16.0299 7684 WdiSystemHost - ok
20:45:16.0333 7684 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:45:16.0353 7684 WebClient - ok
20:45:16.0371 7684 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:45:16.0401 7684 Wecsvc - ok
20:45:16.0407 7684 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:45:16.0435 7684 wercplsupport - ok
20:45:16.0462 7684 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:45:16.0509 7684 WerSvc - ok
20:45:16.0551 7684 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:45:16.0578 7684 WfpLwf - ok
20:45:16.0615 7684 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:45:16.0628 7684 WIMMount - ok
20:45:16.0702 7684 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:45:16.0745 7684 WinDefend - ok
20:45:16.0753 7684 WinHttpAutoProxySvc - ok
20:45:16.0814 7684 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:45:16.0854 7684 Winmgmt - ok
20:45:16.0907 7684 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:45:16.0948 7684 WinRM - ok
20:45:16.0995 7684 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:45:17.0027 7684 WinUsb - ok
20:45:17.0075 7684 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:45:17.0120 7684 Wlansvc - ok
20:45:17.0166 7684 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:45:17.0180 7684 WmiAcpi - ok
20:45:17.0211 7684 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:45:17.0242 7684 wmiApSrv - ok
20:45:17.0333 7684 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:45:17.0402 7684 WMPNetworkSvc - ok
20:45:17.0434 7684 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:45:17.0480 7684 WPCSvc - ok
20:45:17.0513 7684 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:45:17.0563 7684 WPDBusEnum - ok
20:45:17.0591 7684 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:45:17.0631 7684 ws2ifsl - ok
20:45:17.0664 7684 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
20:45:17.0693 7684 wscsvc - ok
20:45:17.0699 7684 WSearch - ok
20:45:17.0774 7684 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:45:17.0830 7684 wuauserv - ok
20:45:17.0856 7684 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:45:17.0875 7684 WudfPf - ok
20:45:17.0911 7684 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:45:17.0925 7684 WUDFRd - ok
20:45:17.0971 7684 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:45:17.0999 7684 wudfsvc - ok
20:45:18.0039 7684 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:45:18.0100 7684 WwanSvc - ok
20:45:18.0149 7684 ================ Scan global ===============================
20:45:18.0184 7684 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:45:18.0215 7684 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:45:18.0223 7684 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:45:18.0250 7684 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:45:18.0280 7684 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:45:18.0284 7684 [Global] - ok
20:45:18.0284 7684 ================ Scan MBR ==================================
20:45:18.0295 7684 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:45:18.0764 7684 \Device\Harddisk0\DR0 - ok
20:45:18.0765 7684 ================ Scan VBR ==================================
20:45:18.0769 7684 [ 33A3B1F5CF41265473F927A5413DCAE6 ] \Device\Harddisk0\DR0\Partition1
20:45:18.0772 7684 \Device\Harddisk0\DR0\Partition1 - ok
20:45:18.0800 7684 [ 9CC830D2E32D535FDDF0A116EB300FBD ] \Device\Harddisk0\DR0\Partition2
20:45:18.0803 7684 \Device\Harddisk0\DR0\Partition2 - ok
20:45:18.0829 7684 [ 40A423095DE5FDF089143EF149A0CA3D ] \Device\Harddisk0\DR0\Partition3
20:45:18.0831 7684 \Device\Harddisk0\DR0\Partition3 - ok
20:45:18.0832 7684 ============================================================
20:45:18.0832 7684 Scan finished
20:45:18.0832 7684 ============================================================
20:45:18.0853 3488 Detected object count: 4
20:45:18.0855 3488 Actual detected object count: 4
20:46:01.0243 3488 BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:01.0243 3488 BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:01.0246 3488 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:01.0246 3488 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:01.0248 3488 KinoniSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:01.0248 3488 KinoniSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:01.0251 3488 tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:01.0251 3488 tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
LG Jörg |
|
17.05.2013, 20:55
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe ich einen Virus ? JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2013, 21:26
| #14 |
| | Habe ich einen Virus ? jrt.txt Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x86
Ran by Sandra on 17.05.2013 at 22:02:12,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\office\powerpoint\addins\babylonofficeaddin.officeaddin
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\office\word\addins\babylonofficeaddin.officeaddin
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E4C32C88-C595-4C32-B61B-14A6F067D3F6}
~~~ Files
Successfully deleted: [File] "C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\babylon.lnk"
~~~ Folders
~~~ FireFox
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\siteranker@siteranker.com
Successfully deleted the following from C:\Users\Sandra\AppData\Roaming\mozilla\firefox\profiles\wla9cndx.default\prefs.js
user_pref("extensions.crossrider.bic", "13ac6b46c211ad995284f3043f7f1e38");
Emptied folder: C:\Users\Sandra\AppData\Roaming\mozilla\firefox\profiles\wla9cndx.default\minidumps [117 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.05.2013 at 22:03:35,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
adwcleaner.txt Code:
ATTFilter # AdwCleaner v2.301 - Datei am 17/05/2013 um 22:07:36 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : Sandra - SANDRA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Sandra\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\wla9cndx.default\searchplugins\FBDownloader.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\wla9cndx.default\searchplugins\fbdownloader_search.xml
Gelöscht mit Neustart : C:\Program Files\Common Files\AVG Secure Search
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16483
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\wla9cndx.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v26.0.1410.64
Code:
ATTFilter OTL logfile created on: 17.05.2013 22:11:58 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sandra\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,90 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 65,12% Memory free 5,80 Gb Paging File | 4,76 Gb Available in Paging File | 82,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 138,94 Gb Total Space | 93,67 Gb Free Space | 67,42% Space Free | Partition Type: NTFS Drive D: | 135,05 Gb Total Space | 134,95 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Computer Name: SANDRA-PC | User Name: Sandra | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Users\Sandra\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - c:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe () PRC - C:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) PRC - C:\Programme\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe () PRC - C:\Programme\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) PRC - C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer ePower Management\ePowerEvent.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) PRC - C:\Programme\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Users\Sandra\AppData\Roaming\T-Mobile Internet Manager\ouc.exe (Huawei Technologies Co., Ltd.) PRC - C:\Programme\Launch Manager\LManager.EXE (Dritek System Inc.) PRC - C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Programme\Logitech\LWS\Webcam Software\QTGui4.dll () MOD - C:\Programme\Logitech\LWS\Webcam Software\QTXml4.dll () MOD - C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll () MOD - C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll () MOD - C:\Programme\Logitech\LWS\Webcam Software\QTCore4.dll () MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Windows\PLFSetI.exe () ========== Services (SafeList) ========== SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (McAfee SiteAdvisor Service) -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (vToolbarUpdater13.2.0) -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe () SRV - (KinoniSvc) -- C:\Programme\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe () SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (MSSQL$MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) SRV - (GREGService) -- C:\Programme\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV - (USBCCID) -- system32\DRIVERS\RtsUCcid.sys File not found DRV - (RtsUIR) -- system32\DRIVERS\Rts516xIR.sys File not found DRV - (catchme) -- C:\Users\Sandra\AppData\Local\Temp\catchme.sys File not found DRV - (HWiNFO32) -- C:\Windows\System32\drivers\HWiNFO32.SYS (REALiX(tm)) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (MSHUSBVideo) -- C:\Windows\System32\drivers\nx6000.sys (Microsoft Corporation) DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.) DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.) DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation) DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (BMLoad) -- C:\Windows\System32\drivers\BMLoad.sys (Bytemobile, Inc.) DRV - (tcpipBM) -- C:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.) DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=extensa_5635&r=27051111d506l0473z2i5i5741u495 IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.02.07 01:39:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.17 11:52:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.13 19:58:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sandra\AppData\Roaming\mozilla\Extensions [2013.03.08 20:11:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sandra\AppData\Roaming\mozilla\Firefox\Profiles\wla9cndx.default\extensions [2013.05.17 11:52:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.05.17 11:52:34 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - homepage: hxxp://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\system32\npdeployJava1.dll CHR - Extension: Google Drive = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: SiteAdvisor = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\ CHR - Extension: Google Mail = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013.05.17 13:28:27 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.) O4 - HKLM..\Run: [DataCardMonitor] C:\Programme\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.EXE (Dritek System Inc.) O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.10 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0055F8EE-D9A6-4CD6-986E-2B6E60A99052}: NameServer = 213.162.69.169 213.162.69.170 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A8D70E7-C4E4-44C2-A11D-61244551D09F}: DhcpNameServer = 192.168.1.10 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A8D70E7-C4E4-44C2-A11D-61244551D09F}: NameServer = 8.8.8.8,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65596105-DD19-4088-99D5-43028999E61E}: DhcpNameServer = 192.168.1.10 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.17 22:02:10 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.05.17 22:02:01 | 000,000,000 | ---D | C] -- C:\JRT [2013.05.17 22:01:18 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Sandra\Desktop\JRT.exe [2013.05.17 14:59:26 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sandra\Desktop\tdsskiller.exe [2013.05.17 14:42:57 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Sandra\Desktop\aswMBR.exe [2013.05.17 14:24:18 | 000,000,000 | ---D | C] -- C:\Users\Sandra\Desktop\mbar-1.05.0.1001 [2013.05.17 14:22:04 | 000,022,560 | ---- | C] (REALiX(tm)) -- C:\Windows\System32\drivers\HWiNFO32.SYS [2013.05.17 14:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32 [2013.05.17 14:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO32 [2013.05.17 14:20:17 | 002,820,032 | ---- | C] (Martin Malík - REALiX ) -- C:\Users\Sandra\Desktop\hw32_418.exe [2013.05.17 13:30:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.05.17 13:30:10 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.05.17 13:20:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.05.17 13:20:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.05.17 13:20:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.05.17 13:16:34 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.05.17 13:16:20 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.05.17 13:13:43 | 005,066,411 | R--- | C] (Swearware) -- C:\Users\Sandra\Desktop\ComboFix.exe [2013.05.17 11:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.05.17 07:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013.05.17 07:19:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.05.17 07:19:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.05.17 07:19:35 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.05.16 19:52:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sandra\Desktop\OTL.exe [2013.05.15 16:02:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.05.15 16:02:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.05.15 16:02:32 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.05.15 16:02:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.05.15 16:02:31 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.05.15 16:02:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.05.15 16:02:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.05.15 15:57:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.05.15 13:28:10 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.05.15 13:28:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll [2013.05.15 13:28:08 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2013.05.15 13:27:58 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2013.05.15 13:27:57 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2013.04.29 20:06:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\SupportAppXL [2013.04.29 20:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\MODEM Mobiler Anschluss [2013.04.29 20:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MODEM Mobiler Anschluss ========== Files - Modified Within 30 Days ========== [2013.05.17 22:09:07 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.17 22:08:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.17 22:08:46 | 2338,004,992 | -HS- | M] () -- C:\hiberfil.sys [2013.05.17 22:06:07 | 000,632,031 | ---- | M] () -- C:\Users\Sandra\Desktop\adwcleaner.exe [2013.05.17 22:01:28 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Sandra\Desktop\JRT.exe [2013.05.17 21:55:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.17 21:41:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.17 14:59:30 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Sandra\Desktop\tdsskiller.exe [2013.05.17 14:58:44 | 000,000,512 | ---- | M] () -- C:\Users\Sandra\Desktop\MBR.dat [2013.05.17 14:44:28 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Sandra\Desktop\aswMBR.exe [2013.05.17 14:23:45 | 012,917,756 | ---- | M] () -- C:\Users\Sandra\Desktop\mbar-1.05.0.1001.zip [2013.05.17 14:22:04 | 000,022,560 | ---- | M] (REALiX(tm)) -- C:\Windows\System32\drivers\HWiNFO32.SYS [2013.05.17 14:20:19 | 002,820,032 | ---- | M] (Martin Malík - REALiX ) -- C:\Users\Sandra\Desktop\hw32_418.exe [2013.05.17 13:28:27 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013.05.17 13:14:17 | 005,066,411 | R--- | M] (Swearware) -- C:\Users\Sandra\Desktop\ComboFix.exe [2013.05.17 07:18:36 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.17 07:18:36 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.16 22:48:50 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.05.16 21:43:49 | 000,016,479 | ---- | M] () -- C:\Users\Sandra\Desktop\OTL.zip [2013.05.16 20:21:28 | 000,377,856 | ---- | M] () -- C:\Users\Sandra\Desktop\gmer_2.1.19163.exe [2013.05.16 19:52:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sandra\Desktop\OTL.exe [2013.05.16 19:51:42 | 000,000,000 | ---- | M] () -- C:\Users\Sandra\defogger_reenable [2013.05.16 19:51:24 | 000,050,477 | ---- | M] () -- C:\Users\Sandra\Desktop\Defogger.exe [2013.05.16 19:14:39 | 000,753,840 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.16 19:14:39 | 000,698,856 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.16 19:14:39 | 000,171,660 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.16 19:14:39 | 000,138,602 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.05.15 16:12:55 | 000,463,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.14 21:56:33 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.05.14 21:56:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.05.13 10:37:43 | 003,602,982 | ---- | M] () -- C:\Users\Sandra\Documents\Omi und Opi 2. Versuch.wmv [2013.05.10 11:13:12 | 318,971,301 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.08 18:05:11 | 000,002,044 | -H-- | M] () -- C:\Users\Sandra\Documents\Default.rdp [2013.05.08 11:14:04 | 005,480,482 | ---- | M] () -- C:\Users\Sandra\Documents\Omi und Opi 1. Versuch.wmv [2013.05.06 14:16:41 | 000,009,292 | ---- | M] () -- C:\Users\Sandra\Documents\print.pdf [2013.05.05 21:12:55 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.05.02 17:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013.04.29 20:06:58 | 000,001,774 | ---- | M] () -- C:\Users\Public\Desktop\MODEM Mobiler Anschluss.lnk [2013.04.23 12:41:51 | 000,002,186 | ---- | M] () -- C:\Users\Sandra\Documents\Mein Film 3.wlmp [2013.04.23 12:11:33 | 000,002,152 | ---- | M] () -- C:\Users\Sandra\Documents\mein film 1.wlmp [2013.04.23 11:53:32 | 000,002,416 | ---- | M] () -- C:\Users\Sandra\Documents\Mein Film.wlmp ========== Files Created - No Company Name ========== [2013.05.17 22:05:57 | 000,632,031 | ---- | C] () -- C:\Users\Sandra\Desktop\adwcleaner.exe [2013.05.17 14:58:44 | 000,000,512 | ---- | C] () -- C:\Users\Sandra\Desktop\MBR.dat [2013.05.17 14:23:32 | 012,917,756 | ---- | C] () -- C:\Users\Sandra\Desktop\mbar-1.05.0.1001.zip [2013.05.17 13:20:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.05.17 13:20:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.05.17 13:20:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.05.17 13:20:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.05.17 13:20:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.05.16 21:43:49 | 000,016,479 | ---- | C] () -- C:\Users\Sandra\Desktop\OTL.zip [2013.05.16 20:21:28 | 000,377,856 | ---- | C] () -- C:\Users\Sandra\Desktop\gmer_2.1.19163.exe [2013.05.16 19:51:42 | 000,000,000 | ---- | C] () -- C:\Users\Sandra\defogger_reenable [2013.05.16 19:51:22 | 000,050,477 | ---- | C] () -- C:\Users\Sandra\Desktop\Defogger.exe [2013.05.13 10:37:13 | 003,602,982 | ---- | C] () -- C:\Users\Sandra\Documents\Omi und Opi 2. Versuch.wmv [2013.05.08 11:13:23 | 005,480,482 | ---- | C] () -- C:\Users\Sandra\Documents\Omi und Opi 1. Versuch.wmv [2013.05.06 14:16:41 | 000,009,292 | ---- | C] () -- C:\Users\Sandra\Documents\print.pdf [2013.04.29 20:06:43 | 000,001,774 | ---- | C] () -- C:\Users\Public\Desktop\MODEM Mobiler Anschluss.lnk [2013.04.23 12:41:51 | 000,002,186 | ---- | C] () -- C:\Users\Sandra\Documents\Mein Film 3.wlmp [2013.04.23 12:11:33 | 000,002,152 | ---- | C] () -- C:\Users\Sandra\Documents\mein film 1.wlmp [2013.04.23 11:53:31 | 000,002,416 | ---- | C] () -- C:\Users\Sandra\Documents\Mein Film.wlmp [2013.03.04 12:52:54 | 000,015,872 | ---- | C] () -- C:\Users\Sandra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.12.24 02:14:17 | 000,007,605 | ---- | C] () -- C:\Users\Sandra\AppData\Local\Resmon.ResmonCfg [2012.10.15 10:23:12 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI [2012.09.27 20:01:40 | 000,000,033 | ---- | C] () -- C:\Windows\System32\mnprxpd2f.bin [2012.09.21 21:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2012.09.21 21:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2012.09.21 21:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2012.09.11 13:45:25 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll [2012.09.11 13:44:11 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2012.09.11 13:43:41 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2012.09.09 12:54:25 | 000,000,105 | ---- | C] () -- C:\Windows\ODBC.INI [2012.05.08 12:53:17 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012.01.18 07:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2011.11.08 09:56:02 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > extras: Code:
ATTFilter OTL Extras logfile created on: 17.05.2013 22:11:58 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sandra\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,90 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 65,12% Memory free
5,80 Gb Paging File | 4,76 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,94 Gb Total Space | 93,67 Gb Free Space | 67,42% Space Free | Partition Type: NTFS
Drive D: | 135,05 Gb Total Space | 134,95 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Computer Name: SANDRA-PC | User Name: Sandra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-3322867212-3760231481-2277792164-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0769129A-E86E-4310-802E-E630F6EB4C78}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0BCC12F9-0CFE-43B1-84C1-4178553E460D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0FF73EE9-88E7-470F-B6F6-11FC9275AB13}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1133BD62-9EF8-4908-80B6-29F9C146A3C9}" = rport=139 | protocol=6 | dir=out | app=system |
"{13FC3117-CDC5-47F2-96E7-7D9D491CB0B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A562B7C-1D4D-47C0-A65B-0F083584DCF1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{25B6DA82-9DD4-4F1C-9D6D-4E5048D1AFF5}" = lport=445 | protocol=6 | dir=in | app=system |
"{49FFF147-B83F-4B9D-8069-715A07B64240}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D418F3F-DFED-4B00-A53E-0B6614261218}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4FFA3DC9-5021-40C1-849B-E5E9CFA0F18B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{61E30013-86F4-477A-84E8-B28012D94E60}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{66FB5303-6D53-4B8D-8193-15AB807A20B3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7E6911AA-D051-45DC-8CEF-359F8CDE9B63}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82604CBA-8961-4E33-ACD6-5586EA989230}" = rport=445 | protocol=6 | dir=out | app=system |
"{8332D17F-4507-44D4-BD48-674617AEE4C3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{84F97902-B448-48DD-8CBB-8323C22F6DB5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95431E00-AB1E-4037-8E92-85CDD5CE70DF}" = lport=138 | protocol=17 | dir=in | app=system |
"{B7F6507D-737E-4034-8B84-074CEA74895D}" = rport=138 | protocol=17 | dir=out | app=system |
"{BBCAEA54-832A-4F7D-83C5-824CB6AF2EBC}" = rport=137 | protocol=17 | dir=out | app=system |
"{CAD3D3FD-C68A-4389-A828-6C4EE29FD53F}" = lport=139 | protocol=6 | dir=in | app=system |
"{CDF44C22-68F1-424F-B854-E8C39FF7C90E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E69EA7CC-20A4-4A03-B550-60C95904E4E2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E96FF62F-CA53-4D2A-8403-537CD617E7F6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{ECB3A3A5-2E70-4BC6-8A84-270B4F4CBC0A}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B733F4F-0C8C-4247-843C-16516ABD89A5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{12870F13-A815-49C2-B9B0-455C2477623C}" = dir=in | app=c:\program files\acer\acer vcm\rs_service.exe |
"{173A4FFC-0572-4A8D-9A93-363CF674C8B6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2EBC331F-E8B8-4748-95C0-6324FD45523F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F3455E5-40E7-4157-B84E-C273C5FBC06F}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{31E25133-2D27-488C-BC2E-CC2E9F4302BC}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{3390BD87-3A43-4E1A-B0EF-12A412DD6552}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36EC0432-C48D-4FDE-B5F2-C0B4103D963A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3799457D-E06C-41B2-9A4A-7C304ADB7F84}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{3A950D8A-8F7A-476D-A1E0-FC36F8F6E42E}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{456D8972-1682-4FC2-B55C-63EA7DCE694D}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{4CC27AC1-7EE1-4315-9517-58A5468F814B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{510AE8F5-EFE1-487F-B0A1-037C604C90DE}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{522293ED-922C-4D89-BE80-C4EE9A83B187}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{554AE5D3-EEED-49B5-B53C-436A60E0F621}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{5C3BE645-952C-440F-B240-7C236AB03FC9}" = protocol=6 | dir=out | app=c:\program files\kinoni\epoccam_and_barcode_drivers\kinonisvc.exe |
"{620C5A7D-6BDE-4C31-9A2D-4181A28D969C}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{6673E7DC-51F7-4872-955E-56E210AA8D5F}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{68A4F3E0-6A6C-4723-A3A9-65FED53A66C3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7358A915-28B8-4031-9A0A-EE5015070701}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{7D79096F-4089-464B-97C1-7D9A350A85DE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8912F232-733F-4494-BC8E-E3707BC760AE}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8CA8D513-AFEF-4A63-BF60-4267A790A775}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8CBEA5E7-A4D6-4247-BD10-A47E7996EA69}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{8DCC28A0-632C-469C-BC39-8D1A7064E64E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{9AD0C094-81EF-4C1E-B4D8-4CC5EF487E2E}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{9D02B553-9F8C-4584-BEBA-081AC702E728}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A012AA85-EECE-4852-860A-CE9C9F5D89E5}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{A4B17515-7DD5-4F96-AC4F-D423A3C0E36F}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{A56E409B-B30C-4860-B8D2-02D4BB7D0703}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A71C4E2F-AB61-4DFB-BA00-1ADB9122A905}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ADC98240-A8EF-4CF6-8C09-5A114953C159}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{AEB47642-AD53-47C2-BC2A-0AC1B9853B33}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BEB2FE12-E17B-42C6-8685-00A6DE4AC8C0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C0BA7EA8-9776-4274-A87E-AE28EAF52D84}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{C2E26C3A-B681-4444-A72B-F176534FE483}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CED1562C-EAF1-45CC-B4B9-DF25CADD06EA}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{D6E115E2-499A-438C-9F5E-347BA0090ABF}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D754A5A4-0111-4D2E-AC0C-E0F9417A7C16}" = protocol=6 | dir=in | app=c:\program files\kinoni\epoccam_and_barcode_drivers\kinonisvc.exe |
"{DB8E39A2-1441-4A4A-9325-08AEDDBC5AAC}" = protocol=6 | dir=out | app=system |
"{E66F10FD-F401-4189-AB66-CA34AEC62B4F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E893468E-A6FE-48BB-A143-CFCCCA4EC939}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EEBDD4E8-A01F-41D8-BE0F-6596B647E264}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{F2404AFE-1D7D-4A48-91B1-33278C961AC6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{309F4965-1AA3-494B-BDCD-E6B8AE6DC8BB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{7C334C5B-8F6B-4F34-B29A-4EE605A83BDD}C:\satisfyme\satisfyme.exe" = protocol=6 | dir=in | app=c:\satisfyme\satisfyme.exe |
"TCP Query User{B6F93A39-7705-4E34-8ED5-A7F1AECFC763}\\svr02\volume_1\apple\tinyumbrella-6.01.00.exe" = protocol=6 | dir=in | app=\\svr02\volume_1\apple\tinyumbrella-6.01.00.exe |
"UDP Query User{7005199E-BAFA-4563-9265-495262EE662E}C:\satisfyme\satisfyme.exe" = protocol=17 | dir=in | app=c:\satisfyme\satisfyme.exe |
"UDP Query User{A291CF49-B811-4AC6-B532-65343D1D21B3}\\svr02\volume_1\apple\tinyumbrella-6.01.00.exe" = protocol=17 | dir=in | app=\\svr02\volume_1\apple\tinyumbrella-6.01.00.exe |
"UDP Query User{D6B772D1-8EA9-4544-984D-763FDA269F60}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = MODEM Mobiler Anschluss
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.160.210
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F73D8560-EB17-4C8C-BA6C-8389419E8A98}" = SatisfyMe
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"D'Accord Free Clef_is1" = D'Accord Free Clef
"DarkWave Studio" = DarkWave Studio 4.0.9
"Finale 2012 Demo" = Finale 2012 Demo
"Finale NotePad 2012" = Finale NotePad 2012
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HWiNFO32_is1" = HWiNFO32 Version 4.18
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"JTL-Wawi_is1" = JTL-Wawi
"KinoniDrivers" = KinoniDrivers 2.7.1
"LManager" = Launch Manager
"MAGIX Music Maker for MySpace D" = MAGIX Music Maker for MySpace 15.0.1.8 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Multilizer PDF Translator_is1" = Multilizer PDF Translator (Build 7.8.8)
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"PROHYBRIDR" = 2007 Microsoft Office system
"Synthesia" = Synthesia (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"T-Mobile Internet Manager" = T-Mobile Internet Manager
"TVWiz" = Intel(R) TV Wizard
"Virtual Garden" = Virtual Garden
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.05.2013 16:12:10 | Computer Name = Sandra-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.)
active for over two minutes. This places considerable burden on the network.
[ OSession Events ]
Error - 30.08.2012 04:00:55 | Computer Name = Sandra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1714
seconds with 120 seconds of active time. This session ended with a crash.
Error - 30.08.2012 04:14:59 | Computer Name = Sandra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 795
seconds with 120 seconds of active time. This session ended with a crash.
Error - 30.11.2012 06:53:50 | Computer Name = Sandra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 118
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 17.05.2013 16:09:16 | Computer Name = Sandra-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
tcpipBM
< End of report >
Danke! LG Jörg |
|
17.05.2013, 21:46
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe ich einen Virus ? Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Habe ich einen Virus ? |
| blick, datei, freundin, probleme, seite, virus, virus ?, wirklich, würde |
WARNUNG an die MITLESER: 
Linear-Darstellung
