| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.05.2012, 11:03
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet" Ja klar, dann kann das davon kommen. Also legitim  Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{338c6927-87b1-11e0-beaa-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{338c6927-87b1-11e0-beaa-806e6f6e6963}\Shell\AutoRun\command - "" = D:\ANNOfinder.exe
O33 - MountPoints2\{8e402583-cbe6-11e0-b320-001d600b4d4d}\Shell - "" = AutoRun
O33 - MountPoints2\{8e402583-cbe6-11e0-b320-001d600b4d4d}\Shell\AutoRun\command - "" = E:\Setup.exe
@Alternate Data Stream - 1130 bytes -> C:\Users\Simon\AppData\Local\HHhMpdXpHPWxS9U:UaloyjOx3bScIQabGGF
@Alternate Data Stream - 1129 bytes -> C:\Users\Simon\AppData\Local\aPwbUnuP:JG1jknzkFwTjWKsgKLMWGqogW
@Alternate Data Stream - 1123 bytes -> C:\Users\Simon\AppData\Local\ARSEZpkBlz:UH2HTTtjitg7WARcJJI3zI
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.05.2012, 13:15
| #17 |
 | GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet"Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{338c6927-87b1-11e0-beaa-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338c6927-87b1-11e0-beaa-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{338c6927-87b1-11e0-beaa-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338c6927-87b1-11e0-beaa-806e6f6e6963}\ not found.
File D:\ANNOfinder.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e402583-cbe6-11e0-b320-001d600b4d4d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8e402583-cbe6-11e0-b320-001d600b4d4d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e402583-cbe6-11e0-b320-001d600b4d4d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8e402583-cbe6-11e0-b320-001d600b4d4d}\ not found.
File E:\Setup.exe not found.
ADS C:\Users\Simon\AppData\Local\HHhMpdXpHPWxS9U:UaloyjOx3bScIQabGGF deleted successfully.
ADS C:\Users\Simon\AppData\Local\aPwbUnuP:JG1jknzkFwTjWKsgKLMWGqogW deleted successfully.
ADS C:\Users\Simon\AppData\Local\ARSEZpkBlz:UH2HTTtjitg7WARcJJI3zI deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Simon
->Temp folder emptied: 1421024966 bytes
->Temporary Internet Files folder emptied: 32052260 bytes
->Java cache emptied: 15661585 bytes
->FireFox cache emptied: 773650487 bytes
->Flash cache emptied: 92757 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 5 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 119824241 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 111702 bytes
RecycleBin emptied: 171833784 bytes
Total Files Cleaned = 2.417,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Simon
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.43.1 log created on 05252012_130032
Files\Folders moved on Reboot...
C:\Users\Simon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
|
|
25.05.2012, 13:17
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet" Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
25.05.2012, 13:43
| #19 |
| | GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet" Hier die log.txt Code:
ATTFilter 14:39:29.0340 4800 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
14:39:29.0699 4800 ============================================================
14:39:29.0699 4800 Current date / time: 2012/05/25 14:39:29.0699
14:39:29.0699 4800 SystemInfo:
14:39:29.0699 4800
14:39:29.0699 4800 OS Version: 6.1.7601 ServicePack: 1.0
14:39:29.0699 4800 Product type: Workstation
14:39:29.0699 4800 ComputerName: SIMON-PC
14:39:29.0699 4800 UserName: Simon
14:39:29.0699 4800 Windows directory: C:\Windows
14:39:29.0699 4800 System windows directory: C:\Windows
14:39:29.0699 4800 Running under WOW64
14:39:29.0699 4800 Processor architecture: Intel x64
14:39:29.0699 4800 Number of processors: 2
14:39:29.0699 4800 Page size: 0x1000
14:39:29.0699 4800 Boot type: Normal boot
14:39:29.0699 4800 ============================================================
14:39:30.0557 4800 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x11EE4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
14:39:30.0588 4800 Drive \Device\Harddisk1\DR1 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBD435, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
14:39:30.0588 4800 ============================================================
14:39:30.0588 4800 \Device\Harddisk0\DR0:
14:39:30.0588 4800 MBR partitions:
14:39:30.0588 4800 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:39:30.0588 4800 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
14:39:30.0588 4800 \Device\Harddisk1\DR1:
14:39:30.0588 4800 MBR partitions:
14:39:30.0588 4800 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2E938000
14:39:30.0588 4800 ============================================================
14:39:30.0619 4800 C: <-> \Device\Harddisk0\DR0\Partition1
14:39:30.0681 4800 B: <-> \Device\Harddisk1\DR1\Partition0
14:39:30.0681 4800 ============================================================
14:39:30.0681 4800 Initialize success
14:39:30.0681 4800 ============================================================
14:39:40.0353 0944 ============================================================
14:39:40.0353 0944 Scan started
14:39:40.0353 0944 Mode: Manual; SigCheck; TDLFS;
14:39:40.0353 0944 ============================================================
14:39:41.0648 0944 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:39:41.0804 0944 1394ohci - ok
14:39:41.0851 0944 acedrv11 (a3769020f7e8a70fd3e824c050f33306) C:\Windows\system32\drivers\acedrv11.sys
14:39:56.0234 0944 acedrv11 - ok
14:39:56.0281 0944 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:39:56.0312 0944 ACPI - ok
14:39:56.0328 0944 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:39:56.0406 0944 AcpiPmi - ok
14:39:56.0453 0944 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
14:39:56.0468 0944 adfs - ok
14:39:56.0609 0944 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
14:39:56.0640 0944 Adobe Version Cue CS4 - ok
14:39:56.0687 0944 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:39:56.0687 0944 AdobeARMservice - ok
14:39:56.0718 0944 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:39:56.0749 0944 adp94xx - ok
14:39:56.0780 0944 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:39:56.0796 0944 adpahci - ok
14:39:56.0827 0944 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:39:56.0843 0944 adpu320 - ok
14:39:56.0874 0944 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:39:56.0999 0944 AeLookupSvc - ok
14:39:57.0061 0944 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:39:57.0139 0944 AFD - ok
14:39:57.0170 0944 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:39:57.0170 0944 agp440 - ok
14:39:57.0217 0944 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:39:57.0279 0944 ALG - ok
14:39:57.0279 0944 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:39:57.0295 0944 aliide - ok
14:39:57.0389 0944 ALSysIO - ok
14:39:57.0420 0944 AMD External Events Utility (962227630779043b5c1d4cd157abb912) C:\Windows\system32\atiesrxx.exe
14:39:57.0513 0944 AMD External Events Utility - ok
14:39:57.0591 0944 AMD FUEL Service - ok
14:39:57.0623 0944 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:39:57.0623 0944 amdide - ok
14:39:57.0669 0944 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
14:39:57.0669 0944 amdiox64 - ok
14:39:57.0716 0944 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:39:57.0779 0944 AmdK8 - ok
14:39:58.0356 0944 amdkmdag (56d6631761ec37745f0df16bcdc4caf4) C:\Windows\system32\DRIVERS\atikmdag.sys
14:39:58.0683 0944 amdkmdag - ok
14:39:58.0793 0944 amdkmdap (2d9005ea0bfd25c740e53c8dd3c069e0) C:\Windows\system32\DRIVERS\atikmpag.sys
14:39:58.0839 0944 amdkmdap - ok
14:39:58.0871 0944 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:39:58.0917 0944 AmdPPM - ok
14:39:58.0964 0944 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:39:58.0980 0944 amdsata - ok
14:39:59.0011 0944 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:39:59.0027 0944 amdsbs - ok
14:39:59.0042 0944 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:39:59.0058 0944 amdxata - ok
14:39:59.0089 0944 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:39:59.0151 0944 AppID - ok
14:39:59.0183 0944 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:39:59.0229 0944 AppIDSvc - ok
14:39:59.0276 0944 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:39:59.0323 0944 Appinfo - ok
14:39:59.0354 0944 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
14:39:59.0417 0944 AppMgmt - ok
14:39:59.0448 0944 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:39:59.0463 0944 arc - ok
14:39:59.0479 0944 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:39:59.0495 0944 arcsas - ok
14:39:59.0510 0944 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:39:59.0573 0944 AsyncMac - ok
14:39:59.0604 0944 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:39:59.0619 0944 atapi - ok
14:39:59.0666 0944 AtiHDAudioService (2b3b05c0a7768bf033217eb8f33f9c35) C:\Windows\system32\drivers\AtihdW76.sys
14:39:59.0682 0944 AtiHDAudioService - ok
14:40:00.0009 0944 atikmdag (56d6631761ec37745f0df16bcdc4caf4) C:\Windows\system32\DRIVERS\atikmdag.sys
14:40:00.0119 0944 atikmdag - ok
14:40:00.0228 0944 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:40:00.0306 0944 AudioEndpointBuilder - ok
14:40:00.0306 0944 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:40:00.0353 0944 AudioSrv - ok
14:40:00.0399 0944 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:40:00.0477 0944 AxInstSV - ok
14:40:00.0540 0944 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:40:00.0602 0944 b06bdrv - ok
14:40:00.0633 0944 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:40:00.0711 0944 b57nd60a - ok
14:40:00.0743 0944 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:40:00.0805 0944 BDESVC - ok
14:40:00.0836 0944 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:40:00.0899 0944 Beep - ok
14:40:00.0945 0944 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:40:01.0023 0944 BFE - ok
14:40:01.0086 0944 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
14:40:01.0164 0944 BITS - ok
14:40:01.0226 0944 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:40:01.0242 0944 blbdrive - ok
14:40:01.0273 0944 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:40:01.0304 0944 bowser - ok
14:40:01.0320 0944 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:40:01.0398 0944 BrFiltLo - ok
14:40:01.0398 0944 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:40:01.0413 0944 BrFiltUp - ok
14:40:01.0445 0944 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:40:01.0507 0944 Browser - ok
14:40:01.0538 0944 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:40:01.0585 0944 Brserid - ok
14:40:01.0601 0944 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:40:01.0647 0944 BrSerWdm - ok
14:40:01.0647 0944 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:40:01.0663 0944 BrUsbMdm - ok
14:40:01.0663 0944 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:40:01.0725 0944 BrUsbSer - ok
14:40:01.0725 0944 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:40:01.0741 0944 BTHMODEM - ok
14:40:01.0772 0944 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:40:01.0835 0944 bthserv - ok
14:40:01.0866 0944 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:40:01.0928 0944 cdfs - ok
14:40:01.0959 0944 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
14:40:02.0006 0944 cdrom - ok
14:40:02.0037 0944 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:40:02.0100 0944 CertPropSvc - ok
14:40:02.0147 0944 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:40:02.0178 0944 circlass - ok
14:40:02.0225 0944 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:40:02.0256 0944 CLFS - ok
14:40:02.0396 0944 CLPSLS (882e3973505c441ce000133c821d0edd) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
14:40:02.0427 0944 CLPSLS - ok
14:40:02.0505 0944 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:40:02.0521 0944 clr_optimization_v2.0.50727_32 - ok
14:40:02.0583 0944 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:40:02.0615 0944 clr_optimization_v2.0.50727_64 - ok
14:40:02.0677 0944 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:40:02.0693 0944 CmBatt - ok
14:40:02.0833 0944 cmdAgent (cee48ccc4d561ddb19c72f9fb55d28d5) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
14:40:02.0880 0944 cmdAgent - ok
14:40:02.0989 0944 cmderd (7eac5e62f0b93262984d450e0d497b61) C:\Windows\system32\DRIVERS\cmderd.sys
14:40:03.0005 0944 cmderd - ok
14:40:03.0036 0944 cmdGuard (0599d5a458d4e0e37ab84e9d1c5c73e5) C:\Windows\system32\DRIVERS\cmdguard.sys
14:40:03.0051 0944 cmdGuard - ok
14:40:03.0083 0944 cmdHlp (2d3e08c7106f748f9eff3dec14142d3e) C:\Windows\system32\DRIVERS\cmdhlp.sys
14:40:03.0083 0944 cmdHlp - ok
14:40:03.0114 0944 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:40:03.0161 0944 cmdide - ok
14:40:03.0223 0944 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:40:03.0254 0944 CNG - ok
14:40:03.0317 0944 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:40:03.0332 0944 Compbatt - ok
14:40:03.0363 0944 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:40:03.0395 0944 CompositeBus - ok
14:40:03.0410 0944 COMSysApp - ok
14:40:03.0426 0944 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:40:03.0441 0944 crcdisk - ok
14:40:03.0504 0944 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
14:40:03.0613 0944 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:40:03.0613 0944 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:40:03.0644 0944 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
14:40:03.0675 0944 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:40:03.0675 0944 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:40:03.0707 0944 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
14:40:03.0769 0944 CryptSvc - ok
14:40:03.0863 0944 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
14:40:03.0941 0944 CSC - ok
14:40:03.0987 0944 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
14:40:04.0050 0944 CscService - ok
14:40:04.0128 0944 CTAudSvcService (69cdba2b9c397e349a04fa70dd9170a2) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
14:40:04.0159 0944 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
14:40:04.0159 0944 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
14:40:04.0190 0944 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:40:04.0268 0944 DcomLaunch - ok
14:40:04.0299 0944 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:40:04.0377 0944 defragsvc - ok
14:40:04.0518 0944 DeviceMonitorService (14bcef1bc82f020cf3f00aa2113d67fd) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
14:40:04.0533 0944 DeviceMonitorService - ok
14:40:04.0596 0944 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:40:04.0643 0944 DfsC - ok
14:40:04.0705 0944 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:40:04.0767 0944 Dhcp - ok
14:40:04.0799 0944 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:40:04.0861 0944 discache - ok
14:40:04.0892 0944 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:40:04.0908 0944 Disk - ok
14:40:04.0939 0944 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:40:05.0017 0944 Dnscache - ok
14:40:05.0064 0944 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:40:05.0126 0944 dot3svc - ok
14:40:05.0142 0944 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:40:05.0204 0944 DPS - ok
14:40:05.0298 0944 DragonUpdater (79b8d78f3f3255b2858a79f1bf31adbd) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
14:40:05.0313 0944 DragonUpdater - ok
14:40:05.0345 0944 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:40:05.0376 0944 drmkaud - ok
14:40:05.0423 0944 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:40:05.0454 0944 dtsoftbus01 - ok
14:40:05.0516 0944 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:40:05.0547 0944 DXGKrnl - ok
14:40:05.0579 0944 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:40:05.0641 0944 EapHost - ok
14:40:05.0766 0944 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:40:05.0875 0944 ebdrv - ok
14:40:05.0984 0944 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:40:06.0031 0944 EFS - ok
14:40:06.0109 0944 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:40:06.0203 0944 ehRecvr - ok
14:40:06.0218 0944 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:40:06.0249 0944 ehSched - ok
14:40:06.0312 0944 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:40:06.0343 0944 elxstor - ok
14:40:06.0374 0944 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:40:06.0405 0944 ErrDev - ok
14:40:06.0452 0944 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:40:06.0530 0944 EventSystem - ok
14:40:06.0561 0944 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:40:06.0608 0944 exfat - ok
14:40:06.0639 0944 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:40:06.0686 0944 fastfat - ok
14:40:06.0717 0944 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:40:06.0795 0944 Fax - ok
14:40:06.0811 0944 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:40:06.0858 0944 fdc - ok
14:40:06.0889 0944 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:40:06.0920 0944 fdPHost - ok
14:40:06.0951 0944 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:40:07.0014 0944 FDResPub - ok
14:40:07.0045 0944 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:40:07.0061 0944 FileInfo - ok
14:40:07.0076 0944 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:40:07.0139 0944 Filetrace - ok
14:40:07.0217 0944 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:40:07.0232 0944 FLEXnet Licensing Service - ok
14:40:07.0310 0944 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
14:40:07.0326 0944 FLEXnet Licensing Service 64 - ok
14:40:07.0435 0944 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:40:07.0435 0944 flpydisk - ok
14:40:07.0482 0944 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:40:07.0513 0944 FltMgr - ok
14:40:07.0575 0944 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
14:40:07.0669 0944 FontCache - ok
14:40:07.0731 0944 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:40:07.0809 0944 FontCache3.0.0.0 - ok
14:40:07.0856 0944 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:40:07.0872 0944 FsDepends - ok
14:40:07.0887 0944 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:40:07.0903 0944 Fs_Rec - ok
14:40:07.0919 0944 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:40:07.0950 0944 fvevol - ok
14:40:07.0965 0944 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:40:07.0981 0944 gagp30kx - ok
14:40:08.0028 0944 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:40:08.0106 0944 gpsvc - ok
14:40:08.0215 0944 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:40:08.0231 0944 gupdate - ok
14:40:08.0231 0944 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:40:08.0231 0944 gupdatem - ok
14:40:08.0293 0944 HauppaugeTVServer (1dbbf9be473f6ca2f2f4182fccf563dc) C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
14:40:08.0324 0944 HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - warning
14:40:08.0324 0944 HauppaugeTVServer - detected UnsignedFile.Multi.Generic (1)
14:40:08.0465 0944 hcw10bda (bac77c58dede086bd204029eff130dd7) C:\Windows\system32\drivers\hcw10bda.sys
14:40:08.0543 0944 hcw10bda - ok
14:40:08.0558 0944 hcw10cir (a8518733af128859bf2daab6b5c742e5) C:\Windows\system32\drivers\hcw10cir.sys
14:40:08.0621 0944 hcw10cir - ok
14:40:08.0652 0944 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:40:08.0699 0944 hcw85cir - ok
14:40:08.0730 0944 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:40:08.0792 0944 HdAudAddService - ok
14:40:08.0823 0944 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:40:08.0870 0944 HDAudBus - ok
14:40:08.0901 0944 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:40:08.0933 0944 HidBatt - ok
14:40:08.0948 0944 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:40:08.0964 0944 HidBth - ok
14:40:08.0979 0944 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:40:09.0011 0944 HidIr - ok
14:40:09.0042 0944 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:40:09.0104 0944 hidserv - ok
14:40:09.0135 0944 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:40:09.0151 0944 HidUsb - ok
14:40:09.0182 0944 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:40:09.0245 0944 hkmsvc - ok
14:40:09.0276 0944 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:40:09.0354 0944 HomeGroupListener - ok
14:40:09.0385 0944 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:40:09.0432 0944 HomeGroupProvider - ok
14:40:09.0479 0944 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:40:09.0494 0944 HpSAMD - ok
14:40:09.0541 0944 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:40:09.0619 0944 HTTP - ok
14:40:09.0650 0944 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:40:09.0666 0944 hwpolicy - ok
14:40:09.0697 0944 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:40:09.0713 0944 i8042prt - ok
14:40:09.0759 0944 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:40:09.0791 0944 iaStorV - ok
14:40:09.0931 0944 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:40:09.0978 0944 idsvc - ok
14:40:10.0009 0944 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:40:10.0025 0944 iirsp - ok
14:40:10.0071 0944 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:40:10.0149 0944 IKEEXT - ok
14:40:10.0212 0944 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys
14:40:10.0212 0944 inspect - ok
14:40:10.0259 0944 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:40:10.0259 0944 intelide - ok
14:40:10.0305 0944 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:40:10.0337 0944 intelppm - ok
14:40:10.0383 0944 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:40:10.0430 0944 IPBusEnum - ok
14:40:10.0477 0944 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:40:10.0524 0944 IpFilterDriver - ok
14:40:10.0571 0944 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:40:10.0649 0944 iphlpsvc - ok
14:40:10.0695 0944 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:40:10.0727 0944 IPMIDRV - ok
14:40:10.0789 0944 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:40:10.0851 0944 IPNAT - ok
14:40:10.0867 0944 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:40:10.0929 0944 IRENUM - ok
14:40:10.0961 0944 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:40:10.0961 0944 isapnp - ok
14:40:11.0007 0944 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:40:11.0023 0944 iScsiPrt - ok
14:40:11.0054 0944 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:40:11.0054 0944 kbdclass - ok
14:40:11.0085 0944 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
14:40:11.0101 0944 kbdhid - ok
14:40:11.0132 0944 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:40:11.0148 0944 KeyIso - ok
14:40:11.0163 0944 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:40:11.0179 0944 KSecDD - ok
14:40:11.0179 0944 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:40:11.0210 0944 KSecPkg - ok
14:40:11.0226 0944 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:40:11.0288 0944 ksthunk - ok
14:40:11.0319 0944 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:40:11.0397 0944 KtmRm - ok
14:40:11.0444 0944 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
14:40:11.0507 0944 LanmanServer - ok
14:40:11.0538 0944 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:40:11.0600 0944 LanmanWorkstation - ok
14:40:11.0647 0944 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:40:11.0678 0944 lltdio - ok
14:40:11.0709 0944 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:40:11.0787 0944 lltdsvc - ok
14:40:11.0803 0944 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:40:11.0834 0944 lmhosts - ok
14:40:11.0865 0944 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:40:11.0881 0944 LSI_FC - ok
14:40:11.0912 0944 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:40:11.0928 0944 LSI_SAS - ok
14:40:11.0943 0944 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:40:11.0959 0944 LSI_SAS2 - ok
14:40:11.0975 0944 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:40:11.0990 0944 LSI_SCSI - ok
14:40:12.0021 0944 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:40:12.0084 0944 luafv - ok
14:40:12.0084 0944 lxdi_device - ok
14:40:12.0146 0944 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
14:40:12.0162 0944 MBAMProtector - ok
14:40:12.0224 0944 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:40:12.0240 0944 MBAMService - ok
14:40:12.0271 0944 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:40:12.0302 0944 Mcx2Svc - ok
14:40:12.0333 0944 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:40:12.0349 0944 megasas - ok
14:40:12.0365 0944 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:40:12.0396 0944 MegaSR - ok
14:40:12.0474 0944 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:40:12.0474 0944 Microsoft Office Groove Audit Service - ok
14:40:12.0521 0944 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:40:12.0552 0944 MMCSS - ok
14:40:12.0583 0944 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:40:12.0630 0944 Modem - ok
14:40:12.0677 0944 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:40:12.0723 0944 monitor - ok
14:40:12.0848 0944 Motorola Device Manager (5ddce3fc5a54a4a58ee693046ebfaef3) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
14:40:12.0864 0944 Motorola Device Manager - ok
14:40:12.0895 0944 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:40:12.0911 0944 mouclass - ok
14:40:12.0926 0944 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:40:12.0973 0944 mouhid - ok
14:40:12.0989 0944 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:40:13.0004 0944 mountmgr - ok
14:40:13.0067 0944 MozillaMaintenance (5b109c18acc43afc1ec22b1c071e4da9) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:40:13.0082 0944 MozillaMaintenance - ok
14:40:13.0113 0944 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
14:40:13.0129 0944 MpFilter - ok
14:40:13.0160 0944 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:40:13.0176 0944 mpio - ok
14:40:13.0223 0944 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
14:40:13.0223 0944 MpNWMon - ok
14:40:13.0269 0944 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:40:13.0301 0944 mpsdrv - ok
14:40:13.0347 0944 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
14:40:13.0441 0944 MpsSvc - ok
14:40:13.0488 0944 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:40:13.0535 0944 MRxDAV - ok
14:40:13.0581 0944 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:40:13.0644 0944 mrxsmb - ok
14:40:13.0675 0944 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:40:13.0722 0944 mrxsmb10 - ok
14:40:13.0769 0944 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:40:13.0815 0944 mrxsmb20 - ok
14:40:13.0862 0944 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:40:13.0862 0944 msahci - ok
14:40:13.0893 0944 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:40:13.0909 0944 msdsm - ok
14:40:13.0940 0944 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:40:13.0987 0944 MSDTC - ok
14:40:14.0034 0944 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:40:14.0065 0944 Msfs - ok
14:40:14.0081 0944 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:40:14.0143 0944 mshidkmdf - ok
14:40:14.0190 0944 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:40:14.0205 0944 msisadrv - ok
14:40:14.0237 0944 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:40:14.0299 0944 MSiSCSI - ok
14:40:14.0315 0944 msiserver - ok
14:40:14.0346 0944 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:40:14.0377 0944 MSKSSRV - ok
14:40:14.0455 0944 MsMpSvc (157e9e498206a3366baa7e4697bdd947) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:40:14.0471 0944 MsMpSvc - ok
14:40:14.0471 0944 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:40:14.0533 0944 MSPCLOCK - ok
14:40:14.0564 0944 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:40:14.0595 0944 MSPQM - ok
14:40:14.0627 0944 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:40:14.0642 0944 MsRPC - ok
14:40:14.0673 0944 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:40:14.0689 0944 mssmbios - ok
14:40:14.0705 0944 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:40:14.0751 0944 MSTEE - ok
14:40:14.0767 0944 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:40:14.0783 0944 MTConfig - ok
14:40:14.0814 0944 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
14:40:14.0861 0944 MTsensor - ok
14:40:14.0907 0944 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:40:14.0907 0944 Mup - ok
14:40:14.0954 0944 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:40:15.0017 0944 napagent - ok
14:40:15.0048 0944 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:40:15.0110 0944 NativeWifiP - ok
14:40:15.0157 0944 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:40:15.0204 0944 NDIS - ok
14:40:15.0235 0944 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:40:15.0266 0944 NdisCap - ok
14:40:15.0282 0944 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:40:15.0313 0944 NdisTapi - ok
14:40:15.0344 0944 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:40:15.0407 0944 Ndisuio - ok
14:40:15.0438 0944 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:40:15.0500 0944 NdisWan - ok
14:40:15.0563 0944 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:40:15.0594 0944 NDProxy - ok
14:40:15.0625 0944 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:40:15.0672 0944 NetBIOS - ok
14:40:15.0734 0944 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:40:15.0765 0944 NetBT - ok
14:40:15.0797 0944 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:40:15.0812 0944 Netlogon - ok
14:40:15.0843 0944 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:40:15.0906 0944 Netman - ok
14:40:15.0953 0944 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:40:16.0015 0944 netprofm - ok
14:40:16.0093 0944 netr28ux (26672f93749ac9fd28da1b0f94efa78d) C:\Windows\system32\DRIVERS\netr28ux.sys
14:40:16.0155 0944 netr28ux - ok
14:40:16.0280 0944 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:40:16.0374 0944 NetTcpPortSharing - ok
14:40:16.0421 0944 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:40:16.0436 0944 nfrd960 - ok
14:40:16.0467 0944 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:40:16.0483 0944 NisDrv - ok
14:40:16.0577 0944 NisSrv (566ddd5d82520da01d75f81428ac4c38) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
14:40:16.0592 0944 NisSrv - ok
14:40:16.0608 0944 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:40:16.0686 0944 NlaSvc - ok
14:40:16.0733 0944 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:40:16.0764 0944 Npfs - ok
14:40:16.0795 0944 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:40:16.0857 0944 nsi - ok
14:40:16.0873 0944 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:40:16.0935 0944 nsiproxy - ok
14:40:17.0013 0944 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:40:17.0076 0944 Ntfs - ok
14:40:17.0185 0944 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:40:17.0232 0944 Null - ok
14:40:17.0294 0944 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
14:40:17.0341 0944 NVENETFD - ok
14:40:17.0388 0944 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys
14:40:17.0403 0944 NVNET - ok
14:40:17.0450 0944 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:40:17.0466 0944 nvraid - ok
14:40:17.0497 0944 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:40:17.0513 0944 nvstor - ok
14:40:17.0528 0944 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:40:17.0544 0944 nv_agp - ok
14:40:17.0637 0944 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:40:17.0669 0944 odserv - ok
14:40:17.0715 0944 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:40:17.0747 0944 ohci1394 - ok
14:40:17.0793 0944 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:40:17.0809 0944 ose - ok
14:40:17.0871 0944 P17 (edd1dcd36f6115acc6935c3f88ff54d7) C:\Windows\system32\drivers\P17.sys
14:40:17.0965 0944 P17 - ok
14:40:17.0996 0944 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:40:18.0074 0944 p2pimsvc - ok
14:40:18.0105 0944 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:40:18.0137 0944 p2psvc - ok
14:40:18.0183 0944 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:40:18.0199 0944 Parport - ok
14:40:18.0230 0944 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:40:18.0246 0944 partmgr - ok
14:40:18.0261 0944 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:40:18.0308 0944 PcaSvc - ok
14:40:18.0355 0944 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:40:18.0371 0944 pci - ok
14:40:18.0386 0944 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:40:18.0386 0944 pciide - ok
14:40:18.0417 0944 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:40:18.0449 0944 pcmcia - ok
14:40:18.0464 0944 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:40:18.0464 0944 pcw - ok
14:40:18.0495 0944 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:40:18.0573 0944 PEAUTH - ok
14:40:18.0651 0944 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
14:40:18.0745 0944 PeerDistSvc - ok
14:40:18.0807 0944 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:40:18.0917 0944 PerfHost - ok
14:40:19.0041 0944 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:40:19.0119 0944 pla - ok
14:40:19.0166 0944 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:40:19.0244 0944 PlugPlay - ok
14:40:19.0275 0944 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:40:19.0307 0944 PNRPAutoReg - ok
14:40:19.0338 0944 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:40:19.0353 0944 PNRPsvc - ok
14:40:19.0400 0944 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:40:19.0478 0944 PolicyAgent - ok
14:40:19.0509 0944 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:40:19.0572 0944 Power - ok
14:40:19.0634 0944 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:40:19.0681 0944 PptpMiniport - ok
14:40:19.0712 0944 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:40:19.0743 0944 Processor - ok
14:40:19.0977 0944 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
14:40:20.0055 0944 ProfSvc - ok
14:40:20.0087 0944 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:40:20.0102 0944 ProtectedStorage - ok
14:40:20.0118 0944 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:40:20.0165 0944 Psched - ok
14:40:20.0274 0944 PST Service (ea735bf6df13a857a83c99bf27a422ad) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
14:40:20.0289 0944 PST Service ( UnsignedFile.Multi.Generic ) - warning
14:40:20.0289 0944 PST Service - detected UnsignedFile.Multi.Generic (1)
14:40:20.0367 0944 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
14:40:20.0367 0944 PxHlpa64 - ok
14:40:20.0445 0944 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:40:20.0523 0944 ql2300 - ok
14:40:20.0633 0944 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:40:20.0648 0944 ql40xx - ok
14:40:20.0695 0944 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:40:20.0742 0944 QWAVE - ok
14:40:20.0773 0944 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:40:20.0804 0944 QWAVEdrv - ok
14:40:20.0835 0944 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:40:20.0882 0944 RasAcd - ok
14:40:20.0929 0944 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:40:20.0960 0944 RasAgileVpn - ok
14:40:21.0007 0944 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:40:21.0069 0944 RasAuto - ok
14:40:21.0101 0944 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:40:21.0163 0944 Rasl2tp - ok
14:40:21.0225 0944 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:40:21.0272 0944 RasMan - ok
14:40:21.0319 0944 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:40:21.0381 0944 RasPppoe - ok
14:40:21.0413 0944 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:40:21.0475 0944 RasSstp - ok
14:40:21.0522 0944 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:40:21.0600 0944 rdbss - ok
14:40:21.0631 0944 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:40:21.0678 0944 rdpbus - ok
14:40:21.0709 0944 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:40:21.0787 0944 RDPCDD - ok
14:40:21.0834 0944 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
14:40:21.0881 0944 RDPDR - ok
14:40:21.0912 0944 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:40:21.0959 0944 RDPENCDD - ok
14:40:21.0990 0944 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:40:22.0021 0944 RDPREFMP - ok
14:40:22.0161 0944 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
14:40:22.0255 0944 RdpVideoMiniport - ok
14:40:22.0286 0944 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
14:40:22.0317 0944 RDPWD - ok
14:40:22.0364 0944 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:40:22.0380 0944 rdyboost - ok
14:40:22.0411 0944 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:40:22.0473 0944 RemoteAccess - ok
14:40:22.0520 0944 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:40:22.0583 0944 RemoteRegistry - ok
14:40:22.0614 0944 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:40:22.0692 0944 RpcEptMapper - ok
14:40:22.0723 0944 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:40:22.0770 0944 RpcLocator - ok
14:40:22.0910 0944 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:40:22.0957 0944 RpcSs - ok
14:40:22.0973 0944 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:40:23.0019 0944 rspndr - ok
14:40:23.0051 0944 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
14:40:23.0097 0944 s3cap - ok
14:40:23.0129 0944 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:40:23.0144 0944 SamSs - ok
14:40:23.0175 0944 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:40:23.0191 0944 sbp2port - ok
14:40:23.0238 0944 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:40:23.0300 0944 SCardSvr - ok
14:40:23.0347 0944 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:40:23.0394 0944 scfilter - ok
14:40:23.0456 0944 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:40:23.0534 0944 Schedule - ok
14:40:23.0565 0944 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:40:23.0597 0944 SCPolicySvc - ok
14:40:23.0628 0944 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:40:23.0690 0944 SDRSVC - ok
14:40:23.0737 0944 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:40:23.0768 0944 secdrv - ok
14:40:23.0815 0944 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:40:23.0862 0944 seclogon - ok
14:40:23.0909 0944 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:40:23.0955 0944 SENS - ok
14:40:23.0987 0944 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:40:24.0002 0944 SensrSvc - ok
14:40:24.0018 0944 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:40:24.0065 0944 Serenum - ok
14:40:24.0096 0944 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:40:24.0127 0944 Serial - ok
14:40:24.0143 0944 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:40:24.0174 0944 sermouse - ok
14:40:24.0236 0944 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:40:24.0283 0944 SessionEnv - ok
14:40:24.0314 0944 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:40:24.0361 0944 sffdisk - ok
14:40:24.0377 0944 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:40:24.0408 0944 sffp_mmc - ok
14:40:24.0455 0944 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:40:24.0470 0944 sffp_sd - ok
14:40:24.0501 0944 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:40:24.0501 0944 sfloppy - ok
14:40:24.0564 0944 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:40:24.0611 0944 SharedAccess - ok
14:40:24.0673 0944 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:40:24.0735 0944 ShellHWDetection - ok
14:40:24.0767 0944 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:40:24.0767 0944 SiSRaid2 - ok
14:40:24.0782 0944 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:40:24.0798 0944 SiSRaid4 - ok
14:40:24.0829 0944 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:40:24.0891 0944 Smb - ok
14:40:24.0923 0944 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:40:24.0969 0944 SNMPTRAP - ok
14:40:25.0235 0944 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
14:40:25.0235 0944 speedfan - ok
14:40:25.0297 0944 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:40:25.0313 0944 spldr - ok
14:40:25.0359 0944 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:40:25.0391 0944 Spooler - ok
14:40:25.0562 0944 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:40:25.0656 0944 sppsvc - ok
14:40:25.0765 0944 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:40:25.0843 0944 sppuinotify - ok
14:40:25.0905 0944 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:40:25.0952 0944 srv - ok
14:40:25.0983 0944 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:40:26.0046 0944 srv2 - ok
14:40:26.0077 0944 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:40:26.0124 0944 srvnet - ok
14:40:26.0155 0944 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:40:26.0217 0944 SSDPSRV - ok
14:40:26.0249 0944 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:40:26.0280 0944 SstpSvc - ok
14:40:26.0311 0944 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:40:26.0327 0944 stexstor - ok
14:40:26.0373 0944 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:40:26.0436 0944 stisvc - ok
14:40:26.0467 0944 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
14:40:26.0467 0944 storflt - ok
14:40:26.0498 0944 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
14:40:26.0514 0944 storvsc - ok
14:40:26.0545 0944 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:40:26.0561 0944 swenum - ok
14:40:26.0654 0944 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:40:26.0701 0944 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:40:26.0701 0944 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:40:26.0748 0944 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:40:26.0810 0944 swprv - ok
14:40:26.0841 0944 Synth3dVsc - ok
14:40:26.0904 0944 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:40:26.0997 0944 SysMain - ok
14:40:27.0107 0944 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:40:27.0138 0944 TabletInputService - ok
14:40:27.0169 0944 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:40:27.0231 0944 TapiSrv - ok
14:40:27.0278 0944 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:40:27.0309 0944 TBS - ok
14:40:27.0419 0944 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
14:40:27.0481 0944 Tcpip - ok
14:40:27.0590 0944 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
14:40:27.0621 0944 TCPIP6 - ok
14:40:27.0684 0944 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:40:27.0746 0944 tcpipreg - ok
14:40:27.0793 0944 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:40:27.0824 0944 TDPIPE - ok
14:40:27.0855 0944 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:40:27.0887 0944 TDTCP - ok
14:40:27.0933 0944 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:40:27.0980 0944 tdx - ok
14:40:28.0105 0944 TeamViewer6 (1c46c27e9f1938b9589859c70450d275) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
14:40:28.0152 0944 TeamViewer6 - ok
14:40:28.0261 0944 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:40:28.0261 0944 TermDD - ok
14:40:28.0308 0944 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:40:28.0386 0944 TermService - ok
14:40:28.0417 0944 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:40:28.0433 0944 Themes - ok
14:40:28.0464 0944 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:40:28.0495 0944 THREADORDER - ok
14:40:28.0526 0944 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:40:28.0589 0944 TrkWks - ok
14:40:28.0635 0944 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:40:28.0698 0944 TrustedInstaller - ok
14:40:28.0745 0944 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:40:28.0791 0944 tssecsrv - ok
14:40:28.0838 0944 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:40:28.0869 0944 TsUsbFlt - ok
14:40:28.0869 0944 tsusbhub - ok
14:40:28.0901 0944 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:40:28.0963 0944 tunnel - ok
14:40:29.0010 0944 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:40:29.0025 0944 uagp35 - ok
14:40:29.0057 0944 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:40:29.0135 0944 udfs - ok
14:40:29.0166 0944 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:40:29.0181 0944 UI0Detect - ok
14:40:29.0228 0944 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:40:29.0244 0944 uliagpkx - ok
14:40:29.0259 0944 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:40:29.0275 0944 umbus - ok
14:40:29.0306 0944 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:40:29.0337 0944 UmPass - ok
14:40:29.0384 0944 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
14:40:29.0431 0944 UmRdpService - ok
14:40:29.0462 0944 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:40:29.0540 0944 upnphost - ok
14:40:29.0587 0944 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
14:40:29.0618 0944 usbccgp - ok
14:40:29.0649 0944 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:40:29.0665 0944 usbcir - ok
14:40:29.0696 0944 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:40:29.0743 0944 usbehci - ok
14:40:29.0774 0944 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:40:29.0821 0944 usbhub - ok
14:40:29.0837 0944 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
14:40:29.0852 0944 usbohci - ok
14:40:29.0883 0944 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:40:29.0915 0944 usbprint - ok
14:40:29.0961 0944 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:40:29.0993 0944 USBSTOR - ok
14:40:30.0008 0944 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:40:30.0055 0944 usbuhci - ok
14:40:30.0086 0944 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:40:30.0149 0944 UxSms - ok
14:40:30.0211 0944 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:40:30.0227 0944 VaultSvc - ok
14:40:30.0258 0944 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:40:30.0273 0944 vdrvroot - ok
14:40:30.0305 0944 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:40:30.0351 0944 vds - ok
14:40:30.0383 0944 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:40:30.0398 0944 vga - ok
14:40:30.0414 0944 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:40:30.0461 0944 VgaSave - ok
14:40:30.0461 0944 VGPU - ok
14:40:30.0507 0944 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:40:30.0539 0944 vhdmp - ok
14:40:30.0570 0944 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:40:30.0570 0944 viaide - ok
14:40:30.0601 0944 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
14:40:30.0617 0944 vmbus - ok
14:40:30.0648 0944 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
14:40:30.0663 0944 VMBusHID - ok
14:40:30.0679 0944 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:40:30.0695 0944 volmgr - ok
14:40:30.0726 0944 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:40:30.0757 0944 volmgrx - ok
14:40:30.0804 0944 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:40:30.0819 0944 volsnap - ok
14:40:30.0851 0944 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:40:30.0866 0944 vsmraid - ok
14:40:30.0944 0944 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:40:31.0038 0944 VSS - ok
14:40:31.0163 0944 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
14:40:31.0194 0944 vwifibus - ok
14:40:31.0225 0944 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:40:31.0241 0944 vwififlt - ok
14:40:31.0272 0944 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:40:31.0319 0944 W32Time - ok
14:40:31.0350 0944 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:40:31.0350 0944 WacomPen - ok
14:40:31.0381 0944 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:40:31.0459 0944 WANARP - ok
14:40:31.0459 0944 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:40:31.0490 0944 Wanarpv6 - ok
14:40:31.0568 0944 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:40:31.0677 0944 wbengine - ok
14:40:31.0771 0944 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:40:31.0802 0944 WbioSrvc - ok
14:40:31.0833 0944 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:40:31.0880 0944 wcncsvc - ok
14:40:31.0911 0944 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:40:31.0943 0944 WcsPlugInService - ok
14:40:32.0005 0944 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:40:32.0021 0944 Wd - ok
14:40:32.0052 0944 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:40:32.0083 0944 Wdf01000 - ok
14:40:32.0099 0944 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:40:32.0208 0944 WdiServiceHost - ok
14:40:32.0208 0944 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:40:32.0223 0944 WdiSystemHost - ok
14:40:32.0255 0944 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:40:32.0317 0944 WebClient - ok
14:40:32.0364 0944 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:40:32.0426 0944 Wecsvc - ok
14:40:32.0457 0944 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:40:32.0504 0944 wercplsupport - ok
14:40:32.0535 0944 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:40:32.0598 0944 WerSvc - ok
14:40:32.0676 0944 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:40:32.0723 0944 WfpLwf - ok
14:40:32.0754 0944 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:40:32.0754 0944 WIMMount - ok
14:40:32.0785 0944 WinDefend - ok
14:40:32.0801 0944 WinHttpAutoProxySvc - ok
14:40:32.0847 0944 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:40:32.0910 0944 Winmgmt - ok
14:40:33.0019 0944 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:40:33.0128 0944 WinRM - ok
14:40:33.0253 0944 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:40:33.0269 0944 WinUsb - ok
14:40:33.0331 0944 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:40:33.0378 0944 Wlansvc - ok
14:40:33.0409 0944 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
14:40:33.0425 0944 WmBEnum - ok
14:40:33.0456 0944 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
14:40:33.0456 0944 WmFilter - ok
14:40:33.0487 0944 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:40:33.0534 0944 WmiAcpi - ok
14:40:33.0596 0944 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:40:33.0627 0944 wmiApSrv - ok
14:40:33.0690 0944 WMPNetworkSvc - ok
14:40:33.0721 0944 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
14:40:33.0737 0944 WmVirHid - ok
14:40:33.0752 0944 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
14:40:33.0752 0944 WmXlCore - ok
14:40:33.0783 0944 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:40:33.0815 0944 WPCSvc - ok
14:40:33.0846 0944 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:40:33.0861 0944 WPDBusEnum - ok
14:40:33.0877 0944 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:40:33.0908 0944 ws2ifsl - ok
14:40:33.0939 0944 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
14:40:34.0002 0944 wscsvc - ok
14:40:34.0002 0944 WSearch - ok
14:40:34.0095 0944 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
14:40:34.0220 0944 wuauserv - ok
14:40:34.0345 0944 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:40:34.0407 0944 WudfPf - ok
14:40:34.0423 0944 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:40:34.0470 0944 WUDFRd - ok
14:40:34.0501 0944 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:40:34.0532 0944 wudfsvc - ok
14:40:34.0563 0944 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:40:34.0610 0944 WwanSvc - ok
14:40:34.0673 0944 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:40:34.0875 0944 \Device\Harddisk0\DR0 - ok
14:40:34.0891 0944 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
14:40:34.0938 0944 \Device\Harddisk1\DR1 - ok
14:40:34.0938 0944 Boot (0x1200) (815405d175a32db08c04c21d4b01ac38) \Device\Harddisk0\DR0\Partition0
14:40:34.0938 0944 \Device\Harddisk0\DR0\Partition0 - ok
14:40:34.0969 0944 Boot (0x1200) (c7d1b430a3a1f48038b0fe5e04583544) \Device\Harddisk0\DR0\Partition1
14:40:34.0969 0944 \Device\Harddisk0\DR0\Partition1 - ok
14:40:35.0000 0944 Boot (0x1200) (192ccefa9e5465846740a40152048e4c) \Device\Harddisk1\DR1\Partition0
14:40:35.0000 0944 \Device\Harddisk1\DR1\Partition0 - ok
14:40:35.0000 0944 ============================================================
14:40:35.0000 0944 Scan finished
14:40:35.0000 0944 ============================================================
14:40:35.0016 5088 Detected object count: 6
14:40:35.0016 5088 Actual detected object count: 6
14:41:48.0508 5088 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:48.0508 5088 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:48.0523 5088 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:48.0523 5088 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:48.0523 5088 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:48.0523 5088 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:48.0523 5088 HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:48.0523 5088 HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:48.0523 5088 PST Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:48.0523 5088 PST Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:48.0523 5088 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:48.0523 5088 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
25.05.2012, 14:52
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet" Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.05.2012, 01:52
| #21 |
| | GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet" Ausgeführt und die log schaut so aus: Code:
ATTFilter ComboFix 12-05-25.03 - Simon 26.05.2012 2:33.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1033.18.4095.2742 [GMT 2:00]
ausgeführt von:: c:\users\Simon\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Simon\4.0
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-04-26 bis 2012-05-26 ))))))))))))))))))))))))))))))
.
.
2012-05-26 00:40 . 2012-05-26 00:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-25 11:00 . 2012-05-25 11:00 -------- d-----w- C:\_OTL
2012-05-25 10:57 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{29A2D94F-FE53-4B53-8480-EF7ECC9C6226}\mpengine.dll
2012-05-24 20:44 . 2012-05-24 20:44 -------- d-----w- c:\program files (x86)\Motorola Media Link
2012-05-24 20:42 . 2012-05-24 20:42 -------- d-----w- c:\users\Simon\AppData\Roaming\Motorola Mobility
2012-05-24 20:41 . 2012-05-24 20:41 -------- d-----w- c:\program files\Motorola Inc
2012-05-21 16:24 . 2012-05-21 16:24 -------- d-----w- c:\program files (x86)\ESET
2012-05-19 15:23 . 2012-05-25 10:48 -------- d-----w- c:\users\Simon\.gstreamer-0.10
2012-05-19 15:22 . 2012-05-19 15:22 -------- d-----w- c:\users\Simon\AppData\Local\Motorola
2012-05-19 15:22 . 2012-05-19 15:22 -------- d-----w- c:\program files (x86)\Common Files\Nero
2012-05-19 15:22 . 2012-05-24 20:44 -------- d-----w- c:\programdata\Nero
2012-05-19 15:22 . 2012-05-19 15:22 -------- d-----w- c:\programdata\Motorola
2012-05-19 15:22 . 2012-05-24 20:42 -------- d-----w- c:\program files (x86)\Motorola Mobility
2012-05-19 15:22 . 2012-05-26 00:42 -------- d-----w- C:\Temp
2012-05-19 15:21 . 2012-05-19 15:21 -------- d-----w- c:\program files\Common Files\Motorola Shared
2012-05-19 15:21 . 2012-05-25 10:46 -------- d-----w- c:\program files (x86)\Motorola
2012-05-19 15:21 . 2012-05-19 15:22 -------- d-----w- c:\users\Simon\AppData\Roaming\Motorola
2012-05-19 15:20 . 2012-05-25 10:48 -------- d-----w- c:\users\Simon\AppData\Roaming\MotoCast
2012-05-19 09:16 . 2012-05-19 09:16 -------- d-----w- c:\users\Simon\AppData\Roaming\Malwarebytes
2012-05-19 09:15 . 2012-05-19 09:15 -------- d-----w- c:\programdata\Malwarebytes
2012-05-19 09:15 . 2012-05-19 09:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-19 09:15 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-12 17:43 . 2012-05-12 18:25 -------- d-----w- c:\programdata\CPA_VA
2012-05-12 17:38 . 2012-05-12 18:01 -------- d-----w- c:\users\Simon\AppData\Local\Comodo
2012-05-12 17:38 . 2012-05-16 21:05 -------- d-----w- c:\program files (x86)\Comodo
2012-05-12 17:37 . 2012-05-12 17:37 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-05-12 17:37 . 2012-05-12 17:37 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-04-27 11:02 . 2012-04-27 11:02 -------- d-----w- c:\users\Simon\AppData\Local\Targem
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-09 11:08 . 2012-04-05 13:38 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-09 11:07 . 2011-05-26 21:28 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-08 17:02 . 2011-05-28 09:15 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-03-14 20:45 . 2012-03-14 20:45 1948672 ----a-w- c:\windows\SysWow64\sx-csp.dll
2012-03-11 21:13 . 2011-10-21 16:28 41200 ----a-w- c:\windows\system32\cmdcsr.dll
2012-03-11 19:13 . 2012-03-11 19:13 577824 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-03-11 19:13 . 2012-03-11 19:13 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-03-11 19:13 . 2012-03-11 19:13 22696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-03-11 19:13 . 2012-03-11 19:13 301224 ----a-w- c:\windows\SysWow64\guard32.dll
2012-03-11 19:13 . 2012-03-11 19:13 389840 ----a-w- c:\windows\system32\guard64.dll
2012-02-27 16:23 . 2011-10-22 17:43 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AML Device Install.lnk - c:\program files (x86)\AMD AVT\bin\kdbsync.exe [2012-1-31 10752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17 136176]
R2 hcw10cir;Hauppauge CIR Receiver;c:\windows\system32\drivers\hcw10cir.sys [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 ALSysIO;ALSysIO;c:\users\Simon\AppData\Local\Temp\ALSysIO64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-05-26 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-05-26 79360]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-08-31 1038088]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17 136176]
R3 hcw10bda;Hauppauge USB-Live2 (111xxx);c:\windows\system32\drivers\hcw10bda.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-24 113136]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-02-14 361984]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-05-14 87368]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [2012-05-16 412304]
S2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-05-18 116632]
S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17 14:02]
.
2012-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17 14:02]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{398C0B66-A980-4A70-B90F-DD899A97DDAF}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{E22B2CEE-3C79-43F6-9EA8-A4DEBA104D2B}: NameServer = 8.26.56.26,156.154.70.22
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\3yecqz8f.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\progra~2\WinTV\TVServer\HAUPPA~1.EXE
c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-05-26 02:47:41 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-05-26 00:47
.
Vor Suchlauf: 22.637.375.488 bytes free
Nach Suchlauf: 21.969.059.840 bytes free
.
- - End Of File - - 73A96B8B1FFA4F47A9E62F5D14456B92
|
|
26.05.2012, 14:33
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet"Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet" |
| autostart, comodo, dateisystem, e-mail, ergebnis, fehlermeldungen, firefox, gesendet, gmx, heuristiks/extra, heuristiks/shuriken, installiert, internet, microsoft, microsoft security, neue, neuen, nichts, ordner, problem, programme, security, spam-mails, speicher, test, ungewollt, verdacht, verschickt, win, win7 |
Linear-Darstellung
