|
Log-Analyse und Auswertung: bundespolizei trojaner komme nicht weiterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
19.10.2011, 17:10 | #16 |
/// Winkelfunktion /// TB-Süch-Tiger™ | bundespolizei trojaner komme nicht weiter Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211 IE - HKLM\..\URLSearchHook: {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2325506 IE - HKCU\..\URLSearchHook: {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) FF - prefs.js..browser.search.defaultthis.engineName: "www.Freeware-download.com Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&SearchSource=3&q={searchTerms}" O2 - BHO: (www.Freeware-download.com Toolbar) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll () O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (www.Freeware-download.com Toolbar) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.) O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101014154643.dll File not found O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll File not found O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll File not found O3 - HKLM\..\Toolbar: (www.Freeware-download.com Toolbar) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (www.Freeware-download.com Toolbar) - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0bb1023f-fae6-11df-8e8a-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{0bb1023f-fae6-11df-8e8a-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{0bb10243-fae6-11df-8e8a-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{0bb10243-fae6-11df-8e8a-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{0bb1025e-fae6-11df-8e8a-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{0bb1025e-fae6-11df-8e8a-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{0bb10262-fae6-11df-8e8a-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{0bb10262-fae6-11df-8e8a-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{81199b37-d892-11df-a9ca-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{81199b37-d892-11df-a9ca-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{81199ba7-d892-11df-a9ca-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{81199ba7-d892-11df-a9ca-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{9fccb5df-f32c-11df-ad56-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{9fccb5df-f32c-11df-ad56-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b59e516d-e19b-11df-947d-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{b59e516d-e19b-11df-947d-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b59e5172-e19b-11df-947d-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{b59e5172-e19b-11df-947d-001e3328095e}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{c3098e73-d6cc-11df-87e1-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{c3098e73-d6cc-11df-87e1-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f0560524-f1b5-11df-a920-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{f0560524-f1b5-11df-a920-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f056052d-f1b5-11df-a920-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{f056052d-f1b5-11df-a920-001e3328095e}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{f8e06d8c-c002-11e0-8b38-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{f8e06d8c-c002-11e0-8b38-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{f8e06d90-c002-11e0-8b38-001e3328095e}\Shell - "" = AutoRun O33 - MountPoints2\{f8e06d90-c002-11e0-8b38-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe :Commands [emptytemp] [resethosts] Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
26.10.2011, 10:15 | #17 |
| bundespolizei trojaner komme nicht weiter Hallo Arne,
__________________hier kommt der Inhalt des Logfiles. Zur Info: während der OTL Fix lief kam ein paar mal die Meldung: "Es befindet suich kein Datenträger im Laufwerk. Legen sie einen Datenträger in Lauwerk\Device\Harddisk1\DR1 ein. Ich habe so lange auf `weiter` geklickt, bis der Fix schließlich lief. Hoffe das war O.K. Hier der Inhalt des Logfiles: All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{26647ca4-a2a7-4eac-8a72-761aa9141de7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ deleted successfully. C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully. C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll moved successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{26647ca4-a2a7-4eac-8a72-761aa9141de7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found. File C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found. Prefs.js: "www.Freeware-download.com Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found. File C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully. c:\Programme\mcafee\msk\mskapbho.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found. File C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39EA7695-B3F2-4C44-A4BC-297ADA8FD235}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39EA7695-B3F2-4C44-A4BC-297ADA8FD235}\ deleted successfully. C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{26647ca4-a2a7-4eac-8a72-761aa9141de7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found. File download.com\prxtbwww0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{26647CA4-A2A7-4EAC-8A72-761AA9141DE7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647CA4-A2A7-4EAC-8A72-761AA9141DE7}\ not found. File download.com\prxtbwww0.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\ deleted successfully. File {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb1023f-fae6-11df-8e8a-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb1023f-fae6-11df-8e8a-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb1023f-fae6-11df-8e8a-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb1023f-fae6-11df-8e8a-001e3328095e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb10243-fae6-11df-8e8a-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb10243-fae6-11df-8e8a-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb10243-fae6-11df-8e8a-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb10243-fae6-11df-8e8a-001e3328095e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb1025e-fae6-11df-8e8a-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb1025e-fae6-11df-8e8a-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb1025e-fae6-11df-8e8a-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb1025e-fae6-11df-8e8a-001e3328095e}\ not found. File move failed. E:\AutoRun.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb10262-fae6-11df-8e8a-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb10262-fae6-11df-8e8a-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb10262-fae6-11df-8e8a-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb10262-fae6-11df-8e8a-001e3328095e}\ not found. File move failed. E:\AutoRun.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\ not found. File move failed. E:\AutoRun.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\ not found. File move failed. E:\AutoRun.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81199b37-d892-11df-a9ca-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81199b37-d892-11df-a9ca-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81199b37-d892-11df-a9ca-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81199b37-d892-11df-a9ca-001e3328095e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81199ba7-d892-11df-a9ca-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81199ba7-d892-11df-a9ca-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81199ba7-d892-11df-a9ca-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81199ba7-d892-11df-a9ca-001e3328095e}\ not found. File move failed. E:\AutoRun.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fccb5df-f32c-11df-ad56-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fccb5df-f32c-11df-ad56-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fccb5df-f32c-11df-ad56-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fccb5df-f32c-11df-ad56-001e3328095e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b59e516d-e19b-11df-947d-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b59e516d-e19b-11df-947d-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b59e516d-e19b-11df-947d-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b59e516d-e19b-11df-947d-001e3328095e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b59e5172-e19b-11df-947d-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b59e5172-e19b-11df-947d-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b59e5172-e19b-11df-947d-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b59e5172-e19b-11df-947d-001e3328095e}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3098e73-d6cc-11df-87e1-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3098e73-d6cc-11df-87e1-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3098e73-d6cc-11df-87e1-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3098e73-d6cc-11df-87e1-001e3328095e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0560524-f1b5-11df-a920-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0560524-f1b5-11df-a920-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0560524-f1b5-11df-a920-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0560524-f1b5-11df-a920-001e3328095e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f056052d-f1b5-11df-a920-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f056052d-f1b5-11df-a920-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f056052d-f1b5-11df-a920-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f056052d-f1b5-11df-a920-001e3328095e}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8e06d8c-c002-11e0-8b38-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8e06d8c-c002-11e0-8b38-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8e06d8c-c002-11e0-8b38-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8e06d8c-c002-11e0-8b38-001e3328095e}\ not found. File move failed. E:\AutoRun.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8e06d90-c002-11e0-8b38-001e3328095e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8e06d90-c002-11e0-8b38-001e3328095e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8e06d90-c002-11e0-8b38-001e3328095e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8e06d90-c002-11e0-8b38-001e3328095e}\ not found. File move failed. E:\AutoRun.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found. File move failed. E:\AutoRun.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found. File F:\AutoRun.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Anette ->Temp folder emptied: 1042663283 bytes ->Temporary Internet Files folder emptied: 289516913 bytes ->Java cache emptied: 1671912 bytes ->FireFox cache emptied: 107498140 bytes ->Flash cache emptied: 12359 bytes User: AppData User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Wieland ->Temp folder emptied: 159548498 bytes ->Temporary Internet Files folder emptied: 156619927 bytes ->Java cache emptied: 4525233 bytes ->FireFox cache emptied: 89580987 bytes ->Flash cache emptied: 73994 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 551629071 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes RecycleBin emptied: 25120919862 bytes Total Files Cleaned = 26.249,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.29.1 log created on 10262011_104205 Files\Folders moved on Reboot... File move failed. E:\AutoRun.exe scheduled to be moved on reboot. C:\Users\Anette\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot. File\Folder C:\Windows\temp\JET7020.tmp not found! Registry entries deleted on Reboot... |
26.10.2011, 12:01 | #18 |
/// Winkelfunktion /// TB-Süch-Tiger™ | bundespolizei trojaner komme nicht weiter Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern ) Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ |
26.10.2011, 15:34 | #19 |
| bundespolizei trojaner komme nicht weiter Hallo Arne, hier das Log von Kapersky: 16:13:05.0108 7524 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21 16:13:05.0123 7524 ============================================================ 16:13:05.0123 7524 Current date / time: 2011/10/26 16:13:05.0123 16:13:05.0123 7524 SystemInfo: 16:13:05.0123 7524 16:13:05.0123 7524 OS Version: 6.1.7600 ServicePack: 0.0 16:13:05.0123 7524 Product type: Workstation 16:13:05.0123 7524 ComputerName: LAPTOP-TM8372 16:13:05.0123 7524 UserName: Anette 16:13:05.0123 7524 Windows directory: C:\Windows 16:13:05.0123 7524 System windows directory: C:\Windows 16:13:05.0123 7524 Running under WOW64 16:13:05.0123 7524 Processor architecture: Intel x64 16:13:05.0123 7524 Number of processors: 4 16:13:05.0123 7524 Page size: 0x1000 16:13:05.0123 7524 Boot type: Normal boot 16:13:05.0123 7524 ============================================================ 16:13:05.0669 7524 Initialize success 16:14:33.0451 7744 ============================================================ 16:14:33.0451 7744 Scan started 16:14:33.0451 7744 Mode: Manual; 16:14:33.0451 7744 ============================================================ 16:14:34.0433 7744 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 16:14:34.0465 7744 1394ohci - ok 16:14:34.0574 7744 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 16:14:34.0574 7744 ACPI - ok 16:14:34.0683 7744 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 16:14:34.0714 7744 AcpiPmi - ok 16:14:34.0839 7744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 16:14:34.0870 7744 adp94xx - ok 16:14:35.0011 7744 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 16:14:35.0026 7744 adpahci - ok 16:14:35.0135 7744 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 16:14:35.0167 7744 adpu320 - ok 16:14:35.0291 7744 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys 16:14:35.0338 7744 AFD - ok 16:14:35.0432 7744 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 16:14:35.0447 7744 agp440 - ok 16:14:35.0572 7744 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 16:14:35.0588 7744 aliide - ok 16:14:35.0713 7744 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 16:14:35.0728 7744 amdide - ok 16:14:35.0853 7744 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 16:14:35.0869 7744 AmdK8 - ok 16:14:35.0947 7744 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 16:14:35.0962 7744 AmdPPM - ok 16:14:36.0040 7744 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 16:14:36.0056 7744 amdsata - ok 16:14:36.0134 7744 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 16:14:36.0149 7744 amdsbs - ok 16:14:36.0259 7744 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 16:14:36.0259 7744 amdxata - ok 16:14:36.0368 7744 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 16:14:36.0383 7744 AppID - ok 16:14:36.0461 7744 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 16:14:36.0493 7744 arc - ok 16:14:36.0508 7744 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 16:14:36.0524 7744 arcsas - ok 16:14:36.0555 7744 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 16:14:36.0555 7744 AsyncMac - ok 16:14:36.0617 7744 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 16:14:36.0617 7744 atapi - ok 16:14:36.0695 7744 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys 16:14:36.0773 7744 athr - ok 16:14:36.0883 7744 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 16:14:36.0929 7744 b06bdrv - ok 16:14:37.0007 7744 b57nd60a (57cf39f0754e8afe8a7d4470b8c87d3b) C:\Windows\system32\DRIVERS\b57nd60a.sys 16:14:37.0039 7744 b57nd60a - ok 16:14:37.0241 7744 BCM43XX (2d659b569a76cdb83b815675a80d7096) C:\Windows\system32\DRIVERS\bcmwl664.sys 16:14:37.0351 7744 BCM43XX - ok 16:14:37.0491 7744 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 16:14:37.0507 7744 Beep - ok 16:14:37.0647 7744 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 16:14:37.0663 7744 blbdrive - ok 16:14:37.0709 7744 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 16:14:37.0709 7744 bowser - ok 16:14:37.0741 7744 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 16:14:37.0756 7744 BrFiltLo - ok 16:14:37.0834 7744 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 16:14:37.0850 7744 BrFiltUp - ok 16:14:37.0912 7744 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 16:14:37.0943 7744 Brserid - ok 16:14:38.0006 7744 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 16:14:38.0021 7744 BrSerWdm - ok 16:14:38.0053 7744 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 16:14:38.0068 7744 BrUsbMdm - ok 16:14:38.0131 7744 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 16:14:38.0146 7744 BrUsbSer - ok 16:14:38.0271 7744 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 16:14:38.0287 7744 BthEnum - ok 16:14:38.0318 7744 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 16:14:38.0333 7744 BTHMODEM - ok 16:14:38.0443 7744 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 16:14:38.0458 7744 BthPan - ok 16:14:38.0552 7744 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys 16:14:38.0567 7744 BTHPORT - ok 16:14:38.0708 7744 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys 16:14:38.0723 7744 BTHUSB - ok 16:14:38.0770 7744 btwampfl (e1ddc25788a1d6fecf155cce8159be9b) C:\Windows\system32\drivers\btwampfl.sys 16:14:38.0801 7744 btwampfl - ok 16:14:38.0895 7744 btwaudio (ebc9e33c13cdd6c51c1134eae46466a1) C:\Windows\system32\drivers\btwaudio.sys 16:14:38.0911 7744 btwaudio - ok 16:14:38.0926 7744 btwavdt (43fb7fa896d87aa5a9f3e743d7e2303f) C:\Windows\system32\drivers\btwavdt.sys 16:14:38.0942 7744 btwavdt - ok 16:14:39.0051 7744 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys 16:14:39.0067 7744 btwl2cap - ok 16:14:39.0129 7744 btwrchid (1aed551a8cb2f2343eda09109eef4807) C:\Windows\system32\DRIVERS\btwrchid.sys 16:14:39.0145 7744 btwrchid - ok 16:14:39.0191 7744 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 16:14:39.0191 7744 cdfs - ok 16:14:39.0316 7744 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 16:14:39.0316 7744 cdrom - ok 16:14:39.0425 7744 cfwids (0f75ec1c9e21f0fb4648a1d9bb322e5d) C:\Windows\system32\drivers\cfwids.sys 16:14:39.0457 7744 cfwids - ok 16:14:39.0519 7744 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 16:14:39.0535 7744 circlass - ok 16:14:39.0581 7744 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 16:14:39.0581 7744 CLFS - ok 16:14:39.0706 7744 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 16:14:39.0722 7744 CmBatt - ok 16:14:39.0753 7744 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 16:14:39.0784 7744 cmdide - ok 16:14:39.0815 7744 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 16:14:39.0815 7744 CNG - ok 16:14:39.0940 7744 CnxtHdAudService (c1ee6fa6a870132bb71f2c8830779c59) C:\Windows\system32\drivers\CHDRT64.sys 16:14:39.0987 7744 CnxtHdAudService - ok 16:14:40.0096 7744 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 16:14:40.0096 7744 Compbatt - ok 16:14:40.0159 7744 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 16:14:40.0174 7744 CompositeBus - ok 16:14:40.0299 7744 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 16:14:40.0315 7744 crcdisk - ok 16:14:40.0471 7744 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys 16:14:40.0502 7744 CVirtA - ok 16:14:40.0611 7744 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys 16:14:40.0642 7744 CVPNDRVA - ok 16:14:40.0783 7744 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 16:14:40.0783 7744 DfsC - ok 16:14:40.0829 7744 DgiVecp - ok 16:14:40.0892 7744 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 16:14:40.0907 7744 discache - ok 16:14:41.0017 7744 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 16:14:41.0017 7744 Disk - ok 16:14:41.0079 7744 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys 16:14:41.0079 7744 DNE - ok 16:14:41.0219 7744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 16:14:41.0235 7744 drmkaud - ok 16:14:41.0360 7744 DVMIO (fcfac62c7b95a2d4f791b89e09b07432) C:\Program Files (x86)\InstantView\tools\dvmio_x64.sys 16:14:41.0375 7744 DVMIO - ok 16:14:41.0516 7744 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys 16:14:41.0547 7744 DXGKrnl - ok 16:14:41.0687 7744 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 16:14:41.0797 7744 ebdrv - ok 16:14:41.0937 7744 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 16:14:41.0984 7744 elxstor - ok 16:14:42.0077 7744 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 16:14:42.0093 7744 ErrDev - ok 16:14:42.0187 7744 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 16:14:42.0202 7744 exfat - ok 16:14:42.0296 7744 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 16:14:42.0296 7744 fastfat - ok 16:14:42.0405 7744 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 16:14:42.0421 7744 fdc - ok 16:14:42.0545 7744 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 16:14:42.0545 7744 FileInfo - ok 16:14:42.0577 7744 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 16:14:42.0592 7744 Filetrace - ok 16:14:42.0701 7744 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 16:14:42.0717 7744 flpydisk - ok 16:14:42.0748 7744 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 16:14:42.0764 7744 FltMgr - ok 16:14:42.0889 7744 FPSensor (54a9c5a6aa0bb0041a4af7172ffc3d9f) C:\Windows\system32\Drivers\FPSensor.sys 16:14:42.0889 7744 FPSensor - ok 16:14:42.0920 7744 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 16:14:42.0935 7744 FsDepends - ok 16:14:42.0982 7744 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 16:14:42.0998 7744 Fs_Rec - ok 16:14:43.0107 7744 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 16:14:43.0107 7744 fvevol - ok 16:14:43.0216 7744 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 16:14:43.0232 7744 gagp30kx - ok 16:14:43.0388 7744 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 16:14:43.0403 7744 hcw85cir - ok 16:14:43.0481 7744 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 16:14:43.0497 7744 HdAudAddService - ok 16:14:43.0591 7744 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 16:14:43.0606 7744 HDAudBus - ok 16:14:43.0715 7744 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 16:14:43.0731 7744 HECIx64 - ok 16:14:43.0793 7744 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 16:14:43.0809 7744 HidBatt - ok 16:14:43.0856 7744 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 16:14:43.0871 7744 HidBth - ok 16:14:43.0918 7744 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 16:14:43.0934 7744 HidIr - ok 16:14:44.0027 7744 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 16:14:44.0027 7744 HidUsb - ok 16:14:44.0168 7744 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 16:14:44.0183 7744 HpSAMD - ok 16:14:44.0261 7744 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 16:14:44.0293 7744 HTTP - ok 16:14:44.0371 7744 hwdatacard (cdaa8e257bb625b2387219e605dde37d) C:\Windows\system32\DRIVERS\ewusbmdm.sys 16:14:44.0386 7744 hwdatacard - ok 16:14:44.0417 7744 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 16:14:44.0417 7744 hwpolicy - ok 16:14:44.0480 7744 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 16:14:44.0495 7744 i8042prt - ok 16:14:44.0527 7744 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys 16:14:44.0527 7744 iaStor - ok 16:14:44.0651 7744 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 16:14:44.0683 7744 iaStorV - ok 16:14:44.0745 7744 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 16:14:44.0761 7744 iirsp - ok 16:14:44.0807 7744 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 16:14:44.0823 7744 intelide - ok 16:14:44.0854 7744 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 16:14:44.0854 7744 intelppm - ok 16:14:44.0948 7744 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 16:14:44.0963 7744 IPMIDRV - ok 16:14:45.0041 7744 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 16:14:45.0057 7744 IPNAT - ok 16:14:45.0088 7744 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 16:14:45.0104 7744 IRENUM - ok 16:14:45.0135 7744 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 16:14:45.0151 7744 isapnp - ok 16:14:45.0166 7744 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 16:14:45.0182 7744 iScsiPrt - ok 16:14:45.0307 7744 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 16:14:45.0322 7744 kbdclass - ok 16:14:45.0369 7744 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 16:14:45.0369 7744 kbdhid - ok 16:14:45.0385 7744 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 16:14:45.0385 7744 KSecDD - ok 16:14:45.0416 7744 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 16:14:45.0416 7744 KSecPkg - ok 16:14:45.0509 7744 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 16:14:45.0541 7744 ksthunk - ok 16:14:45.0681 7744 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 16:14:45.0697 7744 lltdio - ok 16:14:45.0853 7744 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 16:14:45.0868 7744 LSI_FC - ok 16:14:45.0899 7744 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 16:14:45.0915 7744 LSI_SAS - ok 16:14:45.0931 7744 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 16:14:45.0931 7744 LSI_SAS2 - ok 16:14:45.0946 7744 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 16:14:45.0962 7744 LSI_SCSI - ok 16:14:45.0993 7744 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 16:14:45.0993 7744 luafv - ok 16:14:46.0087 7744 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys 16:14:46.0087 7744 MBAMProtector - ok 16:14:46.0243 7744 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 16:14:46.0258 7744 megasas - ok 16:14:46.0305 7744 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 16:14:46.0321 7744 MegaSR - ok 16:14:46.0430 7744 mfeapfk (487f6ce8fc99da5ba55266c0fecc81fa) C:\Windows\system32\drivers\mfeapfk.sys 16:14:46.0445 7744 mfeapfk - ok 16:14:46.0477 7744 mfefirek (041435b0e11a7be7aec199d790b2ce90) C:\Windows\system32\drivers\mfefirek.sys 16:14:46.0523 7744 mfefirek - ok 16:14:46.0555 7744 mfehidk (a3c142a8d5cccd4acb145d8e0bd347fd) C:\Windows\system32\drivers\mfehidk.sys 16:14:46.0570 7744 mfehidk - ok 16:14:46.0586 7744 mfenlfk (89c623961f8e4fcb1c3cf6576aae06ef) C:\Windows\system32\DRIVERS\mfenlfk.sys 16:14:46.0617 7744 mfenlfk - ok 16:14:46.0711 7744 mferkdet (37dc16dd53e407cbb1a7c530288b7151) C:\Windows\system32\drivers\mferkdet.sys 16:14:46.0726 7744 mferkdet - ok 16:14:46.0773 7744 mfewfpk (1680dd5958520e04cddc5faf51dbd781) C:\Windows\system32\drivers\mfewfpk.sys 16:14:46.0773 7744 mfewfpk - ok 16:14:46.0867 7744 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 16:14:46.0882 7744 Modem - ok 16:14:46.0976 7744 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 16:14:46.0976 7744 monitor - ok 16:14:47.0054 7744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 16:14:47.0069 7744 mouclass - ok 16:14:47.0194 7744 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 16:14:47.0194 7744 mouhid - ok 16:14:47.0225 7744 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 16:14:47.0225 7744 mountmgr - ok 16:14:47.0335 7744 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 16:14:47.0350 7744 mpio - ok 16:14:47.0397 7744 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 16:14:47.0413 7744 mpsdrv - ok 16:14:47.0475 7744 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 16:14:47.0491 7744 MRxDAV - ok 16:14:47.0522 7744 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 16:14:47.0522 7744 mrxsmb - ok 16:14:47.0569 7744 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:14:47.0569 7744 mrxsmb10 - ok 16:14:47.0662 7744 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:14:47.0662 7744 mrxsmb20 - ok 16:14:47.0709 7744 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 16:14:47.0725 7744 msahci - ok 16:14:47.0787 7744 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 16:14:47.0803 7744 msdsm - ok 16:14:47.0881 7744 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 16:14:47.0881 7744 Msfs - ok 16:14:47.0990 7744 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 16:14:48.0021 7744 mshidkmdf - ok 16:14:48.0052 7744 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 16:14:48.0052 7744 msisadrv - ok 16:14:48.0177 7744 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 16:14:48.0193 7744 MSKSSRV - ok 16:14:48.0239 7744 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 16:14:48.0255 7744 MSPCLOCK - ok 16:14:48.0271 7744 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 16:14:48.0271 7744 MSPQM - ok 16:14:48.0302 7744 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 16:14:48.0302 7744 MsRPC - ok 16:14:48.0333 7744 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 16:14:48.0333 7744 mssmbios - ok 16:14:48.0473 7744 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 16:14:48.0489 7744 MSTEE - ok 16:14:48.0520 7744 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 16:14:48.0551 7744 MTConfig - ok 16:14:48.0567 7744 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 16:14:48.0567 7744 Mup - ok 16:14:48.0645 7744 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 16:14:48.0676 7744 NativeWifiP - ok 16:14:48.0817 7744 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 16:14:48.0848 7744 NDIS - ok 16:14:48.0973 7744 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 16:14:48.0988 7744 NdisCap - ok 16:14:49.0035 7744 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 16:14:49.0051 7744 NdisTapi - ok 16:14:49.0097 7744 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 16:14:49.0097 7744 Ndisuio - ok 16:14:49.0129 7744 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 16:14:49.0144 7744 NdisWan - ok 16:14:49.0191 7744 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 16:14:49.0207 7744 NDProxy - ok 16:14:49.0331 7744 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 16:14:49.0331 7744 NetBIOS - ok 16:14:49.0363 7744 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 16:14:49.0394 7744 NetBT - ok 16:14:49.0519 7744 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 16:14:49.0534 7744 nfrd960 - ok 16:14:49.0690 7744 npf (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys 16:14:49.0706 7744 npf - ok 16:14:49.0753 7744 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 16:14:49.0753 7744 Npfs - ok 16:14:49.0784 7744 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 16:14:49.0799 7744 nsiproxy - ok 16:14:49.0877 7744 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 16:14:49.0909 7744 Ntfs - ok 16:14:50.0033 7744 NTIDrvr (710263b44c1d1aee07525a53401fbe48) C:\Windows\system32\drivers\NTIDrvr.sys 16:14:50.0049 7744 NTIDrvr - ok 16:14:50.0096 7744 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 16:14:50.0111 7744 Null - ok 16:14:50.0423 7744 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys 16:14:50.0704 7744 nvlddmkm - ok 16:14:50.0813 7744 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 16:14:50.0845 7744 nvraid - ok 16:14:50.0969 7744 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 16:14:50.0985 7744 nvstor - ok 16:14:51.0125 7744 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 16:14:51.0141 7744 nv_agp - ok 16:14:51.0266 7744 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 16:14:51.0266 7744 ohci1394 - ok 16:14:51.0422 7744 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 16:14:51.0437 7744 Parport - ok 16:14:51.0484 7744 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 16:14:51.0484 7744 partmgr - ok 16:14:51.0515 7744 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 16:14:51.0515 7744 pci - ok 16:14:51.0531 7744 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 16:14:51.0547 7744 pciide - ok 16:14:51.0593 7744 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 16:14:51.0609 7744 pcmcia - ok 16:14:51.0640 7744 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 16:14:51.0640 7744 pcw - ok 16:14:51.0671 7744 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 16:14:51.0718 7744 PEAUTH - ok 16:14:51.0859 7744 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 16:14:51.0874 7744 PptpMiniport - ok 16:14:51.0937 7744 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 16:14:51.0952 7744 Processor - ok 16:14:52.0061 7744 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 16:14:52.0077 7744 Psched - ok 16:14:52.0186 7744 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 16:14:52.0264 7744 ql2300 - ok 16:14:52.0389 7744 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 16:14:52.0405 7744 ql40xx - ok 16:14:52.0451 7744 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 16:14:52.0467 7744 QWAVEdrv - ok 16:14:52.0483 7744 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 16:14:52.0498 7744 RasAcd - ok 16:14:52.0592 7744 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 16:14:52.0607 7744 RasAgileVpn - ok 16:14:52.0654 7744 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 16:14:52.0654 7744 Rasl2tp - ok 16:14:52.0779 7744 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 16:14:52.0795 7744 RasPppoe - ok 16:14:52.0826 7744 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 16:14:52.0841 7744 RasSstp - ok 16:14:52.0888 7744 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 16:14:52.0888 7744 rdbss - ok 16:14:52.0919 7744 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 16:14:52.0935 7744 rdpbus - ok 16:14:53.0044 7744 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 16:14:53.0060 7744 RDPCDD - ok 16:14:53.0107 7744 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 16:14:53.0122 7744 RDPENCDD - ok 16:14:53.0169 7744 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 16:14:53.0185 7744 RDPREFMP - ok 16:14:53.0216 7744 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 16:14:53.0231 7744 RDPWD - ok 16:14:53.0278 7744 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 16:14:53.0278 7744 rdyboost - ok 16:14:53.0403 7744 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 16:14:53.0434 7744 RFCOMM - ok 16:14:53.0497 7744 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 16:14:53.0512 7744 RimUsb - ok 16:14:53.0637 7744 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 16:14:53.0653 7744 rspndr - ok 16:14:53.0777 7744 RSUSBSTOR (44ed82612403021e36998e1ecb1198f1) C:\Windows\system32\Drivers\RtsUStor.sys 16:14:53.0777 7744 RSUSBSTOR - ok 16:14:53.0918 7744 SAVOnAccess (2bb45e1528ebb0f2a105ecdc0dd28333) C:\Windows\system32\DRIVERS\savonaccess.sys 16:14:53.0918 7744 SAVOnAccess - ok 16:14:53.0980 7744 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 16:14:53.0996 7744 sbp2port - ok 16:14:54.0121 7744 scfdriver (318cf32b1e89fc8b14695c1179ed1482) C:\Windows\system32\Drivers\scfdriver.sys 16:14:54.0136 7744 scfdriver - ok 16:14:54.0183 7744 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 16:14:54.0214 7744 scfilter - ok 16:14:54.0339 7744 scflwf (9ee12c975f9968ace96760bd28077f26) C:\Windows\system32\DRIVERS\scflwf.sys 16:14:54.0370 7744 scflwf - ok 16:14:54.0495 7744 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 16:14:54.0511 7744 secdrv - ok 16:14:54.0635 7744 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 16:14:54.0651 7744 Serenum - ok 16:14:54.0698 7744 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 16:14:54.0713 7744 Serial - ok 16:14:54.0807 7744 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 16:14:54.0823 7744 sermouse - ok 16:14:54.0854 7744 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 16:14:54.0885 7744 sffdisk - ok 16:14:54.0885 7744 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 16:14:54.0901 7744 sffp_mmc - ok 16:14:54.0916 7744 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 16:14:54.0932 7744 sffp_sd - ok 16:14:54.0979 7744 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 16:14:54.0994 7744 sfloppy - ok 16:14:55.0119 7744 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 16:14:55.0135 7744 SiSRaid2 - ok 16:14:55.0166 7744 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 16:14:55.0181 7744 SiSRaid4 - ok 16:14:55.0213 7744 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 16:14:55.0228 7744 Smb - ok 16:14:55.0384 7744 SophosBootDriver (69fbe35a8165adbc313aa7f64b868ca1) C:\Windows\system32\DRIVERS\SophosBootDriver.sys 16:14:55.0400 7744 SophosBootDriver - ok 16:14:55.0509 7744 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 16:14:55.0509 7744 spldr - ok 16:14:55.0587 7744 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 16:14:55.0603 7744 srv - ok 16:14:55.0649 7744 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 16:14:55.0665 7744 srv2 - ok 16:14:55.0696 7744 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 16:14:55.0712 7744 srvnet - ok 16:14:55.0727 7744 SSPORT - ok 16:14:55.0774 7744 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 16:14:55.0790 7744 stexstor - ok 16:14:55.0946 7744 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 16:14:55.0961 7744 swenum - ok 16:14:56.0086 7744 SynTP (a0066e04d89e1ccdc8b24af4c7f41416) C:\Windows\system32\DRIVERS\SynTP.sys 16:14:56.0117 7744 SynTP - ok 16:14:56.0273 7744 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys 16:14:56.0336 7744 Tcpip - ok 16:14:56.0507 7744 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys 16:14:56.0523 7744 TCPIP6 - ok 16:14:56.0585 7744 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 16:14:56.0601 7744 tcpipreg - ok 16:14:56.0632 7744 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 16:14:56.0648 7744 TDPIPE - ok 16:14:56.0679 7744 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 16:14:56.0695 7744 TDTCP - ok 16:14:56.0726 7744 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 16:14:56.0741 7744 tdx - ok 16:14:56.0757 7744 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 16:14:56.0773 7744 TermDD - ok 16:14:56.0897 7744 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys 16:14:56.0913 7744 TPM - ok 16:14:56.0975 7744 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 16:14:56.0991 7744 tssecsrv - ok 16:14:57.0085 7744 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 16:14:57.0100 7744 tunnel - ok 16:14:57.0131 7744 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 16:14:57.0147 7744 uagp35 - ok 16:14:57.0178 7744 UBHelper (40079b0b801c5432ba435b5ad61ce6e3) C:\Windows\system32\drivers\UBHelper.sys 16:14:57.0194 7744 UBHelper - ok 16:14:57.0241 7744 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 16:14:57.0272 7744 udfs - ok 16:14:57.0303 7744 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 16:14:57.0319 7744 uliagpkx - ok 16:14:57.0428 7744 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 16:14:57.0443 7744 umbus - ok 16:14:57.0475 7744 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 16:14:57.0490 7744 UmPass - ok 16:14:57.0615 7744 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 16:14:57.0631 7744 usbaudio - ok 16:14:57.0677 7744 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys 16:14:57.0693 7744 usbccgp - ok 16:14:57.0740 7744 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 16:14:57.0755 7744 usbcir - ok 16:14:57.0849 7744 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys 16:14:57.0865 7744 usbehci - ok 16:14:57.0911 7744 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys 16:14:57.0943 7744 usbhub - ok 16:14:57.0974 7744 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys 16:14:57.0989 7744 usbohci - ok 16:14:58.0021 7744 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 16:14:58.0021 7744 usbprint - ok 16:14:58.0052 7744 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:14:58.0052 7744 USBSTOR - ok 16:14:58.0145 7744 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys 16:14:58.0161 7744 usbuhci - ok 16:14:58.0208 7744 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 16:14:58.0223 7744 usbvideo - ok 16:14:58.0348 7744 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys 16:14:58.0364 7744 VClone - ok 16:14:58.0426 7744 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 16:14:58.0426 7744 vdrvroot - ok 16:14:58.0520 7744 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 16:14:58.0535 7744 vga - ok 16:14:58.0567 7744 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 16:14:58.0567 7744 VgaSave - ok 16:14:58.0598 7744 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 16:14:58.0613 7744 vhdmp - ok 16:14:58.0645 7744 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 16:14:58.0660 7744 viaide - ok 16:14:58.0691 7744 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 16:14:58.0691 7744 volmgr - ok 16:14:58.0707 7744 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 16:14:58.0707 7744 volmgrx - ok 16:14:58.0723 7744 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 16:14:58.0723 7744 volsnap - ok 16:14:58.0769 7744 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 16:14:58.0785 7744 vsmraid - ok 16:14:58.0816 7744 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 16:14:58.0832 7744 vwifibus - ok 16:14:58.0863 7744 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 16:14:58.0879 7744 vwififlt - ok 16:14:58.0988 7744 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 16:14:58.0988 7744 vwifimp - ok 16:14:59.0019 7744 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 16:14:59.0035 7744 WacomPen - ok 16:14:59.0113 7744 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 16:14:59.0128 7744 WANARP - ok 16:14:59.0159 7744 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 16:14:59.0159 7744 Wanarpv6 - ok 16:14:59.0269 7744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 16:14:59.0269 7744 Wd - ok 16:14:59.0315 7744 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 16:14:59.0315 7744 Wdf01000 - ok 16:14:59.0456 7744 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 16:14:59.0471 7744 WfpLwf - ok 16:14:59.0534 7744 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 16:14:59.0549 7744 WIMMount - ok 16:14:59.0721 7744 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 16:14:59.0737 7744 WinUsb - ok 16:14:59.0815 7744 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 16:14:59.0815 7744 WmiAcpi - ok 16:14:59.0955 7744 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 16:14:59.0971 7744 ws2ifsl - ok 16:15:00.0127 7744 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 16:15:00.0142 7744 WudfPf - ok 16:15:00.0189 7744 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 16:15:00.0205 7744 WUDFRd - ok 16:15:00.0267 7744 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 16:15:00.0283 7744 \Device\Harddisk0\DR0 - ok 16:15:00.0283 7744 Boot (0x1200) (4b4c2e21950575a2c2bc63e242a06777) \Device\Harddisk0\DR0\Partition0 16:15:00.0283 7744 \Device\Harddisk0\DR0\Partition0 - ok 16:15:00.0298 7744 Boot (0x1200) (7287ad35c6d8cf96d8d8ef82415ebc21) \Device\Harddisk0\DR0\Partition1 16:15:00.0298 7744 \Device\Harddisk0\DR0\Partition1 - ok 16:15:00.0314 7744 Boot (0x1200) (0718f066f55c7a9299494bd5e86fa1fd) \Device\Harddisk0\DR0\Partition2 16:15:00.0314 7744 \Device\Harddisk0\DR0\Partition2 - ok 16:15:00.0314 7744 ============================================================ 16:15:00.0314 7744 Scan finished 16:15:00.0314 7744 ============================================================ 16:15:00.0329 7736 Detected object count: 0 16:15:00.0329 7736 Actual detected object count: 0 16:29:55.0578 7448 ============================================================ 16:29:55.0578 7448 Scan started 16:29:55.0578 7448 Mode: Manual; SigCheck; TDLFS; 16:29:55.0578 7448 ============================================================ 16:29:55.0905 7448 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 16:29:56.0093 7448 1394ohci - ok 16:29:56.0202 7448 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 16:29:56.0233 7448 ACPI - ok 16:29:56.0327 7448 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 16:29:56.0420 7448 AcpiPmi - ok 16:29:56.0514 7448 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 16:29:56.0545 7448 adp94xx - ok 16:29:56.0654 7448 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 16:29:56.0670 7448 adpahci - ok 16:29:56.0763 7448 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 16:29:56.0795 7448 adpu320 - ok 16:29:56.0919 7448 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys 16:29:57.0013 7448 AFD - ok 16:29:57.0107 7448 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 16:29:57.0138 7448 agp440 - ok 16:29:57.0231 7448 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 16:29:57.0263 7448 aliide - ok 16:29:57.0372 7448 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 16:29:57.0387 7448 amdide - ok 16:29:57.0497 7448 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 16:29:57.0559 7448 AmdK8 - ok 16:29:57.0668 7448 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 16:29:57.0715 7448 AmdPPM - ok 16:29:57.0824 7448 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 16:29:57.0855 7448 amdsata - ok 16:29:57.0980 7448 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 16:29:57.0996 7448 amdsbs - ok 16:29:58.0121 7448 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 16:29:58.0136 7448 amdxata - ok 16:29:58.0183 7448 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 16:29:58.0308 7448 AppID - ok 16:29:58.0401 7448 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 16:29:58.0433 7448 arc - ok 16:29:58.0464 7448 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 16:29:58.0479 7448 arcsas - ok 16:29:58.0511 7448 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 16:29:58.0713 7448 AsyncMac - ok 16:29:58.0807 7448 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 16:29:58.0823 7448 atapi - ok 16:29:58.0901 7448 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys 16:29:58.0947 7448 athr - ok 16:29:59.0072 7448 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 16:29:59.0135 7448 b06bdrv - ok 16:29:59.0244 7448 b57nd60a (57cf39f0754e8afe8a7d4470b8c87d3b) C:\Windows\system32\DRIVERS\b57nd60a.sys 16:29:59.0337 7448 b57nd60a - ok 16:29:59.0525 7448 BCM43XX (2d659b569a76cdb83b815675a80d7096) C:\Windows\system32\DRIVERS\bcmwl664.sys 16:29:59.0603 7448 BCM43XX - ok 16:29:59.0727 7448 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 16:29:59.0805 7448 Beep - ok 16:29:59.0852 7448 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 16:29:59.0883 7448 blbdrive - ok 16:29:59.0961 7448 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 16:30:00.0024 7448 bowser - ok 16:30:00.0117 7448 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 16:30:00.0164 7448 BrFiltLo - ok 16:30:00.0258 7448 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 16:30:00.0289 7448 BrFiltUp - ok 16:30:00.0305 7448 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 16:30:00.0367 7448 Brserid - ok 16:30:00.0476 7448 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 16:30:00.0523 7448 BrSerWdm - ok 16:30:00.0539 7448 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 16:30:00.0601 7448 BrUsbMdm - ok 16:30:00.0617 7448 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 16:30:00.0632 7448 BrUsbSer - ok 16:30:00.0679 7448 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 16:30:00.0741 7448 BthEnum - ok 16:30:00.0835 7448 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 16:30:00.0882 7448 BTHMODEM - ok 16:30:00.0929 7448 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 16:30:00.0991 7448 BthPan - ok 16:30:01.0038 7448 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys 16:30:01.0116 7448 BTHPORT - ok 16:30:01.0225 7448 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys 16:30:01.0256 7448 BTHUSB - ok 16:30:01.0303 7448 btwampfl (e1ddc25788a1d6fecf155cce8159be9b) C:\Windows\system32\drivers\btwampfl.sys 16:30:01.0319 7448 btwampfl - ok 16:30:01.0334 7448 btwaudio (ebc9e33c13cdd6c51c1134eae46466a1) C:\Windows\system32\drivers\btwaudio.sys 16:30:01.0350 7448 btwaudio - ok 16:30:01.0381 7448 btwavdt (43fb7fa896d87aa5a9f3e743d7e2303f) C:\Windows\system32\drivers\btwavdt.sys 16:30:01.0397 7448 btwavdt - ok 16:30:01.0397 7448 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys 16:30:01.0412 7448 btwl2cap - ok 16:30:01.0443 7448 btwrchid (1aed551a8cb2f2343eda09109eef4807) C:\Windows\system32\DRIVERS\btwrchid.sys 16:30:01.0459 7448 btwrchid - ok 16:30:01.0490 7448 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 16:30:01.0568 7448 cdfs - ok 16:30:01.0677 7448 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 16:30:01.0724 7448 cdrom - ok 16:30:01.0833 7448 cfwids (0f75ec1c9e21f0fb4648a1d9bb322e5d) C:\Windows\system32\drivers\cfwids.sys 16:30:01.0849 7448 cfwids - ok 16:30:01.0880 7448 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 16:30:01.0943 7448 circlass - ok 16:30:01.0974 7448 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 16:30:02.0005 7448 CLFS - ok 16:30:02.0083 7448 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 16:30:02.0114 7448 CmBatt - ok 16:30:02.0208 7448 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 16:30:02.0223 7448 cmdide - ok 16:30:02.0270 7448 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 16:30:02.0348 7448 CNG - ok 16:30:02.0489 7448 CnxtHdAudService (c1ee6fa6a870132bb71f2c8830779c59) C:\Windows\system32\drivers\CHDRT64.sys 16:30:02.0520 7448 CnxtHdAudService - ok 16:30:02.0567 7448 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 16:30:02.0598 7448 Compbatt - ok 16:30:02.0613 7448 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 16:30:02.0645 7448 CompositeBus - ok 16:30:02.0691 7448 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 16:30:02.0707 7448 crcdisk - ok 16:30:02.0754 7448 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys 16:30:02.0769 7448 CVirtA - ok 16:30:02.0801 7448 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys 16:30:02.0816 7448 CVPNDRVA - ok 16:30:02.0879 7448 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 16:30:02.0941 7448 DfsC - ok 16:30:02.0988 7448 DgiVecp - ok 16:30:03.0050 7448 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 16:30:03.0128 7448 discache - ok 16:30:03.0222 7448 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 16:30:03.0237 7448 Disk - ok 16:30:03.0284 7448 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys 16:30:03.0300 7448 DNE - ok 16:30:03.0347 7448 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 16:30:03.0378 7448 drmkaud - ok 16:30:03.0456 7448 DVMIO (fcfac62c7b95a2d4f791b89e09b07432) C:\Program Files (x86)\InstantView\tools\dvmio_x64.sys 16:30:03.0471 7448 DVMIO - ok 16:30:03.0612 7448 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys 16:30:03.0659 7448 DXGKrnl - ok 16:30:03.0783 7448 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 16:30:03.0861 7448 ebdrv - ok 16:30:03.0986 7448 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 16:30:04.0017 7448 elxstor - ok 16:30:04.0049 7448 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 16:30:04.0095 7448 ErrDev - ok 16:30:04.0127 7448 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 16:30:04.0173 7448 exfat - ok 16:30:04.0205 7448 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 16:30:04.0267 7448 fastfat - ok 16:30:04.0298 7448 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 16:30:04.0329 7448 fdc - ok 16:30:04.0376 7448 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 16:30:04.0376 7448 FileInfo - ok 16:30:04.0407 7448 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 16:30:04.0470 7448 Filetrace - ok 16:30:04.0485 7448 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 16:30:04.0501 7448 flpydisk - ok 16:30:04.0532 7448 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 16:30:04.0548 7448 FltMgr - ok 16:30:04.0595 7448 FPSensor (54a9c5a6aa0bb0041a4af7172ffc3d9f) C:\Windows\system32\Drivers\FPSensor.sys 16:30:04.0595 7448 FPSensor - ok 16:30:04.0688 7448 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 16:30:04.0704 7448 FsDepends - ok 16:30:04.0735 7448 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 16:30:04.0751 7448 Fs_Rec - ok 16:30:04.0797 7448 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 16:30:04.0829 7448 fvevol - ok 16:30:04.0860 7448 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 16:30:04.0875 7448 gagp30kx - ok 16:30:04.0907 7448 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 16:30:04.0969 7448 hcw85cir - ok 16:30:05.0063 7448 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 16:30:05.0125 7448 HdAudAddService - ok 16:30:05.0172 7448 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 16:30:05.0219 7448 HDAudBus - ok 16:30:05.0312 7448 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 16:30:05.0343 7448 HECIx64 - ok 16:30:05.0390 7448 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 16:30:05.0421 7448 HidBatt - ok 16:30:05.0468 7448 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 16:30:05.0515 7448 HidBth - ok 16:30:05.0546 7448 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 16:30:05.0577 7448 HidIr - ok 16:30:05.0609 7448 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 16:30:05.0624 7448 HidUsb - ok 16:30:05.0655 7448 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 16:30:05.0671 7448 HpSAMD - ok 16:30:05.0718 7448 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 16:30:05.0811 7448 HTTP - ok 16:30:05.0858 7448 hwdatacard (cdaa8e257bb625b2387219e605dde37d) C:\Windows\system32\DRIVERS\ewusbmdm.sys 16:30:05.0921 7448 hwdatacard - ok 16:30:06.0014 7448 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 16:30:06.0030 7448 hwpolicy - ok 16:30:06.0061 7448 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 16:30:06.0077 7448 i8042prt - ok 16:30:06.0108 7448 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys 16:30:06.0123 7448 iaStor - ok 16:30:06.0170 7448 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 16:30:06.0201 7448 iaStorV - ok 16:30:06.0248 7448 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 16:30:06.0248 7448 iirsp - ok 16:30:06.0279 7448 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 16:30:06.0295 7448 intelide - ok 16:30:06.0326 7448 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 16:30:06.0357 7448 intelppm - ok 16:30:06.0389 7448 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 16:30:06.0435 7448 IPMIDRV - ok 16:30:06.0467 7448 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 16:30:06.0545 7448 IPNAT - ok 16:30:06.0560 7448 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 16:30:06.0623 7448 IRENUM - ok 16:30:06.0654 7448 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 16:30:06.0654 7448 isapnp - ok 16:30:06.0701 7448 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 16:30:06.0716 7448 iScsiPrt - ok 16:30:06.0732 7448 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 16:30:06.0747 7448 kbdclass - ok 16:30:06.0779 7448 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 16:30:06.0810 7448 kbdhid - ok 16:30:06.0935 7448 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 16:30:06.0966 7448 KSecDD - ok 16:30:06.0997 7448 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 16:30:07.0013 7448 KSecPkg - ok 16:30:07.0075 7448 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 16:30:07.0153 7448 ksthunk - ok 16:30:07.0231 7448 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 16:30:07.0325 7448 lltdio - ok 16:30:07.0356 7448 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 16:30:07.0371 7448 LSI_FC - ok 16:30:07.0387 7448 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 16:30:07.0403 7448 LSI_SAS - ok 16:30:07.0403 7448 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 16:30:07.0418 7448 LSI_SAS2 - ok 16:30:07.0434 7448 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 16:30:07.0449 7448 LSI_SCSI - ok 16:30:07.0465 7448 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 16:30:07.0543 7448 luafv - ok 16:30:07.0590 7448 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys 16:30:07.0605 7448 MBAMProtector - ok 16:30:07.0668 7448 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 16:30:07.0683 7448 megasas - ok 16:30:07.0761 7448 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 16:30:07.0793 7448 MegaSR - ok 16:30:07.0824 7448 mfeapfk (487f6ce8fc99da5ba55266c0fecc81fa) C:\Windows\system32\drivers\mfeapfk.sys 16:30:07.0839 7448 mfeapfk - ok 16:30:07.0871 7448 mfefirek (041435b0e11a7be7aec199d790b2ce90) C:\Windows\system32\drivers\mfefirek.sys 16:30:07.0886 7448 mfefirek - ok 16:30:07.0917 7448 mfehidk (a3c142a8d5cccd4acb145d8e0bd347fd) C:\Windows\system32\drivers\mfehidk.sys 16:30:07.0933 7448 mfehidk - ok 16:30:07.0964 7448 mfenlfk (89c623961f8e4fcb1c3cf6576aae06ef) C:\Windows\system32\DRIVERS\mfenlfk.sys 16:30:07.0980 7448 mfenlfk - ok 16:30:07.0995 7448 mferkdet (37dc16dd53e407cbb1a7c530288b7151) C:\Windows\system32\drivers\mferkdet.sys 16:30:08.0011 7448 mferkdet - ok 16:30:08.0058 7448 mfewfpk (1680dd5958520e04cddc5faf51dbd781) C:\Windows\system32\drivers\mfewfpk.sys 16:30:08.0073 7448 mfewfpk - ok 16:30:08.0120 7448 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 16:30:08.0198 7448 Modem - ok 16:30:08.0229 7448 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 16:30:08.0261 7448 monitor - ok 16:30:08.0292 7448 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 16:30:08.0307 7448 mouclass - ok 16:30:08.0323 7448 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 16:30:08.0354 7448 mouhid - ok 16:30:08.0385 7448 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 16:30:08.0401 7448 mountmgr - ok 16:30:08.0432 7448 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 16:30:08.0448 7448 mpio - ok 16:30:08.0479 7448 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 16:30:08.0541 7448 mpsdrv - ok 16:30:08.0666 7448 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 16:30:08.0713 7448 MRxDAV - ok 16:30:08.0760 7448 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 16:30:08.0807 7448 mrxsmb - ok 16:30:08.0853 7448 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:30:08.0900 7448 mrxsmb10 - ok 16:30:08.0947 7448 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:30:08.0978 7448 mrxsmb20 - ok 16:30:09.0025 7448 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 16:30:09.0056 7448 msahci - ok 16:30:09.0072 7448 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 16:30:09.0103 7448 msdsm - ok 16:30:09.0119 7448 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 16:30:09.0165 7448 Msfs - ok 16:30:09.0197 7448 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 16:30:09.0275 7448 mshidkmdf - ok 16:30:09.0290 7448 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 16:30:09.0306 7448 msisadrv - ok 16:30:09.0321 7448 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 16:30:09.0368 7448 MSKSSRV - ok 16:30:09.0384 7448 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 16:30:09.0462 7448 MSPCLOCK - ok 16:30:09.0477 7448 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 16:30:09.0540 7448 MSPQM - ok 16:30:09.0571 7448 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 16:30:09.0587 7448 MsRPC - ok 16:30:09.0602 7448 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 16:30:09.0618 7448 mssmbios - ok 16:30:09.0649 7448 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 16:30:09.0711 7448 MSTEE - ok 16:30:09.0727 7448 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 16:30:09.0758 7448 MTConfig - ok 16:30:09.0789 7448 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 16:30:09.0805 7448 Mup - ok 16:30:09.0836 7448 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 16:30:09.0883 7448 NativeWifiP - ok 16:30:10.0008 7448 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 16:30:10.0055 7448 NDIS - ok 16:30:10.0164 7448 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 16:30:10.0257 7448 NdisCap - ok 16:30:10.0304 7448 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 16:30:10.0351 7448 NdisTapi - ok 16:30:10.0398 7448 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 16:30:10.0460 7448 Ndisuio - ok 16:30:10.0476 7448 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 16:30:10.0538 7448 NdisWan - ok 16:30:10.0569 7448 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 16:30:10.0616 7448 NDProxy - ok 16:30:10.0647 7448 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 16:30:10.0725 7448 NetBIOS - ok 16:30:10.0835 7448 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 16:30:10.0944 7448 NetBT - ok 16:30:10.0991 7448 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 16:30:11.0006 7448 nfrd960 - ok 16:30:11.0053 7448 npf (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys 16:30:11.0069 7448 npf - ok 16:30:11.0115 7448 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 16:30:11.0193 7448 Npfs - ok 16:30:11.0256 7448 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 16:30:11.0318 7448 nsiproxy - ok 16:30:11.0427 7448 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 16:30:11.0474 7448 Ntfs - ok 16:30:11.0521 7448 NTIDrvr (710263b44c1d1aee07525a53401fbe48) C:\Windows\system32\drivers\NTIDrvr.sys 16:30:11.0537 7448 NTIDrvr - ok 16:30:11.0583 7448 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 16:30:11.0646 7448 Null - ok 16:30:11.0911 7448 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys 16:30:12.0098 7448 nvlddmkm - ok 16:30:12.0192 7448 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 16:30:12.0223 7448 nvraid - ok 16:30:12.0239 7448 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 16:30:12.0254 7448 nvstor - ok 16:30:12.0301 7448 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 16:30:12.0317 7448 nv_agp - ok 16:30:12.0348 7448 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 16:30:12.0363 7448 ohci1394 - ok 16:30:12.0488 7448 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 16:30:12.0504 7448 Parport - ok 16:30:12.0551 7448 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 16:30:12.0566 7448 partmgr - ok 16:30:12.0597 7448 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 16:30:12.0613 7448 pci - ok 16:30:12.0629 7448 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 16:30:12.0644 7448 pciide - ok 16:30:12.0675 7448 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 16:30:12.0691 7448 pcmcia - ok 16:30:12.0707 7448 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 16:30:12.0722 7448 pcw - ok 16:30:12.0753 7448 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 16:30:12.0816 7448 PEAUTH - ok 16:30:12.0863 7448 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 16:30:12.0956 7448 PptpMiniport - ok 16:30:12.0972 7448 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 16:30:13.0003 7448 Processor - ok 16:30:13.0050 7448 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 16:30:13.0128 7448 Psched - ok 16:30:13.0175 7448 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 16:30:13.0221 7448 ql2300 - ok 16:30:13.0237 7448 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 16:30:13.0253 7448 ql40xx - ok 16:30:13.0268 7448 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 16:30:13.0315 7448 QWAVEdrv - ok 16:30:13.0346 7448 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 16:30:13.0409 7448 RasAcd - ok 16:30:13.0440 7448 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 16:30:13.0518 7448 RasAgileVpn - ok 16:30:13.0596 7448 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 16:30:13.0658 7448 Rasl2tp - ok 16:30:13.0752 7448 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 16:30:13.0845 7448 RasPppoe - ok 16:30:13.0908 7448 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 16:30:13.0986 7448 RasSstp - ok 16:30:14.0017 7448 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 16:30:14.0095 7448 rdbss - ok 16:30:14.0157 7448 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 16:30:14.0204 7448 rdpbus - ok 16:30:14.0251 7448 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 16:30:14.0313 7448 RDPCDD - ok 16:30:14.0329 7448 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 16:30:14.0376 7448 RDPENCDD - ok 16:30:14.0407 7448 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 16:30:14.0438 7448 RDPREFMP - ok 16:30:14.0469 7448 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 16:30:14.0532 7448 RDPWD - ok 16:30:14.0563 7448 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 16:30:14.0579 7448 rdyboost - ok 16:30:14.0610 7448 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 16:30:14.0657 7448 RFCOMM - ok 16:30:14.0688 7448 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 16:30:14.0750 7448 RimUsb - ok 16:30:14.0797 7448 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 16:30:14.0875 7448 rspndr - ok 16:30:14.0969 7448 RSUSBSTOR (44ed82612403021e36998e1ecb1198f1) C:\Windows\system32\Drivers\RtsUStor.sys 16:30:15.0000 7448 RSUSBSTOR - ok 16:30:15.0140 7448 SAVOnAccess (2bb45e1528ebb0f2a105ecdc0dd28333) C:\Windows\system32\DRIVERS\savonaccess.sys 16:30:15.0156 7448 SAVOnAccess - ok 16:30:15.0218 7448 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 16:30:15.0249 7448 sbp2port - ok 16:30:15.0296 7448 scfdriver (318cf32b1e89fc8b14695c1179ed1482) C:\Windows\system32\Drivers\scfdriver.sys 16:30:15.0327 7448 scfdriver - ok 16:30:15.0359 7448 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 16:30:15.0437 7448 scfilter - ok 16:30:15.0483 7448 scflwf (9ee12c975f9968ace96760bd28077f26) C:\Windows\system32\DRIVERS\scflwf.sys 16:30:15.0499 7448 scflwf - ok 16:30:15.0546 7448 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 16:30:15.0608 7448 secdrv - ok 16:30:15.0639 7448 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 16:30:15.0655 7448 Serenum - ok 16:30:15.0671 7448 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 16:30:15.0702 7448 Serial - ok 16:30:15.0733 7448 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 16:30:15.0749 7448 sermouse - ok 16:30:15.0780 7448 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 16:30:15.0842 7448 sffdisk - ok 16:30:15.0920 7448 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 16:30:15.0967 7448 sffp_mmc - ok 16:30:15.0998 7448 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 16:30:16.0029 7448 sffp_sd - ok 16:30:16.0045 7448 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 16:30:16.0076 7448 sfloppy - ok 16:30:16.0107 7448 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 16:30:16.0107 7448 SiSRaid2 - ok 16:30:16.0139 7448 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 16:30:16.0154 7448 SiSRaid4 - ok 16:30:16.0170 7448 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 16:30:16.0217 7448 Smb - ok 16:30:16.0263 7448 SophosBootDriver (69fbe35a8165adbc313aa7f64b868ca1) C:\Windows\system32\DRIVERS\SophosBootDriver.sys 16:30:16.0279 7448 SophosBootDriver - ok 16:30:16.0310 7448 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 16:30:16.0326 7448 spldr - ok 16:30:16.0388 7448 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 16:30:16.0451 7448 srv - ok 16:30:16.0560 7448 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 16:30:16.0607 7448 srv2 - ok 16:30:16.0653 7448 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 16:30:16.0685 7448 srvnet - ok 16:30:16.0700 7448 SSPORT - ok 16:30:16.0731 7448 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 16:30:16.0747 7448 stexstor - ok 16:30:16.0763 7448 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 16:30:16.0778 7448 swenum - ok 16:30:16.0809 7448 SynTP (a0066e04d89e1ccdc8b24af4c7f41416) C:\Windows\system32\DRIVERS\SynTP.sys 16:30:16.0825 7448 SynTP - ok 16:30:16.0919 7448 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys 16:30:16.0965 7448 Tcpip - ok 16:30:17.0028 7448 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys 16:30:17.0075 7448 TCPIP6 - ok 16:30:17.0121 7448 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 16:30:17.0199 7448 tcpipreg - ok 16:30:17.0215 7448 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 16:30:17.0293 7448 TDPIPE - ok 16:30:17.0309 7448 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 16:30:17.0355 7448 TDTCP - ok 16:30:17.0387 7448 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 16:30:17.0433 7448 tdx - ok 16:30:17.0465 7448 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 16:30:17.0480 7448 TermDD - ok 16:30:17.0511 7448 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys 16:30:17.0527 7448 TPM - ok 16:30:17.0558 7448 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 16:30:17.0667 7448 tssecsrv - ok 16:30:17.0792 7448 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 16:30:17.0886 7448 tunnel - ok 16:30:17.0933 7448 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 16:30:17.0948 7448 uagp35 - ok 16:30:17.0979 7448 UBHelper (40079b0b801c5432ba435b5ad61ce6e3) C:\Windows\system32\drivers\UBHelper.sys 16:30:18.0011 7448 UBHelper - ok 16:30:18.0042 7448 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 16:30:18.0120 7448 udfs - ok 16:30:18.0151 7448 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 16:30:18.0151 7448 uliagpkx - ok 16:30:18.0182 7448 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 16:30:18.0229 7448 umbus - ok 16:30:18.0260 7448 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 16:30:18.0276 7448 UmPass - ok 16:30:18.0323 7448 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 16:30:18.0369 7448 usbaudio - ok 16:30:18.0432 7448 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys 16:30:18.0479 7448 usbccgp - ok 16:30:18.0525 7448 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 16:30:18.0557 7448 usbcir - ok 16:30:18.0635 7448 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys 16:30:18.0666 7448 usbehci - ok 16:30:18.0713 7448 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys 16:30:18.0775 7448 usbhub - ok 16:30:18.0837 7448 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys 16:30:18.0884 7448 usbohci - ok 16:30:18.0947 7448 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 16:30:18.0993 7448 usbprint - ok 16:30:19.0071 7448 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:30:19.0134 7448 USBSTOR - ok 16:30:19.0243 7448 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys 16:30:19.0274 7448 usbuhci - ok 16:30:19.0321 7448 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 16:30:19.0368 7448 usbvideo - ok 16:30:19.0399 7448 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys 16:30:19.0430 7448 VClone - ok 16:30:19.0446 7448 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 16:30:19.0461 7448 vdrvroot - ok 16:30:19.0539 7448 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 16:30:19.0571 7448 vga - ok 16:30:19.0586 7448 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 16:30:19.0664 7448 VgaSave - ok 16:30:19.0695 7448 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 16:30:19.0711 7448 vhdmp - ok 16:30:19.0727 7448 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 16:30:19.0742 7448 viaide - ok 16:30:19.0773 7448 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 16:30:19.0773 7448 volmgr - ok 16:30:19.0805 7448 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 16:30:19.0820 7448 volmgrx - ok 16:30:19.0836 7448 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 16:30:19.0851 7448 volsnap - ok 16:30:19.0867 7448 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 16:30:19.0883 7448 vsmraid - ok 16:30:19.0914 7448 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 16:30:19.0929 7448 vwifibus - ok 16:30:19.0945 7448 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 16:30:19.0992 7448 vwififlt - ok 16:30:20.0023 7448 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 16:30:20.0039 7448 vwifimp - ok 16:30:20.0070 7448 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 16:30:20.0117 7448 WacomPen - ok 16:30:20.0148 7448 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 16:30:20.0226 7448 WANARP - ok 16:30:20.0226 7448 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 16:30:20.0273 7448 Wanarpv6 - ok 16:30:20.0304 7448 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 16:30:20.0304 7448 Wd - ok 16:30:20.0335 7448 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 16:30:20.0366 7448 Wdf01000 - ok 16:30:20.0397 7448 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 16:30:20.0429 7448 WfpLwf - ok 16:30:20.0444 7448 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 16:30:20.0460 7448 WIMMount - ok 16:30:20.0522 7448 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 16:30:20.0553 7448 WinUsb - ok 16:30:20.0600 7448 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 16:30:20.0616 7448 WmiAcpi - ok 16:30:20.0663 7448 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 16:30:20.0725 7448 ws2ifsl - ok 16:30:20.0756 7448 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 16:30:20.0834 7448 WudfPf - ok 16:30:20.0865 7448 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 16:30:20.0928 7448 WUDFRd - ok 16:30:20.0990 7448 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 16:30:21.0099 7448 \Device\Harddisk0\DR0 - ok 16:30:21.0099 7448 Boot (0x1200) (4b4c2e21950575a2c2bc63e242a06777) \Device\Harddisk0\DR0\Partition0 16:30:21.0115 7448 \Device\Harddisk0\DR0\Partition0 - ok 16:30:21.0146 7448 Boot (0x1200) (7287ad35c6d8cf96d8d8ef82415ebc21) \Device\Harddisk0\DR0\Partition1 16:30:21.0146 7448 \Device\Harddisk0\DR0\Partition1 - ok 16:30:21.0162 7448 Boot (0x1200) (0718f066f55c7a9299494bd5e86fa1fd) \Device\Harddisk0\DR0\Partition2 16:30:21.0162 7448 \Device\Harddisk0\DR0\Partition2 - ok 16:30:21.0162 7448 ============================================================ 16:30:21.0162 7448 Scan finished 16:30:21.0162 7448 ============================================================ 16:30:21.0193 5184 Detected object count: 0 16:30:21.0193 5184 Actual detected object count: 0 |
26.10.2011, 18:59 | #20 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | bundespolizei trojaner komme nicht weiter Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
23.11.2011, 19:20 | #21 |
| bundespolizei trojaner komme nicht weiter Hallo Arne, CF habe ich ausgeführt. Hier kommt die ComboFix.txt Datei: Combofix Logfile: Code:
ATTFilter ComboFix 11-11-23.01 - XXXXX 23.11.2011 18:42:57.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.XXXX.XXXX [GMT 1:00] ausgeführt von:: c:\users\XXXXX\Downloads\ComboFix.exe AV: Sophos Anti-Virus *Enabled/Outdated* {479CCF92-4960-B3E0-7373-BF453B467D2C} FW: Sophos Client Firewall *Enabled* {7FA74EB7-030F-B2B8-582C-1670C5953A57} SP: Sophos Anti-Virus *Enabled/Outdated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\7z.exe c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\pthreadVC.dll c:\windows\SysWow64\wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_npf . . ((((((((((((((((((((((( Dateien erstellt von 2011-10-23 bis 2011-11-23 )))))))))))))))))))))))))))))) . . 2011-11-23 17:55 . 2011-11-23 17:55 -------- d-----w- c:\users\XXXXXX\AppData\Local\temp 2011-11-23 17:55 . 2011-11-23 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-09 20:52 . 2011-10-01 05:28 886784 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-09 20:52 . 2011-10-01 04:43 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll 2011-11-09 20:52 . 2011-09-29 16:24 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 20:52 . 2011-09-29 04:09 3141120 ----a-w- c:\windows\system32\win32k.sys 2011-10-26 07:14 . 2011-08-15 05:08 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll 2011-10-26 07:14 . 2011-08-15 04:25 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-01 03:21 . 2011-10-17 19:05 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-01 02:59 . 2011-10-17 19:05 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-08-31 15:00 . 2011-10-09 13:17 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-27 05:40 . 2011-10-17 19:10 861184 ----a-w- c:\windows\system32\oleaut32.dll 2011-08-27 05:40 . 2011-10-17 19:10 331776 ----a-w- c:\windows\system32\oleacc.dll 2011-08-27 04:43 . 2011-10-17 19:10 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-08-27 04:43 . 2011-10-17 19:10 233472 ----a-w- c:\windows\SysWow64\oleacc.dll 2009-02-03 10:21 . 2009-02-03 10:21 140288 ----a-w- c:\program files (x86)\7z.sfx 2009-02-03 10:21 . 2009-02-03 10:21 139776 ----a-w- c:\program files (x86)\7zCon.sfx 2009-02-03 10:18 . 2009-02-03 10:18 1124864 ----a-w- c:\program files (x86)\7z.dll 2009-02-03 10:12 . 2009-02-03 10:12 363520 ----a-w- c:\program files (x86)\7zG.exe 2009-02-03 10:11 . 2009-02-03 10:11 677888 ----a-w- c:\program files (x86)\7zFM.exe 2009-02-03 10:10 . 2009-02-03 10:10 104960 ----a-w- c:\program files (x86)\7-zip.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-15 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-21 968272] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-10 1484856] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-24 401192] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-24 201512] "VitaKeyTSR"="c:\program files (x86)\Acer Bio Protection\EgisTSR.exe" [2010-07-13 186224] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2010-06-14 439536] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Communicator"="c:\program files (x86)\Microsoft Office Communicator\communicator.exe" [2011-09-06 5152096] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2010-01-19 618496] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-7-15 704032] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 1127712] WISO Mein Steuer-Sparbuch heute.lnk - c:\program files (x86)\WISO\Steuersoftware 2011\mshaktuell.exe [2011-3-7 1199400] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [x] R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x] R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe [2011-02-16 122880] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2011-02-16 385024] R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S1 DVMIO;DVMIO;c:\program files (x86)\InstantView\tools\dvmio_x64.sys [2010-04-20 19560] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x] S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys [x] S1 scfdriver;SCF Kernel Driver;c:\windows\system32\Drivers\scfdriver.sys [x] S1 scflwf;Sophos Client Firewall packet filter;c:\windows\system32\DRIVERS\scflwf.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-21 321104] S2 DvmMDES;DeviceVM Meta Data Export Service;c:\program files (x86)\InstantView\tools\DVMExportService.exe [2010-07-27 420088] S2 EgisTec Service;EgisTec Service;c:\program files (x86)\Acer Bio Protection\EgisService.exe [2010-07-13 314736] S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-07-13 257904] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792] S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [x] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-03-04 584488] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640] S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040] S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640] S2 SAVAdminService;Sophos Anti-Virus Statusreporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2010-06-14 162032] S2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2010-06-14 97520] S2 Sophos Client Firewall Manager;Sophos Client Firewall Manager;c:\program files (x86)\Sophos\Sophos Client Firewall\SCFManager.exe [2010-06-14 128240] S2 Sophos Client Firewall;Sophos Client Firewall;c:\program files (x86)\Sophos\Sophos Client Firewall\SCFService.exe [2010-06-14 32496] S2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2010-06-14 1530608] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-02-08 2320920] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S2 WTGService;WTGService;c:\program files (x86)\Verbindungsassistent\WTGService.exe [2011-01-23 330696] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-20 166424] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-20 391192] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-20 413720] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-27 16413288] "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-04-23 520760] "PLFSetI"="c:\windows\PLFSetI.exe" [2010-08-08 206208] "InstantView Agent"="c:\program files (x86)\InstantView\tools\aoiosnap.exe" [2010-06-22 1130176] "Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-06-11 496160] "combofix"="c:\combofix\CF9238.3XE" [2009-07-14 344576] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = mStart Page = mLocal Page = IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\XXXXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - c:\users\XXXXXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: {{F15096F1-C84C-4c24-875A-189ABBA3BD38} - {b289cf57-0878-36e1-9cbd-8bb7fc2da46d} - mscoree.dll LSP: c:\programdata\Sophos Web Intelligence\swi_lsp.dll FF - ProfilePath - c:\users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\numlir2h.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Password Bank Extension : {41ecbc0b-34d5-4cd4-935f-253a30e2cb7e} - c:\program files (x86)\Acer Bio Protection\FFExt . - - - - Entfernte verwaiste Registrierungseinträge - - - - . HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\program files (x86)\Sophos\AutoUpdate\ALsvc.exe c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\windows\SysWOW64\RunDll32.exe c:\program files (x86)\Launch Manager\LMworker.exe c:\program files (x86)\Microsoft Office\Office14\WINWORD.EXE . ************************************************************************** . Zeit der Fertigstellung: 2011-11-23 19:03:48 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2011-11-23 18:03 . Vor Suchlauf: 10 Verzeichnis(se), 238.506.946.560 Bytes frei Nach Suchlauf: 19 Verzeichnis(se), 237.908.414.464 Bytes frei . - - End Of File - - E7FCF191CBA243B23ADDEEB19071FAF3 Gruß, Ajax |
23.11.2011, 19:35 | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ | bundespolizei trojaner komme nicht weiter Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
24.11.2011, 17:50 | #23 |
| bundespolizei trojaner komme nicht weiter Hallo Arne, hier kommt die txt. datei vom Scan: aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-24 17:24:13 ----------------------------- 17:24:13.307 OS Version: Windows x64 6.1.7600 17:24:13.307 Number of processors: 4 586 0x2502 17:24:13.310 ComputerName: LAPTOP-TMXXXX UserName: XXXX 17:24:16.547 Initialize success 17:24:20.945 AVAST engine defs: 11112302 17:24:59.335 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 17:24:59.341 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3 17:24:59.357 Disk 0 MBR read successfully 17:24:59.361 Disk 0 MBR scan 17:24:59.368 Disk 0 Windows 7 default MBR code 17:24:59.373 Service scanning 17:25:06.758 Modules scanning 17:25:06.766 Disk 0 trace - called modules: 17:25:06.812 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 17:25:06.819 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800706b060] 17:25:06.826 3 CLASSPNP.SYS[fffff8800165a43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fd5050] 17:25:07.677 AVAST engine scan C:\Windows 17:25:12.539 AVAST engine scan C:\Windows\system32 17:28:31.432 AVAST engine scan C:\Windows\system32\drivers 17:28:44.942 AVAST engine scan C:\Users\XXXXX 17:33:38.909 AVAST engine scan C:\ProgramData 17:35:45.109 Scan finished successfully 17:45:51.431 Disk 0 MBR has been saved successfully to "C:\Users\XXXX\Desktop\infected\7\MBR.dat" 17:45:51.445 The log file has been saved successfully to "C:\Users\XXXX\Desktop\infected\7\aswMBR.txt" VG, Ajax |
24.11.2011, 18:43 | #24 |
/// Winkelfunktion /// TB-Süch-Tiger™ | bundespolizei trojaner komme nicht weiter Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
21.12.2011, 19:58 | #25 |
| bundespolizei trojaner komme nicht weiter Hallo Arne, habe die Scans nun endlich durchgeführt. Hier die Logs: Malwarbytes: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8402 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 20.12.2011 13:22:58 mbam-log-2011-12-20 (13-22-34).txt Scan type: Quick scan Objects scanned: 198897 Time elapsed: 6 minute(s), 25 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\$RECYCLE.BIN\s-1-5-21-1368683291-1757046450-491288050-1004\$R6GP3K6.exe (Adware.InstallCore) -> No action taken. SUPERAntiSpyware: SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 12/21/2011 at 09:36 AM Application Version : 5.0.1142 Core Rules Database Version : 8076 Trace Rules Database Version: 5888 Scan type : Complete Scan Total Scan Time : 01:19:58 Operating System Information Windows 7 Home Premium 64-bit (Build 6.01.7600) UAC On - Administrator Memory items scanned : 695 Memory threats detected : 0 Registry items scanned : 74092 Registry threats detected : 0 File items scanned : 51870 File threats detected : 93 Adware.Tracking Cookie C:\USERS\XXXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXXX@doubleclick[1].txt [ Cookie:XXXX@doubleclick.net/ ] C:\USERS\XXXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXXX@statse.webtrendslive[2].txt [ Cookie:XXXX@statse.webtrendslive.com/ ] delivery.ibanner.de [ C:\USERS\XXXX\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EG9BQTT9 ] media.mtvnservices.com [ C:\USERS\XXXX\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EG9BQTT9 ] .doubleclick.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] ad2.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .zanox.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] track.effiliation.com [ C:\USERS\XXXXD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] track.effiliation.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .apmebf.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .traffictrack.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] ad4.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .ad.adnet.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .specificclick.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .fastclick.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adxpose.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .harrenmedianetwork.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] ad1.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] ad3.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adviva.net [ C:\USERS\XXXX\APPDAXXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] tracking.mobile.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .zanox-affiliate.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] statse.webtrendslive.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .getclicky.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .static.getclicky.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] in.getclicky.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .stepstone.112.2o7.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] fl01.ct2.comclick.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] fl01.ct2.comclick.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] fl01.ct2.comclick.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .xiti.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] studivz.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .hightraffic.hugoboss.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] fr.sitestat.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] fr.sitestat.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .statcounter.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .ad.adnet.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .bs.serving-sys.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] s1.trafficmaxx.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .ads.quartermedia.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .clickfuse.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] imagesrv.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .unitymedia.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .unitymedia.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ] Trojan.Agent/Gen-FakeAlert[Local] C:\PROGRAMDATA\ALDI SUED FOTOSERVICE\{0FD33A41-BDFB-4947-880F-2321FA248AA1}\UPDATE\OPD_JP2.EXE Jetzt noch Eset: ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=12 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=75bd2781c4045e41b9ddb266f7961db4 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-10-10 09:53:29 # local_time=2011-10-10 11:53:29 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=5121 16777213 100 75 31189840 46957890 0 0 # compatibility_mode=5893 16776574 66 85 36937448 69905250 0 0 # compatibility_mode=8192 67108863 100 0 1044 1044 0 0 # compatibility_mode=8449 16775165 50 96 31012081 50716927 0 0 # scanned=174133 # found=11 # cleaned=0 # scan_time=8210 C:\Users\xxx\AppData\Local\Temp\ish1115378717\defaultOffer\offer_html.txt Win32/Toolbar.Facemoods application (unable to clean) 00000000000000000000000000000000 I C:\Users\xxx\AppData\Local\Temp\ish153585592\defaultOffer\offer_html.txt Win32/Toolbar.Facemoods application (unable to clean) 00000000000000000000000000000000 I C:\Users\xxx\AppData\Local\Temp\ish2077485352\defaultOffer\offer_html.txt Win32/Toolbar.Facemoods application (unable to clean) 00000000000000000000000000000000 I C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\52d04023-341ca123 a variant of Java/Agent.DU trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-1622a0b6 a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\xxxe\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-425ed644 a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\xxx\Downloads\PDFConverterSetup(5).exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I C:\Users\xxx\Downloads\SoftonicDownloader_fuer_free-download-manager(2).exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I C:\Users\xxx\Downloads\SoftonicDownloader_fuer_free-download-manager.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I C:\Users\xxx\Downloads\SoftonicDownloader_fuer_free-youtube-download(2).exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I C:\Users\xxx\Downloads\SoftonicDownloader_fuer_free-youtube-download.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=75bd2781c4045e41b9ddb266f7961db4 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-21 04:08:35 # local_time=2011-12-21 05:08:35 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=5121 16777214 100 75 37391652 53159702 0 0 # compatibility_mode=5893 16776574 66 85 43139260 76107062 0 0 # compatibility_mode=8192 67108863 100 0 6202856 6202856 0 0 # compatibility_mode=8449 16775165 50 95 4857984 56918739 0 0 # scanned=196796 # found=0 # cleaned=0 # scan_time=6503 Danke und viele Grüße Ajax |
21.12.2011, 20:42 | #26 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | bundespolizei trojaner komme nicht weiterZitat:
Denk dran vorher die Signaturen von Malwarebytes zu aktualisieren, da gibt es sehr häufig neue Updates!
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu bundespolizei trojaner komme nicht weiter |
anmelde, anmelden, anti, aufforderung, bundespolizei trojaner, compu, computer, euro, fehler, forum, gestern, konnte, laufe, laufen, malwarebytes, melde, melden, objekte, rechner, schritt, software, starte, systemwiederherstellung, troja, trojaner |