| |
| |||||||
Log-Analyse und Auswertung: 50 Euro Virus auf der Bildfläche im normalen ModusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.04.2012, 15:15
| #16 |
 |  50 Euro Virus auf der Bildfläche im normalen ModusCode:
ATTFilter 55:32.0166 3772 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
15:55:32.0182 3772 AVGIDSFilter - ok
15:55:32.0213 3772 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
15:55:32.0213 3772 Avgldx64 - ok
15:55:32.0244 3772 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
15:55:32.0260 3772 Avgmfx64 - ok
15:55:32.0322 3772 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
15:55:32.0322 3772 avgntflt - ok
15:55:32.0369 3772 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
15:55:32.0369 3772 Avgrkx64 - ok
15:55:32.0400 3772 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
15:55:32.0416 3772 Avgtdia - ok
15:55:32.0587 3772 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
15:55:32.0587 3772 avgwd - ok
15:55:32.0681 3772 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
15:55:32.0681 3772 avipbb - ok
15:55:32.0743 3772 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:55:32.0837 3772 AxInstSV - ok
15:55:32.0915 3772 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:55:32.0962 3772 b06bdrv - ok
15:55:33.0008 3772 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:55:33.0040 3772 b57nd60a - ok
15:55:33.0102 3772 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:55:33.0164 3772 BDESVC - ok
15:55:33.0196 3772 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:55:33.0242 3772 Beep - ok
15:55:33.0320 3772 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:55:33.0383 3772 BFE - ok
15:55:33.0461 3772 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:55:33.0539 3772 BITS - ok
15:55:33.0554 3772 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:55:33.0601 3772 blbdrive - ok
15:55:33.0695 3772 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:55:33.0710 3772 Bonjour Service - ok
15:55:33.0773 3772 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:55:33.0835 3772 bowser - ok
15:55:33.0851 3772 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:55:33.0898 3772 BrFiltLo - ok
15:55:33.0929 3772 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:55:33.0976 3772 BrFiltUp - ok
15:55:34.0007 3772 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:55:34.0054 3772 Browser - ok
15:55:34.0100 3772 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:55:34.0163 3772 Brserid - ok
15:55:34.0225 3772 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:55:34.0256 3772 BrSerWdm - ok
15:55:34.0319 3772 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:55:34.0350 3772 BrUsbMdm - ok
15:55:34.0397 3772 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:55:34.0428 3772 BrUsbSer - ok
15:55:34.0459 3772 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:55:34.0490 3772 BTHMODEM - ok
15:55:34.0537 3772 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:55:34.0584 3772 bthserv - ok
15:55:34.0631 3772 Bulk (5f0fc7dfb1e46ab8da45cdc9b6ec5426) C:\Windows\system32\Drivers\HDJBulk.sys
15:55:34.0678 3772 Bulk - ok
15:55:34.0709 3772 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:55:34.0756 3772 cdfs - ok
15:55:34.0802 3772 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:55:34.0849 3772 cdrom - ok
15:55:34.0880 3772 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:55:34.0943 3772 CertPropSvc - ok
15:55:34.0990 3772 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:55:35.0005 3772 circlass - ok
15:55:35.0052 3772 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:55:35.0068 3772 CLFS - ok
15:55:35.0114 3772 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:55:35.0130 3772 clr_optimization_v2.0.50727_32 - ok
15:55:35.0161 3772 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:55:35.0177 3772 clr_optimization_v2.0.50727_64 - ok
15:55:35.0224 3772 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:55:35.0239 3772 clr_optimization_v4.0.30319_32 - ok
15:55:35.0333 3772 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:55:35.0348 3772 clr_optimization_v4.0.30319_64 - ok
15:55:35.0395 3772 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:55:35.0442 3772 CmBatt - ok
15:55:35.0536 3772 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:55:35.0536 3772 cmdide - ok
15:55:35.0598 3772 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:55:35.0614 3772 CNG - ok
15:55:35.0676 3772 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:55:35.0676 3772 Compbatt - ok
15:55:35.0723 3772 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:55:35.0785 3772 CompositeBus - ok
15:55:35.0832 3772 COMSysApp - ok
15:55:35.0879 3772 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:55:35.0894 3772 crcdisk - ok
15:55:35.0957 3772 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:55:36.0004 3772 CryptSvc - ok
15:55:36.0160 3772 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:55:36.0175 3772 cvhsvc - ok
15:55:36.0269 3772 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:55:36.0331 3772 DcomLaunch - ok
15:55:36.0378 3772 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:55:36.0425 3772 defragsvc - ok
15:55:36.0472 3772 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:55:36.0534 3772 DfsC - ok
15:55:36.0581 3772 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:55:36.0628 3772 Dhcp - ok
15:55:36.0659 3772 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:55:36.0721 3772 discache - ok
15:55:36.0737 3772 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:55:36.0752 3772 Disk - ok
15:55:36.0799 3772 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:55:36.0862 3772 Dnscache - ok
15:55:36.0940 3772 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:55:36.0986 3772 dot3svc - ok
15:55:37.0033 3772 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:55:37.0080 3772 DPS - ok
15:55:37.0111 3772 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:55:37.0142 3772 drmkaud - ok
15:55:37.0236 3772 DsiWMIService (470f7f19188ab45463f8b612d6dde7c8) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
15:55:37.0252 3772 DsiWMIService - ok
15:55:37.0376 3772 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:55:37.0392 3772 DXGKrnl - ok
15:55:37.0454 3772 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:55:37.0501 3772 EapHost - ok
15:55:37.0595 3772 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:55:37.0657 3772 ebdrv - ok
15:55:37.0688 3772 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:55:37.0751 3772 EFS - ok
15:55:37.0844 3772 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:55:37.0891 3772 ehRecvr - ok
15:55:37.0922 3772 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:55:37.0969 3772 ehSched - ok
15:55:38.0032 3772 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:55:38.0047 3772 elxstor - ok
15:55:38.0125 3772 ePowerSvc (8e12d885d17ec5fa4f52d2c6e953e285) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
15:55:38.0156 3772 ePowerSvc - ok
15:55:38.0234 3772 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:55:38.0266 3772 ErrDev - ok
15:55:38.0312 3772 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:55:38.0375 3772 EventSystem - ok
15:55:38.0406 3772 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:55:38.0453 3772 exfat - ok
15:55:38.0484 3772 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:55:38.0515 3772 fastfat - ok
15:55:38.0578 3772 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:55:38.0609 3772 Fax - ok
15:55:38.0656 3772 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:55:38.0671 3772 fdc - ok
15:55:38.0702 3772 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:55:38.0765 3772 fdPHost - ok
15:55:38.0827 3772 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:55:38.0890 3772 FDResPub - ok
15:55:38.0936 3772 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:55:38.0952 3772 FileInfo - ok
15:55:38.0983 3772 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:55:39.0061 3772 Filetrace - ok
15:55:39.0155 3772 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:55:39.0170 3772 FLEXnet Licensing Service - ok
15:55:39.0248 3772 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:55:39.0280 3772 flpydisk - ok
15:55:39.0342 3772 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:55:39.0358 3772 FltMgr - ok
15:55:39.0420 3772 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:55:39.0482 3772 FontCache - ok
15:55:39.0576 3772 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:55:39.0592 3772 FontCache3.0.0.0 - ok
15:55:39.0638 3772 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:55:39.0638 3772 FsDepends - ok
15:55:39.0685 3772 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:55:39.0685 3772 Fs_Rec - ok
15:55:39.0748 3772 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:55:39.0779 3772 fvevol - ok
15:55:39.0794 3772 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:55:39.0794 3772 gagp30kx - ok
15:55:39.0904 3772 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
15:55:39.0919 3772 GameConsoleService - ok
15:55:39.0997 3772 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:55:39.0997 3772 GEARAspiWDM - ok
15:55:40.0060 3772 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:55:40.0091 3772 gpsvc - ok
15:55:40.0184 3772 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
15:55:40.0200 3772 GREGService - ok
15:55:40.0278 3772 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:40.0294 3772 gupdate - ok
15:55:40.0309 3772 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:40.0309 3772 gupdatem - ok
15:55:40.0372 3772 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:55:40.0418 3772 hcw85cir - ok
15:55:40.0481 3772 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:55:40.0512 3772 HdAudAddService - ok
15:55:40.0574 3772 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:55:40.0606 3772 HDAudBus - ok
15:55:40.0652 3772 HDJMidi (94a16341a2630d35d4495974a86ae842) C:\Windows\system32\DRIVERS\HDJMidi.sys
15:55:40.0684 3772 HDJMidi - ok
15:55:40.0746 3772 HerculesDJControlMP3 (4141c2cbd8d6c9f3f4004fe842c48e79) C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
15:55:40.0762 3772 HerculesDJControlMP3 ( UnsignedFile.Multi.Generic ) - warning
15:55:40.0762 3772 HerculesDJControlMP3 - detected UnsignedFile.Multi.Generic (1)
15:55:40.0824 3772 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:55:40.0855 3772 HidBatt - ok
15:55:40.0886 3772 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:55:40.0918 3772 HidBth - ok
15:55:40.0949 3772 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:55:40.0980 3772 HidIr - ok
15:55:41.0058 3772 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:55:41.0120 3772 hidserv - ok
15:55:41.0167 3772 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:55:41.0183 3772 HidUsb - ok
15:55:41.0230 3772 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:55:41.0276 3772 hkmsvc - ok
15:55:41.0339 3772 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:55:41.0370 3772 HomeGroupListener - ok
15:55:41.0417 3772 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:55:41.0448 3772 HomeGroupProvider - ok
15:55:41.0479 3772 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:55:41.0495 3772 HpSAMD - ok
15:55:41.0573 3772 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:55:41.0620 3772 HTTP - ok
15:55:41.0666 3772 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:55:41.0666 3772 hwpolicy - ok
15:55:41.0713 3772 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:55:41.0729 3772 i8042prt - ok
15:55:41.0776 3772 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
15:55:41.0791 3772 iaStor - ok
15:55:41.0854 3772 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:55:41.0869 3772 IAStorDataMgrSvc - ok
15:55:41.0947 3772 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:55:41.0963 3772 iaStorV - ok
15:55:42.0056 3772 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:55:42.0088 3772 idsvc - ok
15:55:42.0150 3772 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:55:42.0166 3772 iirsp - ok
15:55:42.0244 3772 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:55:42.0322 3772 IKEEXT - ok
15:55:42.0431 3772 IntcAzAudAddService (f4c031439501f6c1d336a36d7cb58f4f) C:\Windows\system32\drivers\RTKVHD64.sys
15:55:42.0478 3772 IntcAzAudAddService - ok
15:55:42.0509 3772 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:55:42.0524 3772 intelide - ok
15:55:42.0556 3772 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:55:42.0587 3772 intelppm - ok
15:55:42.0665 3772 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:55:42.0712 3772 IPBusEnum - ok
15:55:42.0743 3772 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:55:42.0805 3772 IpFilterDriver - ok
15:55:42.0868 3772 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:55:42.0899 3772 iphlpsvc - ok
15:55:42.0946 3772 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:55:42.0977 3772 IPMIDRV - ok
15:55:43.0024 3772 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:55:43.0070 3772 IPNAT - ok
15:55:43.0148 3772 iPod Service (a9e53e1a9c4274eebc00d36ae5ed40de) C:\Program Files\iPod\bin\iPodService.exe
15:55:43.0180 3772 iPod Service - ok
15:55:43.0258 3772 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:55:43.0320 3772 IRENUM - ok
15:55:43.0398 3772 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:55:43.0414 3772 isapnp - ok
15:55:43.0460 3772 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:55:43.0476 3772 iScsiPrt - ok
15:55:43.0507 3772 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:55:43.0523 3772 kbdclass - ok
15:55:43.0570 3772 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:55:43.0585 3772 kbdhid - ok
15:55:43.0648 3772 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:55:43.0663 3772 KeyIso - ok
15:55:43.0694 3772 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:55:43.0710 3772 KSecDD - ok
15:55:43.0741 3772 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:55:43.0741 3772 KSecPkg - ok
15:55:43.0788 3772 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:55:43.0835 3772 ksthunk - ok
15:55:43.0882 3772 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:55:43.0944 3772 KtmRm - ok
15:55:43.0975 3772 L1C (0e154da6ca9105354a07d0c576804037) C:\Windows\system32\DRIVERS\L1C62x64.sys
15:55:43.0991 3772 L1C - ok
15:55:44.0038 3772 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:55:44.0100 3772 LanmanServer - ok
15:55:44.0178 3772 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:55:44.0240 3772 LanmanWorkstation - ok
15:55:44.0287 3772 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:55:44.0350 3772 lltdio - ok
15:55:44.0412 3772 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:55:44.0443 3772 lltdsvc - ok
15:55:44.0474 3772 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:55:44.0521 3772 lmhosts - ok
15:55:44.0599 3772 LMS (d7e0bed3ea21d7bddd410ade51708d90) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:55:44.0599 3772 LMS - ok
15:55:44.0693 3772 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:55:44.0693 3772 LSI_FC - ok
15:55:44.0724 3772 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:55:44.0740 3772 LSI_SAS - ok
15:55:44.0786 3772 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:55:44.0802 3772 LSI_SAS2 - ok
15:55:44.0833 3772 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:55:44.0849 3772 LSI_SCSI - ok
15:55:44.0942 3772 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:55:44.0989 3772 luafv - ok
15:55:45.0052 3772 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
15:55:45.0067 3772 MBAMProtector - ok
15:55:45.0161 3772 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:55:45.0192 3772 MBAMService - ok
15:55:45.0254 3772 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:55:45.0286 3772 Mcx2Svc - ok
15:55:45.0348 3772 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:55:45.0348 3772 megasas - ok
15:55:45.0379 3772 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:55:45.0395 3772 MegaSR - ok
15:55:45.0426 3772 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
15:55:45.0442 3772 MEIx64 - ok
15:55:45.0457 3772 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:55:45.0520 3772 MMCSS - ok
15:55:45.0566 3772 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:55:45.0613 3772 Modem - ok
15:55:45.0660 3772 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:55:45.0676 3772 monitor - ok
15:55:45.0722 3772 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:55:45.0738 3772 mouclass - ok
15:55:45.0769 3772 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:55:45.0800 3772 mouhid - ok
15:55:45.0832 3772 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:55:45.0847 3772 mountmgr - ok
15:55:45.0894 3772 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:55:45.0910 3772 mpio - ok
15:55:45.0925 3772 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:55:45.0956 3772 mpsdrv - ok
15:55:46.0019 3772 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:55:46.0081 3772 MpsSvc - ok
15:55:46.0112 3772 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:55:46.0144 3772 MRxDAV - ok
15:55:46.0190 3772 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:55:46.0222 3772 mrxsmb - ok
15:55:46.0253 3772 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:55:46.0268 3772 mrxsmb10 - ok
15:55:46.0300 3772 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:55:46.0331 3772 mrxsmb20 - ok
15:55:46.0362 3772 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:55:46.0362 3772 msahci - ok
15:55:46.0424 3772 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:55:46.0424 3772 msdsm - ok
15:55:46.0471 3772 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:55:46.0502 3772 MSDTC - ok
15:55:46.0534 3772 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:55:46.0596 3772 Msfs - ok
15:55:46.0612 3772 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:55:46.0658 3772 mshidkmdf - ok
15:55:46.0721 3772 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:55:46.0721 3772 msisadrv - ok
15:55:46.0768 3772 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:55:46.0814 3772 MSiSCSI - ok
15:55:46.0830 3772 msiserver - ok
15:55:46.0861 3772 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:55:46.0908 3772 MSKSSRV - ok
15:55:46.0939 3772 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:55:46.0970 3772 MSPCLOCK - ok
15:55:46.0986 3772 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:55:47.0033 3772 MSPQM - ok
15:55:47.0095 3772 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:55:47.0111 3772 MsRPC - ok
15:55:47.0158 3772 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:55:47.0173 3772 mssmbios - ok
15:55:47.0189 3772 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:55:47.0251 3772 MSTEE - ok
15:55:47.0282 3772 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:55:47.0329 3772 MTConfig - ok
15:55:47.0345 3772 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:55:47.0360 3772 Mup - ok
15:55:47.0407 3772 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:55:47.0470 3772 napagent - ok
15:55:47.0516 3772 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:55:47.0548 3772 NativeWifiP - ok
15:55:47.0594 3772 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:55:47.0626 3772 NDIS - ok
15:55:47.0657 3772 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:55:47.0704 3772 NdisCap - ok
15:55:47.0735 3772 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:55:47.0782 3772 NdisTapi - ok
15:55:47.0828 3772 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:55:47.0875 3772 Ndisuio - ok
15:55:47.0922 3772 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:55:47.0969 3772 NdisWan - ok
15:55:48.0016 3772 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:55:48.0062 3772 NDProxy - ok
15:55:48.0172 3772 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:55:48.0187 3772 Nero BackItUp Scheduler 4.0 - ok
15:55:48.0281 3772 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:55:48.0328 3772 NetBIOS - ok
15:55:48.0390 3772 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:55:48.0437 3772 NetBT - ok
15:55:48.0499 3772 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:55:48.0515 3772 Netlogon - ok
15:55:48.0562 3772 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:55:48.0608 3772 Netman - ok
15:55:48.0733 3772 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:55:48.0796 3772 netprofm - ok
15:55:48.0858 3772 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:55:48.0858 3772 NetTcpPortSharing - ok
15:55:48.0920 3772 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:55:48.0920 3772 nfrd960 - ok
15:55:48.0983 3772 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:55:49.0030 3772 NlaSvc - ok
15:55:49.0170 3772 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
15:55:49.0217 3772 NOBU - ok
15:55:49.0295 3772 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:55:49.0357 3772 Npfs - ok
15:55:49.0404 3772 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:55:49.0451 3772 nsi - ok
15:55:49.0482 3772 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:55:49.0529 3772 nsiproxy - ok
15:55:49.0607 3772 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:55:49.0638 3772 Ntfs - ok
15:55:49.0732 3772 NTI IScheduleSvc (8f59a2506af43f96f5397b3c79938ae9) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
15:55:49.0747 3772 NTI IScheduleSvc - ok
15:55:49.0810 3772 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
15:55:49.0825 3772 NTIDrvr - ok
15:55:49.0856 3772 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:55:49.0903 3772 Null - ok
15:55:49.0981 3772 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:55:50.0028 3772 nusb3hub - ok
15:55:50.0075 3772 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:55:50.0122 3772 nusb3xhc - ok
15:55:50.0215 3772 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:55:50.0231 3772 nvraid - ok
15:55:50.0262 3772 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:55:50.0278 3772 nvstor - ok
15:55:50.0340 3772 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:55:50.0340 3772 nv_agp - ok
15:55:50.0402 3772 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:55:50.0418 3772 ohci1394 - ok
15:55:50.0512 3772 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:55:50.0527 3772 ose - ok
15:55:50.0668 3772 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:55:50.0746 3772 osppsvc - ok
15:55:50.0824 3772 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:55:50.0870 3772 p2pimsvc - ok
15:55:50.0902 3772 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:55:50.0917 3772 p2psvc - ok
15:55:50.0964 3772 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:55:50.0995 3772 Parport - ok
15:55:51.0042 3772 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:55:51.0042 3772 partmgr - ok
15:55:51.0073 3772 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:55:51.0120 3772 PcaSvc - ok
15:55:51.0167 3772 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:55:51.0167 3772 pci - ok
15:55:51.0198 3772 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:55:51.0214 3772 pciide - ok
15:55:51.0245 3772 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:55:51.0245 3772 pcmcia - ok
15:55:51.0276 3772 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:55:51.0292 3772 pcw - ok
15:55:51.0323 3772 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:55:51.0354 3772 PEAUTH - ok
15:55:51.0416 3772 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:55:51.0448 3772 PerfHost - ok
15:55:51.0541 3772 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:55:51.0588 3772 pla - ok
15:55:51.0650 3772 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:55:51.0682 3772 PlugPlay - ok
15:55:51.0697 3772 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:55:51.0728 3772 PNRPAutoReg - ok
15:55:51.0760 3772 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:55:51.0775 3772 PNRPsvc - ok
15:55:51.0822 3772 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:55:51.0869 3772 PolicyAgent - ok
15:55:51.0916 3772 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:55:51.0962 3772 Power - ok
15:55:52.0009 3772 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:55:52.0072 3772 PptpMiniport - ok
15:55:52.0087 3772 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:55:52.0118 3772 Processor - ok
15:55:52.0165 3772 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:55:52.0212 3772 ProfSvc - ok
15:55:52.0259 3772 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:55:52.0274 3772 ProtectedStorage - ok
15:55:52.0321 3772 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:55:52.0368 3772 Psched - ok
15:55:52.0399 3772 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
15:55:52.0399 3772 PxHlpa64 - ok
15:55:52.0462 3772 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:55:52.0493 3772 ql2300 - ok
15:55:52.0524 3772 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:55:52.0540 3772 ql40xx - ok
15:55:52.0571 3772 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:55:52.0586 3772 QWAVE - ok
15:55:52.0618 3772 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:55:52.0633 3772 QWAVEdrv - ok
15:55:52.0649 3772 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:55:52.0711 3772 RasAcd - ok
15:55:52.0742 3772 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:55:52.0789 3772 RasAgileVpn - ok
15:55:52.0820 3772 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:55:52.0883 3772 RasAuto - ok
15:55:52.0914 3772 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:55:52.0961 3772 Rasl2tp - ok
15:55:53.0008 3772 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:55:53.0070 3772 RasMan - ok
15:55:53.0101 3772 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:55:53.0148 3772 RasPppoe - ok
15:55:53.0179 3772 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:55:53.0226 3772 RasSstp - ok
15:55:53.0273 3772 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:55:53.0335 3772 rdbss - ok
15:55:53.0366 3772 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:55:53.0382 3772 rdpbus - ok
15:55:53.0398 3772 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:55:53.0460 3772 RDPCDD - ok
15:55:53.0476 3772 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:55:53.0538 3772 RDPENCDD - ok
15:55:53.0554 3772 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:55:53.0616 3772 RDPREFMP - ok
15:55:53.0647 3772 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:55:53.0678 3772 RDPWD - ok
15:55:53.0725 3772 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:55:53.0741 3772 rdyboost - ok
15:55:53.0772 3772 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:55:53.0803 3772 RemoteAccess - ok
15:55:53.0834 3772 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:55:53.0897 3772 RemoteRegistry - ok
15:55:53.0990 3772 RichVideo (cc6943e37ff6b0daff4b2580b0bb9721) C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
15:55:54.0006 3772 RichVideo - ok
15:55:54.0084 3772 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:55:54.0146 3772 RpcEptMapper - ok
15:55:54.0209 3772 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:55:54.0224 3772 RpcLocator - ok
15:55:54.0318 3772 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:55:54.0365 3772 RpcSs - ok
15:55:54.0396 3772 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:55:54.0443 3772 rspndr - ok
15:55:54.0474 3772 RSUSBSTOR (9beb5f18a418ff70659ce2e356829568) C:\Windows\system32\Drivers\RtsUStor.sys
15:55:54.0490 3772 RSUSBSTOR - ok
15:55:54.0536 3772 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:55:54.0552 3772 SamSs - ok
15:55:54.0599 3772 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:55:54.0599 3772 sbp2port - ok
15:55:54.0646 3772 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:55:54.0692 3772 SCardSvr - ok
15:55:54.0739 3772 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:55:54.0802 3772 scfilter - ok
15:55:54.0848 3772 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:55:54.0895 3772 Schedule - ok
15:55:54.0958 3772 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:55:55.0004 3772 SCPolicySvc - ok
15:55:55.0067 3772 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:55:55.0114 3772 SDRSVC - ok
15:55:55.0207 3772 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:55:55.0207 3772 SeaPort - ok
15:55:55.0301 3772 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:55:55.0348 3772 secdrv - ok
15:55:55.0426 3772 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:55:55.0457 3772 seclogon - ok
15:55:55.0504 3772 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:55:55.0550 3772 SENS - ok
15:55:55.0582 3772 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:55:55.0628 3772 SensrSvc - ok
15:55:55.0660 3772 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:55:55.0691 3772 Serenum - ok
15:55:55.0706 3772 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:55:55.0722 3772 Serial - ok
15:55:55.0769 3772 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:55:55.0800 3772 sermouse - ok
15:55:55.0831 3772 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:55:55.0894 3772 SessionEnv - ok
15:55:55.0956 3772 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:55:55.0987 3772 sffdisk - ok
15:55:56.0018 3772 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:55:56.0018 3772 sffp_mmc - ok
15:55:56.0050 3772 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:55:56.0065 3772 sffp_sd - ok
15:55:56.0112 3772 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:55:56.0143 3772 sfloppy - ok
15:55:56.0190 3772 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:55:56.0206 3772 Sftfs - ok
15:55:56.0315 3772 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:55:56.0330 3772 sftlist - ok
15:55:56.0408 3772 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:55:56.0408 3772 Sftplay - ok
15:55:56.0455 3772 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:55:56.0455 3772 Sftredir - ok
15:55:56.0549 3772 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:55:56.0549 3772 Sftvol - ok
15:55:56.0658 3772 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:55:56.0674 3772 sftvsa - ok
15:55:56.0830 3772 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:55:56.0876 3772 SharedAccess - ok
15:55:56.0939 3772 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:55:57.0001 3772 ShellHWDetection - ok
15:55:57.0079 3772 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:55:57.0095 3772 SiSRaid2 - ok
15:55:57.0126 3772 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:55:57.0142 3772 SiSRaid4 - ok
15:55:57.0173 3772 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:55:57.0235 3772 Smb - ok
15:55:57.0298 3772 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:55:57.0329 3772 SNMPTRAP - ok
15:55:57.0360 3772 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:55:57.0376 3772 spldr - ok
15:55:57.0422 3772 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:55:57.0469 3772 Spooler - ok
15:55:57.0578 3772 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:55:57.0672 3772 sppsvc - ok
15:55:57.0703 3772 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:55:57.0750 3772 sppuinotify - ok
15:55:57.0812 3772 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:55:57.0859 3772 srv - ok
15:55:57.0875 3772 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:55:57.0922 3772 srv2 - ok
15:55:57.0937 3772 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:55:57.0968 3772 srvnet - ok
15:55:58.0015 3772 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:55:58.0062 3772 SSDPSRV - ok
15:55:58.0093 3772 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:55:58.0124 3772 SstpSvc - ok
15:55:58.0171 3772 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:55:58.0171 3772 stexstor - ok
15:55:58.0234 3772 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:55:58.0249 3772 stisvc - ok
15:55:58.0296 3772 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:55:58.0312 3772 swenum - ok
15:55:58.0343 3772 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:55:58.0390 3772 swprv - ok
15:55:58.0452 3772 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
15:55:58.0483 3772 SynTP - ok
15:55:58.0546 3772 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:55:58.0608 3772 SysMain - ok
15:55:58.0655 3772 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:55:58.0670 3772 TabletInputService - ok
15:55:58.0717 3772 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:55:58.0764 3772 TapiSrv - ok
15:55:58.0811 3772 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:55:58.0858 3772 TBS - ok
15:55:58.0936 3772 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:55:58.0967 3772 Tcpip - ok
15:55:59.0029 3772 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:55:59.0076 3772 TCPIP6 - ok
15:55:59.0123 3772 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:55:59.0170 3772 tcpipreg - ok
15:55:59.0201 3772 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:55:59.0232 3772 TDPIPE - ok
15:55:59.0263 3772 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:55:59.0294 3772 TDTCP - ok
15:55:59.0326 3772 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:55:59.0388 3772 tdx - ok
15:55:59.0419 3772 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:55:59.0435 3772 TermDD - ok
15:55:59.0482 3772 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:55:59.0544 3772 TermService - ok
15:55:59.0575 3772 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:55:59.0591 3772 Themes - ok
15:55:59.0622 3772 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:55:59.0669 3772 THREADORDER - ok
15:55:59.0684 3772 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:55:59.0747 3772 TrkWks - ok
15:55:59.0809 3772 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:55:59.0856 3772 TrustedInstaller - ok
15:55:59.0918 3772 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:55:59.0950 3772 tssecsrv - ok
15:56:00.0012 3772 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:56:00.0059 3772 TsUsbFlt - ok
15:56:00.0152 3772 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:56:00.0184 3772 tunnel - ok
15:56:00.0215 3772 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
15:56:00.0230 3772 TurboB - ok
15:56:00.0293 3772 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:56:00.0308 3772 TurboBoost - ok
15:56:00.0386 3772 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:56:00.0386 3772 uagp35 - ok
15:56:00.0433 3772 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
15:56:00.0433 3772 UBHelper - ok
15:56:00.0511 3772 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:56:00.0542 3772 udfs - ok
15:56:00.0605 3772 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:56:00.0620 3772 UI0Detect - ok
15:56:00.0683 3772 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:56:00.0698 3772 uliagpkx - ok
15:56:00.0730 3772 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:56:00.0745 3772 umbus - ok
15:56:00.0823 3772 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:56:00.0839 3772 UmPass - ok
15:56:00.0964 3772 UNS (a678e5ddd974903dd71f503bdcaca218) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:56:01.0010 3772 UNS - ok
15:56:01.0088 3772 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
15:56:01.0104 3772 Updater Service - ok
15:56:01.0182 3772 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:56:01.0244 3772 upnphost - ok
15:56:01.0307 3772 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:56:01.0322 3772 USBAAPL64 - ok
15:56:01.0369 3772 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:56:01.0400 3772 usbaudio - ok
15:56:01.0432 3772 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:56:01.0463 3772 usbccgp - ok
15:56:01.0494 3772 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:56:01.0541 3772 usbcir - ok
15:56:01.0588 3772 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:56:01.0603 3772 usbehci - ok
15:56:01.0634 3772 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:56:01.0666 3772 usbhub - ok
15:56:01.0681 3772 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:56:01.0712 3772 usbohci - ok
15:56:01.0744 3772 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:56:01.0775 3772 usbprint - ok
15:56:01.0853 3772 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:56:01.0868 3772 usbscan - ok
15:56:01.0915 3772 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:56:01.0946 3772 USBSTOR - ok
15:56:01.0962 3772 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:56:01.0993 3772 usbuhci - ok
15:56:02.0040 3772 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:56:02.0071 3772 usbvideo - ok
15:56:02.0102 3772 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:56:02.0165 3772 UxSms - ok
15:56:02.0196 3772 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:56:02.0212 3772 VaultSvc - ok
15:56:02.0258 3772 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:56:02.0274 3772 vdrvroot - ok
15:56:02.0321 3772 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:56:02.0368 3772 vds - ok
15:56:02.0399 3772 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:56:02.0414 3772 vga - ok
15:56:02.0446 3772 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:56:02.0492 3772 VgaSave - ok
15:56:02.0539 3772 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:56:02.0555 3772 vhdmp - ok
15:56:02.0602 3772 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:56:02.0617 3772 viaide - ok
15:56:02.0633 3772 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:56:02.0648 3772 volmgr - ok
15:56:02.0695 3772 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:56:02.0711 3772 volmgrx - ok
15:56:02.0758 3772 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:56:02.0773 3772 volsnap - ok
15:56:02.0804 3772 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:56:02.0820 3772 vsmraid - ok
15:56:02.0882 3772 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:56:02.0945 3772 VSS - ok
15:56:02.0976 3772 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:56:02.0992 3772 vwifibus - ok
15:56:03.0007 3772 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:56:03.0038 3772 vwififlt - ok
15:56:03.0054 3772 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:56:03.0101 3772 vwifimp - ok
15:56:03.0132 3772 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:56:03.0179 3772 W32Time - ok
15:56:03.0210 3772 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:56:03.0241 3772 WacomPen - ok
15:56:03.0288 3772 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:56:03.0335 3772 WANARP - ok
15:56:03.0335 3772 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:56:03.0382 3772 Wanarpv6 - ok
15:56:03.0428 3772 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:56:03.0491 3772 wbengine - ok
15:56:03.0569 3772 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:56:03.0600 3772 WbioSrvc - ok
15:56:03.0662 3772 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:56:03.0694 3772 wcncsvc - ok
15:56:03.0725 3772 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:56:03.0772 3772 WcsPlugInService - ok
15:56:03.0850 3772 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:56:03.0850 3772 Wd - ok
15:56:03.0896 3772 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:56:03.0928 3772 Wdf01000 - ok
15:56:03.0974 3772 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:56:04.0068 3772 WdiServiceHost - ok
15:56:04.0084 3772 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:56:04.0099 3772 WdiSystemHost - ok
15:56:04.0193 3772 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:56:04.0224 3772 WebClient - ok
15:56:04.0271 3772 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:56:04.0318 3772 Wecsvc - ok
15:56:04.0349 3772 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:56:04.0396 3772 wercplsupport - ok
15:56:04.0427 3772 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:56:04.0474 3772 WerSvc - ok
15:56:04.0520 3772 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:56:04.0552 3772 WfpLwf - ok
15:56:04.0583 3772 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:56:04.0583 3772 WIMMount - ok
15:56:04.0645 3772 WinDefend - ok
15:56:04.0645 3772 WinHttpAutoProxySvc - ok
15:56:04.0739 3772 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:56:04.0786 3772 Winmgmt - ok
15:56:04.0988 3772 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:56:05.0051 3772 WinRM - ok
15:56:05.0144 3772 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:56:05.0160 3772 WinUsb - ok
15:56:05.0222 3772 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:56:05.0269 3772 Wlansvc - ok
15:56:05.0332 3772 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:56:05.0347 3772 wlcrasvc - ok
15:56:05.0425 3772 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:56:05.0472 3772 wlidsvc - ok
15:56:05.0566 3772 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:56:05.0597 3772 WmiAcpi - ok
15:56:05.0659 3772 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:56:05.0675 3772 wmiApSrv - ok
15:56:05.0722 3772 WMPNetworkSvc - ok
15:56:05.0800 3772 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:56:05.0831 3772 WPCSvc - ok
15:56:05.0878 3772 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:56:05.0893 3772 WPDBusEnum - ok
15:56:05.0924 3772 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:56:05.0987 3772 ws2ifsl - ok
15:56:06.0034 3772 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:56:06.0065 3772 wscsvc - ok
15:56:06.0112 3772 WSearch - ok
15:56:06.0221 3772 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:56:06.0299 3772 wuauserv - ok
15:56:06.0377 3772 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:56:06.0439 3772 WudfPf - ok
15:56:06.0455 3772 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:56:06.0502 3772 WUDFRd - ok
15:56:06.0533 3772 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:56:06.0564 3772 wudfsvc - ok
15:56:06.0611 3772 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:56:06.0658 3772 WwanSvc - ok
15:56:06.0673 3772 MBR (0x1B8) (3e0a9b8449a315e0044be2adf3d12596) \Device\Harddisk0\DR0
15:56:06.0907 3772 \Device\Harddisk0\DR0 - ok
15:56:06.0907 3772 Boot (0x1200) (77bcbadd2dc21499ee6a3a93d9db1d7f) \Device\Harddisk0\DR0\Partition0
15:56:06.0907 3772 \Device\Harddisk0\DR0\Partition0 - ok
15:56:06.0938 3772 Boot (0x1200) (54305f69de0a90e9645487f204ca0c67) \Device\Harddisk0\DR0\Partition1
15:56:06.0938 3772 \Device\Harddisk0\DR0\Partition1 - ok
15:56:06.0954 3772 Boot (0x1200) (af29ab554cc77fd6c4312ee23958b59f) \Device\Harddisk0\DR0\Partition2
15:56:06.0954 3772 \Device\Harddisk0\DR0\Partition2 - ok
15:56:06.0970 3772 Boot (0x1200) (673c6646487a37c8fb49c1a9ea555f3b) \Device\Harddisk0\DR0\Partition3
15:56:06.0970 3772 \Device\Harddisk0\DR0\Partition3 - ok
15:56:06.0970 3772 ============================================================
15:56:06.0970 3772 Scan finished
15:56:06.0970 3772 ============================================================
15:56:06.0985 8164 Detected object count: 1
15:56:06.0985 8164 Actual detected object count: 1
15:56:29.0356 8164 HerculesDJControlMP3 ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:29.0356 8164 HerculesDJControlMP3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:08.0291 5728 Deinitialize success
|
|
10.04.2012, 15:41
| #17 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | 50 Euro Virus auf der Bildfläche im normalen Modus Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
10.04.2012, 17:57
| #18 |
| | 50 Euro Virus auf der Bildfläche im normalen Modus Hat alles reibungslos funktioniert.
__________________Code:
ATTFilter ComboFix 12-04-10.01 - Patti 10.04.2012 18:37:55.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4078.1620 [GMT 2:00]
ausgeführt von:: c:\users\Patti\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\users\Patti\Documents\~WRL0734.tmp
c:\users\Patti\EULA.txt
c:\users\Patti\UNWISE.EXE
C:\win32
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-10 bis 2012-04-10 ))))))))))))))))))))))))))))))
.
.
2012-04-10 16:42 . 2012-04-10 16:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-10 16:35 . 2012-04-10 16:35 -------- d-----w- c:\users\Patti\AppData\Roaming\AVG2012
2012-04-10 13:52 . 2012-04-10 13:52 109 ----a-w- C:\user.js
2012-04-10 13:52 . 2012-04-10 13:52 -------- d-----w- c:\program files (x86)\Softonic
2012-04-10 08:49 . 2012-04-10 08:49 -------- d-----w- C:\_OTL
2012-04-08 08:40 . 2012-04-08 08:40 -------- d-----w- c:\users\Patti\AppData\Local\Apps
2012-04-07 21:14 . 2012-04-07 21:14 -------- d-----w- c:\program files (x86)\ESET
2012-04-07 19:42 . 2012-04-07 19:42 -------- d-----w- c:\program files (x86)\ MALWAREBYTES ANTI-MALWARE
2012-04-07 11:37 . 2012-04-07 11:37 -------- d-----w- c:\users\Patti\AppData\Roaming\Malwarebytes
2012-04-07 11:37 . 2012-04-10 08:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-07 11:37 . 2012-04-07 11:37 -------- d-----w- c:\programdata\Malwarebytes
2012-04-07 11:37 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-06 18:17 . 2012-04-07 19:46 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer
2012-03-15 05:28 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 05:28 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 05:28 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 16:39 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 16:39 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 16:39 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 16:33 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 16:33 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 16:33 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 16:33 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 16:33 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 16:33 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 16:33 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-07 19:19 . 2011-07-01 05:13 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-26 23:52 . 2011-04-20 20:01 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
2012-03-15 13:57 242384 ----a-w- c:\program files (x86)\Softonic\Softonic\1.5.21.0\bh\Softonic.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files (x86)\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll" [2012-03-15 250576]
.
[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"BackupManagerTray"="c:\program files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe" [2010-11-12 295232]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-28 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"Hercules DJ Series"="c:\program files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe" [2009-07-09 631592]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\Patti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 136176]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 136176]
R3 HDJMidi;DJ Control MP3 e2 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-10-29 868224]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [2007-11-21 20480]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [2010-11-12 257344]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 04:32]
.
2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 04:32]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-26 11619432]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-10-29 860040]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://packardbell.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Patti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Patti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Patti\AppData\Roaming\Mozilla\Firefox\Profiles\frcgj171.default\
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.newTab - false
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 88eec149000000000000929ffa76421d
FF - user.js: extensions.Softonic.instlDay - 15440
FF - user.js: extensions.Softonic.vrsn - 1.5.21.0
FF - user.js: extensions.Softonic.vrsni - 1.5.21.0
FF - user.js: extensions.Softonic_i.vrsnTs - 1.5.21.015:52
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00015
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-conduitEngine - c:\progra~2\CONDUI~1\ConduitEngineUninstall.exe
AddRemove-toolplugin - c:\users\Patti\AppData\Local\Temp\WZSE0.TMP\setup.exe
AddRemove-WinLiveSuite - c:\program files (x86)\Windows Live\Installer\wlarp.exe
AddRemove-{08234a0d-cf39-4dca-99f0-0c5cb496da81} - c:\program files (x86)\Bing Bar Installer\InstallManager.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-04-10 18:49:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-04-10 16:49
.
Vor Suchlauf: 10 Verzeichnis(se), 45.861.040.128 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 45.724.614.656 Bytes frei
.
- - End Of File - - 2CB96AF01AC39EA65728CA05EFE64938
Gruß Patrick |
|
11.04.2012, 09:05
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 50 Euro Virus auf der Bildfläche im normalen ModusZitat:
 Sowas wie AntiVir und AVG sollte man niemals gleichzeitig verwenden. Die können sich gegenseitig das Handwerk legen, das System beeinträchtigen oder sich andersweitig gegenseitig behindern, zudem schaffst du nicht mehr Sicherheit indem mehr "Sicherheits"programme aus bunten Pappschachten oder aus Downloads und mit bunten Schirmchen daherkommen. Umgehend eins der beiden deinstallieren!!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu 50 Euro Virus auf der Bildfläche im normalen Modus |
| 50 euro, 50 euro virus, belastet, conduit, diner dash, document, erschein, erscheint, euro, infiziertem, install.exe, laptop, launch, leute, limited.com/facebook, microsoft office word, modus, normale, normalen, nvstor.sys, packard bell, plagegeist, plug-in, required, searchscopes, stark, usb 2.0, usb 3.0, version=1.0, virus, visual studio, windowssystem, wscript.exe |
Linear-Darstellung
