| |
| |||||||
Log-Analyse und Auswertung: www.searchnu.com/410?tag=newtab - problemWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.04.2012, 12:33
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  www.searchnu.com/410?tag=newtab - problem Wie kommst du auf die Idee das Log da rein zu posten  Wozu hast du diesen Strang eröffnert natürlich soll das Log hier gepostet werden! Ich weiß echt nicht wie du auf diese Idee kommst, du hast alle anderen Logs doch auch hier in diesen Strang gepostet! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.04.2012, 12:36
| #17 | |
 | www.searchnu.com/410?tag=newtab - problem ok missverständnis, sorry
__________________Zitat:
Code:
ATTFilter 12:55:31.0134 1340 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
12:55:31.0605 1340 ============================================================
12:55:31.0605 1340 Current date / time: 2012/04/02 12:55:31.0605
12:55:31.0605 1340 SystemInfo:
12:55:31.0605 1340
12:55:31.0605 1340 OS Version: 6.1.7601 ServicePack: 1.0
12:55:31.0605 1340 Product type: Workstation
12:55:31.0606 1340 ComputerName: ISA-PC
12:55:31.0606 1340 UserName: Isa
12:55:31.0606 1340 Windows directory: C:\Windows
12:55:31.0606 1340 System windows directory: C:\Windows
12:55:31.0606 1340 Processor architecture: Intel x86
12:55:31.0606 1340 Number of processors: 2
12:55:31.0606 1340 Page size: 0x1000
12:55:31.0606 1340 Boot type: Normal boot
12:55:31.0606 1340 ============================================================
12:55:34.0057 1340 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:55:34.0140 1340 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:55:34.0141 1340 \Device\Harddisk0\DR0:
12:55:34.0141 1340 MBR used
12:55:34.0141 1340 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:55:34.0141 1340 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
12:55:34.0141 1340 \Device\Harddisk1\DR1:
12:55:34.0141 1340 MBR used
12:55:34.0141 1340 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x3A384C01
12:55:34.0165 1340 Initialize success
12:55:34.0165 1340 ============================================================
12:56:34.0272 1044 ============================================================
12:56:34.0272 1044 Scan started
12:56:34.0272 1044 Mode: Manual; SigCheck; TDLFS;
12:56:34.0272 1044 ============================================================
12:56:35.0380 1044 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
12:56:35.0562 1044 1394ohci - ok
12:56:35.0596 1044 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
12:56:35.0619 1044 ACPI - ok
12:56:35.0661 1044 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
12:56:35.0742 1044 AcpiPmi - ok
12:56:35.0838 1044 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:56:35.0860 1044 AdobeARMservice - ok
12:56:35.0963 1044 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
12:56:35.0999 1044 adp94xx - ok
12:56:36.0018 1044 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
12:56:36.0042 1044 adpahci - ok
12:56:36.0056 1044 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
12:56:36.0075 1044 adpu320 - ok
12:56:36.0114 1044 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
12:56:36.0182 1044 AeLookupSvc - ok
12:56:36.0229 1044 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
12:56:36.0301 1044 AFD - ok
12:56:36.0360 1044 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
12:56:36.0452 1044 AgereSoftModem - ok
12:56:36.0536 1044 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
12:56:36.0555 1044 agp440 - ok
12:56:36.0600 1044 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
12:56:36.0616 1044 aic78xx - ok
12:56:36.0666 1044 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
12:56:36.0721 1044 ALG - ok
12:56:36.0755 1044 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
12:56:36.0770 1044 aliide - ok
12:56:36.0795 1044 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
12:56:36.0812 1044 amdagp - ok
12:56:36.0833 1044 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
12:56:36.0848 1044 amdide - ok
12:56:36.0886 1044 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
12:56:36.0945 1044 AmdK8 - ok
12:56:36.0966 1044 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
12:56:37.0006 1044 AmdPPM - ok
12:56:37.0058 1044 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
12:56:37.0078 1044 amdsata - ok
12:56:37.0100 1044 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
12:56:37.0119 1044 amdsbs - ok
12:56:37.0135 1044 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
12:56:37.0150 1044 amdxata - ok
12:56:37.0243 1044 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
12:56:37.0289 1044 AntiVirSchedulerService - ok
12:56:37.0324 1044 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
12:56:37.0340 1044 AntiVirService - ok
12:56:37.0394 1044 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
12:56:37.0494 1044 AppID - ok
12:56:37.0578 1044 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
12:56:37.0662 1044 AppIDSvc - ok
12:56:37.0712 1044 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
12:56:37.0778 1044 Appinfo - ok
12:56:37.0853 1044 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
12:56:37.0885 1044 arc - ok
12:56:37.0899 1044 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
12:56:37.0918 1044 arcsas - ok
12:56:37.0938 1044 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
12:56:38.0055 1044 AsyncMac - ok
12:56:38.0128 1044 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
12:56:38.0152 1044 atapi - ok
12:56:38.0209 1044 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
12:56:38.0272 1044 AudioEndpointBuilder - ok
12:56:38.0289 1044 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
12:56:38.0333 1044 Audiosrv - ok
12:56:38.0375 1044 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
12:56:38.0407 1044 avgntflt - ok
12:56:38.0451 1044 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
12:56:38.0467 1044 avipbb - ok
12:56:38.0488 1044 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
12:56:38.0500 1044 avkmgr - ok
12:56:38.0543 1044 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
12:56:38.0632 1044 AxInstSV - ok
12:56:38.0696 1044 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
12:56:38.0785 1044 b06bdrv - ok
12:56:38.0819 1044 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
12:56:38.0842 1044 b57nd60x - ok
12:56:38.0880 1044 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
12:56:38.0946 1044 BDESVC - ok
12:56:38.0961 1044 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
12:56:39.0009 1044 Beep - ok
12:56:39.0063 1044 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
12:56:39.0120 1044 BFE - ok
12:56:39.0164 1044 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
12:56:39.0234 1044 BITS - ok
12:56:39.0297 1044 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
12:56:39.0328 1044 blbdrive - ok
12:56:39.0365 1044 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
12:56:39.0387 1044 bowser - ok
12:56:39.0404 1044 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:56:39.0468 1044 BrFiltLo - ok
12:56:39.0490 1044 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:56:39.0557 1044 BrFiltUp - ok
12:56:39.0591 1044 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
12:56:39.0666 1044 Browser - ok
12:56:39.0766 1044 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
12:56:39.0813 1044 Brserid - ok
12:56:39.0835 1044 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
12:56:39.0874 1044 BrSerWdm - ok
12:56:39.0902 1044 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:56:39.0923 1044 BrUsbMdm - ok
12:56:39.0941 1044 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
12:56:39.0983 1044 BrUsbSer - ok
12:56:40.0004 1044 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
12:56:40.0036 1044 BTHMODEM - ok
12:56:40.0073 1044 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
12:56:40.0125 1044 bthserv - ok
12:56:40.0155 1044 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
12:56:40.0219 1044 cdfs - ok
12:56:40.0285 1044 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
12:56:40.0349 1044 cdrom - ok
12:56:40.0394 1044 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
12:56:40.0461 1044 CertPropSvc - ok
12:56:40.0498 1044 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
12:56:40.0524 1044 circlass - ok
12:56:40.0563 1044 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
12:56:40.0598 1044 CLFS - ok
12:56:40.0686 1044 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:56:40.0716 1044 clr_optimization_v2.0.50727_32 - ok
12:56:40.0793 1044 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:56:40.0826 1044 clr_optimization_v4.0.30319_32 - ok
12:56:40.0899 1044 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
12:56:40.0933 1044 CmBatt - ok
12:56:40.0967 1044 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
12:56:40.0995 1044 cmdide - ok
12:56:41.0038 1044 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
12:56:41.0104 1044 CNG - ok
12:56:41.0142 1044 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
12:56:41.0160 1044 Compbatt - ok
12:56:41.0210 1044 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
12:56:41.0263 1044 CompositeBus - ok
12:56:41.0292 1044 COMSysApp - ok
12:56:41.0309 1044 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
12:56:41.0337 1044 crcdisk - ok
12:56:41.0379 1044 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
12:56:41.0449 1044 CryptSvc - ok
12:56:41.0472 1044 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
12:56:41.0533 1044 DcomLaunch - ok
12:56:41.0567 1044 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
12:56:41.0620 1044 defragsvc - ok
12:56:41.0691 1044 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
12:56:41.0756 1044 DfsC - ok
12:56:41.0812 1044 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
12:56:41.0889 1044 Dhcp - ok
12:56:41.0915 1044 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
12:56:41.0961 1044 discache - ok
12:56:41.0997 1044 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
12:56:42.0016 1044 Disk - ok
12:56:42.0047 1044 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
12:56:42.0115 1044 Dnscache - ok
12:56:42.0157 1044 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
12:56:42.0224 1044 dot3svc - ok
12:56:42.0249 1044 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
12:56:42.0310 1044 DPS - ok
12:56:42.0383 1044 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
12:56:42.0428 1044 drmkaud - ok
12:56:42.0479 1044 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
12:56:42.0548 1044 DXGKrnl - ok
12:56:42.0582 1044 E100B (20de769b84960606d8dbb2aec123021a) C:\Windows\system32\DRIVERS\e100b325.sys
12:56:42.0637 1044 E100B - ok
12:56:42.0666 1044 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
12:56:42.0730 1044 EapHost - ok
12:56:42.0845 1044 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
12:56:42.0949 1044 ebdrv - ok
12:56:43.0019 1044 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
12:56:43.0070 1044 EFS - ok
12:56:43.0130 1044 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
12:56:43.0219 1044 ehRecvr - ok
12:56:43.0253 1044 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
12:56:43.0330 1044 ehSched - ok
12:56:43.0438 1044 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
12:56:43.0480 1044 elxstor - ok
12:56:43.0515 1044 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
12:56:43.0557 1044 ErrDev - ok
12:56:43.0611 1044 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
12:56:43.0699 1044 EventSystem - ok
12:56:43.0719 1044 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
12:56:43.0766 1044 exfat - ok
12:56:43.0794 1044 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
12:56:43.0847 1044 fastfat - ok
12:56:43.0891 1044 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
12:56:43.0955 1044 Fax - ok
12:56:43.0983 1044 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
12:56:44.0013 1044 fdc - ok
12:56:44.0051 1044 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
12:56:44.0104 1044 fdPHost - ok
12:56:44.0120 1044 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
12:56:44.0206 1044 FDResPub - ok
12:56:44.0229 1044 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
12:56:44.0248 1044 FileInfo - ok
12:56:44.0259 1044 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
12:56:44.0307 1044 Filetrace - ok
12:56:44.0332 1044 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
12:56:44.0365 1044 flpydisk - ok
12:56:44.0394 1044 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
12:56:44.0414 1044 FltMgr - ok
12:56:44.0458 1044 FontCache (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
12:56:44.0529 1044 FontCache - ok
12:56:44.0611 1044 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:56:44.0636 1044 FontCache3.0.0.0 - ok
12:56:44.0660 1044 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
12:56:44.0675 1044 FsDepends - ok
12:56:44.0686 1044 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
12:56:44.0700 1044 Fs_Rec - ok
12:56:44.0737 1044 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
12:56:44.0772 1044 fvevol - ok
12:56:44.0798 1044 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:56:44.0814 1044 gagp30kx - ok
12:56:44.0848 1044 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
12:56:44.0911 1044 gpsvc - ok
12:56:44.0987 1044 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:56:45.0014 1044 gupdate - ok
12:56:45.0030 1044 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:56:45.0055 1044 gupdatem - ok
12:56:45.0120 1044 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
12:56:45.0179 1044 hcw85cir - ok
12:56:45.0226 1044 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
12:56:45.0269 1044 HdAudAddService - ok
12:56:45.0301 1044 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
12:56:45.0348 1044 HDAudBus - ok
12:56:45.0486 1044 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
12:56:45.0509 1044 HidBatt - ok
12:56:45.0531 1044 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
12:56:45.0564 1044 HidBth - ok
12:56:45.0593 1044 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
12:56:45.0625 1044 HidIr - ok
12:56:45.0655 1044 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
12:56:45.0708 1044 hidserv - ok
12:56:45.0755 1044 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
12:56:45.0773 1044 HidUsb - ok
12:56:45.0808 1044 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
12:56:45.0873 1044 hkmsvc - ok
12:56:45.0891 1044 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
12:56:45.0935 1044 HomeGroupListener - ok
12:56:45.0976 1044 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
12:56:46.0010 1044 HomeGroupProvider - ok
12:56:46.0092 1044 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
12:56:46.0118 1044 HpSAMD - ok
12:56:46.0186 1044 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
12:56:46.0250 1044 HTTP - ok
12:56:46.0279 1044 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
12:56:46.0292 1044 hwpolicy - ok
12:56:46.0315 1044 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
12:56:46.0334 1044 i8042prt - ok
12:56:46.0393 1044 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
12:56:46.0423 1044 iaStorV - ok
12:56:46.0524 1044 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:56:46.0570 1044 idsvc - ok
12:56:46.0617 1044 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
12:56:46.0633 1044 iirsp - ok
12:56:46.0683 1044 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
12:56:46.0748 1044 IKEEXT - ok
12:56:46.0777 1044 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
12:56:46.0791 1044 intelide - ok
12:56:46.0811 1044 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
12:56:46.0828 1044 intelppm - ok
12:56:46.0849 1044 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
12:56:46.0902 1044 IPBusEnum - ok
12:56:46.0932 1044 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:56:46.0982 1044 IpFilterDriver - ok
12:56:47.0032 1044 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
12:56:47.0099 1044 iphlpsvc - ok
12:56:47.0138 1044 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
12:56:47.0188 1044 IPMIDRV - ok
12:56:47.0214 1044 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
12:56:47.0255 1044 IPNAT - ok
12:56:47.0286 1044 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
12:56:47.0323 1044 IRENUM - ok
12:56:47.0354 1044 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
12:56:47.0369 1044 isapnp - ok
12:56:47.0394 1044 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
12:56:47.0415 1044 iScsiPrt - ok
12:56:47.0453 1044 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
12:56:47.0468 1044 kbdclass - ok
12:56:47.0501 1044 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
12:56:47.0528 1044 kbdhid - ok
12:56:47.0548 1044 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:56:47.0566 1044 KeyIso - ok
12:56:47.0583 1044 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
12:56:47.0599 1044 KSecDD - ok
12:56:47.0612 1044 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
12:56:47.0630 1044 KSecPkg - ok
12:56:47.0682 1044 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
12:56:47.0756 1044 KtmRm - ok
12:56:47.0789 1044 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
12:56:47.0850 1044 LanmanServer - ok
12:56:47.0895 1044 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
12:56:47.0937 1044 LanmanWorkstation - ok
12:56:48.0010 1044 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
12:56:48.0082 1044 lltdio - ok
12:56:48.0127 1044 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
12:56:48.0171 1044 lltdsvc - ok
12:56:48.0193 1044 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
12:56:48.0234 1044 lmhosts - ok
12:56:48.0255 1044 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:56:48.0271 1044 LSI_FC - ok
12:56:48.0295 1044 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:56:48.0312 1044 LSI_SAS - ok
12:56:48.0325 1044 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:56:48.0341 1044 LSI_SAS2 - ok
12:56:48.0354 1044 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:56:48.0371 1044 LSI_SCSI - ok
12:56:48.0384 1044 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
12:56:48.0425 1044 luafv - ok
12:56:48.0462 1044 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
12:56:48.0474 1044 MBAMProtector - ok
12:56:48.0528 1044 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:56:48.0562 1044 MBAMService - ok
12:56:48.0586 1044 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
12:56:48.0607 1044 Mcx2Svc - ok
12:56:48.0634 1044 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
12:56:48.0649 1044 megasas - ok
12:56:48.0676 1044 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
12:56:48.0697 1044 MegaSR - ok
12:56:48.0725 1044 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
12:56:48.0773 1044 MMCSS - ok
12:56:48.0785 1044 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
12:56:48.0839 1044 Modem - ok
12:56:48.0857 1044 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
12:56:48.0887 1044 monitor - ok
12:56:48.0923 1044 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
12:56:48.0938 1044 mouclass - ok
12:56:48.0975 1044 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
12:56:49.0005 1044 mouhid - ok
12:56:49.0035 1044 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
12:56:49.0051 1044 mountmgr - ok
12:56:49.0083 1044 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
12:56:49.0115 1044 mpio - ok
12:56:49.0131 1044 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
12:56:49.0178 1044 mpsdrv - ok
12:56:49.0226 1044 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
12:56:49.0289 1044 MpsSvc - ok
12:56:49.0326 1044 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
12:56:49.0384 1044 MRxDAV - ok
12:56:49.0426 1044 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:56:49.0487 1044 mrxsmb - ok
12:56:49.0524 1044 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:56:49.0565 1044 mrxsmb10 - ok
12:56:49.0593 1044 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:56:49.0622 1044 mrxsmb20 - ok
12:56:49.0662 1044 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
12:56:49.0695 1044 msahci - ok
12:56:49.0720 1044 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
12:56:49.0737 1044 msdsm - ok
12:56:49.0774 1044 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
12:56:49.0824 1044 MSDTC - ok
12:56:49.0852 1044 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
12:56:49.0891 1044 Msfs - ok
12:56:49.0913 1044 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
12:56:49.0951 1044 mshidkmdf - ok
12:56:49.0969 1044 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
12:56:49.0983 1044 msisadrv - ok
12:56:50.0023 1044 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
12:56:50.0070 1044 MSiSCSI - ok
12:56:50.0110 1044 msiserver - ok
12:56:50.0260 1044 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
12:56:50.0333 1044 MSKSSRV - ok
12:56:50.0357 1044 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
12:56:50.0405 1044 MSPCLOCK - ok
12:56:50.0430 1044 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
12:56:50.0491 1044 MSPQM - ok
12:56:50.0542 1044 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
12:56:50.0580 1044 MsRPC - ok
12:56:50.0608 1044 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
12:56:50.0626 1044 mssmbios - ok
12:56:50.0638 1044 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
12:56:50.0677 1044 MSTEE - ok
12:56:50.0697 1044 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
12:56:50.0715 1044 MTConfig - ok
12:56:50.0726 1044 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
12:56:50.0741 1044 Mup - ok
12:56:50.0783 1044 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
12:56:50.0842 1044 napagent - ok
12:56:50.0916 1044 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
12:56:50.0955 1044 NativeWifiP - ok
12:56:50.0986 1044 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
12:56:51.0022 1044 NDIS - ok
12:56:51.0046 1044 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
12:56:51.0089 1044 NdisCap - ok
12:56:51.0109 1044 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
12:56:51.0159 1044 NdisTapi - ok
12:56:51.0201 1044 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
12:56:51.0237 1044 Ndisuio - ok
12:56:51.0270 1044 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
12:56:51.0329 1044 NdisWan - ok
12:56:51.0376 1044 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
12:56:51.0425 1044 NDProxy - ok
12:56:51.0464 1044 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
12:56:51.0546 1044 NetBIOS - ok
12:56:51.0586 1044 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
12:56:51.0643 1044 NetBT - ok
12:56:51.0665 1044 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:56:51.0692 1044 Netlogon - ok
12:56:51.0733 1044 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
12:56:51.0792 1044 Netman - ok
12:56:51.0828 1044 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
12:56:51.0886 1044 netprofm - ok
12:56:51.0972 1044 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:56:51.0997 1044 NetTcpPortSharing - ok
12:56:52.0155 1044 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
12:56:52.0315 1044 netw5v32 - ok
12:56:52.0408 1044 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
12:56:52.0438 1044 nfrd960 - ok
12:56:52.0480 1044 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
12:56:52.0564 1044 NlaSvc - ok
12:56:52.0576 1044 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
12:56:52.0639 1044 Npfs - ok
12:56:52.0669 1044 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
12:56:52.0709 1044 nsi - ok
12:56:52.0719 1044 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
12:56:52.0770 1044 nsiproxy - ok
12:56:52.0817 1044 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
12:56:52.0869 1044 Ntfs - ok
12:56:52.0887 1044 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
12:56:52.0935 1044 Null - ok
12:56:53.0118 1044 nvlddmkm (05b288b25c2ebd9a4e9e5114ae790876) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:56:53.0409 1044 nvlddmkm - ok
12:56:53.0518 1044 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
12:56:53.0552 1044 nvraid - ok
12:56:53.0575 1044 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
12:56:53.0593 1044 nvstor - ok
12:56:53.0633 1044 nvsvc (e937a615d4289e83e234c3ec26092431) C:\Windows\system32\nvvsvc.exe
12:56:53.0651 1044 nvsvc - ok
12:56:53.0672 1044 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
12:56:53.0689 1044 nv_agp - ok
12:56:53.0714 1044 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
12:56:53.0739 1044 ohci1394 - ok
12:56:53.0772 1044 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
12:56:53.0823 1044 p2pimsvc - ok
12:56:53.0852 1044 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
12:56:53.0900 1044 p2psvc - ok
12:56:53.0931 1044 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
12:56:53.0958 1044 Parport - ok
12:56:53.0986 1044 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
12:56:54.0001 1044 partmgr - ok
12:56:54.0024 1044 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
12:56:54.0041 1044 Parvdm - ok
12:56:54.0063 1044 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
12:56:54.0087 1044 PcaSvc - ok
12:56:54.0117 1044 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
12:56:54.0135 1044 pci - ok
12:56:54.0151 1044 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
12:56:54.0166 1044 pciide - ok
12:56:54.0179 1044 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
12:56:54.0198 1044 pcmcia - ok
12:56:54.0209 1044 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
12:56:54.0224 1044 pcw - ok
12:56:54.0253 1044 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
12:56:54.0315 1044 PEAUTH - ok
12:56:54.0387 1044 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
12:56:54.0485 1044 pla - ok
12:56:54.0570 1044 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
12:56:54.0633 1044 PlugPlay - ok
12:56:54.0660 1044 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
12:56:54.0694 1044 PNRPAutoReg - ok
12:56:54.0715 1044 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
12:56:54.0741 1044 PNRPsvc - ok
12:56:54.0808 1044 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
12:56:54.0832 1044 Point32 - ok
12:56:54.0869 1044 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
12:56:54.0921 1044 PolicyAgent - ok
12:56:54.0948 1044 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
12:56:54.0989 1044 Power - ok
12:56:55.0032 1044 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
12:56:55.0109 1044 PptpMiniport - ok
12:56:55.0142 1044 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
12:56:55.0175 1044 Processor - ok
12:56:55.0231 1044 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
12:56:55.0287 1044 ProfSvc - ok
12:56:55.0315 1044 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:56:55.0332 1044 ProtectedStorage - ok
12:56:55.0362 1044 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
12:56:55.0411 1044 Psched - ok
12:56:55.0461 1044 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
12:56:55.0519 1044 ql2300 - ok
12:56:55.0538 1044 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
12:56:55.0555 1044 ql40xx - ok
12:56:55.0594 1044 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
12:56:55.0655 1044 QWAVE - ok
12:56:55.0667 1044 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
12:56:55.0688 1044 QWAVEdrv - ok
12:56:55.0709 1044 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
12:56:55.0760 1044 RasAcd - ok
12:56:55.0810 1044 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:56:55.0885 1044 RasAgileVpn - ok
12:56:55.0907 1044 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
12:56:55.0950 1044 RasAuto - ok
12:56:55.0972 1044 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:56:56.0021 1044 Rasl2tp - ok
12:56:56.0081 1044 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
12:56:56.0149 1044 RasMan - ok
12:56:56.0177 1044 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
12:56:56.0216 1044 RasPppoe - ok
12:56:56.0254 1044 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
12:56:56.0330 1044 RasSstp - ok
12:56:56.0368 1044 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
12:56:56.0438 1044 rdbss - ok
12:56:56.0466 1044 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
12:56:56.0500 1044 rdpbus - ok
12:56:56.0533 1044 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:56:56.0596 1044 RDPCDD - ok
12:56:56.0629 1044 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
12:56:56.0676 1044 RDPENCDD - ok
12:56:56.0696 1044 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
12:56:56.0743 1044 RDPREFMP - ok
12:56:56.0771 1044 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
12:56:56.0815 1044 RDPWD - ok
12:56:56.0869 1044 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
12:56:56.0896 1044 rdyboost - ok
12:56:56.0933 1044 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
12:56:56.0993 1044 RemoteAccess - ok
12:56:57.0047 1044 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
12:56:57.0116 1044 RemoteRegistry - ok
12:56:57.0156 1044 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
12:56:57.0231 1044 RpcEptMapper - ok
12:56:57.0259 1044 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
12:56:57.0282 1044 RpcLocator - ok
12:56:57.0318 1044 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
12:56:57.0361 1044 RpcSs - ok
12:56:57.0426 1044 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
12:56:57.0489 1044 rspndr - ok
12:56:57.0511 1044 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:56:57.0528 1044 SamSs - ok
12:56:57.0572 1044 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
12:56:57.0588 1044 sbp2port - ok
12:56:57.0622 1044 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
12:56:57.0663 1044 SCardSvr - ok
12:56:57.0698 1044 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
12:56:57.0766 1044 scfilter - ok
12:56:57.0814 1044 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
12:56:57.0918 1044 Schedule - ok
12:56:57.0958 1044 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
12:56:58.0010 1044 SCPolicySvc - ok
12:56:58.0090 1044 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
12:56:58.0143 1044 sdbus - ok
12:56:58.0177 1044 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
12:56:58.0227 1044 SDRSVC - ok
12:56:58.0282 1044 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:56:58.0352 1044 secdrv - ok
12:56:58.0378 1044 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
12:56:58.0431 1044 seclogon - ok
12:56:58.0467 1044 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
12:56:58.0521 1044 SENS - ok
12:56:58.0553 1044 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
12:56:58.0597 1044 SensrSvc - ok
12:56:58.0650 1044 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
12:56:58.0689 1044 Serenum - ok
12:56:58.0726 1044 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
12:56:58.0761 1044 Serial - ok
12:56:58.0797 1044 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
12:56:58.0830 1044 sermouse - ok
12:56:58.0869 1044 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
12:56:58.0950 1044 SessionEnv - ok
12:56:58.0987 1044 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
12:56:59.0036 1044 sffdisk - ok
12:56:59.0049 1044 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
12:56:59.0075 1044 sffp_mmc - ok
12:56:59.0095 1044 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
12:56:59.0115 1044 sffp_sd - ok
12:56:59.0136 1044 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
12:56:59.0166 1044 sfloppy - ok
12:56:59.0206 1044 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
12:56:59.0265 1044 SharedAccess - ok
12:56:59.0312 1044 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
12:56:59.0382 1044 ShellHWDetection - ok
12:56:59.0444 1044 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
12:56:59.0476 1044 sisagp - ok
12:56:59.0525 1044 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:56:59.0554 1044 SiSRaid2 - ok
12:56:59.0573 1044 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
12:56:59.0589 1044 SiSRaid4 - ok
12:56:59.0615 1044 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
12:56:59.0654 1044 Smb - ok
12:56:59.0701 1044 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
12:56:59.0726 1044 SNMPTRAP - ok
12:56:59.0738 1044 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
12:56:59.0753 1044 spldr - ok
12:56:59.0784 1044 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
12:56:59.0829 1044 Spooler - ok
12:56:59.0918 1044 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
12:57:00.0040 1044 sppsvc - ok
12:57:00.0109 1044 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
12:57:00.0182 1044 sppuinotify - ok
12:57:00.0252 1044 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
12:57:00.0299 1044 srv - ok
12:57:00.0315 1044 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
12:57:00.0353 1044 srv2 - ok
12:57:00.0378 1044 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
12:57:00.0396 1044 srvnet - ok
12:57:00.0429 1044 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
12:57:00.0496 1044 SSDPSRV - ok
12:57:00.0522 1044 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
12:57:00.0543 1044 ssmdrv - ok
12:57:00.0562 1044 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
12:57:00.0636 1044 SstpSvc - ok
12:57:00.0679 1044 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
12:57:00.0694 1044 stexstor - ok
12:57:00.0746 1044 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
12:57:00.0793 1044 StiSvc - ok
12:57:00.0825 1044 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
12:57:00.0839 1044 swenum - ok
12:57:00.0877 1044 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
12:57:00.0936 1044 swprv - ok
12:57:00.0988 1044 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
12:57:01.0041 1044 SysMain - ok
12:57:01.0071 1044 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
12:57:01.0096 1044 TabletInputService - ok
12:57:01.0133 1044 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
12:57:01.0176 1044 TapiSrv - ok
12:57:01.0211 1044 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
12:57:01.0263 1044 TBS - ok
12:57:01.0362 1044 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
12:57:01.0417 1044 Tcpip - ok
12:57:01.0534 1044 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
12:57:01.0577 1044 TCPIP6 - ok
12:57:01.0623 1044 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
12:57:01.0686 1044 tcpipreg - ok
12:57:01.0714 1044 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
12:57:01.0740 1044 TDPIPE - ok
12:57:01.0765 1044 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
12:57:01.0797 1044 TDTCP - ok
12:57:01.0829 1044 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
12:57:01.0905 1044 tdx - ok
12:57:01.0933 1044 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
12:57:01.0949 1044 TermDD - ok
12:57:01.0996 1044 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
12:57:02.0086 1044 TermService - ok
12:57:02.0112 1044 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
12:57:02.0155 1044 Themes - ok
12:57:02.0191 1044 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
12:57:02.0246 1044 THREADORDER - ok
12:57:02.0273 1044 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
12:57:02.0330 1044 TrkWks - ok
12:57:02.0370 1044 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
12:57:02.0428 1044 TrustedInstaller - ok
12:57:02.0480 1044 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:57:02.0532 1044 tssecsrv - ok
12:57:02.0558 1044 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
12:57:02.0600 1044 TsUsbFlt - ok
12:57:02.0654 1044 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
12:57:02.0719 1044 tunnel - ok
12:57:02.0774 1044 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
12:57:02.0785 1044 TVALZ - ok
12:57:02.0811 1044 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
12:57:02.0826 1044 uagp35 - ok
12:57:02.0864 1044 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
12:57:02.0911 1044 udfs - ok
12:57:02.0949 1044 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
12:57:02.0980 1044 UI0Detect - ok
12:57:03.0029 1044 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
12:57:03.0059 1044 uliagpkx - ok
12:57:03.0099 1044 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
12:57:03.0132 1044 umbus - ok
12:57:03.0163 1044 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
12:57:03.0197 1044 UmPass - ok
12:57:03.0239 1044 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
12:57:03.0319 1044 upnphost - ok
12:57:03.0355 1044 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\drivers\usbccgp.sys
12:57:03.0405 1044 usbccgp - ok
12:57:03.0432 1044 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
12:57:03.0471 1044 usbcir - ok
12:57:03.0498 1044 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
12:57:03.0515 1044 usbehci - ok
12:57:03.0550 1044 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
12:57:03.0582 1044 usbhub - ok
12:57:03.0607 1044 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
12:57:03.0637 1044 usbohci - ok
12:57:03.0672 1044 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
12:57:03.0693 1044 usbprint - ok
12:57:03.0716 1044 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
12:57:03.0753 1044 USBSTOR - ok
12:57:03.0775 1044 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
12:57:03.0793 1044 usbuhci - ok
12:57:03.0819 1044 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
12:57:03.0871 1044 UxSms - ok
12:57:03.0900 1044 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:57:03.0942 1044 VaultSvc - ok
12:57:03.0974 1044 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
12:57:03.0988 1044 vdrvroot - ok
12:57:04.0024 1044 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
12:57:04.0125 1044 vds - ok
12:57:04.0156 1044 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
12:57:04.0176 1044 vga - ok
12:57:04.0196 1044 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
12:57:04.0235 1044 VgaSave - ok
12:57:04.0270 1044 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
12:57:04.0289 1044 vhdmp - ok
12:57:04.0338 1044 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
12:57:04.0358 1044 viaagp - ok
12:57:04.0384 1044 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
12:57:04.0423 1044 ViaC7 - ok
12:57:04.0451 1044 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
12:57:04.0468 1044 viaide - ok
12:57:04.0493 1044 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
12:57:04.0508 1044 volmgr - ok
12:57:04.0553 1044 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
12:57:04.0576 1044 volmgrx - ok
12:57:04.0610 1044 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
12:57:04.0631 1044 volsnap - ok
12:57:04.0662 1044 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
12:57:04.0685 1044 vsmraid - ok
12:57:04.0750 1044 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
12:57:04.0879 1044 VSS - ok
12:57:04.0929 1044 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
12:57:04.0969 1044 vwifibus - ok
12:57:05.0020 1044 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
12:57:05.0096 1044 W32Time - ok
12:57:05.0119 1044 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
12:57:05.0151 1044 WacomPen - ok
12:57:05.0201 1044 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
12:57:05.0268 1044 WANARP - ok
12:57:05.0274 1044 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
12:57:05.0330 1044 Wanarpv6 - ok
12:57:05.0396 1044 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
12:57:05.0456 1044 wbengine - ok
12:57:05.0486 1044 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
12:57:05.0523 1044 WbioSrvc - ok
12:57:05.0565 1044 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
12:57:05.0601 1044 wcncsvc - ok
12:57:05.0623 1044 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
12:57:05.0658 1044 WcsPlugInService - ok
12:57:05.0711 1044 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
12:57:05.0726 1044 Wd - ok
12:57:05.0752 1044 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
12:57:05.0781 1044 Wdf01000 - ok
12:57:05.0802 1044 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
12:57:05.0876 1044 WdiServiceHost - ok
12:57:05.0886 1044 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
12:57:05.0910 1044 WdiSystemHost - ok
12:57:05.0938 1044 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
12:57:05.0977 1044 WebClient - ok
12:57:05.0997 1044 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
12:57:06.0042 1044 Wecsvc - ok
12:57:06.0061 1044 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
12:57:06.0110 1044 wercplsupport - ok
12:57:06.0149 1044 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
12:57:06.0207 1044 WerSvc - ok
12:57:06.0259 1044 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
12:57:06.0298 1044 WfpLwf - ok
12:57:06.0314 1044 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
12:57:06.0328 1044 WIMMount - ok
12:57:06.0423 1044 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
12:57:06.0486 1044 WinDefend - ok
12:57:06.0491 1044 WinHttpAutoProxySvc - ok
12:57:06.0534 1044 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
12:57:06.0575 1044 Winmgmt - ok
12:57:06.0626 1044 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
12:57:06.0703 1044 WinRM - ok
12:57:06.0793 1044 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
12:57:06.0847 1044 Wlansvc - ok
12:57:06.0905 1044 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
12:57:06.0937 1044 WmiAcpi - ok
12:57:06.0989 1044 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
12:57:07.0041 1044 wmiApSrv - ok
12:57:07.0140 1044 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
12:57:07.0230 1044 WMPNetworkSvc - ok
12:57:07.0297 1044 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
12:57:07.0346 1044 WPCSvc - ok
12:57:07.0373 1044 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
12:57:07.0465 1044 WPDBusEnum - ok
12:57:07.0519 1044 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
12:57:07.0587 1044 ws2ifsl - ok
12:57:07.0615 1044 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
12:57:07.0650 1044 wscsvc - ok
12:57:07.0660 1044 WSearch - ok
12:57:07.0730 1044 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
12:57:07.0818 1044 wuauserv - ok
12:57:07.0869 1044 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
12:57:07.0906 1044 WudfPf - ok
12:57:07.0951 1044 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:57:07.0989 1044 WUDFRd - ok
12:57:08.0034 1044 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
12:57:08.0085 1044 wudfsvc - ok
12:57:08.0116 1044 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
12:57:08.0151 1044 WwanSvc - ok
12:57:08.0168 1044 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:57:08.0299 1044 \Device\Harddisk0\DR0 - ok
12:57:08.0302 1044 MBR (0x1B8) (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk1\DR1
12:57:14.0945 1044 \Device\Harddisk1\DR1 - ok
12:57:14.0959 1044 Boot (0x1200) (6fdcdb384eb402f5fb79a7fa17b3665d) \Device\Harddisk0\DR0\Partition0
12:57:14.0960 1044 \Device\Harddisk0\DR0\Partition0 - ok
12:57:14.0987 1044 Boot (0x1200) (15031afd4d9f49814de92e81c9326051) \Device\Harddisk0\DR0\Partition1
12:57:14.0988 1044 \Device\Harddisk0\DR0\Partition1 - ok
12:57:14.0990 1044 Boot (0x1200) (10d3435927362cf0cbf8b5c8d71f1609) \Device\Harddisk1\DR1\Partition0
12:57:14.0991 1044 \Device\Harddisk1\DR1\Partition0 - ok
12:57:14.0991 1044 ============================================================
12:57:14.0991 1044 Scan finished
12:57:14.0991 1044 ============================================================
12:57:14.0993 2328 Detected object count: 0
12:57:14.0993 2328 Actual detected object count: 0
|
|
02.04.2012, 12:43
| #18 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | www.searchnu.com/410?tag=newtab - problemZitat:
Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
02.04.2012, 13:10
| #19 |
| | www.searchnu.com/410?tag=newtab - problemCode:
ATTFilter ComboFix 12-04-01.01 - Isa 02.04.2012 13:57:50.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1022.387 [GMT 2:00]
ausgeführt von:: c:\users\Isa\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-02 bis 2012-04-02 ))))))))))))))))))))))))))))))
.
.
2012-04-02 12:04 . 2012-04-02 12:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-02 11:58 . 2012-04-02 11:58 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DACFB00C-1D88-4AE7-B991-93505BE666E0}\offreg.dll
2012-04-02 09:16 . 2012-04-02 09:16 -------- d-----w- C:\_OTL
2012-04-01 12:06 . 2012-04-01 12:06 -------- d-----w- c:\programdata\WinZip
2012-03-30 18:01 . 2012-03-30 18:01 -------- d-----w- c:\program files\Common Files\Java
2012-03-30 18:01 . 2012-03-30 18:00 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-30 18:00 . 2012-03-30 18:00 -------- d-----w- c:\program files\Java
2012-03-30 17:30 . 2012-03-30 17:30 -------- d-----w- c:\program files\ESET
2012-03-30 16:59 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DACFB00C-1D88-4AE7-B991-93505BE666E0}\mpengine.dll
2012-03-29 17:37 . 2012-03-29 17:37 -------- d-----w- c:\program files\7-Zip
2012-03-29 16:49 . 2012-03-29 16:49 -------- d-----w- c:\program files\Microsoft IntelliPoint
2012-03-29 16:49 . 2012-03-29 16:49 -------- d-----w- c:\windows\PCHEALTH
2012-03-29 14:36 . 2012-03-29 14:36 -------- d-----w- c:\users\Isa\AppData\Roaming\Malwarebytes
2012-03-29 14:36 . 2012-03-29 14:36 -------- d-----w- c:\programdata\Malwarebytes
2012-03-29 14:36 . 2012-03-29 14:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-29 14:36 . 2011-12-10 13:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-16 12:46 . 2012-03-16 12:46 -------- d-----w- c:\program files\AC3Filter
2012-03-16 12:46 . 2009-07-19 15:03 497664 ----a-w- c:\windows\system32\ac3filter.acm
2012-03-16 12:38 . 2012-03-16 12:39 -------- d-----w- c:\users\Isa\AppData\Roaming\DivX
2012-03-16 12:37 . 2012-04-01 12:03 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2012-03-16 12:25 . 2012-03-16 12:34 -------- d-----w- c:\users\Isa\AppData\Local\Google
2012-03-16 12:25 . 2012-03-16 12:27 -------- d-----w- c:\program files\Google
2012-03-16 12:24 . 2012-04-01 12:03 -------- d-----w- c:\program files\DivX
2012-03-16 12:23 . 2012-04-01 12:03 -------- d-----w- c:\programdata\DivX
2012-03-16 09:22 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-16 09:22 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 09:46 . 2012-02-03 03:54 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 09:46 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 09:41 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 09:41 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 09:41 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 09:40 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 09:40 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 09:40 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 09:35 . 2012-03-14 09:35 -------- d-----w- c:\programdata\boost_interprocess
2012-03-10 18:17 . 2012-03-10 18:17 -------- d-----w- c:\windows\system32\SPReview
2012-03-10 18:16 . 2012-03-10 18:16 -------- d-----w- c:\windows\system32\EventProviders
2012-03-10 16:47 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-03-10 16:46 . 2010-11-20 12:21 1010688 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-03-10 16:45 . 2010-11-20 12:21 1326592 ----a-w- c:\windows\system32\wlanpref.dll
2012-03-10 16:44 . 2010-11-20 12:21 11264 ----a-w- c:\windows\system32\wshirda.dll
2012-03-10 16:19 . 2011-03-25 02:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-03-10 12:13 . 2012-03-10 12:13 -------- d-----w- c:\program files\Microsoft.NET
2012-03-10 12:03 . 2012-03-10 12:03 -------- d-----w- c:\windows\system32\wbem\en-US
2012-03-09 20:30 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-08 18:12 . 2012-01-31 07:56 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-03-08 18:12 . 2012-01-31 07:56 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-03-08 18:12 . 2011-09-16 15:08 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-03-08 18:12 . 2012-03-08 18:12 -------- d-----w- c:\programdata\Avira
2012-03-08 18:12 . 2012-03-08 18:12 -------- d-----w- c:\program files\Avira
2012-03-08 17:57 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2012-03-08 17:57 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-03-08 17:57 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-03-08 17:57 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2012-03-08 17:57 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-08 17:57 . 2010-11-20 12:29 187776 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-03-08 17:57 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-03-08 17:57 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2012-03-08 17:56 . 2011-03-03 05:38 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-03-08 17:56 . 2011-03-03 05:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2012-03-08 17:56 . 2011-02-19 06:30 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-03-08 17:56 . 2011-02-19 04:34 294912 ----a-w- c:\windows\system32\atmfd.dll
2012-03-08 17:56 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll
2012-03-08 17:56 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-03-08 17:56 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-03-08 17:56 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2012-03-08 17:54 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-03-08 17:54 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2012-03-08 17:54 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2012-03-08 17:54 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2012-03-08 17:54 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2012-03-08 17:54 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2012-03-08 17:54 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2012-03-08 17:54 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2012-03-08 17:54 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2012-03-08 17:54 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2012-03-08 17:53 . 2011-02-12 05:35 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2012-03-08 17:53 . 2010-11-20 12:17 802304 ----a-w- c:\windows\system32\WFS.exe
2012-03-08 17:53 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2012-03-08 17:53 . 2011-03-12 11:23 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2012-03-08 17:53 . 2011-02-24 05:38 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-03-08 17:52 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2012-03-08 17:52 . 2010-12-23 05:54 850944 ----a-w- c:\windows\system32\sbe.dll
2012-03-08 17:52 . 2010-12-23 05:54 642048 ----a-w- c:\windows\system32\CPFilters.dll
2012-03-08 17:52 . 2010-12-23 05:50 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2012-03-08 17:52 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-03-08 17:52 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-03-08 17:52 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2012-03-08 17:50 . 2011-06-15 08:55 86016 ----a-w- c:\windows\system32\odbccu32.dll
2012-03-08 17:50 . 2011-06-15 08:55 81920 ----a-w- c:\windows\system32\odbccr32.dll
2012-03-08 17:50 . 2011-06-15 08:55 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2012-03-08 17:50 . 2011-06-15 08:55 163840 ----a-w- c:\windows\system32\odbctrac.dll
2012-03-08 17:50 . 2011-06-15 08:55 122880 ----a-w- c:\windows\system32\odbccp32.dll
2012-03-08 17:50 . 2011-06-15 08:54 94208 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2012-03-08 17:50 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-08 17:50 . 2010-11-20 12:18 219136 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-08 17:50 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-03-08 17:50 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-03-08 17:45 . 2012-02-23 07:18 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-03-08 17:38 . 2012-03-08 17:38 -------- d-----w- c:\users\Isa\AppData\Local\Adobe
2012-03-08 17:35 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2012-03-08 17:35 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll
2012-03-08 17:35 . 2012-03-08 17:35 -------- d-----w- c:\program files\Common Files\Adobe
2012-03-08 17:35 . 2011-02-23 04:47 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-03-08 17:35 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2012-03-08 17:34 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-03-08 17:34 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-03-08 17:34 . 2010-11-20 12:29 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-03-08 17:34 . 2010-11-20 11:56 107520 ----a-w- c:\windows\system32\cdd.dll
2012-03-08 17:34 . 2012-04-01 12:06 -------- d-sh--w- c:\windows\Installer
2012-03-08 17:31 . 2012-03-08 17:31 -------- d-----w- c:\programdata\NVIDIA
2012-03-08 17:29 . 2009-03-06 10:52 797216 ----a-w- c:\windows\system32\nvcplui.exe
2012-03-08 17:29 . 2009-03-06 10:52 453152 ----a-w- c:\windows\system32\nvuninst.exe
2012-03-08 17:29 . 2009-03-06 10:52 420384 ----a-w- c:\windows\system32\nvcpl.cpl
2012-03-08 17:29 . 2009-03-06 10:52 1108512 ----a-w- c:\windows\system32\nvcpluir.dll
2012-03-08 17:28 . 2012-03-08 17:28 -------- d-----w- c:\users\Isa\AppData\Local\Mozilla
2012-03-08 17:25 . 2012-03-08 17:39 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-08 17:25 . 2012-03-08 17:25 -------- d-----w- c:\windows\system32\Macromed
2012-03-06 09:22 . 2012-04-02 08:18 -------- d-----w- c:\windows\system32\wbem\Performance
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-14 09:23 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-16 04:32 . 2012-03-08 17:28 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-01-31 258512]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-16 135664]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-16 135664]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-01-31 86224]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 75581297
*Deregistered* - 75581297
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-16 12:25]
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-16 12:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Isa\AppData\Roaming\Mozilla\Firefox\Profiles\gn3rs1nl.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-02 14:07:18
ComboFix-quarantined-files.txt 2012-04-02 12:07
.
Vor Suchlauf: 6 Verzeichnis(se), 475.206.565.888 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 474.880.020.480 Bytes frei
.
- - End Of File - - C0149E0823C101B3FDEE6A758C0D4B44
|
|
02.04.2012, 14:43
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | www.searchnu.com/410?tag=newtab - problem Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.04.2012, 15:42
| #21 |
| | www.searchnu.com/410?tag=newtab - problem N° 1 Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2012-04-02 16:40:54
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HN-M500MBB rev.2AR10001
Running: pfnie2b7.exe; Driver: C:\Users\Isa\AppData\Local\Temp\uwldrpow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 17:16:08 on 02.04.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Mozilla Corporation Firefox 5.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\Isa\AppData\Local\Temp\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "uwldrpow" (uwldrpow) - ? - C:\Users\Isa\AppData\Local\Temp\uwldrpow.sys (Hidden registry entry, rootkit activity | File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {653DCCC2-13DB-45B2-A389-427885776CFE} "Activities Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplact.dll {124597D8-850A-41AE-849C-017A4FA99CA2} "Buttons Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplbtn.dll {3BEABCC1-BF31-42df-88D9-A2955D6B8528} "IntelliPoint Sensitivity Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplsens.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {C533AB49-9805-4972-8326-A084696B00F0} "Touch Mouse Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcpltouchmouse.dll {1184D0ED-DBCE-4170-8DBB-4D0C3905DA85} "Touch Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcpltouch.dll {7834E880-F0CC-4FA7-B4F3-FDB0F4E816A5} "Touch Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcpltouchstrip.dll {AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} "Wheel Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplwhl.dll {E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll {E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll {E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll {E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll {20082881-FC36-4E47-9A7A-644C95FF749F} "Wireless Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplwir.dll [Internet Explorer] -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash11g.ocx / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "OpenOffice.org 3.3.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "IntelliPoint" - "Microsoft Corporation" - "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-02 17:20:25
-----------------------------
17:20:25.108 OS Version: Windows 6.1.7601 Service Pack 1
17:20:25.109 Number of processors: 2 586 0xE0C
17:20:25.130 ComputerName: ISA-PC UserName: Isa
17:20:27.118 Initialize success
17:22:48.664 AVAST engine defs: 12040200
17:24:01.947 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:24:01.953 Disk 0 Vendor: SAMSUNG_HN-M500MBB 2AR10001 Size: 476940MB BusType: 3
17:24:01.975 Disk 0 MBR read successfully
17:24:01.984 Disk 0 MBR scan
17:24:02.118 Disk 0 Windows 7 default MBR code
17:24:02.149 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:24:02.193 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
17:24:02.230 Disk 0 scanning sectors +976771072
17:24:02.328 Disk 0 scanning C:\Windows\system32\drivers
17:24:20.176 Service scanning
17:24:47.670 Modules scanning
17:24:57.765 Disk 0 trace - called modules:
17:24:57.786 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
17:24:57.809 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8502f030]
17:24:57.817 3 CLASSPNP.SYS[87e7d59e] -> nt!IofCallDriver -> [0x84f68918]
17:24:57.824 5 ACPI.sys[876243d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84f5f030]
17:24:58.424 AVAST engine scan C:\Windows
17:25:06.256 AVAST engine scan C:\Windows\system32
17:29:33.981 AVAST engine scan C:\Windows\system32\drivers
17:29:50.010 AVAST engine scan C:\Users\Isa
17:30:48.205 AVAST engine scan C:\ProgramData
17:31:03.506 Scan finished successfully
17:31:23.673 Disk 0 MBR has been saved successfully to "C:\Users\Isa\Desktop\MBR.dat"
17:31:23.685 The log file has been saved successfully to "C:\Users\Isa\Desktop\aswMBR.txt"
|
|
| Themen zu www.searchnu.com/410?tag=newtab - problem |
| angezeigt, avira, bösartige, datei, download, eingefangen, firefox, gen, hoffe, installiert, logdateien, malwarebytes, namen, neue, neuen, newtab, nicht installiert, nicht mehr, player, problem, quarantäne, schei, seite, stelle, trojaner-board, verschoben, wirklich, woche |
Linear-Darstellung
