| |
| |||||||
Log-Analyse und Auswertung: W3i.IQ5.fraud, PC stürzt regelmässig abWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.03.2012, 13:07
| #31 |
 |  W3i.IQ5.fraud, PC stürzt regelmässig ab All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found. HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found. HKU\S-1-5-21-3658888087-4266470633-1359848893-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKU\S-1-5-21-3658888087-4266470633-1359848893-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-21-3658888087-4266470633-1359848893-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-3658888087-4266470633-1359848893-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ not found. File C:\Programme\Final Video Downloader FileBulldog Toolbar\tbhelper.dll not found. HKEY_USERS\S-1-5-21-3658888087-4266470633-1359848893-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-3658888087-4266470633-1359848893-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found. Registry key HKEY_USERS\S-1-5-21-3658888087-4266470633-1359848893-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_USERS\S-1-5-21-3658888087-4266470633-1359848893-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found. Prefs.js: "Search" removed from browser.search.selectedEngine Prefs.js: "hxxp://www.goingpublic.de/vorschau/ipocountdown/ipocountdown.hbs" removed from browser.startup.homepage Prefs.js: downloader@finalvideotools.com:1.0.1 removed from extensions.enabledItems Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems Prefs.js: "hxxp://www.bigseekpro.com/search/toolbar/finalvdfilebulldog/{9B722CA1-83E0-4FFB-8904-CE6FC9C2825C}?q=" removed from keyword.URL Prefs.js: "*.local" removed from network.proxy.no_proxies_on Prefs.js: "data:text/plain,keyword.URL=hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&gfns=1&sourceid=navclient&rls=com.google:de  fficial&q=" removed from somoto.old_dnscatchPrefs.js: "data:text/plain,browser.startup.homepage=hxxp://de.google.mozilla.com/firefox?client=firefox-a&rls=com.google:de fficial" removed from browser.startup.homepageRegistry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\Adobe Reader\ not found. File C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll not found. Folder C:\Users\Reichow\AppData\Roaming\mozilla\Firefox\Profiles\qntj13og.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ not found. Folder C:\Users\Reichow\AppData\Roaming\mozilla\Firefox\Profiles\qntj13og.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\ not found. Folder C:\Users\Reichow\AppData\Roaming\mozilla\Firefox\Profiles\qntj13og.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}\ not found. File C:\Users\Reichow\AppData\Roaming\Mozilla\Firefox\Profiles\qntj13og.default\searchplugins\search.xml not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ not found. File C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ not found. File C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ not found. File C:\Programme\Spybot - Search & Destroy\SDHelper.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found. File C:\Programme\Final Video Downloader FileBulldog Toolbar\tbcore3.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{338B4DFE-2E2C-4338-9E41-E176D497299E} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found. File C:\Programme\Final Video Downloader FileBulldog Toolbar\tbcore3.dll not found. Registry value HKEY_USERS\S-1-5-21-3658888087-4266470633-1359848893-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{338B4DFE-2E2C-4338-9E41-E176D497299E} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found. File C:\Programme\Final Video Downloader FileBulldog Toolbar\tbcore3.dll not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! File C:\autoexec.bat not found. Folder C:\Users\Reichow\AppData\Roaming\Uniblue\ not found. Folder C:\Users\Reichow\AppData\Roaming\vghd\ not found. Folder C:\Users\Reichow\AppData\Roaming\Viqeny\ not found. Folder C:\Users\Reichow\AppData\Roaming\Alxyw\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Reichow ->Temp folder emptied: 435755667 bytes ->Temporary Internet Files folder emptied: 1485989326 bytes ->Java cache emptied: 36356318 bytes ->FireFox cache emptied: 200236099 bytes ->Google Chrome cache emptied: 406841543 bytes ->Opera cache emptied: 80150212 bytes ->Flash cache emptied: 159594 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 472722071 bytes RecycleBin emptied: 73504047 bytes Total Files Cleaned = 3.044,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.39.1 log created on 03262012_132021 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Mehrfacher Absturz des Programms OTL.exe, Log bei Restart automatisch angezeigt. Code:
ATTFilter Folder C:\Users\Reichow\AppData\Roaming\mozilla\Firefox\Profiles\qntj13og.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}\ not found.
File C:\Users\Reichow\AppData\Roaming\Mozilla\Firefox\Profiles\qntj13og.default\searchplugins\search.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ not found.
File C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ not found.
File C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ not found.
File C:\Programme\Spybot - Search & Destroy\SDHelper.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.
File C:\Programme\Final Video Downloader FileBulldog Toolbar\tbcore3.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{338B4DFE-2E2C-4338-9E41-E176D497299E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found.
File C:\Programme\Final Video Downloader FileBulldog Toolbar\tbcore3.dll not found.
Registry value HKEY_USERS\S-1-5-21-3658888087-4266470633-1359848893-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{338B4DFE-2E2C-4338-9E41-E176D497299E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found.
File C:\Programme\Final Video Downloader FileBulldog Toolbar\tbcore3.dll not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
Folder C:\Users\Reichow\AppData\Roaming\Uniblue\ not found.
Folder C:\Users\Reichow\AppData\Roaming\vghd\ not found.
Folder C:\Users\Reichow\AppData\Roaming\Viqeny\ not found.
Folder C:\Users\Reichow\AppData\Roaming\Alxyw\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Reichow
->Temp folder emptied: 435755667 bytes
->Temporary Internet Files folder emptied: 1485989326 bytes
->Java cache emptied: 36356318 bytes
->FireFox cache emptied: 200236099 bytes
->Google Chrome cache emptied: 406841543 bytes
->Opera cache emptied: 80150212 bytes
->Flash cache emptied: 159594 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 472722071 bytes
RecycleBin emptied: 73504047 bytes
Total Files Cleaned = 3.044,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.39.1 log created on 03262012_132021
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Durch Löschung vermutlich auch der Cookies teils Zugangs- bzw. Probeleme beim Seitenaufbau, in Einzelfällen baut sich die Ausnahme-Button Option nicht mit auf. Mehrere Threats scheinen nicht aufgefunden worden zu sein, beeinflusst das ggf. die Stabilität? Dieser Verbindung wird nicht vertraut Sie haben Firefox angewiesen, eine gesicherte Verbindung zu trade.swissquote.ch aufzubauen, es kann aber nicht überprüft werden, ob die Verbindung sicher ist. Wenn Sie normalerweise eine gesicherte Verbindung aufbauen, weist sich die Website mit einer vertrauenswürdigen Identifikation aus, um zu garantieren, dass Sie die richtige Website besuchen. Die Identifikation dieser Website dagegen kann nicht bestätigt werden. Was sollte ich tun? Falls Sie für gewöhnlich keine Probleme mit dieser Website haben, könnte dieser Fehler bedeuten, dass jemand die Website fälscht. Sie sollten in dem Fall nicht fortfahren. Technische Details |
|
26.03.2012, 18:18
| #32 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | W3i.IQ5.fraud, PC stürzt regelmässig abZitat:
 Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
26.03.2012, 18:31
| #33 |
| | W3i.IQ5.fraud, PC stürzt regelmässig ab Wollte sagen, ich nutze simultan mehrere Browser, z.B. IE7 gleichzeitig mit zusätzlich Mozilla FF. Früher auch Opera zusätzlich und Chrome, seit der Instabilität des PC aber weniger.
__________________ |
|
26.03.2012, 18:45
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W3i.IQ5.fraud, PC stürzt regelmässig ab Und wie bitte kann YT abstürzen weil du den IE7 (warum eigentlich diesen alten IE. du meinst wohl IE9 oder ) und FF auf hast? Die Server von YT (Google) werden ja nicht in die Knie gezwungen weil du den IE und FF aufhast  Also was genau bitte stürzt da ab, wenn wohl einer der beiden Browser oder ga beide? Oder ist mit Absturz von YT was völlig anderes gemeint?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.03.2012, 18:59
| #35 |
| | W3i.IQ5.fraud, PC stürzt regelmässig ab TDSS Report nicht kopierbar, wie finde ich Windows-Systempartition, was muss ich wo eingeben? Es stürzt seit rund 2 WOchen regelmässig der gesamte PC spontan ab, so dass unvermittelt sowohl der PC als auch der Monitor ausgeht. Dies scheint häufiger zu passieren, wenn ich mehrere Browser nutze gleichzeitig, jedoch hat dies zuvor problemlos funktioniert und früher konnte gelegentlich mal ein Browser vorübergehend nicht mehr funktionieren aber nicht gleich der gesamte PC ausgehen. Es lag aber weder an einzelnen Browsern noch an TV-Streaming wie zuerst vermutet, die Frequenz der Abstürze variiertew zwischen wenigen Minuten bis zu mehr als einem Tag. Ich nutze u.a. IE9, version 9.0.5 Code:
ATTFilter 19:43:52.0338 27068 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
19:43:52.0548 27068 ============================================================
19:43:52.0548 27068 Current date / time: 2012/03/26 19:43:52.0548
19:43:52.0548 27068 SystemInfo:
19:43:52.0548 27068
19:43:52.0548 27068 OS Version: 6.0.6002 ServicePack: 2.0
19:43:52.0548 27068 Product type: Workstation
19:43:52.0548 27068 ComputerName: STEFANREICHOW
19:43:52.0548 27068 UserName: Reichow
19:43:52.0548 27068 Windows directory: C:\Windows
19:43:52.0548 27068 System windows directory: C:\Windows
19:43:52.0548 27068 Processor architecture: Intel x86
19:43:52.0548 27068 Number of processors: 2
19:43:52.0548 27068 Page size: 0x1000
19:43:52.0548 27068 Boot type: Normal boot
19:43:52.0548 27068 ============================================================
19:43:53.0988 27068 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:43:54.0019 27068 \Device\Harddisk0\DR0:
19:43:54.0020 27068 MBR used
19:43:54.0020 27068 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x48053800
19:43:54.0045 27068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x4805403F, BlocksNum 0x2802E82
19:43:54.0101 27068 Initialize success
19:43:54.0101 27068 ============================================================
19:44:44.0793 6680 ============================================================
19:44:44.0793 6680 Scan started
19:44:44.0793 6680 Mode: Manual;
19:44:44.0793 6680 ============================================================
19:44:45.0904 6680 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:44:45.0908 6680 ACPI - ok
19:44:45.0991 6680 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:44:45.0997 6680 adp94xx - ok
19:44:46.0046 6680 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:44:46.0050 6680 adpahci - ok
19:44:46.0062 6680 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:44:46.0064 6680 adpu160m - ok
19:44:46.0075 6680 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:44:46.0077 6680 adpu320 - ok
19:44:46.0109 6680 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:44:46.0110 6680 AeLookupSvc - ok
19:44:46.0200 6680 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:44:46.0204 6680 AFD - ok
19:44:46.0249 6680 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:44:46.0250 6680 agp440 - ok
19:44:46.0280 6680 ahcix86s (03081e98c515cb838434d252f407f6e8) C:\Windows\system32\DRIVERS\ahcix86s.sys
19:44:46.0282 6680 ahcix86s - ok
19:44:46.0300 6680 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:44:46.0301 6680 aic78xx - ok
19:44:46.0327 6680 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
19:44:46.0329 6680 ALG - ok
19:44:46.0351 6680 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:44:46.0352 6680 aliide - ok
19:44:46.0381 6680 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:44:46.0382 6680 amdagp - ok
19:44:46.0397 6680 amdide (f12456ad77b1c32d8c5ca51927872850) C:\Windows\system32\DRIVERS\amdide.sys
19:44:46.0398 6680 amdide - ok
19:44:46.0406 6680 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:44:46.0407 6680 AmdK7 - ok
19:44:46.0437 6680 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:44:46.0439 6680 AmdK8 - ok
19:44:46.0542 6680 AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:44:46.0543 6680 AntiVirSchedulerService - ok
19:44:46.0578 6680 AntiVirService (b8720a787c1223492e6f319465e996ce) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:44:46.0579 6680 AntiVirService - ok
19:44:46.0627 6680 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
19:44:46.0627 6680 Appinfo - ok
19:44:46.0695 6680 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:44:46.0696 6680 arc - ok
19:44:46.0727 6680 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:44:46.0728 6680 arcsas - ok
19:44:46.0759 6680 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:44:46.0760 6680 AsyncMac - ok
19:44:46.0777 6680 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:44:46.0777 6680 atapi - ok
19:44:46.0839 6680 Ati External Event Utility (2039e24fe00639a9123dcd6f22d42d74) C:\Windows\system32\Ati2evxx.exe
19:44:46.0846 6680 Ati External Event Utility - ok
19:44:46.0980 6680 atikmdag (d2e9acb68fa61c911cc21e07f87705bf) C:\Windows\system32\DRIVERS\atikmdag.sys
19:44:47.0058 6680 atikmdag - ok
19:44:47.0068 6680 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
19:44:47.0069 6680 AtiPcie - ok
19:44:47.0161 6680 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:44:47.0164 6680 AudioEndpointBuilder - ok
19:44:47.0183 6680 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:44:47.0185 6680 Audiosrv - ok
19:44:47.0253 6680 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
19:44:47.0254 6680 avgio - ok
19:44:47.0285 6680 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
19:44:47.0286 6680 avgntflt - ok
19:44:47.0314 6680 avipbb (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
19:44:47.0316 6680 avipbb - ok
19:44:47.0374 6680 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:44:47.0376 6680 Beep - ok
19:44:47.0445 6680 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
19:44:47.0447 6680 BFE - ok
19:44:47.0533 6680 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
19:44:47.0539 6680 BITS - ok
19:44:47.0564 6680 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:44:47.0565 6680 blbdrive - ok
19:44:47.0603 6680 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:44:47.0604 6680 bowser - ok
19:44:47.0640 6680 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:44:47.0641 6680 BrFiltLo - ok
19:44:47.0651 6680 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:44:47.0653 6680 BrFiltUp - ok
19:44:47.0709 6680 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
19:44:47.0711 6680 Browser - ok
19:44:47.0719 6680 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:44:47.0720 6680 Brserid - ok
19:44:47.0748 6680 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:44:47.0749 6680 BrSerWdm - ok
19:44:47.0760 6680 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:44:47.0762 6680 BrUsbMdm - ok
19:44:47.0770 6680 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:44:47.0771 6680 BrUsbSer - ok
19:44:47.0803 6680 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:44:47.0804 6680 BTHMODEM - ok
19:44:47.0848 6680 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:44:47.0849 6680 cdfs - ok
19:44:47.0881 6680 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:44:47.0882 6680 cdrom - ok
19:44:47.0933 6680 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:44:47.0934 6680 CertPropSvc - ok
19:44:47.0966 6680 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:44:47.0967 6680 circlass - ok
19:44:48.0001 6680 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:44:48.0004 6680 CLFS - ok
19:44:48.0069 6680 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:44:48.0071 6680 clr_optimization_v2.0.50727_32 - ok
19:44:48.0194 6680 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:44:48.0196 6680 clr_optimization_v4.0.30319_32 - ok
19:44:48.0206 6680 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:44:48.0209 6680 cmdide - ok
19:44:48.0220 6680 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
19:44:48.0221 6680 Compbatt - ok
19:44:48.0230 6680 COMSysApp - ok
19:44:48.0255 6680 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:44:48.0256 6680 crcdisk - ok
19:44:48.0283 6680 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:44:48.0284 6680 Crusoe - ok
19:44:48.0351 6680 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
19:44:48.0352 6680 CryptSvc - ok
19:44:48.0398 6680 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:44:48.0408 6680 DcomLaunch - ok
19:44:48.0455 6680 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:44:48.0456 6680 DfsC - ok
19:44:48.0571 6680 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
19:44:48.0614 6680 DFSR - ok
19:44:48.0725 6680 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
19:44:48.0726 6680 Dhcp - ok
19:44:48.0784 6680 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:44:48.0785 6680 disk - ok
19:44:48.0840 6680 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
19:44:48.0842 6680 Dnscache - ok
19:44:48.0884 6680 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
19:44:48.0887 6680 dot3svc - ok
19:44:48.0926 6680 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
19:44:48.0928 6680 Dot4 - ok
19:44:48.0951 6680 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:44:48.0952 6680 Dot4Print - ok
19:44:48.0988 6680 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
19:44:48.0989 6680 dot4usb - ok
19:44:49.0042 6680 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
19:44:49.0043 6680 DPS - ok
19:44:49.0089 6680 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:44:49.0090 6680 drmkaud - ok
19:44:49.0144 6680 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:44:49.0167 6680 DXGKrnl - ok
19:44:49.0201 6680 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:44:49.0204 6680 E1G60 - ok
19:44:49.0224 6680 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
19:44:49.0225 6680 EapHost - ok
19:44:49.0294 6680 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:44:49.0296 6680 Ecache - ok
19:44:49.0341 6680 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
19:44:49.0345 6680 ehRecvr - ok
19:44:49.0353 6680 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:44:49.0355 6680 ehSched - ok
19:44:49.0365 6680 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:44:49.0365 6680 ehstart - ok
19:44:49.0394 6680 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:44:49.0399 6680 elxstor - ok
19:44:49.0454 6680 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
19:44:49.0462 6680 EMDMgmt - ok
19:44:49.0502 6680 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:44:49.0509 6680 ErrDev - ok
19:44:49.0576 6680 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
19:44:49.0578 6680 EventSystem - ok
19:44:49.0633 6680 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:44:49.0635 6680 exfat - ok
19:44:49.0664 6680 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:44:49.0666 6680 fastfat - ok
19:44:49.0701 6680 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:44:49.0702 6680 fdc - ok
19:44:49.0721 6680 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
19:44:49.0723 6680 fdPHost - ok
19:44:49.0733 6680 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:44:49.0735 6680 FDResPub - ok
19:44:49.0758 6680 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:44:49.0759 6680 FileInfo - ok
19:44:49.0768 6680 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:44:49.0769 6680 Filetrace - ok
19:44:49.0777 6680 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:44:49.0778 6680 flpydisk - ok
19:44:49.0822 6680 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:44:49.0825 6680 FltMgr - ok
19:44:49.0904 6680 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
19:44:49.0910 6680 FontCache - ok
19:44:49.0965 6680 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:44:49.0966 6680 FontCache3.0.0.0 - ok
19:44:49.0974 6680 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:44:49.0978 6680 Fs_Rec - ok
19:44:49.0999 6680 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:44:50.0000 6680 gagp30kx - ok
19:44:50.0021 6680 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:44:50.0022 6680 GEARAspiWDM - ok
19:44:50.0123 6680 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
19:44:50.0124 6680 GoogleDesktopManager-051210-111108 - ok
19:44:50.0164 6680 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
19:44:50.0168 6680 gpsvc - ok
19:44:50.0235 6680 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:44:50.0237 6680 gupdate - ok
19:44:50.0244 6680 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:44:50.0245 6680 gupdatem - ok
19:44:50.0322 6680 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:44:50.0323 6680 gusvc - ok
19:44:50.0376 6680 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:44:50.0379 6680 HdAudAddService - ok
19:44:50.0412 6680 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:44:50.0422 6680 HDAudBus - ok
19:44:50.0450 6680 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:44:50.0451 6680 HidBth - ok
19:44:50.0470 6680 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:44:50.0471 6680 HidIr - ok
19:44:50.0503 6680 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
19:44:50.0504 6680 hidserv - ok
19:44:50.0545 6680 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
19:44:50.0546 6680 HidUsb - ok
19:44:50.0571 6680 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
19:44:50.0573 6680 hkmsvc - ok
19:44:50.0582 6680 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:44:50.0584 6680 HpCISSs - ok
19:44:50.0670 6680 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:44:50.0671 6680 hpqcxs08 - ok
19:44:50.0725 6680 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:44:50.0726 6680 hpqddsvc - ok
19:44:50.0769 6680 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:44:50.0774 6680 HTTP - ok
19:44:50.0826 6680 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:44:50.0828 6680 i2omp - ok
19:44:50.0881 6680 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:44:50.0882 6680 i8042prt - ok
19:44:50.0916 6680 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:44:50.0919 6680 iaStorV - ok
19:44:50.0993 6680 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:44:51.0015 6680 idsvc - ok
19:44:51.0023 6680 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:44:51.0024 6680 iirsp - ok
19:44:51.0071 6680 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
19:44:51.0074 6680 IKEEXT - ok
19:44:51.0182 6680 IntcAzAudAddService (fd1d5f1609126831f49d6cfbb61f9ddd) C:\Windows\system32\drivers\RTKVHDA.sys
19:44:51.0226 6680 IntcAzAudAddService - ok
19:44:51.0276 6680 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:44:51.0278 6680 intelide - ok
19:44:51.0286 6680 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:44:51.0287 6680 intelppm - ok
19:44:51.0328 6680 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
19:44:51.0330 6680 IPBusEnum - ok
19:44:51.0351 6680 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:44:51.0352 6680 IpFilterDriver - ok
19:44:51.0388 6680 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
19:44:51.0392 6680 iphlpsvc - ok
19:44:51.0400 6680 IpInIp - ok
19:44:51.0431 6680 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:44:51.0432 6680 IPMIDRV - ok
19:44:51.0457 6680 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:44:51.0461 6680 IPNAT - ok
19:44:51.0468 6680 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:44:51.0470 6680 IRENUM - ok
19:44:51.0496 6680 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:44:51.0498 6680 isapnp - ok
19:44:51.0575 6680 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:44:51.0577 6680 iScsiPrt - ok
19:44:51.0595 6680 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:44:51.0596 6680 iteatapi - ok
19:44:51.0604 6680 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:44:51.0607 6680 iteraid - ok
19:44:51.0631 6680 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:44:51.0632 6680 kbdclass - ok
19:44:51.0655 6680 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
19:44:51.0656 6680 kbdhid - ok
19:44:51.0694 6680 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:44:51.0695 6680 KeyIso - ok
19:44:51.0719 6680 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
19:44:51.0724 6680 KSecDD - ok
19:44:51.0775 6680 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
19:44:51.0780 6680 KtmRm - ok
19:44:51.0807 6680 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
19:44:51.0809 6680 LanmanServer - ok
19:44:51.0868 6680 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
19:44:51.0871 6680 LanmanWorkstation - ok
19:44:51.0892 6680 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:44:51.0894 6680 lltdio - ok
19:44:51.0919 6680 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
19:44:51.0922 6680 lltdsvc - ok
19:44:51.0950 6680 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:44:51.0952 6680 lmhosts - ok
19:44:51.0980 6680 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:44:51.0982 6680 LSI_FC - ok
19:44:51.0997 6680 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:44:51.0998 6680 LSI_SAS - ok
19:44:52.0042 6680 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:44:52.0044 6680 LSI_SCSI - ok
19:44:52.0071 6680 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:44:52.0073 6680 luafv - ok
19:44:52.0111 6680 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
19:44:52.0111 6680 MBAMProtector - ok
19:44:52.0204 6680 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:44:52.0208 6680 MBAMService - ok
19:44:52.0257 6680 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
19:44:52.0258 6680 MBAMSwissArmy - ok
19:44:52.0295 6680 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
19:44:52.0297 6680 Mcx2Svc - ok
19:44:52.0322 6680 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:44:52.0324 6680 megasas - ok
19:44:52.0360 6680 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:44:52.0366 6680 MegaSR - ok
19:44:52.0381 6680 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:44:52.0383 6680 MMCSS - ok
19:44:52.0410 6680 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:44:52.0411 6680 Modem - ok
19:44:52.0441 6680 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:44:52.0442 6680 monitor - ok
19:44:52.0461 6680 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:44:52.0463 6680 mouclass - ok
19:44:52.0478 6680 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:44:52.0479 6680 mouhid - ok
19:44:52.0487 6680 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:44:52.0488 6680 MountMgr - ok
19:44:52.0560 6680 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:44:52.0562 6680 mpio - ok
19:44:52.0601 6680 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:44:52.0603 6680 mpsdrv - ok
19:44:52.0647 6680 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
19:44:52.0651 6680 MpsSvc - ok
19:44:52.0685 6680 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:44:52.0686 6680 Mraid35x - ok
19:44:52.0724 6680 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:44:52.0728 6680 MRxDAV - ok
19:44:52.0767 6680 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:44:52.0769 6680 mrxsmb - ok
19:44:52.0801 6680 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:44:52.0805 6680 mrxsmb10 - ok
19:44:52.0822 6680 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:44:52.0824 6680 mrxsmb20 - ok
19:44:52.0850 6680 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
19:44:52.0851 6680 msahci - ok
19:44:52.0873 6680 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:44:52.0875 6680 msdsm - ok
19:44:52.0910 6680 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
19:44:52.0913 6680 MSDTC - ok
19:44:52.0943 6680 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:44:52.0944 6680 Msfs - ok
19:44:52.0987 6680 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:44:52.0988 6680 msisadrv - ok
19:44:53.0019 6680 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
19:44:53.0022 6680 MSiSCSI - ok
19:44:53.0030 6680 msiserver - ok
19:44:53.0065 6680 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:44:53.0067 6680 MSKSSRV - ok
19:44:53.0084 6680 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:44:53.0087 6680 MSPCLOCK - ok
19:44:53.0097 6680 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:44:53.0098 6680 MSPQM - ok
19:44:53.0148 6680 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:44:53.0151 6680 MsRPC - ok
19:44:53.0178 6680 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:44:53.0180 6680 mssmbios - ok
19:44:53.0203 6680 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:44:53.0204 6680 MSTEE - ok
19:44:53.0218 6680 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:44:53.0219 6680 Mup - ok
19:44:53.0262 6680 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
19:44:53.0268 6680 napagent - ok
19:44:53.0315 6680 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:44:53.0318 6680 NativeWifiP - ok
19:44:53.0377 6680 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:44:53.0398 6680 NDIS - ok
19:44:53.0418 6680 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:44:53.0418 6680 NdisTapi - ok
19:44:53.0438 6680 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:44:53.0439 6680 Ndisuio - ok
19:44:53.0481 6680 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:44:53.0483 6680 NdisWan - ok
19:44:53.0502 6680 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:44:53.0503 6680 NDProxy - ok
19:44:53.0605 6680 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
19:44:53.0611 6680 Nero BackItUp Scheduler 3 - ok
19:44:53.0673 6680 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
19:44:53.0674 6680 Net Driver HPZ12 - ok
19:44:53.0708 6680 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:44:53.0711 6680 NetBIOS - ok
19:44:53.0746 6680 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:44:53.0749 6680 netbt - ok
19:44:53.0783 6680 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:44:53.0784 6680 Netlogon - ok
19:44:53.0808 6680 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
19:44:53.0811 6680 Netman - ok
19:44:53.0830 6680 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
19:44:53.0833 6680 netprofm - ok
19:44:53.0894 6680 netr28u (9ba2f93e4f01ec58e722b36639e0ce5d) C:\Windows\system32\DRIVERS\netr28u.sys
19:44:53.0904 6680 netr28u - ok
19:44:53.0964 6680 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:44:53.0966 6680 NetTcpPortSharing - ok
19:44:53.0991 6680 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:44:53.0993 6680 nfrd960 - ok
19:44:54.0018 6680 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
19:44:54.0020 6680 NlaSvc - ok
19:44:54.0110 6680 NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:44:54.0115 6680 NMIndexingService - ok
19:44:54.0144 6680 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:44:54.0145 6680 Npfs - ok
19:44:54.0184 6680 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
19:44:54.0186 6680 nsi - ok
19:44:54.0206 6680 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:44:54.0207 6680 nsiproxy - ok
19:44:54.0264 6680 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:44:54.0286 6680 Ntfs - ok
19:44:54.0303 6680 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:44:54.0304 6680 ntrigdigi - ok
19:44:54.0312 6680 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:44:54.0313 6680 Null - ok
19:44:54.0323 6680 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:44:54.0325 6680 nvraid - ok
19:44:54.0350 6680 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:44:54.0351 6680 nvstor - ok
19:44:54.0368 6680 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:44:54.0370 6680 nv_agp - ok
19:44:54.0380 6680 NwlnkFlt - ok
19:44:54.0389 6680 NwlnkFwd - ok
19:44:54.0454 6680 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:44:54.0460 6680 odserv - ok
19:44:54.0498 6680 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
19:44:54.0500 6680 ohci1394 - ok
19:44:54.0548 6680 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:44:54.0550 6680 ose - ok
19:44:54.0592 6680 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:44:54.0614 6680 p2pimsvc - ok
19:44:54.0624 6680 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:44:54.0630 6680 p2psvc - ok
19:44:54.0640 6680 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:44:54.0642 6680 Parport - ok
19:44:54.0671 6680 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:44:54.0673 6680 partmgr - ok
19:44:54.0682 6680 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:44:54.0683 6680 Parvdm - ok
19:44:54.0733 6680 pavboot (210a628a0d7b3f45257850efbff27538) C:\Windows\system32\drivers\pavboot.sys
19:44:54.0734 6680 pavboot - ok
19:44:54.0768 6680 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
19:44:54.0769 6680 PcaSvc - ok
19:44:54.0806 6680 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:44:54.0807 6680 pci - ok
19:44:54.0837 6680 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
19:44:54.0838 6680 pciide - ok
19:44:54.0854 6680 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:44:54.0857 6680 pcmcia - ok
19:44:54.0911 6680 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:44:54.0933 6680 PEAUTH - ok
19:44:54.0987 6680 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
19:44:55.0020 6680 pla - ok
19:44:55.0048 6680 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
19:44:55.0050 6680 PLFlash DeviceIoControl Service - ok
19:44:55.0063 6680 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
19:44:55.0066 6680 PlugPlay - ok
19:44:55.0112 6680 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
19:44:55.0113 6680 Pml Driver HPZ12 - ok
19:44:55.0158 6680 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:44:55.0163 6680 PNRPAutoReg - ok
19:44:55.0214 6680 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:44:55.0219 6680 PNRPsvc - ok
19:44:55.0255 6680 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
19:44:55.0259 6680 PolicyAgent - ok
19:44:55.0273 6680 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:44:55.0274 6680 PptpMiniport - ok
19:44:55.0294 6680 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
19:44:55.0295 6680 Processor - ok
19:44:55.0315 6680 Profos - ok
19:44:55.0334 6680 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
19:44:55.0338 6680 ProfSvc - ok
19:44:55.0371 6680 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:44:55.0373 6680 ProtectedStorage - ok
19:44:55.0413 6680 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:44:55.0415 6680 PSched - ok
19:44:55.0438 6680 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
19:44:55.0439 6680 PxHelp20 - ok
19:44:55.0496 6680 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:44:55.0517 6680 ql2300 - ok
19:44:55.0526 6680 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:44:55.0528 6680 ql40xx - ok
19:44:55.0586 6680 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
19:44:55.0591 6680 QWAVE - ok
19:44:55.0608 6680 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:44:55.0609 6680 QWAVEdrv - ok
19:44:55.0623 6680 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:44:55.0624 6680 RasAcd - ok
19:44:55.0643 6680 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
19:44:55.0646 6680 RasAuto - ok
19:44:55.0656 6680 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:44:55.0658 6680 Rasl2tp - ok
19:44:55.0681 6680 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
19:44:55.0685 6680 RasMan - ok
19:44:55.0721 6680 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:44:55.0722 6680 RasPppoe - ok
19:44:55.0757 6680 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:44:55.0759 6680 RasSstp - ok
19:44:55.0786 6680 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:44:55.0789 6680 rdbss - ok
19:44:55.0807 6680 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:44:55.0808 6680 RDPCDD - ok
19:44:55.0843 6680 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:44:55.0846 6680 rdpdr - ok
19:44:55.0854 6680 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:44:55.0855 6680 RDPENCDD - ok
19:44:55.0901 6680 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
19:44:55.0904 6680 RDPWD - ok
19:44:55.0954 6680 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
19:44:55.0957 6680 RemoteAccess - ok
19:44:55.0992 6680 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
19:44:55.0995 6680 RemoteRegistry - ok
19:44:56.0056 6680 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files\Cyberlink\Shared files\RichVideo.exe
19:44:56.0057 6680 RichVideo - ok
19:44:56.0078 6680 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:44:56.0080 6680 RpcLocator - ok
19:44:56.0120 6680 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:44:56.0124 6680 RpcSs - ok
19:44:56.0138 6680 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:44:56.0139 6680 rspndr - ok
19:44:56.0187 6680 RTHDMIAzAudService (d85da4371af61359edfca4ea06619dd4) C:\Windows\system32\drivers\RtHDMIV.sys
19:44:56.0190 6680 RTHDMIAzAudService - ok
19:44:56.0243 6680 RTL8169 (abbe0f54ba3a378262c9cb86cf7d91f8) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:44:56.0246 6680 RTL8169 - ok
19:44:56.0282 6680 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:44:56.0284 6680 SamSs - ok
19:44:56.0320 6680 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:44:56.0322 6680 sbp2port - ok
19:44:56.0438 6680 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
19:44:56.0445 6680 SBSDWSCService - ok
19:44:56.0499 6680 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
19:44:56.0503 6680 SCardSvr - ok
19:44:56.0550 6680 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
19:44:56.0555 6680 Schedule - ok
19:44:56.0622 6680 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:44:56.0623 6680 SCPolicySvc - ok
19:44:56.0652 6680 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
19:44:56.0655 6680 SDRSVC - ok
19:44:56.0674 6680 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:44:56.0675 6680 secdrv - ok
19:44:56.0696 6680 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
19:44:56.0698 6680 seclogon - ok
19:44:56.0712 6680 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
19:44:56.0714 6680 SENS - ok
19:44:56.0739 6680 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
19:44:56.0740 6680 Serenum - ok
19:44:56.0771 6680 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
19:44:56.0773 6680 Serial - ok
19:44:56.0795 6680 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:44:56.0797 6680 sermouse - ok
19:44:56.0826 6680 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
19:44:56.0829 6680 SessionEnv - ok
19:44:56.0855 6680 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:44:56.0856 6680 sffdisk - ok
19:44:56.0869 6680 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:44:56.0871 6680 sffp_mmc - ok
19:44:56.0889 6680 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:44:56.0890 6680 sffp_sd - ok
19:44:56.0910 6680 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:44:56.0911 6680 sfloppy - ok
19:44:56.0947 6680 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
19:44:56.0952 6680 SharedAccess - ok
19:44:56.0992 6680 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
19:44:56.0995 6680 ShellHWDetection - ok
19:44:57.0015 6680 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:44:57.0016 6680 sisagp - ok
19:44:57.0024 6680 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:44:57.0025 6680 SiSRaid2 - ok
19:44:57.0049 6680 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:44:57.0051 6680 SiSRaid4 - ok
19:44:57.0139 6680 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
19:44:57.0161 6680 slsvc - ok
19:44:57.0212 6680 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
19:44:57.0216 6680 SLUINotify - ok
19:44:57.0252 6680 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:44:57.0254 6680 Smb - ok
19:44:57.0277 6680 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:44:57.0280 6680 SNMPTRAP - ok
19:44:57.0300 6680 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:44:57.0301 6680 spldr - ok
19:44:57.0327 6680 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
19:44:57.0329 6680 Spooler - ok
19:44:57.0364 6680 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:44:57.0369 6680 srv - ok
19:44:57.0398 6680 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:44:57.0400 6680 srv2 - ok
19:44:57.0435 6680 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:44:57.0437 6680 srvnet - ok
19:44:57.0458 6680 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
19:44:57.0460 6680 SSDPSRV - ok
19:44:57.0494 6680 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:44:57.0495 6680 ssmdrv - ok
19:44:57.0518 6680 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
19:44:57.0520 6680 SstpSvc - ok
19:44:57.0571 6680 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
19:44:57.0577 6680 stisvc - ok
19:44:57.0613 6680 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:44:57.0614 6680 swenum - ok
19:44:57.0654 6680 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
19:44:57.0659 6680 swprv - ok
19:44:57.0685 6680 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:44:57.0687 6680 Symc8xx - ok
19:44:57.0700 6680 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:44:57.0701 6680 Sym_hi - ok
19:44:57.0724 6680 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:44:57.0725 6680 Sym_u3 - ok
19:44:57.0768 6680 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
19:44:57.0773 6680 SysMain - ok
19:44:57.0800 6680 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:44:57.0802 6680 TabletInputService - ok
19:44:57.0852 6680 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
19:44:57.0855 6680 TapiSrv - ok
19:44:57.0874 6680 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
19:44:57.0876 6680 TBS - ok
19:44:57.0931 6680 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:44:57.0950 6680 Tcpip - ok
19:44:57.0982 6680 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:44:57.0987 6680 Tcpip6 - ok
19:44:58.0029 6680 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:44:58.0031 6680 tcpipreg - ok
19:44:58.0052 6680 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:44:58.0053 6680 TDPIPE - ok
19:44:58.0075 6680 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:44:58.0076 6680 TDTCP - ok
19:44:58.0117 6680 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:44:58.0119 6680 tdx - ok
19:44:58.0159 6680 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:44:58.0162 6680 TermDD - ok
19:44:58.0206 6680 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
19:44:58.0217 6680 TermService - ok
19:44:58.0270 6680 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
19:44:58.0273 6680 Themes - ok
19:44:58.0303 6680 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:44:58.0305 6680 THREADORDER - ok
19:44:58.0347 6680 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
19:44:58.0350 6680 TrkWks - ok
19:44:58.0382 6680 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
19:44:58.0383 6680 TrustedInstaller - ok
19:44:58.0405 6680 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:44:58.0406 6680 tssecsrv - ok
19:44:58.0446 6680 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:44:58.0447 6680 tunmp - ok
19:44:58.0488 6680 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:44:58.0490 6680 tunnel - ok
19:44:58.0514 6680 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:44:58.0516 6680 uagp35 - ok
19:44:58.0557 6680 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:44:58.0560 6680 udfs - ok
19:44:58.0609 6680 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
19:44:58.0612 6680 UI0Detect - ok
19:44:58.0638 6680 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:44:58.0639 6680 uliagpkx - ok
19:44:58.0669 6680 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:44:58.0672 6680 uliahci - ok
19:44:58.0683 6680 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:44:58.0685 6680 UlSata - ok
19:44:58.0697 6680 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:44:58.0700 6680 ulsata2 - ok
19:44:58.0728 6680 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:44:58.0729 6680 umbus - ok
19:44:58.0752 6680 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
19:44:58.0756 6680 upnphost - ok
19:44:58.0798 6680 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:44:58.0800 6680 usbccgp - ok
19:44:58.0820 6680 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:44:58.0822 6680 usbcir - ok
19:44:58.0874 6680 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:44:58.0875 6680 usbehci - ok
19:44:58.0898 6680 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:44:58.0901 6680 usbhub - ok
19:44:58.0910 6680 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
19:44:58.0911 6680 usbohci - ok
19:44:58.0946 6680 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:44:58.0948 6680 usbprint - ok
19:44:58.0981 6680 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:44:58.0982 6680 usbscan - ok
19:44:59.0004 6680 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:44:59.0006 6680 USBSTOR - ok
19:44:59.0028 6680 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:44:59.0029 6680 usbuhci - ok
19:44:59.0109 6680 usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files\Windows Live\Messenger\usnsvc.exe
19:44:59.0113 6680 usnjsvc - ok
19:44:59.0145 6680 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
19:44:59.0147 6680 UxSms - ok
19:44:59.0194 6680 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
19:44:59.0203 6680 vds - ok
19:44:59.0253 6680 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:44:59.0254 6680 vga - ok
19:44:59.0282 6680 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:44:59.0283 6680 VgaSave - ok
19:44:59.0321 6680 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:44:59.0323 6680 viaagp - ok
19:44:59.0354 6680 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:44:59.0355 6680 ViaC7 - ok
19:44:59.0365 6680 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:44:59.0367 6680 viaide - ok
19:44:59.0379 6680 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:44:59.0381 6680 volmgr - ok
19:44:59.0422 6680 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:44:59.0426 6680 volmgrx - ok
19:44:59.0446 6680 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:44:59.0450 6680 volsnap - ok
19:44:59.0499 6680 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:44:59.0502 6680 vsmraid - ok
19:44:59.0541 6680 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
19:44:59.0565 6680 VSS - ok
19:44:59.0610 6680 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
19:44:59.0615 6680 W32Time - ok
19:44:59.0642 6680 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:44:59.0643 6680 WacomPen - ok
19:44:59.0664 6680 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:44:59.0666 6680 Wanarp - ok
19:44:59.0670 6680 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:44:59.0670 6680 Wanarpv6 - ok
19:44:59.0699 6680 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
19:44:59.0717 6680 wcncsvc - ok
19:44:59.0745 6680 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:44:59.0748 6680 WcsPlugInService - ok
19:44:59.0757 6680 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:44:59.0759 6680 Wd - ok
19:44:59.0795 6680 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:44:59.0801 6680 Wdf01000 - ok
19:44:59.0816 6680 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:44:59.0819 6680 WdiServiceHost - ok
19:44:59.0822 6680 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:44:59.0824 6680 WdiSystemHost - ok
19:44:59.0863 6680 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
19:44:59.0867 6680 WebClient - ok
19:44:59.0904 6680 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
19:44:59.0935 6680 Wecsvc - ok
19:44:59.0959 6680 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
19:44:59.0962 6680 wercplsupport - ok
19:44:59.0997 6680 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
19:45:00.0000 6680 WerSvc - ok
19:45:00.0066 6680 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
19:45:00.0068 6680 WinDefend - ok
19:45:00.0083 6680 WinHttpAutoProxySvc - ok
19:45:00.0159 6680 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
19:45:00.0160 6680 Winmgmt - ok
19:45:00.0217 6680 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
19:45:00.0239 6680 WinRM - ok
19:45:00.0286 6680 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
19:45:00.0295 6680 Wlansvc - ok
19:45:00.0342 6680 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe
19:45:00.0346 6680 WLSetupSvc - ok
19:45:00.0386 6680 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
19:45:00.0388 6680 WmiAcpi - ok
19:45:00.0426 6680 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
19:45:00.0428 6680 wmiApSrv - ok
19:45:00.0451 6680 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:45:00.0473 6680 WMPNetworkSvc - ok
19:45:00.0489 6680 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
19:45:00.0493 6680 WPCSvc - ok
19:45:00.0536 6680 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
19:45:00.0538 6680 WPDBusEnum - ok
19:45:00.0634 6680 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:45:00.0657 6680 WPFFontCache_v0400 - ok
19:45:00.0680 6680 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:45:00.0681 6680 ws2ifsl - ok
19:45:00.0714 6680 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
19:45:00.0716 6680 wscsvc - ok
19:45:00.0723 6680 WSearch - ok
19:45:00.0791 6680 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:45:00.0804 6680 wuauserv - ok
19:45:00.0848 6680 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:45:00.0849 6680 WUDFRd - ok
19:45:00.0875 6680 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
19:45:00.0878 6680 wudfsvc - ok
19:45:00.0919 6680 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
19:45:01.0109 6680 \Device\Harddisk0\DR0 - ok
19:45:01.0129 6680 Boot (0x1200) (dcd3e7478995732d8a74ffbc3c802d47) \Device\Harddisk0\DR0\Partition0
19:45:01.0129 6680 \Device\Harddisk0\DR0\Partition0 - ok
19:45:01.0154 6680 Boot (0x1200) (c7c6c552aaf6820fc92431b53fc592e0) \Device\Harddisk0\DR0\Partition1
19:45:01.0154 6680 \Device\Harddisk0\DR0\Partition1 - ok
19:45:01.0154 6680 ============================================================
19:45:01.0154 6680 Scan finished
19:45:01.0154 6680 ============================================================
19:45:01.0166 6584 Detected object count: 0
19:45:01.0167 6584 Actual detected object count: 0
19:46:19.0179 26240 Deinitialize success
|
|
26.03.2012, 19:15
| #36 |
| | W3i.IQ5.fraud, PC stürzt regelmässig abCode:
ATTFilter 19:46:38.0699 5964 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
19:46:38.0949 5964 ============================================================
19:46:38.0950 5964 Current date / time: 2012/03/26 19:46:38.0949
19:46:38.0950 5964 SystemInfo:
19:46:38.0950 5964
19:46:38.0950 5964 OS Version: 6.0.6002 ServicePack: 2.0
19:46:38.0950 5964 Product type: Workstation
19:46:38.0950 5964 ComputerName: STEFANREICHOW
19:46:38.0950 5964 UserName: Reichow
19:46:38.0950 5964 Windows directory: C:\Windows
19:46:38.0950 5964 System windows directory: C:\Windows
19:46:38.0950 5964 Processor architecture: Intel x86
19:46:38.0950 5964 Number of processors: 2
19:46:38.0950 5964 Page size: 0x1000
19:46:38.0950 5964 Boot type: Normal boot
19:46:38.0950 5964 ============================================================
19:46:40.0103 5964 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:46:40.0120 5964 \Device\Harddisk0\DR0:
19:46:40.0122 5964 MBR used
19:46:40.0122 5964 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x48053800
19:46:40.0173 5964 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x4805403F, BlocksNum 0x2802E82
19:46:40.0206 5964 Initialize success
19:46:40.0206 5964 ============================================================
19:47:28.0982 27404 ============================================================
19:47:28.0982 27404 Scan started
19:47:28.0982 27404 Mode: Manual; SigCheck; TDLFS;
19:47:28.0982 27404 ============================================================
19:47:29.0421 27404 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:47:29.0522 27404 ACPI - ok
19:47:29.0594 27404 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:47:29.0611 27404 adp94xx - ok
19:47:29.0662 27404 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:47:29.0672 27404 adpahci - ok
19:47:29.0680 27404 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:47:29.0689 27404 adpu160m - ok
19:47:29.0699 27404 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:47:29.0708 27404 adpu320 - ok
19:47:29.0736 27404 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:47:29.0906 27404 AeLookupSvc - ok
19:47:29.0971 27404 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:47:30.0029 27404 AFD - ok
19:47:30.0064 27404 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:47:30.0071 27404 agp440 - ok
19:47:30.0107 27404 ahcix86s (03081e98c515cb838434d252f407f6e8) C:\Windows\system32\DRIVERS\ahcix86s.sys
19:47:30.0132 27404 ahcix86s - ok
19:47:30.0149 27404 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:47:30.0158 27404 aic78xx - ok
19:47:30.0176 27404 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
19:47:30.0263 27404 ALG - ok
19:47:30.0289 27404 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:47:30.0296 27404 aliide - ok
19:47:30.0318 27404 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:47:30.0326 27404 amdagp - ok
19:47:30.0346 27404 amdide (f12456ad77b1c32d8c5ca51927872850) C:\Windows\system32\DRIVERS\amdide.sys
19:47:30.0360 27404 amdide - ok
19:47:30.0372 27404 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:47:30.0413 27404 AmdK7 - ok
19:47:30.0431 27404 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:47:30.0482 27404 AmdK8 - ok
19:47:30.0580 27404 AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:47:30.0611 27404 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning
19:47:30.0611 27404 AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1)
19:47:30.0638 27404 AntiVirService (b8720a787c1223492e6f319465e996ce) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:47:30.0655 27404 AntiVirService ( UnsignedFile.Multi.Generic ) - warning
19:47:30.0655 27404 AntiVirService - detected UnsignedFile.Multi.Generic (1)
19:47:30.0709 27404 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
19:47:30.0770 27404 Appinfo - ok
19:47:30.0799 27404 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:47:30.0807 27404 arc - ok
19:47:30.0831 27404 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:47:30.0839 27404 arcsas - ok
19:47:30.0864 27404 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:47:30.0897 27404 AsyncMac - ok
19:47:30.0925 27404 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:47:30.0932 27404 atapi - ok
19:47:30.0999 27404 Ati External Event Utility (2039e24fe00639a9123dcd6f22d42d74) C:\Windows\system32\Ati2evxx.exe
19:47:31.0111 27404 Ati External Event Utility - ok
19:47:31.0252 27404 atikmdag (d2e9acb68fa61c911cc21e07f87705bf) C:\Windows\system32\DRIVERS\atikmdag.sys
19:47:31.0517 27404 atikmdag - ok
19:47:31.0602 27404 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
19:47:31.0614 27404 AtiPcie - ok
19:47:31.0710 27404 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:47:31.0739 27404 AudioEndpointBuilder - ok
19:47:31.0798 27404 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:47:31.0815 27404 Audiosrv - ok
19:47:31.0957 27404 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
19:47:31.0963 27404 avgio - ok
19:47:31.0988 27404 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
19:47:31.0995 27404 avgntflt - ok
19:47:32.0017 27404 avipbb (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
19:47:32.0024 27404 avipbb - ok
19:47:32.0067 27404 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:47:32.0112 27404 Beep - ok
19:47:32.0173 27404 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
19:47:32.0212 27404 BFE - ok
19:47:32.0282 27404 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
19:47:32.0338 27404 BITS - ok
19:47:32.0368 27404 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:47:32.0404 27404 blbdrive - ok
19:47:32.0430 27404 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:47:32.0464 27404 bowser - ok
19:47:32.0511 27404 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:47:32.0543 27404 BrFiltLo - ok
19:47:32.0561 27404 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:47:32.0614 27404 BrFiltUp - ok
19:47:32.0658 27404 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
19:47:32.0694 27404 Browser - ok
19:47:32.0717 27404 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:47:32.0906 27404 Brserid - ok
19:47:32.0915 27404 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:47:32.0966 27404 BrSerWdm - ok
19:47:32.0975 27404 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:47:33.0041 27404 BrUsbMdm - ok
19:47:33.0049 27404 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:47:33.0103 27404 BrUsbSer - ok
19:47:33.0141 27404 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:47:33.0211 27404 BTHMODEM - ok
19:47:33.0263 27404 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:47:33.0291 27404 cdfs - ok
19:47:33.0319 27404 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:47:33.0334 27404 cdrom - ok
19:47:33.0393 27404 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:47:33.0440 27404 CertPropSvc - ok
19:47:33.0459 27404 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:47:33.0484 27404 circlass - ok
19:47:33.0572 27404 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:47:33.0582 27404 CLFS - ok
19:47:33.0662 27404 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:47:33.0669 27404 clr_optimization_v2.0.50727_32 - ok
19:47:33.0777 27404 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:47:33.0786 27404 clr_optimization_v4.0.30319_32 - ok
19:47:33.0854 27404 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:47:33.0861 27404 cmdide - ok
19:47:33.0918 27404 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
19:47:33.0926 27404 Compbatt - ok
19:47:33.0956 27404 COMSysApp - ok
19:47:34.0048 27404 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:47:34.0057 27404 crcdisk - ok
19:47:34.0099 27404 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:47:34.0146 27404 Crusoe - ok
19:47:34.0211 27404 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
19:47:34.0226 27404 CryptSvc - ok
19:47:34.0347 27404 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:47:34.0418 27404 DcomLaunch - ok
19:47:34.0459 27404 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:47:34.0501 27404 DfsC - ok
19:47:34.0586 27404 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
19:47:34.0717 27404 DFSR - ok
19:47:34.0784 27404 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
19:47:34.0812 27404 Dhcp - ok
19:47:34.0844 27404 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:47:34.0852 27404 disk - ok
19:47:34.0922 27404 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
19:47:34.0967 27404 Dnscache - ok
19:47:35.0022 27404 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
19:47:35.0049 27404 dot3svc - ok
19:47:35.0085 27404 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
19:47:35.0132 27404 Dot4 - ok
19:47:35.0155 27404 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:47:35.0190 27404 Dot4Print - ok
19:47:35.0225 27404 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
19:47:35.0255 27404 dot4usb - ok
19:47:35.0302 27404 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
19:47:35.0327 27404 DPS - ok
19:47:35.0372 27404 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:47:35.0399 27404 drmkaud - ok
19:47:35.0549 27404 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:47:35.0573 27404 DXGKrnl - ok
19:47:35.0650 27404 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:47:35.0699 27404 E1G60 - ok
19:47:35.0728 27404 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
19:47:35.0755 27404 EapHost - ok
19:47:35.0854 27404 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:47:35.0863 27404 Ecache - ok
19:47:36.0023 27404 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
19:47:36.0046 27404 ehRecvr - ok
19:47:36.0058 27404 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:47:36.0122 27404 ehSched - ok
19:47:36.0138 27404 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:47:36.0156 27404 ehstart - ok
19:47:36.0175 27404 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:47:36.0190 27404 elxstor - ok
19:47:36.0237 27404 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
19:47:36.0284 27404 EMDMgmt - ok
19:47:36.0317 27404 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:47:36.0365 27404 ErrDev - ok
19:47:36.0413 27404 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
19:47:36.0445 27404 EventSystem - ok
19:47:36.0526 27404 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:47:36.0598 27404 exfat - ok
19:47:36.0645 27404 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:47:36.0667 27404 fastfat - ok
19:47:36.0683 27404 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:47:36.0710 27404 fdc - ok
19:47:36.0737 27404 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
19:47:36.0757 27404 fdPHost - ok
19:47:36.0796 27404 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:47:36.0845 27404 FDResPub - ok
19:47:36.0895 27404 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:47:36.0902 27404 FileInfo - ok
19:47:36.0926 27404 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:47:36.0961 27404 Filetrace - ok
19:47:37.0072 27404 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:47:37.0122 27404 flpydisk - ok
19:47:37.0172 27404 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:47:37.0182 27404 FltMgr - ok
19:47:37.0286 27404 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
19:47:37.0336 27404 FontCache - ok
19:47:37.0413 27404 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:47:37.0420 27404 FontCache3.0.0.0 - ok
19:47:37.0466 27404 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:47:37.0495 27404 Fs_Rec - ok
19:47:37.0514 27404 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:47:37.0521 27404 gagp30kx - ok
19:47:37.0563 27404 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:47:37.0569 27404 GEARAspiWDM - ok
19:47:37.0750 27404 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
19:47:37.0757 27404 GoogleDesktopManager-051210-111108 - ok
19:47:37.0836 27404 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
19:47:37.0867 27404 gpsvc - ok
19:47:37.0941 27404 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:47:37.0948 27404 gupdate - ok
19:47:37.0984 27404 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:47:37.0992 27404 gupdatem - ok
19:47:38.0148 27404 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:47:38.0156 27404 gusvc - ok
19:47:38.0247 27404 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:47:38.0295 27404 HdAudAddService - ok
19:47:38.0462 27404 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:47:38.0507 27404 HDAudBus - ok
19:47:38.0577 27404 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:47:38.0614 27404 HidBth - ok
19:47:38.0641 27404 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:47:38.0676 27404 HidIr - ok
19:47:38.0698 27404 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
19:47:38.0732 27404 hidserv - ok
19:47:38.0760 27404 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
19:47:38.0793 27404 HidUsb - ok
19:47:38.0820 27404 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
19:47:38.0841 27404 hkmsvc - ok
19:47:38.0853 27404 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:47:38.0861 27404 HpCISSs - ok
19:47:39.0040 27404 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:47:39.0059 27404 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
19:47:39.0059 27404 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
19:47:39.0107 27404 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:47:39.0112 27404 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
19:47:39.0112 27404 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
19:47:39.0191 27404 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:47:39.0232 27404 HTTP - ok
19:47:39.0275 27404 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:47:39.0282 27404 i2omp - ok
19:47:39.0330 27404 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:47:39.0345 27404 i8042prt - ok
19:47:39.0431 27404 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:47:39.0441 27404 iaStorV - ok
19:47:39.0586 27404 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:47:39.0610 27404 idsvc - ok
19:47:39.0654 27404 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:47:39.0661 27404 iirsp - ok
19:47:39.0720 27404 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
19:47:39.0757 27404 IKEEXT - ok
19:47:39.0877 27404 IntcAzAudAddService (fd1d5f1609126831f49d6cfbb61f9ddd) C:\Windows\system32\drivers\RTKVHDA.sys
19:47:39.0973 27404 IntcAzAudAddService - ok
19:47:40.0014 27404 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:47:40.0024 27404 intelide - ok
19:47:40.0045 27404 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:47:40.0070 27404 intelppm - ok
19:47:40.0110 27404 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
19:47:40.0158 27404 IPBusEnum - ok
19:47:40.0177 27404 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:47:40.0226 27404 IpFilterDriver - ok
19:47:40.0317 27404 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
19:47:40.0373 27404 iphlpsvc - ok
19:47:40.0384 27404 IpInIp - ok
19:47:40.0413 27404 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:47:40.0463 27404 IPMIDRV - ok
19:47:40.0475 27404 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:47:40.0500 27404 IPNAT - ok
19:47:40.0517 27404 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:47:40.0537 27404 IRENUM - ok
19:47:40.0565 27404 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:47:40.0573 27404 isapnp - ok
19:47:40.0625 27404 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:47:40.0636 27404 iScsiPrt - ok
19:47:40.0647 27404 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:47:40.0657 27404 iteatapi - ok
19:47:40.0666 27404 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:47:40.0673 27404 iteraid - ok
19:47:40.0702 27404 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:47:40.0712 27404 kbdclass - ok
19:47:40.0737 27404 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
19:47:40.0774 27404 kbdhid - ok
19:47:40.0809 27404 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:47:40.0845 27404 KeyIso - ok
19:47:40.0868 27404 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
19:47:40.0891 27404 KSecDD - ok
19:47:40.0946 27404 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
19:47:41.0012 27404 KtmRm - ok
19:47:41.0045 27404 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
19:47:41.0092 27404 LanmanServer - ok
19:47:41.0150 27404 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
19:47:41.0191 27404 LanmanWorkstation - ok
19:47:41.0218 27404 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:47:41.0259 27404 lltdio - ok
19:47:41.0312 27404 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
19:47:41.0363 27404 lltdsvc - ok
19:47:41.0389 27404 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:47:41.0426 27404 lmhosts - ok
19:47:41.0451 27404 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:47:41.0465 27404 LSI_FC - ok
19:47:41.0476 27404 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:47:41.0486 27404 LSI_SAS - ok
19:47:41.0535 27404 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:47:41.0544 27404 LSI_SCSI - ok
19:47:41.0587 27404 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:47:41.0628 27404 luafv - ok
19:47:41.0659 27404 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
19:47:41.0666 27404 MBAMProtector - ok
19:47:41.0764 27404 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:47:41.0830 27404 MBAMService - ok
19:47:41.0906 27404 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
19:47:41.0914 27404 MBAMSwissArmy - ok
19:47:41.0966 27404 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
19:47:41.0993 27404 Mcx2Svc - ok
19:47:42.0015 27404 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:47:42.0023 27404 megasas - ok
19:47:42.0053 27404 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:47:42.0078 27404 MegaSR - ok
19:47:42.0097 27404 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:47:42.0129 27404 MMCSS - ok
19:47:42.0147 27404 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:47:42.0186 27404 Modem - ok
19:47:42.0212 27404 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:47:42.0232 27404 monitor - ok
19:47:42.0252 27404 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:47:42.0262 27404 mouclass - ok
19:47:42.0273 27404 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:47:42.0293 27404 mouhid - ok
19:47:42.0309 27404 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:47:42.0317 27404 MountMgr - ok
19:47:42.0353 27404 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:47:42.0363 27404 mpio - ok
19:47:42.0383 27404 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:47:42.0420 27404 mpsdrv - ok
19:47:42.0470 27404 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
19:47:42.0519 27404 MpsSvc - ok
19:47:42.0567 27404 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:47:42.0593 27404 Mraid35x - ok
19:47:42.0628 27404 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:47:42.0650 27404 MRxDAV - ok
19:47:42.0695 27404 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:47:42.0727 27404 mrxsmb - ok
19:47:42.0806 27404 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:47:42.0831 27404 mrxsmb10 - ok
19:47:42.0860 27404 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:47:42.0889 27404 mrxsmb20 - ok
19:47:42.0921 27404 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
19:47:42.0929 27404 msahci - ok
19:47:42.0957 27404 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:47:42.0966 27404 msdsm - ok
19:47:43.0004 27404 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
19:47:43.0027 27404 MSDTC - ok
19:47:43.0058 27404 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:47:43.0095 27404 Msfs - ok
19:47:43.0136 27404 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:47:43.0143 27404 msisadrv - ok
19:47:43.0179 27404 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
19:47:43.0213 27404 MSiSCSI - ok
19:47:43.0219 27404 msiserver - ok
19:47:43.0258 27404 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:47:43.0287 27404 MSKSSRV - ok
19:47:43.0310 27404 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:47:43.0338 27404 MSPCLOCK - ok
19:47:43.0346 27404 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:47:43.0374 27404 MSPQM - ok
19:47:43.0420 27404 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:47:43.0440 27404 MsRPC - ok
19:47:43.0471 27404 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:47:43.0483 27404 mssmbios - ok
19:47:43.0494 27404 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:47:43.0517 27404 MSTEE - ok
19:47:43.0553 27404 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:47:43.0562 27404 Mup - ok
19:47:43.0589 27404 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
19:47:43.0627 27404 napagent - ok
19:47:43.0664 27404 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:47:43.0684 27404 NativeWifiP - ok
19:47:43.0713 27404 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:47:43.0735 27404 NDIS - ok
19:47:43.0766 27404 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:47:43.0796 27404 NdisTapi - ok
19:47:43.0820 27404 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:47:43.0858 27404 Ndisuio - ok
19:47:43.0884 27404 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:47:43.0914 27404 NdisWan - ok
19:47:43.0939 27404 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:47:43.0955 27404 NDProxy - ok
19:47:44.0063 27404 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
19:47:44.0098 27404 Nero BackItUp Scheduler 3 - ok
19:47:44.0177 27404 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
19:47:44.0181 27404 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:47:44.0181 27404 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:47:44.0201 27404 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:47:44.0225 27404 NetBIOS - ok
19:47:44.0295 27404 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:47:44.0337 27404 netbt - ok
19:47:44.0387 27404 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:47:44.0401 27404 Netlogon - ok
19:47:44.0445 27404 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
19:47:44.0488 27404 Netman - ok
19:47:44.0512 27404 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
19:47:44.0553 27404 netprofm - ok
19:47:44.0654 27404 netr28u (9ba2f93e4f01ec58e722b36639e0ce5d) C:\Windows\system32\DRIVERS\netr28u.sys
19:47:44.0703 27404 netr28u - ok
19:47:44.0768 27404 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:47:44.0777 27404 NetTcpPortSharing - ok
19:47:44.0808 27404 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:47:44.0815 27404 nfrd960 - ok
19:47:44.0833 27404 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
19:47:44.0856 27404 NlaSvc - ok
19:47:44.0948 27404 NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:47:44.0985 27404 NMIndexingService - ok
19:47:45.0025 27404 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:47:45.0053 27404 Npfs - ok
19:47:45.0088 27404 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
19:47:45.0125 27404 nsi - ok
19:47:45.0144 27404 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:47:45.0177 27404 nsiproxy - ok
19:47:45.0248 27404 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:47:45.0310 27404 Ntfs - ok
19:47:45.0330 27404 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:47:45.0366 27404 ntrigdigi - ok
19:47:45.0375 27404 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:47:45.0404 27404 Null - ok
19:47:45.0413 27404 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:47:45.0422 27404 nvraid - ok
19:47:45.0443 27404 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:47:45.0450 27404 nvstor - ok
19:47:45.0473 27404 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:47:45.0482 27404 nv_agp - ok
19:47:45.0491 27404 NwlnkFlt - ok
19:47:45.0500 27404 NwlnkFwd - ok
19:47:45.0591 27404 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:47:45.0621 27404 odserv - ok
19:47:45.0680 27404 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
19:47:45.0714 27404 ohci1394 - ok
19:47:45.0797 27404 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:47:45.0805 27404 ose - ok
19:47:45.0874 27404 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:47:45.0949 27404 p2pimsvc - ok
19:47:45.0965 27404 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:47:45.0986 27404 p2psvc - ok
19:47:45.0996 27404 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:47:46.0037 27404 Parport - ok
19:47:46.0078 27404 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:47:46.0087 27404 partmgr - ok
19:47:46.0097 27404 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:47:46.0166 27404 Parvdm - ok
19:47:46.0211 27404 pavboot (210a628a0d7b3f45257850efbff27538) C:\Windows\system32\drivers\pavboot.sys
19:47:46.0218 27404 pavboot - ok
19:47:46.0249 27404 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
19:47:46.0300 27404 PcaSvc - ok
19:47:46.0344 27404 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:47:46.0354 27404 pci - ok
19:47:46.0396 27404 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
19:47:46.0404 27404 pciide - ok
19:47:46.0425 27404 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:47:46.0437 27404 pcmcia - ok
19:47:46.0494 27404 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:47:46.0563 27404 PEAUTH - ok
19:47:46.0637 27404 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
19:47:46.0699 27404 pla - ok
19:47:46.0753 27404 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
19:47:46.0771 27404 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
19:47:46.0772 27404 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
19:47:46.0811 27404 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
19:47:46.0843 27404 PlugPlay - ok
19:47:46.0894 27404 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
19:47:46.0911 27404 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:47:46.0911 27404 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:47:46.0951 27404 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:47:47.0004 27404 PNRPAutoReg - ok
19:47:47.0063 27404 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:47:47.0109 27404 PNRPsvc - ok
19:47:47.0170 27404 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
19:47:47.0220 27404 PolicyAgent - ok
19:47:47.0277 27404 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:47:47.0312 27404 PptpMiniport - ok
19:47:47.0331 27404 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
19:47:47.0354 27404 Processor - ok
19:47:47.0377 27404 Profos - ok
19:47:47.0416 27404 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
19:47:47.0437 27404 ProfSvc - ok
19:47:47.0476 27404 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:47:47.0485 27404 ProtectedStorage - ok
19:47:47.0528 27404 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:47:47.0556 27404 PSched - ok
19:47:47.0609 27404 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
19:47:47.0616 27404 PxHelp20 - ok
19:47:47.0667 27404 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:47:47.0729 27404 ql2300 - ok
19:47:47.0744 27404 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:47:47.0752 27404 ql40xx - ok
19:47:47.0802 27404 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
19:47:47.0827 27404 QWAVE - ok
19:47:47.0845 27404 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:47:47.0864 27404 QWAVEdrv - ok
19:47:47.0883 27404 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:47:47.0918 27404 RasAcd - ok
19:47:47.0947 27404 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
19:47:47.0986 27404 RasAuto - ok
19:47:48.0005 27404 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:47:48.0026 27404 Rasl2tp - ok
19:47:48.0063 27404 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
19:47:48.0094 27404 RasMan - ok
19:47:48.0125 27404 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:47:48.0148 27404 RasPppoe - ok
19:47:48.0184 27404 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:47:48.0218 27404 RasSstp - ok
19:47:48.0257 27404 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:47:48.0278 27404 rdbss - ok
19:47:48.0289 27404 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:47:48.0318 27404 RDPCDD - ok
19:47:48.0347 27404 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:47:48.0370 27404 rdpdr - ok
19:47:48.0393 27404 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:47:48.0414 27404 RDPENCDD - ok
19:47:48.0450 27404 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
19:47:48.0479 27404 RDPWD - ok
19:47:48.0536 27404 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
19:47:48.0558 27404 RemoteAccess - ok
19:47:48.0596 27404 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
19:47:48.0631 27404 RemoteRegistry - ok
19:47:48.0749 27404 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files\Cyberlink\Shared files\RichVideo.exe
19:47:48.0770 27404 RichVideo ( UnsignedFile.Multi.Generic ) - warning
19:47:48.0770 27404 RichVideo - detected UnsignedFile.Multi.Generic (1)
19:47:48.0803 27404 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:47:48.0839 27404 RpcLocator - ok
19:47:48.0879 27404 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:47:48.0903 27404 RpcSs - ok
19:47:48.0931 27404 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:47:48.0965 27404 rspndr - ok
19:47:49.0013 27404 RTHDMIAzAudService (d85da4371af61359edfca4ea06619dd4) C:\Windows\system32\drivers\RtHDMIV.sys
19:47:49.0023 27404 RTHDMIAzAudService - ok
19:47:49.0069 27404 RTL8169 (abbe0f54ba3a378262c9cb86cf7d91f8) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:47:49.0098 27404 RTL8169 - ok
19:47:49.0131 27404 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:47:49.0141 27404 SamSs - ok
19:47:49.0158 27404 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:47:49.0166 27404 sbp2port - ok
19:47:49.0298 27404 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
19:47:49.0341 27404 SBSDWSCService - ok
19:47:49.0403 27404 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
19:47:49.0421 27404 SCardSvr - ok
19:47:49.0466 27404 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
19:47:49.0550 27404 Schedule - ok
19:47:49.0604 27404 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:47:49.0621 27404 SCPolicySvc - ok
19:47:49.0656 27404 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
19:47:49.0702 27404 SDRSVC - ok
19:47:49.0723 27404 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:47:49.0772 27404 secdrv - ok
19:47:49.0789 27404 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
19:47:49.0810 27404 seclogon - ok
19:47:49.0827 27404 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
19:47:49.0867 27404 SENS - ok
19:47:49.0888 27404 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
19:47:49.0909 27404 Serenum - ok
19:47:49.0951 27404 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
19:47:49.0988 27404 Serial - ok
19:47:50.0009 27404 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:47:50.0030 27404 sermouse - ok
19:47:50.0053 27404 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
19:47:50.0075 27404 SessionEnv - ok
19:47:50.0093 27404 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:47:50.0108 27404 sffdisk - ok
19:47:50.0140 27404 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:47:50.0181 27404 sffp_mmc - ok
19:47:50.0204 27404 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:47:50.0235 27404 sffp_sd - ok
19:47:50.0259 27404 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:47:50.0306 27404 sfloppy - ok
19:47:50.0340 27404 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
19:47:50.0365 27404 SharedAccess - ok
19:47:50.0407 27404 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
19:47:50.0457 27404 ShellHWDetection - ok
19:47:50.0474 27404 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:47:50.0483 27404 sisagp - ok
19:47:50.0493 27404 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:47:50.0501 27404 SiSRaid2 - ok
19:47:50.0531 27404 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:47:50.0543 27404 SiSRaid4 - ok
19:47:50.0633 27404 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
19:47:50.0915 27404 slsvc - ok
19:47:50.0969 27404 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
19:47:51.0005 27404 SLUINotify - ok
19:47:51.0079 27404 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:47:51.0106 27404 Smb - ok
19:47:51.0193 27404 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:47:51.0203 27404 SNMPTRAP - ok
19:47:51.0249 27404 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:47:51.0256 27404 spldr - ok
19:47:51.0297 27404 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
19:47:51.0337 27404 Spooler - ok
19:47:51.0379 27404 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:47:51.0427 27404 srv - ok
19:47:51.0469 27404 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:47:51.0491 27404 srv2 - ok
19:47:51.0528 27404 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:47:51.0555 27404 srvnet - ok
19:47:51.0584 27404 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
19:47:51.0616 27404 SSDPSRV - ok
19:47:51.0643 27404 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:47:51.0649 27404 ssmdrv - ok
19:47:51.0667 27404 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
19:47:51.0687 27404 SstpSvc - ok
19:47:51.0743 27404 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
19:47:51.0802 27404 stisvc - ok
19:47:51.0839 27404 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:47:51.0846 27404 swenum - ok
19:47:51.0880 27404 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
19:47:51.0911 27404 swprv - ok
19:47:51.0923 27404 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:47:51.0934 27404 Symc8xx - ok
19:47:51.0948 27404 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:47:51.0956 27404 Sym_hi - ok
19:47:51.0984 27404 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:47:51.0991 27404 Sym_u3 - ok
19:47:52.0039 27404 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
19:47:52.0082 27404 SysMain - ok
19:47:52.0104 27404 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:47:52.0130 27404 TabletInputService - ok
19:47:52.0167 27404 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
19:47:52.0204 27404 TapiSrv - ok
19:47:52.0234 27404 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
19:47:52.0272 27404 TBS - ok
19:47:52.0320 27404 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:47:52.0371 27404 Tcpip - ok
19:47:52.0405 27404 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:47:52.0433 27404 Tcpip6 - ok
19:47:52.0476 27404 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:47:52.0491 27404 tcpipreg - ok
19:47:52.0512 27404 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:47:52.0534 27404 TDPIPE - ok
19:47:52.0557 27404 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:47:52.0579 27404 TDTCP - ok
19:47:52.0610 27404 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:47:52.0650 27404 tdx - ok
19:47:52.0696 27404 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:47:52.0705 27404 TermDD - ok
19:47:52.0755 27404 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
19:47:52.0801 27404 TermService - ok
19:47:52.0863 27404 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
19:47:52.0875 27404 Themes - ok
19:47:52.0912 27404 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:47:52.0935 27404 THREADORDER - ok
19:47:52.0962 27404 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
19:47:52.0985 27404 TrkWks - ok
19:47:53.0031 27404 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
19:47:53.0065 27404 TrustedInstaller - ok
19:47:53.0098 27404 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:47:53.0118 27404 tssecsrv - ok
19:47:53.0161 27404 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:47:53.0194 27404 tunmp - ok
19:47:53.0226 27404 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:47:53.0252 27404 tunnel - ok
19:47:53.0273 27404 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:47:53.0284 27404 uagp35 - ok
19:47:53.0328 27404 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:47:53.0346 27404 udfs - ok
19:47:53.0380 27404 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
19:47:53.0402 27404 UI0Detect - ok
19:47:53.0431 27404 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:47:53.0439 27404 uliagpkx - ok
19:47:53.0462 27404 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:47:53.0473 27404 uliahci - ok
19:47:53.0487 27404 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:47:53.0496 27404 UlSata - ok
19:47:53.0516 27404 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:47:53.0529 27404 ulsata2 - ok
19:47:53.0543 27404 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:47:53.0579 27404 umbus - ok
19:47:53.0600 27404 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
19:47:53.0640 27404 upnphost - ok
19:47:53.0681 27404 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:47:53.0716 27404 usbccgp - ok
19:47:53.0735 27404 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:47:53.0777 27404 usbcir - ok
19:47:53.0822 27404 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:47:53.0845 27404 usbehci - ok
19:47:53.0868 27404 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:47:53.0886 27404 usbhub - ok
19:47:53.0898 27404 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
19:47:53.0921 27404 usbohci - ok
19:47:53.0961 27404 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:47:53.0981 27404 usbprint - ok
19:47:54.0018 27404 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:47:54.0034 27404 usbscan - ok
19:47:54.0053 27404 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:47:54.0085 27404 USBSTOR - ok
19:47:54.0109 27404 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:47:54.0133 27404 usbuhci - ok
19:47:54.0213 27404 usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files\Windows Live\Messenger\usnsvc.exe
19:47:54.0222 27404 usnjsvc - ok
19:47:54.0249 27404 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
19:47:54.0276 27404 UxSms - ok
19:47:54.0320 27404 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
19:47:54.0345 27404 vds - ok
19:47:54.0390 27404 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:47:54.0417 27404 vga - ok
19:47:54.0443 27404 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:47:54.0464 27404 VgaSave - ok
19:47:54.0481 27404 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:47:54.0490 27404 viaagp - ok
19:47:54.0505 27404 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:47:54.0530 27404 ViaC7 - ok
19:47:54.0548 27404 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:47:54.0555 27404 viaide - ok
19:47:54.0564 27404 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:47:54.0572 27404 volmgr - ok
19:47:54.0615 27404 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:47:54.0628 27404 volmgrx - ok
19:47:54.0672 27404 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:47:54.0686 27404 volsnap - ok
19:47:54.0726 27404 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:47:54.0735 27404 vsmraid - ok
19:47:54.0779 27404 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
19:47:54.0863 27404 VSS - ok
19:47:54.0936 27404 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
19:47:54.0957 27404 W32Time - ok
19:47:54.0979 27404 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:47:55.0026 27404 WacomPen - ok
19:47:55.0046 27404 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:47:55.0061 27404 Wanarp - ok
19:47:55.0065 27404 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:47:55.0080 27404 Wanarpv6 - ok
19:47:55.0098 27404 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
19:47:55.0118 27404 wcncsvc - ok
19:47:55.0182 27404 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:47:55.0198 27404 WcsPlugInService - ok
19:47:55.0209 27404 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:47:55.0217 27404 Wd - ok
19:47:55.0245 27404 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:47:55.0266 27404 Wdf01000 - ok
19:47:55.0287 27404 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:47:55.0320 27404 WdiServiceHost - ok
19:47:55.0324 27404 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:47:55.0346 27404 WdiSystemHost - ok
19:47:55.0367 27404 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
19:47:55.0396 27404 WebClient - ok
19:47:55.0430 27404 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
19:47:55.0476 27404 Wecsvc - ok
19:47:55.0497 27404 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
19:47:55.0530 27404 wercplsupport - ok
19:47:55.0567 27404 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
19:47:55.0585 27404 WerSvc - ok
19:47:55.0648 27404 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
19:47:55.0659 27404 WinDefend - ok
19:47:55.0665 27404 WinHttpAutoProxySvc - ok
19:47:55.0710 27404 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
19:47:55.0727 27404 Winmgmt - ok
19:47:55.0788 27404 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
19:47:55.0860 27404 WinRM - ok
19:47:55.0914 27404 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
19:47:55.0968 27404 Wlansvc - ok
19:47:56.0012 27404 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe
19:47:56.0035 27404 WLSetupSvc - ok
19:47:56.0079 27404 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
19:47:56.0107 27404 WmiAcpi - ok
19:47:56.0174 27404 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
19:47:56.0204 27404 wmiApSrv - ok
19:47:56.0278 27404 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:47:56.0337 27404 WMPNetworkSvc - ok
19:47:56.0359 27404 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
19:47:56.0415 27404 WPCSvc - ok
19:47:56.0451 27404 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
19:47:56.0498 27404 WPDBusEnum - ok
19:47:56.0605 27404 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:47:56.0679 27404 WPFFontCache_v0400 - ok
19:47:56.0750 27404 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:47:56.0781 27404 ws2ifsl - ok
19:47:56.0851 27404 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
19:47:56.0881 27404 wscsvc - ok
19:47:56.0889 27404 WSearch - ok
19:47:56.0962 27404 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:47:57.0042 27404 wuauserv - ok
19:47:57.0130 27404 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:47:57.0169 27404 WUDFRd - ok
19:47:57.0202 27404 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
19:47:57.0242 27404 wudfsvc - ok
19:47:57.0278 27404 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
19:47:57.0528 27404 \Device\Harddisk0\DR0 - ok
19:47:57.0555 27404 Boot (0x1200) (dcd3e7478995732d8a74ffbc3c802d47) \Device\Harddisk0\DR0\Partition0
19:47:57.0556 27404 \Device\Harddisk0\DR0\Partition0 - ok
19:47:57.0580 27404 Boot (0x1200) (c7c6c552aaf6820fc92431b53fc592e0) \Device\Harddisk0\DR0\Partition1
19:47:57.0580 27404 \Device\Harddisk0\DR0\Partition1 - ok
19:47:57.0581 27404 ============================================================
19:47:57.0581 27404 Scan finished
19:47:57.0581 27404 ============================================================
19:47:57.0590 27260 Detected object count: 8
19:47:57.0590 27260 Actual detected object count: 8
19:53:20.0566 27260 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:20.0567 27260 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:20.0567 27260 AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:20.0567 27260 AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:20.0569 27260 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:20.0569 27260 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:20.0572 27260 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:20.0573 27260 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:20.0574 27260 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:20.0574 27260 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:20.0575 27260 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:20.0575 27260 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:20.0577 27260 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:20.0577 27260 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:20.0579 27260 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:20.0579 27260 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
26.03.2012, 20:54
| #37 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W3i.IQ5.fraud, PC stürzt regelmässig ab Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.03.2012, 16:13
| #38 |
| | W3i.IQ5.fraud, PC stürzt regelmässig ab Combofix Logfile: Code:
ATTFilter ComboFix 12-03-26.02 - Reichow 28.03.2012 14:52:56.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3325.1851 [GMT 2:00]
ausgeführt von:: c:\users\Reichow\Downloads\ComboFix.exe
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Reichow\AppData\Roaming\Help\coredb\storage
c:\users\Reichow\AppData\Roaming\Identities\{1A8278D8-B0B6-42E6-BC53-D6F263ED4C96}\LicenseValidator.exe
c:\users\Reichow\Documents\~WRL3775.tmp
c:\users\Reichow\Documents\~WRL4010.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-28 bis 2012-03-28 ))))))))))))))))))))))))))))))
.
.
2012-03-27 05:59 . 2012-03-14 02:15 6582328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{B771AD1E-8757-4E17-87CF-45CA0C535027}\mpengine.dll ERROR(0x00000005)
2012-03-26 10:20 . 2012-03-26 10:20 -------- d-----w- C:\_OTL
2012-03-26 10:08 . 2012-03-26 10:08 -------- d-----w- c:\users\Reichow\AppData\Roaming\TeamViewer
2012-03-19 16:16 . 2012-03-19 16:16 -------- d-----w- c:\program files\ESET
2012-03-19 15:31 . 2012-03-19 15:31 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-19 15:31 . 2012-03-19 15:31 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-03-16 19:03 . 2012-03-19 08:36 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-03-16 19:03 . 2012-03-16 19:03 -------- d-----w- c:\users\Reichow\AppData\Roaming\Malwarebytes
2012-03-16 19:02 . 2012-03-16 19:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-16 19:02 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-14 09:18 . 2012-03-14 09:18 1207568 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll ERROR(0x00000005)
2012-03-14 07:10 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 07:10 . 2012-02-14 15:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-14 07:10 . 2012-02-14 15:45 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-14 07:10 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-14 07:10 . 2012-02-13 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-14 07:10 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 07:09 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-14 07:09 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 07:09 . 2012-01-31 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-14 02:15 . 2008-11-24 09:42 6582328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll ERROR(0x00000005)
2012-03-12 09:58 . 2011-05-25 21:16 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-10-03 06:55 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-03-19 15:31 . 2012-02-17 17:46 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-08-24 09:48 . 2010-08-24 09:48 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2009-10-09 25623336]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-18 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-02 6695456]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-12-02 1833504]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-24 30192]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-10-14 20480]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-11-18 122368]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-18 198160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-06 161336]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
.
c:\users\Reichow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-28 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-03-21 08:52]
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-18 09:41]
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-18 09:41]
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3658888087-4266470633-1359848893-1000Core.job
- c:\users\Reichow\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-30 17:32]
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3658888087-4266470633-1359848893-1000UA.job
- c:\users\Reichow\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-30 17:32]
.
2012-03-28 c:\windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
- c:\windows\system32\msfeedssync.exe [2011-09-15 18:48]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
mStart Page =
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites
TCP: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
FF - ProfilePath - c:\users\Reichow\AppData\Roaming\Mozilla\Firefox\Profiles\qntj13og.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage -
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-LicenseValidator - c:\users\Reichow\AppData\Roaming\Identities\{1A8278D8-B0B6-42E6-BC53-D6F263ED4C96}\LicenseValidator.exe
HKCU-Run-UpgradeChecker - c:\users\Reichow\AppData\Roaming\Google\{7545BAA2-353D-4A1A-8012-C4A2C937CE4A}\UpgradeChecker.exe
AddRemove-HP Document Manager - c:\program files\HP\Digital Imaging\DocumentManager\hpzscr01.exe
AddRemove-HP Imaging Device Functions - c:\program files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe
AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4}
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\HPQKYGRP.EXE
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\HPQKYGRP.EXE
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\HP\Digital Imaging\bin\HPQKYGRP.EXE
c:\program files\HP\Digital Imaging\bin\HPQKYGRP.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-03-28 15:11:11 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-03-28 13:09
.
Vor Suchlauf: 7 Verzeichnis(se), 468.595.658.752 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 468.237.897.728 Bytes frei
.
- - End Of File - - A6051A2C4842662757C17CF6568053EA
Probleme mit der Internetverbindung seit gestern, musste Neustart nach ComboFix machen, da alle Anwendungen inaktiv, hatte Angst, dass das System nicht mehr läuft, aber nach Neustart scheint alles i.O. zu sein(?) Vielen Dank für Ihre Unterstützung. |
|
28.03.2012, 19:54
| #39 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W3i.IQ5.fraud, PC stürzt regelmässig ab Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.03.2012, 21:07
| #40 |
| | W3i.IQ5.fraud, PC stürzt regelmässig ab GMER anweisungsgemäss durchgeführt, zwei Einträge ersichtlich, nur das Kopieren in die Zwischenablage scheint nicht geklasppt zu haben, vermutlich wegen Neustart. Nochmal GMER durchführen, nach Abschluss sofort das Log einstellen, erst dann Neustart? |
|
29.03.2012, 21:38
| #41 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W3i.IQ5.fraud, PC stürzt regelmässig ab Ja probier so nochmal
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.04.2012, 23:21
| #42 |
| | W3i.IQ5.fraud, PC stürzt regelmässig ab GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2012-04-03 00:18:55
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\00000055 WDC_WD64 rev.05.0
Running: 8bj903w2.exe; Driver: C:\Users\Reichow\AppData\Local\Temp\ugdyrfob.sys
---- System - GMER 1.0.15 ----
SSDT 9357401C ZwCreateThread
SSDT 93574008 ZwOpenProcess
SSDT 9357400D ZwOpenThread
SSDT 93574017 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 221 82EC89A4 4 Bytes [1C, 40, 57, 93] {SBB AL, 0x40; PUSH EDI; XCHG EBX, EAX}
.text ntkrnlpa.exe!KeSetEvent + 3F1 82EC8B74 4 Bytes [08, 40, 57, 93] {OR [EAX+0x57], AL; XCHG EBX, EAX}
.text ntkrnlpa.exe!KeSetEvent + 40D 82EC8B90 4 Bytes [0D, 40, 57, 93]
.text ntkrnlpa.exe!KeSetEvent + 621 82EC8DA4 4 Bytes [17, 40, 57, 93] {POP SS; INC EAX; PUSH EDI; XCHG EBX, EAX}
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x92406000, 0x23097E, 0xE8000020]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [744E7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7453A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [744EBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [744DF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [744E75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [744DE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74518395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [744EDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [744DFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [744DFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [744D71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7456CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7450C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [744DD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [744D6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [744D687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2628] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [744E2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CC268E9996F693D499AABD7FB13F5B58\InstallProperties@Version\25\a& ????????????????WindowsUpdateAgent??????????????????DirectX for Managed Code?A????????????????????R?????????????????????????????????????????????? ????????????????????????????L?2???&???????????????????????? ??????????????????????????????|??? ????????????????e???????????????????????&2??????????????????????????C???8??????????????????????????????????????????????????????? ??????????????????????????????N?????????????&?????????00??QuickTimeVideoDecoder??????????????????????????????????????????????????????????????????????????????????Bom??????? ????????????????????????????"??? ? ???????????????????????????????? ?????????????????????????????????0(????????????????????????????????d??????ig??2.1.2.126???????????????????DirectX for Managed Code?????????????????????????(???????m???????????????????????(?? ????n????????????????????????"?????????1.0?????????? ???????????????????????????????????????????????????????n??? ??????????????B???65537???????????{1}.HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_1462501F&REV_1002\4&3A922C5&0&
---- EOF - GMER 1.0.15 ----
|
|
03.04.2012, 15:45
| #43 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W3i.IQ5.fraud, PC stürzt regelmässig ab Ok fehlen noch die anderen beiden Logs
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.04.2012, 21:58
| #44 |
| | W3i.IQ5.fraud, PC stürzt regelmässig ab OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 Online Solutions. Complex Protection for Information Systems Saved at 22:56:50 on 03.04.2012 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Opera Software Opera Internet Browser 11.62 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [Common] -----( %SystemRoot%\Tasks )----- "Google Software Updater.job" - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-3658888087-4266470633-1359848893-1000Core.job" - "Google Inc." - C:\Users\Reichow\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-3658888087-4266470633-1359848893-1000UA.job" - "Google Inc." - C:\Users\Reichow\AppData\Local\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "ISUSPM.cpl" - "Macrovision Corporation" - C:\Windows\system32\ISUSPM.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "MBAMSwissArmy" (MBAMSwissArmy) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbamswissarmy.sys "pavboot" (pavboot) - "Panda Security, S.L." - C:\Windows\System32\drivers\pavboot.sys "Profos" (Profos) - ? - C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys (File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} "Meine freigegebenen Ordner" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Autoplay Drop Target Shim" - ? - (File not found | COM-object registry key not found) {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Drop Target Shim" - ? - (File not found | COM-object registry key not found) {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Drop Target Shim" - ? - (File not found | COM-object registry key not found) {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "{00F33137-EE26-412F-8D71-F84E4C2C6625}" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "eBay - Der weltweite Online-Marktplatz" - ? - eBay - eine der größten deutschen Shopping-Websites (HTTP value) -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} "ActiveScan 2.0 Installer Class" - "Panda Security" - C:\Windows\Downloaded Program Files\as2stubie.dll / hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~1\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab {233C1507-6A77-46A4-9443-F871F945D258} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\Windows\System32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} "{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}" - ? - (File not found | COM-object registry key not found) / hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - ? - (File not found | COM-object registry key not found) "eBay - Der weltweite Online-Marktplatz" - ? - eBay - eine der größten deutschen Shopping-Websites (HTTP value) {DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll {0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {3049C3E9-B461-4BC5-8870-4C09146192CA} "{3049C3E9-B461-4BC5-8870-4C09146192CA}" - ? - (File not found | COM-object registry key not found) {326E768D-4182-46FD-9C16-1449A49795F4} "{326E768D-4182-46FD-9C16-1449A49795F4}" - ? - (File not found | COM-object registry key not found) {53707962-6F74-2D53-2644-206D7942484F} "{53707962-6F74-2D53-2644-206D7942484F}" - ? - (File not found | COM-object registry key not found) {7E853D72-626A-48EC-A868-BA8D5E23E045} "{7E853D72-626A-48EC-A868-BA8D5E23E045}" - ? - (File not found | COM-object registry key not found) {FCBCCB87-9224-4B8D-B117-F56D924BEB18} "{FCBCCB87-9224-4B8D-B117-F56D924BEB18}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Reichow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "OpenOffice.org 3.1.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 "Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized "SpybotSD TeaTimer" - "Safer-Networking Ltd." - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe "swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup "Google EULA Launcher" - "Google" - C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe GE "Google Quick Search Box" - "Google Inc." - "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun "Google Updater" - "Google" - "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -check_deprecation "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "TkBellExe" - "RealNetworks, Inc." - "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll "PCL hpz3l5mu" - "Hewlett-Packard Company" - C:\Windows\system32\hpz3l5mu.dll "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\Cyberlink\Shared files\RichVideo.exe "Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\Windows\system32\IoctlSvc.exe "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "SBSD Security Center Service" (SBSDWSCService) - "Safer Networking Ltd." - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-04-03 23:00:20 ----------------------------- 23:00:20.034 OS Version: Windows 6.0.6002 Service Pack 2 23:00:20.036 Number of processors: 2 586 0x203 23:00:20.038 ComputerName: STEFANREICHOW UserName: Reichow 23:00:40.032 Initialize success 23:03:13.708 AVAST engine defs: 12040301 23:04:21.827 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000055 23:04:21.829 Disk 0 Vendor: WDC_WD64 05.0 Size: 610480MB BusType: 8 23:04:21.841 Disk 0 MBR read successfully 23:04:21.844 Disk 0 MBR scan 23:04:21.857 Disk 0 unknown MBR code 23:04:21.862 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 589991 MB offset 2048 23:04:21.867 Disk 0 Partition - 00 0F Extended LBA 20485 MB offset 1208303616 23:04:21.898 Disk 0 Partition 2 00 0B FAT32 MSDOS5.0 20485 MB offset 1208303679 23:04:21.906 Disk 0 scanning sectors +1250258625 23:04:21.973 Disk 0 scanning C:\Windows\system32\drivers 23:04:30.444 Service scanning 23:04:47.672 Modules scanning 23:04:51.353 Disk 0 trace - called modules: 23:04:51.373 ntkrnlpa.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix86s.sys 23:04:51.377 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87936778] 23:04:51.381 3 CLASSPNP.SYS[8bd9e8b3] -> nt!IofCallDriver -> \Device\00000055[0x86db8c90] 23:04:53.332 AVAST engine scan C:\Windows 23:04:57.910 AVAST engine scan C:\Windows\system32 23:08:49.357 AVAST engine scan C:\Windows\system32\drivers 23:09:09.189 AVAST engine scan C:\Users\Reichow 23:28:30.440 AVAST engine scan C:\ProgramData 23:32:46.628 Scan finished successfully 23:43:27.479 Disk 0 MBR has been saved successfully to "C:\Users\Reichow\Desktop\MBR.dat" 23:43:27.484 The log file has been saved successfully to "C:\Users\Reichow\Desktop\aswMBR.txt" |
|
04.04.2012, 11:24
| #45 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W3i.IQ5.fraud, PC stürzt regelmässig abZitat:
Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu W3i.IQ5.fraud, PC stürzt regelmässig ab |
| antivir, antivirus, avira, bho, bildschirm, browser, computer, desktop, dllhost.exe, dnsapi.dll, downloader, entfernen, error, erweiterungen, failed, firefox, google, lanmanworkstation, mozilla, object, picasa, plug-in, presentationhost.exe, realtek, registry, registry key, required, rootkit, safer networking, software, system, tunnel, viren, vista, w3i.iq5.fraud, zugriff verweigert |
Linear-Darstellung
