| fight_trojan | 22.06.2012 12:05 |
So, folgendes:
OTL.txt Code:
OTL logfile created on: 6/22/2012 12:44:20 PM - Run 2
OTL by OldTimer - Version 3.2.51.0 Folder = C:\Users\PC\Desktop\Download
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.99 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 66.50% Memory free
3.98 Gb Paging File | 2.86 Gb Available in Paging File | 71.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 85.00 Gb Total Space | 35.55 Gb Free Space | 41.82% Space Free | Partition Type: NTFS
Drive D: | 127.79 Gb Total Space | 112.02 Gb Free Space | 87.66% Space Free | Partition Type: NTFS
Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\PC\Desktop\Download\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\SFB\SmartRestarter.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
PRC - C:\Programme\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.)
PRC - C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\Samsung Update Plus\SUPNotifier.exe ()
PRC - C:\Programme\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Programme\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Windows\System32\PrintIsolationHost.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programme\Samsung\Samsung Update Plus\SUPNotifier.exe ()
MOD - C:\Programme\Samsung\Samsung Update Plus\HMXML.dll ()
MOD - C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll ()
========== Win32 Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (catchme) -- C:\Users\PC\AppData\Local\Temp\catchme.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/17 10:53:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/06 12:43:11 | 000,000,000 | ---D | M]
[2012/01/12 19:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2012/06/03 18:07:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\zwyzwftw.default\extensions
[2012/03/30 18:09:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\zwyzwftw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/02/20 18:15:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/06/03 18:07:06 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZWYZWFTW.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/06/17 10:53:04 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/17 10:52:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/06/17 10:52:57 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/17 10:52:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/06/17 10:52:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/17 10:52:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/06/17 10:52:57 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012/06/03 19:10:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: =
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 141.2.22.74 141.2.149.10 141.2.86.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8887E514-3C3B-4C11-A12C-0AF78DF05D82}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E40816D-B96C-4AAA-A82B-58E8F200F160}: DhcpNameServer = 141.2.22.74 141.2.149.10 141.2.86.211
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/22 12:44:59 | 002,128,472 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\PC\Desktop\tdsskiller.exe
[2012/06/22 09:22:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{180FDF85-8438-4680-9582-6D8E1CCED99F}
[2012/06/22 09:22:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{63868D33-959E-4B16-BBA7-2958F54F90D8}
[2012/06/21 10:10:52 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012/06/21 10:10:51 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012/06/21 10:10:26 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012/06/21 10:10:26 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2012/06/21 10:10:26 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012/06/21 10:10:03 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2012/06/21 10:10:03 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2012/06/21 09:09:36 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{05AF71CB-9055-4CF4-85A5-6D4EE79BF61D}
[2012/06/20 12:54:50 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Neu
[2012/06/20 09:02:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9DC7852B-E205-4E96-8484-9AF1B33208DA}
[2012/06/19 21:13:29 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Recovery Toolbox for PDF
[2012/06/18 23:43:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{46A5AE9C-E174-44EE-9B45-5E6AC6998FDB}
[2012/06/18 23:08:43 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Recovery Toolbox for Word
[2012/06/17 22:43:45 | 002,824,704 | ---- | C] (Askey Computer Corporation.) -- C:\windows\System32\AInst3141.exe
[2012/06/17 19:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\Smart File Advisor
[2012/06/17 19:09:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2DF32E20-5B0C-469F-8C9B-A52AC1B13F2F}
[2012/06/17 14:10:08 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2012/06/17 14:08:12 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2012/06/17 12:50:36 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{33C1B128-F544-46F9-A08A-9073E10D9E5C}
[2012/06/17 12:37:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{90D40C09-388A-4897-ACF9-404EEB215DD1}
[2012/06/16 10:50:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{13857333-B4F8-4013-B013-965C1C85ADAB}
[2012/06/15 22:49:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{568577D7-A75D-4116-838A-A8993065B68D}
[2012/06/13 10:54:03 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2012/06/13 10:54:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012/06/13 10:54:00 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012/06/13 10:53:59 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012/06/13 10:53:59 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012/06/13 10:53:57 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2012/06/13 10:53:55 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
[2012/06/13 10:53:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
[2012/06/13 10:53:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe
[2012/06/06 12:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/06/06 12:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/06/03 21:22:10 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fsquirt.exe
[2012/06/03 21:21:48 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2012/06/03 21:21:47 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2012/06/03 21:21:43 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2012/06/03 19:22:24 | 000,000,000 | ---D | C] -- C:\windows\temp
[2012/06/03 19:12:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/03 19:10:02 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\temp
[2012/06/03 18:54:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/06/03 18:54:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/06/03 18:54:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/06/03 18:54:22 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2012/06/03 18:52:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/03 18:26:29 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B990C4B4-D894-49EA-89D9-A7E91F8F0041}
[2012/06/03 16:04:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes
[2012/06/03 16:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/02 08:21:21 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2E5CCA32-8C43-46AE-9CEC-358BE92153B5}
[2012/05/28 09:09:13 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{048D1366-E441-48C8-AB0D-4599215C6364}
[2012/05/28 09:08:39 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FA69435B-9B98-4F46-9E2F-E595912D39E4}
[2012/05/27 23:03:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{ECD18DDD-D155-4563-83B4-2EFC15DE57A0}
[2012/05/27 23:03:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2E391DFD-BD53-4DEB-9520-F77767B03345}
[2012/05/25 08:36:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3348CFF1-E1B7-45B1-9C44-FD67A622853E}
[2012/05/24 10:08:52 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{CAF95BB7-0855-41F1-8719-BD3A42565E0C}
========== Files - Modified Within 30 Days ==========
[2012/06/22 12:45:16 | 002,128,472 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\PC\Desktop\tdsskiller.exe
[2012/06/22 12:42:33 | 000,000,000 | ---- | M] () -- C:\Users\PC\defogger_reenable
[2012/06/22 12:32:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/06/22 09:27:53 | 000,010,272 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 09:27:53 | 000,010,272 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 09:23:23 | 000,647,376 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012/06/22 09:23:23 | 000,610,094 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/06/22 09:23:23 | 000,127,404 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012/06/22 09:23:23 | 000,104,412 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/06/22 08:19:57 | 2136,260,608 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/17 14:43:22 | 000,443,920 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/06/17 14:25:58 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msclmd.dll
[2012/06/03 19:10:22 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2012/06/03 00:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012/06/03 00:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012/06/03 00:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012/06/03 00:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012/06/03 00:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2012/06/02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2012/06/02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2012/06/02 12:53:52 | 000,000,000 | ---- | M] () -- C:\Users\PC\otQOyVrusnxqfEtAUn
========== Files Created - No Company Name ==========
[2012/06/22 12:42:33 | 000,000,000 | ---- | C] () -- C:\Users\PC\defogger_reenable
[2012/06/06 12:43:12 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/06/03 18:54:36 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/06/03 18:54:36 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/06/03 18:54:36 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/06/03 18:54:36 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/06/03 18:54:36 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/06/02 12:53:52 | 000,000,000 | ---- | C] () -- C:\Users\PC\otQOyVrusnxqfEtAUn
[2012/03/17 03:55:36 | 000,002,048 | -HS- | C] () -- C:\windows\Installer\{80defd8e-a8cc-ad9f-6356-a02873f96759}\@
[2012/03/17 03:55:36 | 000,002,048 | -HS- | C] () -- C:\Users\PC\AppData\Local\{80defd8e-a8cc-ad9f-6356-a02873f96759}\@
[2012/02/21 17:21:59 | 000,004,096 | -H-- | C] () -- C:\Users\PC\AppData\Local\keyfile3.drm
========== Alternate Data Streams ==========
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:8530A643
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:2430E4FC
< End of report >
Extras.txt Code:
OTL Extras logfile created on: 6/22/2012 12:44:20 PM - Run 2
OTL by OldTimer - Version 3.2.51.0 Folder = C:\Users\PC\Desktop\Download
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.99 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 66.50% Memory free
3.98 Gb Paging File | 2.86 Gb Available in Paging File | 71.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 85.00 Gb Total Space | 35.55 Gb Free Space | 41.82% Space Free | Partition Type: NTFS
Drive D: | 127.79 Gb Total Space | 112.02 Gb Free Space | 87.66% Space Free | Partition Type: NTFS
Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0E5D3651-4689-4241-9B50-41DA157220D3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3506C5A1-DC00-4E18-90AD-953A3B482900}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{70A90FDB-4073-48AB-AA76-BFD30E237D73}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A92742E6-B06B-4B49-8484-4A4A8ED4AD0D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B5D52F4D-39AC-4A23-8BB8-41D0EE3E4DAC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{78D35DA2-3D78-461A-A9DB-2D8EC810B93A}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"UDP Query User{8C59AF7E-8CEF-4EBC-9E9C-FE8EC56E7554}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{45535A5E-1F81-4F35-BE1D-43D10A7D03B4}" = Easy Resolution Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{607DA1C8-34EC-4D7A-AD83-F8E5C70736DF}" = EasyBatteryManager
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{749BDD29-D756-4B9B-8022-3E666A24C13F}" = Samsung Support Center
"{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}" = Fast Booting SW
"{7A25D130-4EC8-11E1-BEA4-B8AC6F97B88E}" = Google Earth
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A5C8BFF2-0044-4500-8BB5-BEB0D2335885}" = REALTEK PCIE Wireless LAN Software
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD136CE7-6666-4273-A056-8D92F8625AAB}" = Sun ODF Plugin for Microsoft Office 3.2
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDF38EE7-3A53-4B4C-8924-CFFDF906091A}" = EasyFileShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5A4F780-DF0C-444F-BA82-637CCF5C8052}" = Windows Live Family Safety
"{F771F1D4-EDD4-4D68-82DC-811583C099CD}" = Easy Network Manager
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Elantech" = ETDWare PS/2-x86 7.0.7.0_WHQL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Marvell Miniport Driver" = Marvell Miniport Driver
"Messenger Plus!" = Messenger Plus! 5
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Smart File Advisor_is1" = Smart File Advisor 1.1.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/17/2012 8:10:58 AM | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rannohdecryptor.exe, Version: 1.1.0.0,
Zeitstempel: 0x4f9eaaf1 Name des fehlerhaften Moduls: rannohdecryptor.exe, Version:
1.1.0.0, Zeitstempel: 0x4f9eaaf1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001d881
ID
des fehlerhaften Prozesses: 0x2494 Startzeit der fehlerhaften Anwendung: 0x01cd4c823de772c5
Pfad
der fehlerhaften Anwendung: E:\rannohdecryptor.exe Pfad des fehlerhaften Moduls:
E:\rannohdecryptor.exe Berichtskennung: 7eaca7e0-b875-11e1-947b-9efc9a8bb4cb
Error - 6/17/2012 8:44:25 AM | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 6/17/2012 8:48:18 AM | Computer Name = PC-PC | Source = ESENT | ID = 494
Description = services (596) Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten
(Fehler -1216), da Verweise auf Datenbank "C:\WINDOWS\Security\Database\secedit.sdb"
festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber
heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt)
wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz
erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die
Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden
Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder
unter dem Link "Weitere Informationen" am Ende dieser Meldung.
Error - 6/17/2012 8:48:18 AM | Computer Name = PC-PC | Source = ESENT | ID = 454
Description = services (596) Bei Datenbankwiederherstellung trat ein unerwarteter
Fehler -1216 auf.
Error - 6/17/2012 8:55:26 AM | Computer Name = PC-PC | Source = ESENT | ID = 215
Description = WinMail (3864) WindowsMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.
Error - 6/17/2012 8:56:48 AM | Computer Name = PC-PC | Source = Avira Antivirus | ID = 4118
Description = AUSNAHMEFEHLER beim Aufruf der Funktion AVEPROC_TestFile() für die
Datei C:\Program Files\CyberLink\YouCam\CLLogo.jpg. [ACCESS_VIOLATION Exception!!
EIP = 0x13e5c92] Bitte Avira informieren und die obige Datei übersenden!
Error - 6/17/2012 9:09:23 AM | Computer Name = PC-PC | Source = VSS | ID = 8194
Description =
Error - 6/17/2012 9:30:28 AM | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 6/17/2012 9:30:45 AM | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 6/17/2012 11:11:56 AM | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: msnmsgr.exe, Version: 15.4.3555.308,
Zeitstempel: 0x4f596cbb Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version:
2.0.10175.3910, Zeitstempel: 0x4b9715b8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c9d8
ID
des fehlerhaften Prozesses: 0xb98 Startzeit der fehlerhaften Anwendung: 0x01cd4c9b532e7b63
Pfad
der fehlerhaften Anwendung: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\CyberLink\YouCam\YCWebCameraSource.ax
Berichtskennung:
c6d8dffd-b88e-11e1-9628-ae09c62fcaef
[ OSession Events ]
Error - 2/19/2012 1:37:21 PM | Computer Name = PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 25173
seconds with 10440 seconds of active time. This session ended with a crash.
Error - 2/19/2012 2:15:15 PM | Computer Name = PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2243
seconds with 1740 seconds of active time. This session ended with a crash.
Error - 3/27/2012 11:54:11 AM | Computer Name = PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 17512 seconds with 7800 seconds of active time. This session ended with
a crash.
[ System Events ]
Error - 5/21/2012 8:29:55 AM | Computer Name = PC-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 5/21/2012 10:24:16 AM | Computer Name = PC-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst AntiVirSchedulerService erreicht.
Error - 5/21/2012 11:00:11 AM | Computer Name = PC-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 5/21/2012 12:59:18 PM | Computer Name = PC-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst AntiVirSchedulerService erreicht.
Error - 5/21/2012 5:55:52 PM | Computer Name = PC-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Wlansvc erreicht.
Error - 5/22/2012 2:05:56 AM | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 5/22/2012 2:06:42 AM | Computer Name = PC-PC | Source = DCOM | ID = 10005
Description =
Error - 5/22/2012 2:06:42 AM | Computer Name = PC-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Modules Installer erreicht.
Error - 5/22/2012 2:06:42 AM | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Modules Installer" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 5/22/2012 2:06:43 AM | Computer Name = PC-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007041d
< End of report >
TDSS-Killer Code:
12:45:48.0524 5068 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
12:45:49.0068 5068 ============================================================
12:45:49.0068 5068 Current date / time: 2012/06/22 12:45:49.0068
12:45:49.0069 5068 SystemInfo:
12:45:49.0069 5068
12:45:49.0069 5068 OS Version: 6.1.7601 ServicePack: 1.0
12:45:49.0069 5068 Product type: Workstation
12:45:49.0069 5068 ComputerName: PC-PC
12:45:49.0070 5068 UserName: PC
12:45:49.0070 5068 Windows directory: C:\windows
12:45:49.0070 5068 System windows directory: C:\windows
12:45:49.0070 5068 Processor architecture: Intel x86
12:45:49.0070 5068 Number of processors: 2
12:45:49.0070 5068 Page size: 0x1000
12:45:49.0070 5068 Boot type: Normal boot
12:45:49.0070 5068 ============================================================
12:45:50.0961 5068 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:45:50.0999 5068 ============================================================
12:45:50.0999 5068 \Device\Harddisk0\DR0:
12:45:51.0032 5068 MBR partitions:
12:45:51.0032 5068 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
12:45:51.0032 5068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0xAA00000
12:45:51.0066 5068 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xD233000, BlocksNum 0xFF92000
12:45:51.0066 5068 ============================================================
12:45:51.0273 5068 C: <-> \Device\Harddisk0\DR0\Partition1
12:45:51.0338 5068 D: <-> \Device\Harddisk0\DR0\Partition2
12:45:51.0339 5068 ============================================================
12:45:51.0339 5068 Initialize success
12:45:51.0339 5068 ============================================================
13:01:01.0918 1692 ============================================================
13:01:01.0918 1692 Scan started
13:01:01.0918 1692 Mode: Manual; TDLFS;
13:01:01.0918 1692 ============================================================
13:01:03.0781 1692 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
13:01:03.0785 1692 1394ohci - ok
13:01:03.0892 1692 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
13:01:03.0898 1692 ACPI - ok
13:01:03.0980 1692 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
13:01:03.0981 1692 AcpiPmi - ok
13:01:04.0115 1692 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:01:04.0119 1692 AdobeARMservice - ok
13:01:04.0274 1692 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
13:01:04.0282 1692 adp94xx - ok
13:01:04.0419 1692 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
13:01:04.0429 1692 adpahci - ok
13:01:04.0484 1692 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
13:01:04.0486 1692 adpu320 - ok
13:01:04.0532 1692 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
13:01:04.0535 1692 AeLookupSvc - ok
13:01:04.0647 1692 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
13:01:04.0654 1692 AFD - ok
13:01:04.0714 1692 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
13:01:04.0716 1692 agp440 - ok
13:01:04.0791 1692 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
13:01:04.0793 1692 aic78xx - ok
13:01:04.0856 1692 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
13:01:04.0858 1692 ALG - ok
13:01:04.0913 1692 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
13:01:04.0915 1692 aliide - ok
13:01:04.0945 1692 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
13:01:04.0947 1692 amdagp - ok
13:01:05.0001 1692 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
13:01:05.0002 1692 amdide - ok
13:01:05.0053 1692 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
13:01:05.0055 1692 AmdK8 - ok
13:01:05.0089 1692 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
13:01:05.0090 1692 AmdPPM - ok
13:01:05.0159 1692 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\windows\system32\drivers\amdsata.sys
13:01:05.0162 1692 amdsata - ok
13:01:05.0218 1692 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
13:01:05.0220 1692 amdsbs - ok
13:01:05.0250 1692 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\windows\system32\drivers\amdxata.sys
13:01:05.0251 1692 amdxata - ok
13:01:05.0422 1692 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:01:05.0426 1692 AntiVirSchedulerService - ok
13:01:05.0483 1692 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:01:05.0486 1692 AntiVirService - ok
13:01:05.0545 1692 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
13:01:05.0547 1692 AppID - ok
13:01:05.0606 1692 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
13:01:05.0609 1692 AppIDSvc - ok
13:01:05.0657 1692 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
13:01:05.0659 1692 Appinfo - ok
13:01:05.0760 1692 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
13:01:05.0762 1692 arc - ok
13:01:05.0796 1692 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
13:01:05.0797 1692 arcsas - ok
13:01:05.0838 1692 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
13:01:05.0839 1692 AsyncMac - ok
13:01:05.0892 1692 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
13:01:05.0893 1692 atapi - ok
13:01:06.0045 1692 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
13:01:06.0058 1692 AudioEndpointBuilder - ok
13:01:06.0084 1692 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
13:01:06.0095 1692 Audiosrv - ok
13:01:06.0147 1692 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\windows\system32\DRIVERS\avgntflt.sys
13:01:06.0148 1692 avgntflt - ok
13:01:06.0231 1692 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\windows\system32\DRIVERS\avipbb.sys
13:01:06.0233 1692 avipbb - ok
13:01:06.0272 1692 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\windows\system32\DRIVERS\avkmgr.sys
13:01:06.0273 1692 avkmgr - ok
13:01:06.0339 1692 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
13:01:06.0341 1692 AxInstSV - ok
13:01:06.0486 1692 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
13:01:06.0495 1692 b06bdrv - ok
13:01:06.0593 1692 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
13:01:06.0598 1692 b57nd60x - ok
13:01:07.0230 1692 BCM43XX (f4d388dc3ff004aee886762d5cec7783) C:\windows\system32\DRIVERS\bcmwl6.sys
13:01:07.0260 1692 BCM43XX - ok
13:01:07.0498 1692 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
13:01:07.0502 1692 BDESVC - ok
13:01:07.0575 1692 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
13:01:07.0577 1692 Beep - ok
13:01:07.0743 1692 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
13:01:07.0757 1692 BFE - ok
13:01:07.0895 1692 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\system32\qmgr.dll
13:01:07.0919 1692 BITS - ok
13:01:07.0962 1692 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
13:01:07.0963 1692 blbdrive - ok
13:01:08.0014 1692 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
13:01:08.0016 1692 bowser - ok
13:01:08.0041 1692 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
13:01:08.0042 1692 BrFiltLo - ok
13:01:08.0055 1692 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
13:01:08.0057 1692 BrFiltUp - ok
13:01:08.0099 1692 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
13:01:08.0101 1692 BridgeMP - ok
13:01:08.0161 1692 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
13:01:08.0167 1692 Browser - ok
13:01:08.0254 1692 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
13:01:08.0258 1692 Brserid - ok
13:01:08.0282 1692 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
13:01:08.0284 1692 BrSerWdm - ok
13:01:08.0308 1692 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
13:01:08.0309 1692 BrUsbMdm - ok
13:01:08.0325 1692 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
13:01:08.0327 1692 BrUsbSer - ok
13:01:08.0421 1692 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
13:01:08.0424 1692 BthEnum - ok
13:01:08.0487 1692 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
13:01:08.0489 1692 BTHMODEM - ok
13:01:08.0543 1692 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
13:01:08.0545 1692 BthPan - ok
13:01:08.0648 1692 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\windows\System32\Drivers\BTHport.sys
13:01:08.0655 1692 BTHPORT - ok
13:01:08.0713 1692 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
13:01:08.0717 1692 bthserv - ok
13:01:08.0749 1692 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\windows\System32\Drivers\BTHUSB.sys
13:01:08.0751 1692 BTHUSB - ok
13:01:08.0855 1692 btwampfl (7061fe1715e5aded120fe4c608609357) C:\windows\system32\drivers\btwampfl.sys
13:01:08.0861 1692 btwampfl - ok
13:01:08.0930 1692 btwaudio (a95b2fb3ca7b555b5cb306153f48ced8) C:\windows\system32\drivers\btwaudio.sys
13:01:08.0932 1692 btwaudio - ok
13:01:08.0986 1692 btwavdt (1f9cd885f1c548be93962ccabdb632e4) C:\windows\system32\drivers\btwavdt.sys
13:01:08.0989 1692 btwavdt - ok
13:01:09.0218 1692 btwdins (9634e2b260aa445ef6b83731ac6ee5ac) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:01:09.0233 1692 btwdins - ok
13:01:09.0292 1692 btwl2cap (de53089f0678cb5f0afeb867acb0fb05) C:\windows\system32\DRIVERS\btwl2cap.sys
13:01:09.0294 1692 btwl2cap - ok
13:01:09.0315 1692 btwrchid (a2d6c7b7b62a6c42dcb01204a6bd6fc2) C:\windows\system32\DRIVERS\btwrchid.sys
13:01:09.0317 1692 btwrchid - ok
13:01:09.0451 1692 catchme - ok
13:01:09.0511 1692 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
13:01:09.0513 1692 cdfs - ok
13:01:09.0590 1692 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
13:01:09.0593 1692 cdrom - ok
13:01:09.0662 1692 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
13:01:09.0665 1692 CertPropSvc - ok
13:01:09.0712 1692 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
13:01:09.0714 1692 circlass - ok
13:01:09.0799 1692 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
13:01:09.0808 1692 CLFS - ok
13:01:09.0927 1692 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:01:09.0931 1692 clr_optimization_v2.0.50727_32 - ok
13:01:09.0982 1692 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
13:01:09.0984 1692 CmBatt - ok
13:01:10.0023 1692 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
13:01:10.0024 1692 cmdide - ok
13:01:10.0144 1692 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
13:01:10.0150 1692 CNG - ok
13:01:10.0201 1692 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
13:01:10.0202 1692 Compbatt - ok
13:01:10.0271 1692 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
13:01:10.0275 1692 CompositeBus - ok
13:01:10.0302 1692 COMSysApp - ok
13:01:10.0336 1692 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
13:01:10.0337 1692 crcdisk - ok
13:01:10.0435 1692 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll
13:01:10.0442 1692 CryptSvc - ok
13:01:10.0543 1692 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
13:01:10.0556 1692 DcomLaunch - ok
13:01:10.0639 1692 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
13:01:10.0647 1692 defragsvc - ok
13:01:10.0980 1692 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
13:01:10.0982 1692 DfsC - ok
13:01:11.0119 1692 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
13:01:11.0129 1692 Dhcp - ok
13:01:11.0184 1692 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
13:01:11.0186 1692 discache - ok
13:01:11.0238 1692 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
13:01:11.0239 1692 Disk - ok
13:01:11.0304 1692 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
13:01:11.0310 1692 Dnscache - ok
13:01:11.0392 1692 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
13:01:11.0398 1692 dot3svc - ok
13:01:11.0473 1692 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
13:01:11.0478 1692 DPS - ok
13:01:11.0524 1692 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
13:01:11.0525 1692 drmkaud - ok
13:01:11.0707 1692 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
13:01:11.0720 1692 DXGKrnl - ok
13:01:11.0785 1692 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
13:01:11.0792 1692 EapHost - ok
13:01:12.0443 1692 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
13:01:12.0502 1692 ebdrv - ok
13:01:12.0727 1692 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
13:01:12.0733 1692 EFS - ok
13:01:12.0927 1692 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
13:01:12.0937 1692 elxstor - ok
13:01:12.0983 1692 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
13:01:12.0984 1692 ErrDev - ok
13:01:13.0080 1692 ETD (df4f000cfc05dec947d928a8f3adcd7a) C:\windows\system32\DRIVERS\ETD.sys
13:01:13.0082 1692 ETD - ok
13:01:13.0194 1692 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
13:01:13.0204 1692 EventSystem - ok
13:01:13.0268 1692 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
13:01:13.0271 1692 exfat - ok
13:01:13.0324 1692 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
13:01:13.0329 1692 fastfat - ok
13:01:13.0497 1692 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
13:01:13.0511 1692 Fax - ok
13:01:13.0551 1692 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
13:01:13.0552 1692 fdc - ok
13:01:13.0581 1692 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
13:01:13.0586 1692 fdPHost - ok
13:01:13.0619 1692 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
13:01:13.0625 1692 FDResPub - ok
13:01:13.0656 1692 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
13:01:13.0659 1692 FileInfo - ok
13:01:13.0692 1692 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
13:01:13.0695 1692 Filetrace - ok
13:01:13.0721 1692 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
13:01:13.0725 1692 flpydisk - ok
13:01:13.0823 1692 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
13:01:13.0828 1692 FltMgr - ok
13:01:14.0086 1692 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
13:01:14.0111 1692 FontCache - ok
13:01:14.0250 1692 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:01:14.0252 1692 FontCache3.0.0.0 - ok
13:01:14.0298 1692 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
13:01:14.0301 1692 FsDepends - ok
13:01:14.0356 1692 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\windows\system32\DRIVERS\fssfltr.sys
13:01:14.0357 1692 fssfltr - ok
13:01:14.0854 1692 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:01:14.0878 1692 fsssvc - ok
13:01:15.0118 1692 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
13:01:15.0122 1692 Fs_Rec - ok
13:01:15.0235 1692 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
13:01:15.0239 1692 fvevol - ok
13:01:15.0297 1692 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
13:01:15.0298 1692 gagp30kx - ok
13:01:15.0488 1692 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
13:01:15.0516 1692 gpsvc - ok
13:01:15.0576 1692 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
13:01:15.0578 1692 hcw85cir - ok
13:01:15.0714 1692 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
13:01:15.0718 1692 HdAudAddService - ok
13:01:15.0792 1692 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
13:01:15.0794 1692 HDAudBus - ok
13:01:15.0846 1692 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
13:01:15.0848 1692 HidBatt - ok
13:01:15.0890 1692 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
13:01:15.0892 1692 HidBth - ok
13:01:15.0943 1692 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
13:01:15.0945 1692 HidIr - ok
13:01:15.0994 1692 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
13:01:16.0003 1692 hidserv - ok
13:01:16.0079 1692 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
13:01:16.0081 1692 HidUsb - ok
13:01:16.0162 1692 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
13:01:16.0173 1692 hkmsvc - ok
13:01:16.0266 1692 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
13:01:16.0279 1692 HomeGroupListener - ok
13:01:16.0380 1692 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
13:01:16.0394 1692 HomeGroupProvider - ok
13:01:16.0476 1692 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
13:01:16.0481 1692 HpSAMD - ok
13:01:16.0661 1692 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
13:01:16.0670 1692 HTTP - ok
13:01:16.0727 1692 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
13:01:16.0729 1692 hwpolicy - ok
13:01:16.0829 1692 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
13:01:16.0832 1692 i8042prt - ok
13:01:16.0961 1692 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys
13:01:16.0968 1692 iaStor - ok
13:01:17.0101 1692 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\windows\system32\drivers\iaStorV.sys
13:01:17.0110 1692 iaStorV - ok
13:01:17.0417 1692 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:01:17.0437 1692 idsvc - ok
13:01:18.0548 1692 igfx (99469637d568076ea5664daa8463c2e3) C:\windows\system32\DRIVERS\igdkmd32.sys
13:01:18.0605 1692 igfx - ok
13:01:18.0870 1692 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
13:01:18.0872 1692 iirsp - ok
13:01:19.0055 1692 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
13:01:19.0070 1692 IKEEXT - ok
13:01:19.0761 1692 IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\windows\system32\drivers\RTKVHDA.sys
13:01:19.0812 1692 IntcAzAudAddService - ok
13:01:20.0100 1692 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
13:01:20.0101 1692 intelide - ok
13:01:20.0160 1692 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
13:01:20.0161 1692 intelppm - ok
13:01:20.0213 1692 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
13:01:20.0218 1692 IPBusEnum - ok
13:01:20.0249 1692 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
13:01:20.0251 1692 IpFilterDriver - ok
13:01:20.0420 1692 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll
13:01:20.0438 1692 iphlpsvc - ok
13:01:20.0503 1692 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
13:01:20.0505 1692 IPMIDRV - ok
13:01:20.0561 1692 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
13:01:20.0563 1692 IPNAT - ok
13:01:20.0593 1692 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
13:01:20.0595 1692 IRENUM - ok
13:01:20.0637 1692 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
13:01:20.0639 1692 isapnp - ok
13:01:20.0760 1692 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
13:01:20.0764 1692 iScsiPrt - ok
13:01:20.0846 1692 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
13:01:20.0849 1692 kbdclass - ok
13:01:20.0918 1692 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
13:01:20.0921 1692 kbdhid - ok
13:01:20.0980 1692 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
13:01:20.0987 1692 KeyIso - ok
13:01:21.0047 1692 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
13:01:21.0049 1692 KSecDD - ok
13:01:21.0117 1692 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
13:01:21.0120 1692 KSecPkg - ok
13:01:21.0225 1692 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
13:01:21.0241 1692 KtmRm - ok
13:01:21.0352 1692 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\System32\srvsvc.dll
13:01:21.0369 1692 LanmanServer - ok
13:01:21.0436 1692 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
13:01:21.0447 1692 LanmanWorkstation - ok
13:01:21.0515 1692 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
13:01:21.0517 1692 lltdio - ok
13:01:21.0600 1692 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
13:01:21.0607 1692 lltdsvc - ok
13:01:21.0638 1692 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
13:01:21.0643 1692 lmhosts - ok
13:01:21.0693 1692 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
13:01:21.0696 1692 LSI_FC - ok
13:01:21.0754 1692 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
13:01:21.0757 1692 LSI_SAS - ok
13:01:21.0791 1692 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
13:01:21.0794 1692 LSI_SAS2 - ok
13:01:21.0849 1692 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
13:01:21.0852 1692 LSI_SCSI - ok
13:01:21.0928 1692 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
13:01:21.0936 1692 luafv - ok
13:01:21.0980 1692 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
13:01:21.0982 1692 megasas - ok
13:01:22.0072 1692 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
13:01:22.0078 1692 MegaSR - ok
13:01:22.0256 1692 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:01:22.0260 1692 Microsoft Office Groove Audit Service - ok
13:01:22.0345 1692 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
13:01:22.0354 1692 MMCSS - ok
13:01:22.0395 1692 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
13:01:22.0397 1692 Modem - ok
13:01:22.0459 1692 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
13:01:22.0461 1692 monitor - ok
13:01:22.0544 1692 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
13:01:22.0546 1692 mouclass - ok
13:01:22.0615 1692 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
13:01:22.0617 1692 mouhid - ok
13:01:22.0676 1692 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
13:01:22.0679 1692 mountmgr - ok
13:01:22.0803 1692 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:01:22.0806 1692 MozillaMaintenance - ok
13:01:22.0875 1692 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
13:01:22.0878 1692 mpio - ok
13:01:22.0943 1692 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
13:01:22.0946 1692 mpsdrv - ok
13:01:23.0135 1692 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll
13:01:23.0153 1692 MpsSvc - ok
13:01:23.0235 1692 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
13:01:23.0238 1692 MRxDAV - ok
13:01:23.0319 1692 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
13:01:23.0322 1692 mrxsmb - ok
13:01:23.0392 1692 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
13:01:23.0395 1692 mrxsmb10 - ok
13:01:23.0458 1692 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
13:01:23.0461 1692 mrxsmb20 - ok
13:01:23.0505 1692 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
13:01:23.0507 1692 msahci - ok
13:01:23.0569 1692 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
13:01:23.0571 1692 msdsm - ok
13:01:23.0644 1692 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
13:01:23.0654 1692 MSDTC - ok
13:01:23.0708 1692 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
13:01:23.0710 1692 Msfs - ok
13:01:23.0728 1692 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
13:01:23.0729 1692 mshidkmdf - ok
13:01:23.0773 1692 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
13:01:23.0774 1692 msisadrv - ok
13:01:23.0851 1692 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
13:01:23.0856 1692 MSiSCSI - ok
13:01:23.0867 1692 msiserver - ok
13:01:23.0940 1692 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
13:01:23.0942 1692 MSKSSRV - ok
13:01:23.0982 1692 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
13:01:23.0983 1692 MSPCLOCK - ok
13:01:24.0009 1692 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
13:01:24.0011 1692 MSPQM - ok
13:01:24.0067 1692 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
13:01:24.0072 1692 MsRPC - ok
13:01:24.0131 1692 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
13:01:24.0133 1692 mssmbios - ok
13:01:24.0168 1692 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
13:01:24.0170 1692 MSTEE - ok
13:01:24.0210 1692 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
13:01:24.0211 1692 MTConfig - ok
13:01:24.0242 1692 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
13:01:24.0245 1692 Mup - ok
13:01:24.0350 1692 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
13:01:24.0372 1692 napagent - ok
13:01:24.0473 1692 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
13:01:24.0480 1692 NativeWifiP - ok
13:01:24.0696 1692 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
13:01:24.0711 1692 NDIS - ok
13:01:24.0752 1692 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
13:01:24.0755 1692 NdisCap - ok
13:01:24.0793 1692 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
13:01:24.0795 1692 NdisTapi - ok
13:01:24.0852 1692 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
13:01:24.0855 1692 Ndisuio - ok
13:01:24.0918 1692 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
13:01:24.0921 1692 NdisWan - ok
13:01:24.0981 1692 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
13:01:24.0984 1692 NDProxy - ok
13:01:25.0033 1692 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
13:01:25.0035 1692 NetBIOS - ok
13:01:25.0112 1692 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
13:01:25.0116 1692 NetBT - ok
13:01:25.0155 1692 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
13:01:25.0162 1692 Netlogon - ok
13:01:25.0305 1692 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
13:01:25.0335 1692 Netman - ok
13:01:25.0455 1692 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
13:01:25.0467 1692 netprofm - ok
13:01:25.0588 1692 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:01:25.0591 1692 NetTcpPortSharing - ok
13:01:25.0689 1692 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
13:01:25.0691 1692 nfrd960 - ok
13:01:25.0819 1692 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
13:01:25.0832 1692 NlaSvc - ok
13:01:25.0895 1692 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
13:01:25.0897 1692 Npfs - ok
13:01:25.0942 1692 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
13:01:25.0951 1692 nsi - ok
13:01:26.0012 1692 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
13:01:26.0015 1692 nsiproxy - ok
13:01:26.0335 1692 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\windows\system32\drivers\Ntfs.sys
13:01:26.0354 1692 Ntfs - ok
13:01:26.0402 1692 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
13:01:26.0403 1692 Null - ok
13:01:26.0490 1692 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\windows\system32\drivers\nvraid.sys
13:01:26.0492 1692 nvraid - ok
13:01:26.0542 1692 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\windows\system32\drivers\nvstor.sys
13:01:26.0544 1692 nvstor - ok
13:01:26.0597 1692 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
13:01:26.0599 1692 nv_agp - ok
13:01:26.0792 1692 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:01:26.0803 1692 odserv - ok
13:01:26.0859 1692 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
13:01:26.0861 1692 ohci1394 - ok
13:01:26.0957 1692 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:01:26.0961 1692 ose - ok
13:01:27.0070 1692 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
13:01:27.0092 1692 p2pimsvc - ok
13:01:27.0219 1692 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
13:01:27.0237 1692 p2psvc - ok
13:01:27.0285 1692 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
13:01:27.0287 1692 Parport - ok
13:01:27.0332 1692 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\windows\system32\drivers\partmgr.sys
13:01:27.0334 1692 partmgr - ok
13:01:27.0362 1692 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
13:01:27.0363 1692 Parvdm - ok
13:01:27.0420 1692 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
13:01:27.0429 1692 PcaSvc - ok
13:01:27.0503 1692 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
13:01:27.0505 1692 pci - ok
13:01:27.0543 1692 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
13:01:27.0544 1692 pciide - ok
13:01:27.0620 1692 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
13:01:27.0623 1692 pcmcia - ok
13:01:27.0652 1692 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
13:01:27.0654 1692 pcw - ok
13:01:27.0806 1692 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
13:01:27.0820 1692 PEAUTH - ok
13:01:28.0230 1692 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
13:01:28.0271 1692 pla - ok
13:01:28.0604 1692 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
13:01:28.0622 1692 PlugPlay - ok
13:01:28.0674 1692 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
13:01:28.0684 1692 PNRPAutoReg - ok
13:01:28.0774 1692 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
13:01:28.0788 1692 PNRPsvc - ok
13:01:28.0947 1692 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
13:01:28.0961 1692 PolicyAgent - ok
13:01:29.0076 1692 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
13:01:29.0092 1692 Power - ok
13:01:29.0224 1692 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
13:01:29.0228 1692 PptpMiniport - ok
13:01:29.0286 1692 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
13:01:29.0293 1692 Processor - ok
13:01:29.0400 1692 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll
13:01:29.0413 1692 ProfSvc - ok
13:01:29.0454 1692 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
13:01:29.0461 1692 ProtectedStorage - ok
13:01:29.0531 1692 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
13:01:29.0536 1692 Psched - ok
13:01:29.0876 1692 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
13:01:29.0900 1692 ql2300 - ok
13:01:30.0154 1692 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
13:01:30.0158 1692 ql40xx - ok
13:01:30.0234 1692 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
13:01:30.0244 1692 QWAVE - ok
13:01:30.0286 1692 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
13:01:30.0288 1692 QWAVEdrv - ok
13:01:30.0308 1692 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
13:01:30.0310 1692 RasAcd - ok
13:01:30.0375 1692 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
13:01:30.0377 1692 RasAgileVpn - ok
13:01:30.0431 1692 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
13:01:30.0440 1692 RasAuto - ok
13:01:30.0487 1692 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
13:01:30.0489 1692 Rasl2tp - ok
13:01:30.0604 1692 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
13:01:30.0624 1692 RasMan - ok
13:01:30.0684 1692 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
13:01:30.0688 1692 RasPppoe - ok
13:01:30.0751 1692 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
13:01:30.0755 1692 RasSstp - ok
13:01:30.0881 1692 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
13:01:30.0887 1692 rdbss - ok
13:01:30.0934 1692 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
13:01:30.0935 1692 rdpbus - ok
13:01:30.0981 1692 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
13:01:30.0983 1692 RDPCDD - ok
13:01:31.0024 1692 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
13:01:31.0026 1692 RDPENCDD - ok
13:01:31.0056 1692 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
13:01:31.0058 1692 RDPREFMP - ok
13:01:31.0121 1692 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\windows\system32\drivers\RDPWD.sys
13:01:31.0126 1692 RDPWD - ok
13:01:31.0234 1692 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
13:01:31.0239 1692 rdyboost - ok
13:01:31.0324 1692 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
13:01:31.0333 1692 RemoteAccess - ok
13:01:31.0415 1692 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
13:01:31.0429 1692 RemoteRegistry - ok
13:01:31.0517 1692 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
13:01:31.0519 1692 RFCOMM - ok
13:01:31.0564 1692 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
13:01:31.0573 1692 RpcEptMapper - ok
13:01:31.0619 1692 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
13:01:31.0624 1692 RpcLocator - ok
13:01:31.0739 1692 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
13:01:31.0754 1692 RpcSs - ok
13:01:31.0825 1692 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
13:01:31.0828 1692 rspndr - ok
13:01:31.0913 1692 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
13:01:31.0920 1692 RTL8167 - ok
13:01:31.0990 1692 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
13:01:31.0992 1692 SABI - ok
13:01:32.0042 1692 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
13:01:32.0048 1692 SamSs - ok
13:01:32.0121 1692 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
13:01:32.0125 1692 sbp2port - ok
13:01:32.0205 1692 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
13:01:32.0213 1692 SCardSvr - ok
13:01:32.0264 1692 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
13:01:32.0266 1692 scfilter - ok
13:01:32.0482 1692 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
13:01:32.0501 1692 Schedule - ok
13:01:32.0558 1692 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
13:01:32.0561 1692 SCPolicySvc - ok
13:01:32.0637 1692 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
13:01:32.0645 1692 SDRSVC - ok
13:01:32.0697 1692 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
13:01:32.0699 1692 secdrv - ok
13:01:32.0751 1692 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
13:01:32.0762 1692 seclogon - ok
13:01:32.0815 1692 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
13:01:32.0823 1692 SENS - ok
13:01:32.0855 1692 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
13:01:32.0857 1692 Serenum - ok
13:01:32.0919 1692 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
13:01:32.0923 1692 Serial - ok
13:01:32.0965 1692 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
13:01:32.0967 1692 sermouse - ok
13:01:33.0041 1692 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
13:01:33.0053 1692 SessionEnv - ok
13:01:33.0104 1692 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
13:01:33.0106 1692 sffdisk - ok
13:01:33.0133 1692 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
13:01:33.0135 1692 sffp_mmc - ok
13:01:33.0160 1692 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
13:01:33.0162 1692 sffp_sd - ok
13:01:33.0202 1692 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
13:01:33.0204 1692 sfloppy - ok
13:01:33.0336 1692 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
13:01:33.0348 1692 SharedAccess - ok
13:01:33.0467 1692 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
13:01:33.0485 1692 ShellHWDetection - ok
13:01:33.0549 1692 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
13:01:33.0552 1692 sisagp - ok
13:01:33.0633 1692 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
13:01:33.0636 1692 SiSRaid2 - ok
13:01:33.0673 1692 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
13:01:33.0676 1692 SiSRaid4 - ok
13:01:33.0719 1692 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
13:01:33.0721 1692 Smb - ok
13:01:33.0765 1692 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
13:01:33.0772 1692 SNMPTRAP - ok
13:01:33.0789 1692 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
13:01:33.0791 1692 spldr - ok
13:01:33.0924 1692 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
13:01:33.0943 1692 Spooler - ok
13:01:34.0662 1692 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
13:01:34.0721 1692 sppsvc - ok
13:01:34.0957 1692 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
13:01:34.0965 1692 sppuinotify - ok
13:01:35.0097 1692 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
13:01:35.0104 1692 srv - ok
13:01:35.0178 1692 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
13:01:35.0186 1692 srv2 - ok
13:01:35.0238 1692 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
13:01:35.0241 1692 srvnet - ok
13:01:35.0311 1692 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
13:01:35.0327 1692 SSDPSRV - ok
13:01:35.0388 1692 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
13:01:35.0391 1692 ssmdrv - ok
13:01:35.0434 1692 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
13:01:35.0461 1692 SstpSvc - ok
13:01:35.0505 1692 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
13:01:35.0506 1692 stexstor - ok
13:01:35.0653 1692 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
13:01:35.0678 1692 StiSvc - ok
13:01:35.0732 1692 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
13:01:35.0733 1692 swenum - ok
13:01:35.0835 1692 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
13:01:35.0848 1692 swprv - ok
13:01:36.0139 1692 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
13:01:36.0170 1692 SysMain - ok
13:01:36.0243 1692 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
13:01:36.0256 1692 TabletInputService - ok
13:01:36.0358 1692 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
13:01:36.0373 1692 TapiSrv - ok
13:01:36.0417 1692 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
13:01:36.0426 1692 TBS - ok
13:01:36.0805 1692 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\windows\system32\drivers\tcpip.sys
13:01:36.0823 1692 Tcpip - ok
13:01:36.0870 1692 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\windows\system32\DRIVERS\tcpip.sys
13:01:36.0887 1692 TCPIP6 - ok
13:01:36.0954 1692 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
13:01:36.0956 1692 tcpipreg - ok
13:01:37.0017 1692 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
13:01:37.0018 1692 TDPIPE - ok
13:01:37.0034 1692 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
13:01:37.0037 1692 TDTCP - ok
13:01:37.0118 1692 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
13:01:37.0120 1692 tdx - ok
13:01:37.0174 1692 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
13:01:37.0176 1692 TermDD - ok
13:01:37.0318 1692 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
13:01:37.0337 1692 TermService - ok
13:01:37.0391 1692 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
13:01:37.0399 1692 Themes - ok
13:01:37.0441 1692 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
13:01:37.0448 1692 THREADORDER - ok
13:01:37.0499 1692 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
13:01:37.0512 1692 TrkWks - ok
13:01:37.0642 1692 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
13:01:37.0646 1692 TrustedInstaller - ok
13:01:37.0700 1692 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
13:01:37.0702 1692 tssecsrv - ok
13:01:37.0792 1692 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
13:01:37.0794 1692 TsUsbFlt - ok
13:01:37.0878 1692 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
13:01:37.0882 1692 tunnel - ok
13:01:37.0926 1692 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
13:01:37.0929 1692 uagp35 - ok
13:01:38.0021 1692 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
13:01:38.0025 1692 udfs - ok
13:01:38.0083 1692 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
13:01:38.0092 1692 UI0Detect - ok
13:01:38.0143 1692 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
13:01:38.0145 1692 uliagpkx - ok
13:01:38.0223 1692 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
13:01:38.0224 1692 umbus - ok
13:01:38.0259 1692 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
13:01:38.0261 1692 UmPass - ok
13:01:38.0350 1692 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
13:01:38.0369 1692 upnphost - ok
13:01:38.0421 1692 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\windows\system32\drivers\usbccgp.sys
13:01:38.0423 1692 usbccgp - ok
13:01:38.0468 1692 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
13:01:38.0471 1692 usbcir - ok
13:01:38.0510 1692 usbehci (cfbce999c057d78979a181c9c60f208e) C:\windows\system32\drivers\usbehci.sys
13:01:38.0512 1692 usbehci - ok
13:01:38.0599 1692 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\windows\system32\drivers\usbhub.sys
13:01:38.0603 1692 usbhub - ok
13:01:38.0642 1692 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\drivers\usbohci.sys
13:01:38.0646 1692 usbohci - ok
13:01:38.0698 1692 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
13:01:38.0699 1692 usbprint - ok
13:01:38.0742 1692 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
13:01:38.0744 1692 usbscan - ok
13:01:38.0788 1692 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\windows\system32\drivers\USBSTOR.SYS
13:01:38.0790 1692 USBSTOR - ok
13:01:38.0818 1692 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\drivers\usbuhci.sys
13:01:38.0819 1692 usbuhci - ok
13:01:38.0920 1692 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
13:01:38.0925 1692 usbvideo - ok
13:01:38.0970 1692 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
13:01:38.0979 1692 UxSms - ok
13:01:39.0020 1692 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
13:01:39.0025 1692 VaultSvc - ok
13:01:39.0070 1692 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
13:01:39.0073 1692 vdrvroot - ok
13:01:39.0192 1692 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
13:01:39.0214 1692 vds - ok
13:01:39.0265 1692 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
13:01:39.0267 1692 vga - ok
13:01:39.0292 1692 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
13:01:39.0294 1692 VgaSave - ok
13:01:39.0353 1692 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
13:01:39.0356 1692 vhdmp - ok
13:01:39.0417 1692 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
13:01:39.0420 1692 viaagp - ok
13:01:39.0471 1692 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
13:01:39.0473 1692 ViaC7 - ok
13:01:39.0508 1692 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
13:01:39.0510 1692 viaide - ok
13:01:39.0553 1692 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
13:01:39.0554 1692 volmgr - ok
13:01:39.0639 1692 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
13:01:39.0646 1692 volmgrx - ok
13:01:39.0753 1692 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
13:01:39.0760 1692 volsnap - ok
13:01:39.0843 1692 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
13:01:39.0846 1692 vsmraid - ok
13:01:40.0097 1692 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
13:01:40.0127 1692 VSS - ok
13:01:40.0161 1692 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
13:01:40.0163 1692 vwifibus - ok
13:01:40.0215 1692 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
13:01:40.0217 1692 vwififlt - ok
13:01:40.0269 1692 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
13:01:40.0271 1692 vwifimp - ok
13:01:40.0362 1692 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
13:01:40.0381 1692 W32Time - ok
13:01:40.0433 1692 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
13:01:40.0435 1692 WacomPen - ok
13:01:40.0510 1692 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
13:01:40.0512 1692 WANARP - ok
13:01:40.0525 1692 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
13:01:40.0528 1692 Wanarpv6 - ok
13:01:40.0817 1692 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
13:01:40.0850 1692 wbengine - ok
13:01:40.0922 1692 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
13:01:40.0931 1692 WbioSrvc - ok
13:01:41.0026 1692 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
13:01:41.0038 1692 wcncsvc - ok
13:01:41.0070 1692 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
13:01:41.0078 1692 WcsPlugInService - ok
13:01:41.0158 1692 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
13:01:41.0161 1692 Wd - ok
13:01:41.0280 1692 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
13:01:41.0288 1692 Wdf01000 - ok
13:01:41.0328 1692 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
13:01:41.0338 1692 WdiServiceHost - ok
13:01:41.0348 1692 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
13:01:41.0360 1692 WdiSystemHost - ok
13:01:41.0439 1692 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
13:01:41.0456 1692 WebClient - ok
13:01:41.0536 1692 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
13:01:41.0545 1692 Wecsvc - ok
13:01:41.0586 1692 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
13:01:41.0597 1692 wercplsupport - ok
13:01:41.0650 1692 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
13:01:41.0663 1692 WerSvc - ok
13:01:41.0723 1692 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
13:01:41.0725 1692 WfpLwf - ok
13:01:41.0751 1692 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
13:01:41.0755 1692 WIMMount - ok
13:01:42.0007 1692 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
13:01:42.0025 1692 WinDefend - ok
13:01:42.0043 1692 WinHttpAutoProxySvc - ok
13:01:42.0194 1692 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
13:01:42.0200 1692 Winmgmt - ok
13:01:42.0486 1692 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
13:01:42.0519 1692 WinRM - ok
13:01:42.0641 1692 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
13:01:42.0643 1692 WinUsb - ok
13:01:42.0843 1692 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
13:01:42.0874 1692 Wlansvc - ok
13:01:43.0304 1692 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:01:43.0332 1692 wlidsvc - ok
13:01:43.0569 1692 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
13:01:43.0573 1692 WmiAcpi - ok
13:01:43.0706 1692 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
13:01:43.0712 1692 wmiApSrv - ok
13:01:44.0045 1692 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:01:44.0072 1692 WMPNetworkSvc - ok
13:01:44.0102 1692 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
13:01:44.0111 1692 WPCSvc - ok
13:01:44.0170 1692 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
13:01:44.0181 1692 WPDBusEnum - ok
13:01:44.0280 1692 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
13:01:44.0284 1692 ws2ifsl - ok
13:01:44.0332 1692 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\system32\wscsvc.dll
13:01:44.0343 1692 wscsvc - ok
13:01:44.0354 1692 WSearch - ok
13:01:44.0795 1692 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll
13:01:44.0834 1692 wuauserv - ok
13:01:45.0092 1692 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
13:01:45.0097 1692 WudfPf - ok
13:01:45.0168 1692 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
13:01:45.0171 1692 WUDFRd - ok
13:01:45.0245 1692 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll
13:01:45.0254 1692 wudfsvc - ok
13:01:45.0333 1692 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
13:01:45.0350 1692 WwanSvc - ok
13:01:45.0476 1692 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\windows\system32\DRIVERS\yk62x86.sys
13:01:45.0483 1692 yukonw7 - ok
13:01:45.0571 1692 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
13:01:46.0708 1692 \Device\Harddisk0\DR0 - ok
13:01:46.0746 1692 Boot (0x1200) (e212ca20377ac4a866e40b1f57bb20c2) \Device\Harddisk0\DR0\Partition0
13:01:46.0752 1692 \Device\Harddisk0\DR0\Partition0 - ok
13:01:46.0777 1692 Boot (0x1200) (473ef0fcb68cf5570602911da66025ef) \Device\Harddisk0\DR0\Partition1
13:01:46.0781 1692 \Device\Harddisk0\DR0\Partition1 - ok
13:01:46.0811 1692 Boot (0x1200) (ad89082cf592c6c5a5a66a59f51971b7) \Device\Harddisk0\DR0\Partition2
13:01:46.0816 1692 \Device\Harddisk0\DR0\Partition2 - ok
13:01:46.0817 1692 ============================================================
13:01:46.0817 1692 Scan finished
13:01:46.0817 1692 ============================================================
13:01:46.0854 3508 Detected object count: 0
13:01:46.0854 3508 Actual detected object count: 0
|
