| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DNWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.08.2012, 16:29
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.08.2012, 22:17
| #17 |
 | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DNCode:
ATTFilter 23:12:30.0889 5940 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
23:12:31.0278 5940 ============================================================
23:12:31.0278 5940 Current date / time: 2012/08/20 23:12:31.0278
23:12:31.0278 5940 SystemInfo:
23:12:31.0278 5940
23:12:31.0278 5940 OS Version: 6.1.7601 ServicePack: 1.0
23:12:31.0278 5940 Product type: Workstation
23:12:31.0278 5940 ComputerName: DENNIS-PC
23:12:31.0278 5940 UserName: Dennis
23:12:31.0278 5940 Windows directory: C:\Windows
23:12:31.0278 5940 System windows directory: C:\Windows
23:12:31.0278 5940 Running under WOW64
23:12:31.0278 5940 Processor architecture: Intel x64
23:12:31.0278 5940 Number of processors: 4
23:12:31.0278 5940 Page size: 0x1000
23:12:31.0278 5940 Boot type: Normal boot
23:12:31.0278 5940 ============================================================
23:12:32.0115 5940 Drive \Device\Harddisk0\DR0 - Size: 0x746A520000 (465.66 Gb), SectorSize: 0x200, Cylinders: 0xED74, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:12:32.0255 5940 ============================================================
23:12:32.0255 5940 \Device\Harddisk0\DR0:
23:12:32.0255 5940 MBR partitions:
23:12:32.0255 5940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:12:32.0255 5940 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9C0E000
23:12:32.0255 5940 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0x10E82000
23:12:32.0255 5940 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1AAC2800, BlocksNum 0x1F88F800
23:12:32.0255 5940 ============================================================
23:12:32.0285 5940 C: <-> \Device\Harddisk0\DR0\Partition2
23:12:32.0315 5940 D: <-> \Device\Harddisk0\DR0\Partition3
23:12:32.0364 5940 E: <-> \Device\Harddisk0\DR0\Partition4
23:12:32.0364 5940 ============================================================
23:12:32.0364 5940 Initialize success
23:12:32.0364 5940 ============================================================
23:13:09.0926 5032 ============================================================
23:13:09.0926 5032 Scan started
23:13:09.0926 5032 Mode: Manual; SigCheck; TDLFS;
23:13:09.0926 5032 ============================================================
23:13:10.0798 5032 ================ Scan services =============================
23:13:10.0926 5032 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:13:10.0990 5032 1394ohci - ok
23:13:11.0021 5032 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:13:11.0034 5032 ACPI - ok
23:13:11.0056 5032 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:13:11.0097 5032 AcpiPmi - ok
23:13:11.0178 5032 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:13:11.0207 5032 AdobeARMservice - ok
23:13:11.0323 5032 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:13:11.0357 5032 AdobeFlashPlayerUpdateSvc - ok
23:13:11.0389 5032 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:13:11.0435 5032 adp94xx - ok
23:13:11.0467 5032 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:13:11.0485 5032 adpahci - ok
23:13:11.0500 5032 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:13:11.0515 5032 adpu320 - ok
23:13:11.0538 5032 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:13:11.0583 5032 AeLookupSvc - ok
23:13:11.0620 5032 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:13:11.0649 5032 AFD - ok
23:13:11.0671 5032 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:13:11.0680 5032 agp440 - ok
23:13:11.0694 5032 [ 97DD49CCDB89A22CFCEA78B29D393D87 ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys
23:13:11.0706 5032 ahcix64s - ok
23:13:11.0713 5032 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:13:11.0727 5032 ALG - ok
23:13:11.0738 5032 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:13:11.0746 5032 aliide - ok
23:13:11.0774 5032 [ 0BDE3222789749571C3D706F0181203D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:13:11.0810 5032 AMD External Events Utility - ok
23:13:11.0818 5032 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:13:11.0830 5032 amdide - ok
23:13:11.0880 5032 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
23:13:11.0905 5032 amdiox64 - ok
23:13:11.0922 5032 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:13:11.0949 5032 AmdK8 - ok
23:13:12.0167 5032 [ 75BBD04F450CE109031A215FD4EC667A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:13:12.0395 5032 amdkmdag - ok
23:13:12.0426 5032 [ ADB8EE976CE4A47C54D39F2581593C03 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:13:12.0460 5032 amdkmdap - ok
23:13:12.0527 5032 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:13:12.0584 5032 AmdPPM - ok
23:13:12.0670 5032 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:13:12.0703 5032 amdsata - ok
23:13:12.0726 5032 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:13:12.0741 5032 amdsbs - ok
23:13:12.0751 5032 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:13:12.0760 5032 amdxata - ok
23:13:12.0789 5032 AODDriver4.0 - ok
23:13:12.0801 5032 AODDriver4.01 - ok
23:13:12.0845 5032 [ C992356EC945728C5D973CD02C6C0406 ] AODDriver4.1.0 C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
23:13:12.0852 5032 AODDriver4.1.0 - ok
23:13:12.0881 5032 [ 36677EB30D6FA41E085530A8362B7C5E ] AODService C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
23:13:12.0889 5032 AODService - ok
23:13:12.0915 5032 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:13:12.0945 5032 AppID - ok
23:13:12.0958 5032 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:13:12.0993 5032 AppIDSvc - ok
23:13:13.0011 5032 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:13:13.0040 5032 Appinfo - ok
23:13:13.0062 5032 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:13:13.0080 5032 AppMgmt - ok
23:13:13.0102 5032 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:13:13.0112 5032 arc - ok
23:13:13.0122 5032 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:13:13.0132 5032 arcsas - ok
23:13:13.0179 5032 [ FF9DAEF5CCDB6082C30CE151B768EA28 ] arusb_win7x C:\Windows\system32\DRIVERS\arusb_win7x.sys
23:13:13.0241 5032 arusb_win7x - ok
23:13:13.0317 5032 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:13:13.0350 5032 aspnet_state - ok
23:13:13.0384 5032 [ DF59B8E8DF0BD2E0E303778A3806A17D ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
23:13:13.0395 5032 aswFsBlk - ok
23:13:13.0426 5032 [ F8E6AB4F876FEFF69250F2E0C29EF004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:13:13.0437 5032 aswMonFlt - ok
23:13:13.0449 5032 [ AA92BC4BCBA40CA3AA3FFD1BE24F0C09 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
23:13:13.0460 5032 aswRdr - ok
23:13:13.0510 5032 [ F06E230E1E8CA9437A6474B7B551CD37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:13:13.0564 5032 aswSnx - ok
23:13:13.0584 5032 [ 3610CA74A69E380424F0452DEC5C1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:13:13.0600 5032 aswSP - ok
23:13:13.0613 5032 [ 87DE3E31CB0091D22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
23:13:13.0624 5032 aswTdi - ok
23:13:13.0640 5032 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:13:13.0683 5032 AsyncMac - ok
23:13:13.0700 5032 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:13:13.0708 5032 atapi - ok
23:13:13.0892 5032 [ 75BBD04F450CE109031A215FD4EC667A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:13:13.0977 5032 atikmdag - ok
23:13:14.0009 5032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:13:14.0068 5032 AudioEndpointBuilder - ok
23:13:14.0076 5032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:13:14.0104 5032 AudioSrv - ok
23:13:14.0129 5032 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:13:14.0137 5032 avast! Antivirus - ok
23:13:14.0167 5032 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:13:14.0200 5032 AxInstSV - ok
23:13:14.0238 5032 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:13:14.0258 5032 b06bdrv - ok
23:13:14.0271 5032 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:13:14.0292 5032 b57nd60a - ok
23:13:14.0315 5032 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:13:14.0336 5032 BDESVC - ok
23:13:14.0339 5032 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:13:14.0412 5032 Beep - ok
23:13:14.0430 5032 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:13:14.0451 5032 blbdrive - ok
23:13:14.0469 5032 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:13:14.0482 5032 bowser - ok
23:13:14.0491 5032 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:13:14.0518 5032 BrFiltLo - ok
23:13:14.0528 5032 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:13:14.0542 5032 BrFiltUp - ok
23:13:14.0562 5032 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
23:13:14.0663 5032 Browser - ok
23:13:14.0683 5032 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:13:14.0710 5032 Brserid - ok
23:13:14.0717 5032 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:13:14.0739 5032 BrSerWdm - ok
23:13:14.0750 5032 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:13:14.0780 5032 BrUsbMdm - ok
23:13:14.0789 5032 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:13:14.0807 5032 BrUsbSer - ok
23:13:14.0815 5032 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:13:14.0841 5032 BTHMODEM - ok
23:13:14.0855 5032 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:13:14.0885 5032 bthserv - ok
23:13:14.0898 5032 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:13:14.0935 5032 cdfs - ok
23:13:14.0955 5032 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:13:14.0975 5032 cdrom - ok
23:13:14.0987 5032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:13:15.0024 5032 CertPropSvc - ok
23:13:15.0030 5032 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:13:15.0049 5032 circlass - ok
23:13:15.0067 5032 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:13:15.0081 5032 CLFS - ok
23:13:15.0119 5032 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:13:15.0147 5032 clr_optimization_v2.0.50727_32 - ok
23:13:15.0172 5032 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:13:15.0183 5032 clr_optimization_v2.0.50727_64 - ok
23:13:15.0244 5032 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:13:15.0270 5032 clr_optimization_v4.0.30319_32 - ok
23:13:15.0282 5032 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:13:15.0294 5032 clr_optimization_v4.0.30319_64 - ok
23:13:15.0301 5032 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:13:15.0317 5032 CmBatt - ok
23:13:15.0330 5032 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:13:15.0342 5032 cmdide - ok
23:13:15.0364 5032 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:13:15.0393 5032 CNG - ok
23:13:15.0410 5032 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:13:15.0418 5032 Compbatt - ok
23:13:15.0438 5032 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:13:15.0453 5032 CompositeBus - ok
23:13:15.0458 5032 COMSysApp - ok
23:13:15.0468 5032 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:13:15.0476 5032 crcdisk - ok
23:13:15.0496 5032 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:13:15.0541 5032 CryptSvc - ok
23:13:15.0565 5032 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
23:13:15.0645 5032 CSC - ok
23:13:15.0673 5032 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
23:13:15.0709 5032 CscService - ok
23:13:15.0731 5032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:13:15.0776 5032 DcomLaunch - ok
23:13:15.0800 5032 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:13:15.0833 5032 defragsvc - ok
23:13:15.0860 5032 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:13:15.0914 5032 DfsC - ok
23:13:15.0933 5032 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:13:15.0962 5032 Dhcp - ok
23:13:15.0973 5032 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:13:15.0997 5032 discache - ok
23:13:16.0015 5032 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:13:16.0024 5032 Disk - ok
23:13:16.0046 5032 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:13:16.0075 5032 Dnscache - ok
23:13:16.0091 5032 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:13:16.0128 5032 dot3svc - ok
23:13:16.0145 5032 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:13:16.0179 5032 DPS - ok
23:13:16.0201 5032 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:13:16.0215 5032 drmkaud - ok
23:13:16.0247 5032 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:13:16.0264 5032 DXGKrnl - ok
23:13:16.0284 5032 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:13:16.0318 5032 EapHost - ok
23:13:16.0374 5032 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:13:16.0468 5032 ebdrv - ok
23:13:16.0487 5032 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:13:16.0511 5032 EFS - ok
23:13:16.0554 5032 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:13:16.0608 5032 ehRecvr - ok
23:13:16.0626 5032 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:13:16.0641 5032 ehSched - ok
23:13:16.0666 5032 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:13:16.0714 5032 elxstor - ok
23:13:16.0736 5032 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:13:16.0758 5032 ErrDev - ok
23:13:16.0783 5032 [ DCD7487D00AA4DFFAEB4C8B086AF1134 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
23:13:16.0794 5032 ES lite Service - ok
23:13:16.0813 5032 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:13:16.0864 5032 EventSystem - ok
23:13:16.0876 5032 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:13:16.0903 5032 exfat - ok
23:13:16.0912 5032 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:13:16.0939 5032 fastfat - ok
23:13:16.0975 5032 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:13:17.0021 5032 Fax - ok
23:13:17.0033 5032 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:13:17.0054 5032 fdc - ok
23:13:17.0080 5032 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:13:17.0112 5032 fdPHost - ok
23:13:17.0121 5032 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:13:17.0156 5032 FDResPub - ok
23:13:17.0169 5032 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:13:17.0177 5032 FileInfo - ok
23:13:17.0190 5032 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:13:17.0222 5032 Filetrace - ok
23:13:17.0233 5032 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:13:17.0241 5032 flpydisk - ok
23:13:17.0253 5032 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:13:17.0265 5032 FltMgr - ok
23:13:17.0296 5032 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:13:17.0383 5032 FontCache - ok
23:13:17.0428 5032 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:13:17.0455 5032 FontCache3.0.0.0 - ok
23:13:17.0470 5032 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:13:17.0493 5032 FsDepends - ok
23:13:17.0508 5032 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:13:17.0520 5032 Fs_Rec - ok
23:13:17.0537 5032 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:13:17.0556 5032 fvevol - ok
23:13:17.0572 5032 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:13:17.0584 5032 gagp30kx - ok
23:13:17.0622 5032 [ 46E2828BCA26B31FA5A1DD4D84DF633D ] gdrv C:\Windows\gdrv.sys
23:13:17.0631 5032 gdrv - ok
23:13:17.0727 5032 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:13:17.0863 5032 gpsvc - ok
23:13:17.0907 5032 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:13:17.0935 5032 gupdate - ok
23:13:17.0965 5032 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:13:17.0975 5032 gupdatem - ok
23:13:18.0004 5032 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:13:18.0017 5032 gusvc - ok
23:13:18.0037 5032 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:13:18.0054 5032 hcw85cir - ok
23:13:18.0084 5032 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:13:18.0150 5032 HdAudAddService - ok
23:13:18.0176 5032 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:13:18.0197 5032 HDAudBus - ok
23:13:18.0210 5032 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:13:18.0235 5032 HidBatt - ok
23:13:18.0245 5032 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:13:18.0268 5032 HidBth - ok
23:13:18.0282 5032 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:13:18.0310 5032 HidIr - ok
23:13:18.0325 5032 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:13:18.0374 5032 hidserv - ok
23:13:18.0404 5032 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:13:18.0416 5032 HidUsb - ok
23:13:18.0460 5032 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:13:18.0505 5032 hkmsvc - ok
23:13:18.0527 5032 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:13:18.0540 5032 HomeGroupListener - ok
23:13:18.0560 5032 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:13:18.0582 5032 HomeGroupProvider - ok
23:13:18.0604 5032 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:13:18.0613 5032 HpSAMD - ok
23:13:18.0637 5032 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:13:18.0685 5032 HTTP - ok
23:13:18.0695 5032 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:13:18.0703 5032 hwpolicy - ok
23:13:18.0722 5032 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:13:18.0732 5032 i8042prt - ok
23:13:18.0749 5032 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:13:18.0764 5032 iaStorV - ok
23:13:18.0841 5032 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
23:13:18.0859 5032 IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:13:18.0859 5032 IDriverT - detected UnsignedFile.Multi.Generic (1)
23:13:18.0907 5032 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:13:18.0946 5032 idsvc - ok
23:13:18.0969 5032 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:13:18.0977 5032 iirsp - ok
23:13:18.0998 5032 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:13:19.0043 5032 IKEEXT - ok
23:13:19.0114 5032 [ 4B071AEBBC13D60430EE0371B262F681 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:13:19.0162 5032 IntcAzAudAddService - ok
23:13:19.0188 5032 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:13:19.0201 5032 intelide - ok
23:13:19.0217 5032 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:13:19.0240 5032 intelppm - ok
23:13:19.0273 5032 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:13:19.0320 5032 IPBusEnum - ok
23:13:19.0338 5032 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:13:19.0382 5032 IpFilterDriver - ok
23:13:19.0400 5032 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:13:19.0409 5032 IPMIDRV - ok
23:13:19.0431 5032 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:13:19.0468 5032 IPNAT - ok
23:13:19.0484 5032 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:13:19.0504 5032 IRENUM - ok
23:13:19.0515 5032 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:13:19.0523 5032 isapnp - ok
23:13:19.0542 5032 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:13:19.0554 5032 iScsiPrt - ok
23:13:19.0578 5032 [ DB85FE8D6CBAA2047CB4DA1B2C193D76 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
23:13:19.0599 5032 JRAID - ok
23:13:19.0608 5032 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:13:19.0616 5032 kbdclass - ok
23:13:19.0632 5032 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:13:19.0641 5032 kbdhid - ok
23:13:19.0647 5032 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:13:19.0655 5032 KeyIso - ok
23:13:19.0672 5032 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:13:19.0681 5032 KSecDD - ok
23:13:19.0696 5032 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:13:19.0706 5032 KSecPkg - ok
23:13:19.0713 5032 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:13:19.0737 5032 ksthunk - ok
23:13:19.0759 5032 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:13:19.0800 5032 KtmRm - ok
23:13:19.0821 5032 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:13:19.0854 5032 LanmanServer - ok
23:13:19.0877 5032 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:13:19.0936 5032 LanmanWorkstation - ok
23:13:19.0960 5032 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:13:20.0006 5032 lltdio - ok
23:13:20.0023 5032 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:13:20.0059 5032 lltdsvc - ok
23:13:20.0069 5032 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:13:20.0098 5032 lmhosts - ok
23:13:20.0116 5032 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:13:20.0126 5032 LSI_FC - ok
23:13:20.0138 5032 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:13:20.0148 5032 LSI_SAS - ok
23:13:20.0160 5032 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:13:20.0169 5032 LSI_SAS2 - ok
23:13:20.0179 5032 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:13:20.0189 5032 LSI_SCSI - ok
23:13:20.0203 5032 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:13:20.0236 5032 luafv - ok
23:13:20.0257 5032 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:13:20.0276 5032 Mcx2Svc - ok
23:13:20.0287 5032 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:13:20.0296 5032 megasas - ok
23:13:20.0307 5032 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:13:20.0319 5032 MegaSR - ok
23:13:20.0336 5032 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:13:20.0366 5032 MMCSS - ok
23:13:20.0378 5032 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:13:20.0409 5032 Modem - ok
23:13:20.0429 5032 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:13:20.0447 5032 monitor - ok
23:13:20.0467 5032 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:13:20.0476 5032 mouclass - ok
23:13:20.0508 5032 [ 21B7ACEA1BB49C3371DD5427BF309D6A ] moufiltr C:\Windows\system32\DRIVERS\moufiltr.sys
23:13:20.0516 5032 moufiltr - ok
23:13:20.0522 5032 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:13:20.0531 5032 mouhid - ok
23:13:20.0555 5032 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:13:20.0564 5032 mountmgr - ok
23:13:20.0628 5032 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:13:20.0658 5032 MozillaMaintenance - ok
23:13:20.0691 5032 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
23:13:20.0707 5032 MpFilter - ok
23:13:20.0718 5032 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:13:20.0731 5032 mpio - ok
23:13:20.0742 5032 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:13:20.0767 5032 mpsdrv - ok
23:13:20.0785 5032 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:13:20.0806 5032 MRxDAV - ok
23:13:20.0826 5032 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:13:20.0839 5032 mrxsmb - ok
23:13:20.0862 5032 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:13:20.0897 5032 mrxsmb10 - ok
23:13:20.0916 5032 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:13:20.0929 5032 mrxsmb20 - ok
23:13:20.0942 5032 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:13:20.0951 5032 msahci - ok
23:13:20.0970 5032 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:13:20.0980 5032 msdsm - ok
23:13:20.0993 5032 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:13:21.0005 5032 MSDTC - ok
23:13:21.0026 5032 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:13:21.0050 5032 Msfs - ok
23:13:21.0056 5032 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:13:21.0086 5032 mshidkmdf - ok
23:13:21.0101 5032 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:13:21.0109 5032 msisadrv - ok
23:13:21.0128 5032 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:13:21.0167 5032 MSiSCSI - ok
23:13:21.0170 5032 msiserver - ok
23:13:21.0181 5032 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:13:21.0218 5032 MSKSSRV - ok
23:13:21.0228 5032 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:13:21.0262 5032 MSPCLOCK - ok
23:13:21.0265 5032 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:13:21.0294 5032 MSPQM - ok
23:13:21.0313 5032 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:13:21.0327 5032 MsRPC - ok
23:13:21.0340 5032 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:13:21.0349 5032 mssmbios - ok
23:13:21.0357 5032 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:13:21.0389 5032 MSTEE - ok
23:13:21.0392 5032 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:13:21.0410 5032 MTConfig - ok
23:13:21.0427 5032 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:13:21.0436 5032 Mup - ok
23:13:21.0463 5032 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:13:21.0553 5032 napagent - ok
23:13:21.0574 5032 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:13:21.0603 5032 NativeWifiP - ok
23:13:21.0628 5032 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
23:13:21.0662 5032 NDIS - ok
23:13:21.0691 5032 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:13:21.0726 5032 NdisCap - ok
23:13:21.0742 5032 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:13:21.0770 5032 NdisTapi - ok
23:13:21.0782 5032 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:13:21.0811 5032 Ndisuio - ok
23:13:21.0830 5032 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:13:21.0866 5032 NdisWan - ok
23:13:21.0885 5032 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:13:21.0909 5032 NDProxy - ok
23:13:21.0917 5032 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:13:21.0945 5032 NetBIOS - ok
23:13:21.0958 5032 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:13:21.0995 5032 NetBT - ok
23:13:22.0005 5032 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:13:22.0014 5032 Netlogon - ok
23:13:22.0044 5032 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:13:22.0106 5032 Netman - ok
23:13:22.0128 5032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:13:22.0137 5032 NetMsmqActivator - ok
23:13:22.0145 5032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:13:22.0152 5032 NetPipeActivator - ok
23:13:22.0160 5032 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:13:22.0202 5032 netprofm - ok
23:13:22.0205 5032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:13:22.0213 5032 NetTcpActivator - ok
23:13:22.0217 5032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:13:22.0224 5032 NetTcpPortSharing - ok
23:13:22.0250 5032 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:13:22.0259 5032 nfrd960 - ok
23:13:22.0276 5032 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:13:22.0285 5032 NisDrv - ok
23:13:22.0316 5032 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
23:13:22.0352 5032 NisSrv - ok
23:13:22.0374 5032 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:13:22.0417 5032 NlaSvc - ok
23:13:22.0425 5032 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:13:22.0449 5032 Npfs - ok
23:13:22.0468 5032 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:13:22.0502 5032 nsi - ok
23:13:22.0514 5032 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:13:22.0542 5032 nsiproxy - ok
23:13:22.0588 5032 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:13:22.0685 5032 Ntfs - ok
23:13:22.0698 5032 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:13:22.0738 5032 Null - ok
23:13:22.0778 5032 [ 5F1FF880ADACF7E0FF7C27BA188B05DA ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:13:22.0803 5032 NVHDA - ok
23:13:23.0110 5032 [ 39DEFE644321F9A4B7F527664F628DEA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:13:23.0257 5032 nvlddmkm - ok
23:13:23.0277 5032 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:13:23.0288 5032 nvraid - ok
23:13:23.0313 5032 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:13:23.0323 5032 nvstor - ok
23:13:23.0377 5032 [ A8BD627C6B78745CE8D591E9636E533F ] nvsvc C:\Windows\system32\nvvsvc.exe
23:13:23.0406 5032 nvsvc - ok
23:13:23.0487 5032 [ ABF9218BC7B87ED93C0B5DEAD9E2F7E9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:13:23.0527 5032 nvUpdatusService - ok
23:13:23.0555 5032 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:13:23.0565 5032 nv_agp - ok
23:13:23.0585 5032 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:13:23.0599 5032 ohci1394 - ok
23:13:23.0650 5032 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:13:23.0658 5032 ose - ok
23:13:23.0691 5032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:13:23.0714 5032 p2pimsvc - ok
23:13:23.0733 5032 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:13:23.0757 5032 p2psvc - ok
23:13:23.0768 5032 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:13:23.0777 5032 Parport - ok
23:13:23.0804 5032 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:13:23.0812 5032 partmgr - ok
23:13:23.0821 5032 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:13:23.0840 5032 PcaSvc - ok
23:13:23.0850 5032 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:13:23.0860 5032 pci - ok
23:13:23.0882 5032 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:13:23.0889 5032 pciide - ok
23:13:23.0903 5032 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:13:23.0914 5032 pcmcia - ok
23:13:23.0927 5032 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:13:23.0935 5032 pcw - ok
23:13:23.0955 5032 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:13:24.0046 5032 PEAUTH - ok
23:13:24.0087 5032 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:13:24.0182 5032 PeerDistSvc - ok
23:13:24.0266 5032 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:13:24.0302 5032 PerfHost - ok
23:13:24.0346 5032 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:13:24.0427 5032 pla - ok
23:13:24.0456 5032 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:13:24.0497 5032 PlugPlay - ok
23:13:24.0514 5032 PnkBstrA - ok
23:13:24.0533 5032 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:13:24.0552 5032 PNRPAutoReg - ok
23:13:24.0567 5032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:13:24.0584 5032 PNRPsvc - ok
23:13:24.0613 5032 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:13:24.0704 5032 PolicyAgent - ok
23:13:24.0722 5032 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:13:24.0757 5032 Power - ok
23:13:24.0787 5032 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:13:24.0822 5032 PptpMiniport - ok
23:13:24.0839 5032 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:13:24.0852 5032 Processor - ok
23:13:24.0870 5032 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:13:24.0883 5032 ProfSvc - ok
23:13:24.0895 5032 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:13:24.0904 5032 ProtectedStorage - ok
23:13:24.0927 5032 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:13:24.0958 5032 Psched - ok
23:13:25.0013 5032 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:13:25.0064 5032 ql2300 - ok
23:13:25.0092 5032 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:13:25.0102 5032 ql40xx - ok
23:13:25.0122 5032 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:13:25.0148 5032 QWAVE - ok
23:13:25.0156 5032 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:13:25.0173 5032 QWAVEdrv - ok
23:13:25.0216 5032 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
23:13:25.0227 5032 RapiMgr - ok
23:13:25.0234 5032 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:13:25.0263 5032 RasAcd - ok
23:13:25.0292 5032 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:13:25.0317 5032 RasAgileVpn - ok
23:13:25.0328 5032 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:13:25.0355 5032 RasAuto - ok
23:13:25.0377 5032 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:13:25.0414 5032 Rasl2tp - ok
23:13:25.0440 5032 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:13:25.0470 5032 RasMan - ok
23:13:25.0480 5032 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:13:25.0516 5032 RasPppoe - ok
23:13:25.0531 5032 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:13:25.0569 5032 RasSstp - ok
23:13:25.0583 5032 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:13:25.0613 5032 rdbss - ok
23:13:25.0617 5032 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:13:25.0630 5032 rdpbus - ok
23:13:25.0643 5032 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:13:25.0677 5032 RDPCDD - ok
23:13:25.0703 5032 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:13:25.0714 5032 RDPDR - ok
23:13:25.0733 5032 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:13:25.0759 5032 RDPENCDD - ok
23:13:25.0771 5032 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:13:25.0795 5032 RDPREFMP - ok
23:13:25.0811 5032 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:13:25.0833 5032 RDPWD - ok
23:13:25.0880 5032 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:13:25.0890 5032 rdyboost - ok
23:13:25.0961 5032 [ F38405956C690AF82CF913FD66E658A1 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
23:13:25.0985 5032 RealNetworks Downloader Resolver Service - ok
23:13:26.0015 5032 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:13:26.0087 5032 RemoteAccess - ok
23:13:26.0105 5032 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:13:26.0144 5032 RemoteRegistry - ok
23:13:26.0152 5032 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:13:26.0185 5032 RpcEptMapper - ok
23:13:26.0203 5032 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:13:26.0223 5032 RpcLocator - ok
23:13:26.0240 5032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:13:26.0268 5032 RpcSs - ok
23:13:26.0283 5032 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:13:26.0318 5032 rspndr - ok
23:13:26.0343 5032 [ 67C7695D3B18682ADDF8419EDA4BBFB8 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
23:13:26.0353 5032 RTHDMIAzAudService - ok
23:13:26.0381 5032 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:13:26.0398 5032 RTL8167 - ok
23:13:26.0414 5032 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:13:26.0422 5032 s3cap - ok
23:13:26.0430 5032 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:13:26.0439 5032 SamSs - ok
23:13:26.0457 5032 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:13:26.0467 5032 sbp2port - ok
23:13:26.0484 5032 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:13:26.0519 5032 SCardSvr - ok
23:13:26.0528 5032 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:13:26.0562 5032 scfilter - ok
23:13:26.0597 5032 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:13:26.0714 5032 Schedule - ok
23:13:26.0729 5032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:13:26.0762 5032 SCPolicySvc - ok
23:13:26.0775 5032 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:13:26.0793 5032 SDRSVC - ok
23:13:26.0812 5032 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:13:26.0844 5032 secdrv - ok
23:13:26.0855 5032 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:13:26.0892 5032 seclogon - ok
23:13:26.0901 5032 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:13:26.0927 5032 SENS - ok
23:13:26.0939 5032 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:13:26.0957 5032 SensrSvc - ok
23:13:26.0977 5032 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:13:26.0996 5032 Serenum - ok
23:13:27.0004 5032 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:13:27.0013 5032 Serial - ok
23:13:27.0022 5032 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:13:27.0039 5032 sermouse - ok
23:13:27.0061 5032 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:13:27.0095 5032 SessionEnv - ok
23:13:27.0115 5032 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:13:27.0131 5032 sffdisk - ok
23:13:27.0138 5032 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:13:27.0156 5032 sffp_mmc - ok
23:13:27.0162 5032 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:13:27.0173 5032 sffp_sd - ok
23:13:27.0185 5032 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:13:27.0200 5032 sfloppy - ok
23:13:27.0223 5032 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:13:27.0253 5032 ShellHWDetection - ok
23:13:27.0268 5032 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:13:27.0277 5032 SiSRaid2 - ok
23:13:27.0286 5032 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:13:27.0295 5032 SiSRaid4 - ok
23:13:27.0420 5032 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:13:27.0514 5032 Skype C2C Service - ok
23:13:27.0572 5032 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:13:27.0601 5032 SkypeUpdate - ok
23:13:27.0635 5032 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:13:27.0677 5032 Smb - ok
23:13:27.0699 5032 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:13:27.0720 5032 SNMPTRAP - ok
23:13:27.0734 5032 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:13:27.0745 5032 spldr - ok
23:13:27.0769 5032 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
23:13:27.0811 5032 Spooler - ok
23:13:27.0896 5032 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:13:28.0052 5032 sppsvc - ok
23:13:28.0085 5032 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:13:28.0180 5032 sppuinotify - ok
23:13:28.0203 5032 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:13:28.0232 5032 srv - ok
23:13:28.0247 5032 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:13:28.0272 5032 srv2 - ok
23:13:28.0282 5032 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:13:28.0299 5032 srvnet - ok
23:13:28.0321 5032 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:13:28.0372 5032 SSDPSRV - ok
23:13:28.0381 5032 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:13:28.0408 5032 SstpSvc - ok
23:13:28.0437 5032 Steam Client Service - ok
23:13:28.0499 5032 [ 2C25A72B53B28034BE260D81C4EA4955 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:13:28.0550 5032 Stereo Service - ok
23:13:28.0573 5032 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:13:28.0593 5032 stexstor - ok
23:13:28.0645 5032 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:13:28.0709 5032 stisvc - ok
23:13:28.0728 5032 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:13:28.0741 5032 storflt - ok
23:13:28.0761 5032 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
23:13:28.0780 5032 StorSvc - ok
23:13:28.0791 5032 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:13:28.0802 5032 storvsc - ok
23:13:28.0814 5032 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:13:28.0822 5032 swenum - ok
23:13:28.0853 5032 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:13:28.0903 5032 swprv - ok
23:13:28.0949 5032 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:13:29.0004 5032 SysMain - ok
23:13:29.0024 5032 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:13:29.0049 5032 TabletInputService - ok
23:13:29.0084 5032 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
23:13:29.0091 5032 taphss - ok
23:13:29.0111 5032 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:13:29.0149 5032 TapiSrv - ok
23:13:29.0163 5032 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:13:29.0189 5032 TBS - ok
23:13:29.0227 5032 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:13:29.0274 5032 Tcpip - ok
23:13:29.0309 5032 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:13:29.0336 5032 TCPIP6 - ok
23:13:29.0355 5032 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:13:29.0391 5032 tcpipreg - ok
23:13:29.0406 5032 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:13:29.0425 5032 TDPIPE - ok
23:13:29.0442 5032 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:13:29.0472 5032 TDTCP - ok
23:13:29.0495 5032 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:13:29.0538 5032 tdx - ok
23:13:29.0556 5032 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:13:29.0565 5032 TermDD - ok
23:13:29.0586 5032 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:13:29.0636 5032 TermService - ok
23:13:29.0646 5032 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:13:29.0659 5032 Themes - ok
23:13:29.0672 5032 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:13:29.0698 5032 THREADORDER - ok
23:13:29.0709 5032 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:13:29.0742 5032 TrkWks - ok
23:13:29.0785 5032 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:13:29.0841 5032 TrustedInstaller - ok
23:13:29.0865 5032 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:13:29.0889 5032 tssecsrv - ok
23:13:29.0929 5032 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:13:29.0953 5032 TsUsbFlt - ok
23:13:29.0974 5032 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:13:30.0017 5032 tunnel - ok
23:13:30.0036 5032 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:13:30.0049 5032 uagp35 - ok
23:13:30.0064 5032 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:13:30.0103 5032 udfs - ok
23:13:30.0117 5032 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:13:30.0133 5032 UI0Detect - ok
23:13:30.0152 5032 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:13:30.0161 5032 uliagpkx - ok
23:13:30.0188 5032 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:13:30.0208 5032 umbus - ok
23:13:30.0220 5032 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:13:30.0236 5032 UmPass - ok
23:13:30.0253 5032 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
23:13:30.0278 5032 UmRdpService - ok
23:13:30.0295 5032 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:13:30.0325 5032 upnphost - ok
23:13:30.0343 5032 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:13:30.0379 5032 usbccgp - ok
23:13:30.0400 5032 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:13:30.0416 5032 usbcir - ok
23:13:30.0432 5032 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:13:30.0447 5032 usbehci - ok
23:13:30.0471 5032 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:13:30.0494 5032 usbhub - ok
23:13:30.0514 5032 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:13:30.0532 5032 usbohci - ok
23:13:30.0550 5032 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:13:30.0573 5032 usbprint - ok
23:13:30.0606 5032 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:13:30.0625 5032 usbscan - ok
23:13:30.0629 5032 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:13:30.0650 5032 USBSTOR - ok
23:13:30.0658 5032 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:13:30.0673 5032 usbuhci - ok
23:13:30.0692 5032 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
23:13:30.0707 5032 usb_rndisx - ok
23:13:30.0723 5032 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:13:30.0772 5032 UxSms - ok
23:13:30.0778 5032 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:13:30.0791 5032 VaultSvc - ok
23:13:30.0813 5032 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:13:30.0825 5032 vdrvroot - ok
23:13:30.0854 5032 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:13:30.0910 5032 vds - ok
23:13:30.0931 5032 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:13:30.0942 5032 vga - ok
23:13:30.0951 5032 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:13:30.0987 5032 VgaSave - ok
23:13:31.0010 5032 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:13:31.0021 5032 vhdmp - ok
23:13:31.0038 5032 [ C2C95D62C90CA809240112B41C1765F2 ] vhidmini C:\Windows\system32\DRIVERS\walvhid.sys
23:13:31.0045 5032 vhidmini - ok
23:13:31.0054 5032 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:13:31.0062 5032 viaide - ok
23:13:31.0078 5032 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:13:31.0089 5032 vmbus - ok
23:13:31.0098 5032 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:13:31.0114 5032 VMBusHID - ok
23:13:31.0128 5032 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:13:31.0137 5032 volmgr - ok
23:13:31.0163 5032 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:13:31.0200 5032 volmgrx - ok
23:13:31.0216 5032 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:13:31.0233 5032 volsnap - ok
23:13:31.0252 5032 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:13:31.0267 5032 vsmraid - ok
23:13:31.0316 5032 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:13:31.0388 5032 VSS - ok
23:13:31.0398 5032 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:13:31.0415 5032 vwifibus - ok
23:13:31.0432 5032 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:13:31.0443 5032 vwififlt - ok
23:13:31.0465 5032 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:13:31.0496 5032 W32Time - ok
23:13:31.0516 5032 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:13:31.0529 5032 WacomPen - ok
23:13:31.0554 5032 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:13:31.0579 5032 WANARP - ok
23:13:31.0584 5032 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:13:31.0608 5032 Wanarpv6 - ok
23:13:31.0645 5032 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:13:31.0685 5032 wbengine - ok
23:13:31.0695 5032 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:13:31.0711 5032 WbioSrvc - ok
23:13:31.0734 5032 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
23:13:31.0749 5032 WcesComm - ok
23:13:31.0767 5032 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:13:31.0802 5032 wcncsvc - ok
23:13:31.0818 5032 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:13:31.0829 5032 WcsPlugInService - ok
23:13:31.0847 5032 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:13:31.0855 5032 Wd - ok
23:13:31.0874 5032 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:13:31.0925 5032 Wdf01000 - ok
23:13:31.0939 5032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:13:31.0965 5032 WdiServiceHost - ok
23:13:31.0968 5032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:13:31.0989 5032 WdiSystemHost - ok
23:13:32.0016 5032 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:13:32.0045 5032 WebClient - ok
23:13:32.0052 5032 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:13:32.0088 5032 Wecsvc - ok
23:13:32.0097 5032 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:13:32.0124 5032 wercplsupport - ok
23:13:32.0143 5032 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:13:32.0169 5032 WerSvc - ok
23:13:32.0180 5032 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:13:32.0205 5032 WfpLwf - ok
23:13:32.0217 5032 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:13:32.0225 5032 WIMMount - ok
23:13:32.0230 5032 WinHttpAutoProxySvc - ok
23:13:32.0273 5032 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:13:32.0330 5032 Winmgmt - ok
23:13:32.0370 5032 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:13:32.0441 5032 WinRM - ok
23:13:32.0469 5032 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:13:32.0489 5032 WinUsb - ok
23:13:32.0512 5032 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:13:32.0542 5032 Wlansvc - ok
23:13:32.0668 5032 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:13:32.0734 5032 wlidsvc - ok
23:13:32.0753 5032 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:13:32.0762 5032 WmiAcpi - ok
23:13:32.0786 5032 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:13:32.0805 5032 wmiApSrv - ok
23:13:32.0826 5032 WMPNetworkSvc - ok
23:13:32.0834 5032 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:13:32.0844 5032 WPCSvc - ok
23:13:32.0856 5032 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:13:32.0870 5032 WPDBusEnum - ok
23:13:32.0884 5032 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:13:32.0914 5032 ws2ifsl - ok
23:13:32.0916 5032 WSearch - ok
23:13:32.0933 5032 WTService - ok
23:13:32.0943 5032 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:13:32.0979 5032 WudfPf - ok
23:13:33.0001 5032 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:13:33.0033 5032 WUDFRd - ok
23:13:33.0050 5032 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:13:33.0076 5032 wudfsvc - ok
23:13:33.0098 5032 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:13:33.0121 5032 WwanSvc - ok
23:13:33.0217 5032 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
23:13:33.0293 5032 xusb21 - ok
23:13:33.0324 5032 ================ Scan global ===============================
23:13:33.0347 5032 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:13:33.0374 5032 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:13:33.0393 5032 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:13:33.0422 5032 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:13:33.0449 5032 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
23:13:33.0455 5032 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
23:13:33.0456 5032 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
23:13:33.0456 5032 ================ Scan MBR ==================================
23:13:33.0467 5032 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:13:33.0794 5032 \Device\Harddisk0\DR0 - ok
23:13:33.0795 5032 ================ Scan VBR ==================================
23:13:33.0802 5032 [ D3643F90E9ADFB5315D8306F1F65C28F ] \Device\Harddisk0\DR0\Partition1
23:13:33.0805 5032 \Device\Harddisk0\DR0\Partition1 - ok
23:13:33.0817 5032 [ 5DFBC6F5697EBAF80C7D8F479B1CAEB0 ] \Device\Harddisk0\DR0\Partition2
23:13:33.0843 5032 \Device\Harddisk0\DR0\Partition2 - ok
23:13:33.0864 5032 [ B0BEC0720339FE50B3779937F2093ABC ] \Device\Harddisk0\DR0\Partition3
23:13:33.0867 5032 \Device\Harddisk0\DR0\Partition3 - ok
23:13:33.0886 5032 [ F7042CB62906A8D6A4B1307E348CA86D ] \Device\Harddisk0\DR0\Partition4
23:13:33.0889 5032 \Device\Harddisk0\DR0\Partition4 - ok
23:13:33.0890 5032 ============================================================
23:13:33.0890 5032 Scan finished
23:13:33.0890 5032 ============================================================
23:13:33.0949 5080 Detected object count: 2
23:13:33.0949 5080 Actual detected object count: 2
23:14:00.0072 5080 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:14:00.0072 5080 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:14:00.0074 5080 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - skipped by user
23:14:00.0074 5080 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Skip
 Wünsche dir aber natürlich trotzdem einen schönen Urlaub  |
|
21.08.2012, 13:11
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DNCode:
ATTFilter C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - skipped by user
Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten. Zitat:
__________________ |
|
21.08.2012, 14:14
| #19 |
| | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DNCode:
ATTFilter 15:15:54.0720 1060 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
15:15:55.0110 1060 ============================================================
15:15:55.0110 1060 Current date / time: 2012/08/21 15:15:55.0110
15:15:55.0110 1060 SystemInfo:
15:15:55.0110 1060
15:15:55.0110 1060 OS Version: 6.1.7601 ServicePack: 1.0
15:15:55.0110 1060 Product type: Workstation
15:15:55.0110 1060 ComputerName: DENNIS-PC
15:15:55.0110 1060 UserName: Dennis
15:15:55.0110 1060 Windows directory: C:\Windows
15:15:55.0110 1060 System windows directory: C:\Windows
15:15:55.0110 1060 Running under WOW64
15:15:55.0110 1060 Processor architecture: Intel x64
15:15:55.0110 1060 Number of processors: 4
15:15:55.0110 1060 Page size: 0x1000
15:15:55.0110 1060 Boot type: Normal boot
15:15:55.0110 1060 ============================================================
15:15:55.0953 1060 Drive \Device\Harddisk0\DR0 - Size: 0x746A520000 (465.66 Gb), SectorSize: 0x200, Cylinders: 0xED74, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:15:56.0093 1060 ============================================================
15:15:56.0093 1060 \Device\Harddisk0\DR0:
15:15:56.0093 1060 MBR partitions:
15:15:56.0093 1060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:15:56.0093 1060 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9C0E000
15:15:56.0093 1060 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0x10E82000
15:15:56.0093 1060 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1AAC2800, BlocksNum 0x1F88F800
15:15:56.0093 1060 ============================================================
15:15:56.0124 1060 C: <-> \Device\Harddisk0\DR0\Partition2
15:15:56.0140 1060 D: <-> \Device\Harddisk0\DR0\Partition3
15:15:56.0171 1060 E: <-> \Device\Harddisk0\DR0\Partition4
15:15:56.0171 1060 ============================================================
15:15:56.0171 1060 Initialize success
15:15:56.0187 1060 ============================================================
15:16:02.0598 2672 ============================================================
15:16:02.0598 2672 Scan started
15:16:02.0598 2672 Mode: Manual; SigCheck; TDLFS;
15:16:02.0598 2672 ============================================================
15:16:03.0909 2672 ================ Scan services =============================
15:16:04.0065 2672 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:16:04.0143 2672 1394ohci - ok
15:16:04.0158 2672 35188807 - ok
15:16:04.0174 2672 41053492 - ok
15:16:04.0205 2672 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:16:04.0205 2672 ACPI - ok
15:16:04.0236 2672 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:16:04.0236 2672 AcpiPmi - ok
15:16:04.0314 2672 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:16:04.0346 2672 AdobeARMservice - ok
15:16:04.0455 2672 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:16:04.0486 2672 AdobeFlashPlayerUpdateSvc - ok
15:16:04.0517 2672 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:16:04.0564 2672 adp94xx - ok
15:16:04.0580 2672 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:16:04.0595 2672 adpahci - ok
15:16:04.0642 2672 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:16:04.0673 2672 adpu320 - ok
15:16:04.0720 2672 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:16:04.0751 2672 AeLookupSvc - ok
15:16:04.0782 2672 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:16:04.0798 2672 AFD - ok
15:16:04.0814 2672 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:16:04.0829 2672 agp440 - ok
15:16:04.0845 2672 [ 97DD49CCDB89A22CFCEA78B29D393D87 ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys
15:16:04.0860 2672 ahcix64s - ok
15:16:04.0876 2672 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:16:04.0876 2672 ALG - ok
15:16:04.0892 2672 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:16:04.0892 2672 aliide - ok
15:16:04.0938 2672 [ 0BDE3222789749571C3D706F0181203D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:16:04.0954 2672 AMD External Events Utility - ok
15:16:04.0954 2672 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:16:04.0970 2672 amdide - ok
15:16:05.0001 2672 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:16:05.0001 2672 amdiox64 - ok
15:16:05.0016 2672 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:16:05.0032 2672 AmdK8 - ok
15:16:05.0219 2672 [ 75BBD04F450CE109031A215FD4EC667A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:16:05.0313 2672 amdkmdag - ok
15:16:05.0328 2672 [ ADB8EE976CE4A47C54D39F2581593C03 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:16:05.0344 2672 amdkmdap - ok
15:16:05.0360 2672 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:16:05.0375 2672 AmdPPM - ok
15:16:05.0406 2672 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:16:05.0406 2672 amdsata - ok
15:16:05.0422 2672 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:16:05.0438 2672 amdsbs - ok
15:16:05.0438 2672 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:16:05.0453 2672 amdxata - ok
15:16:05.0484 2672 AODDriver4.0 - ok
15:16:05.0500 2672 AODDriver4.01 - ok
15:16:05.0562 2672 [ C992356EC945728C5D973CD02C6C0406 ] AODDriver4.1.0 C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
15:16:05.0578 2672 AODDriver4.1.0 - ok
15:16:05.0625 2672 [ 36677EB30D6FA41E085530A8362B7C5E ] AODService C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
15:16:05.0640 2672 AODService - ok
15:16:05.0687 2672 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:16:05.0734 2672 AppID - ok
15:16:05.0750 2672 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:16:05.0781 2672 AppIDSvc - ok
15:16:05.0796 2672 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:16:05.0812 2672 Appinfo - ok
15:16:05.0843 2672 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:16:05.0859 2672 AppMgmt - ok
15:16:05.0890 2672 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:16:05.0890 2672 arc - ok
15:16:05.0906 2672 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:16:05.0906 2672 arcsas - ok
15:16:05.0952 2672 [ FF9DAEF5CCDB6082C30CE151B768EA28 ] arusb_win7x C:\Windows\system32\DRIVERS\arusb_win7x.sys
15:16:05.0952 2672 arusb_win7x - ok
15:16:06.0030 2672 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:16:06.0046 2672 aspnet_state - ok
15:16:06.0077 2672 [ DF59B8E8DF0BD2E0E303778A3806A17D ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:16:06.0093 2672 aswFsBlk - ok
15:16:06.0140 2672 [ F8E6AB4F876FEFF69250F2E0C29EF004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:16:06.0171 2672 aswMonFlt - ok
15:16:06.0202 2672 [ AA92BC4BCBA40CA3AA3FFD1BE24F0C09 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:16:06.0233 2672 aswRdr - ok
15:16:06.0264 2672 [ F06E230E1E8CA9437A6474B7B551CD37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:16:06.0296 2672 aswSnx - ok
15:16:06.0311 2672 [ 3610CA74A69E380424F0452DEC5C1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:16:06.0327 2672 aswSP - ok
15:16:06.0327 2672 [ 87DE3E31CB0091D22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:16:06.0342 2672 aswTdi - ok
15:16:06.0358 2672 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:16:06.0374 2672 AsyncMac - ok
15:16:06.0405 2672 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:16:06.0405 2672 atapi - ok
15:16:06.0592 2672 [ 75BBD04F450CE109031A215FD4EC667A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:16:06.0670 2672 atikmdag - ok
15:16:06.0701 2672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:16:06.0732 2672 AudioEndpointBuilder - ok
15:16:06.0748 2672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:16:06.0779 2672 AudioSrv - ok
15:16:06.0826 2672 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:16:06.0857 2672 avast! Antivirus - ok
15:16:06.0888 2672 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:16:06.0920 2672 AxInstSV - ok
15:16:06.0951 2672 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:16:06.0966 2672 b06bdrv - ok
15:16:06.0982 2672 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:16:06.0998 2672 b57nd60a - ok
15:16:07.0013 2672 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:16:07.0013 2672 BDESVC - ok
15:16:07.0029 2672 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:16:07.0060 2672 Beep - ok
15:16:07.0076 2672 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:16:07.0076 2672 blbdrive - ok
15:16:07.0091 2672 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:16:07.0107 2672 bowser - ok
15:16:07.0107 2672 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:16:07.0122 2672 BrFiltLo - ok
15:16:07.0122 2672 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:16:07.0138 2672 BrFiltUp - ok
15:16:07.0154 2672 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
15:16:07.0169 2672 Browser - ok
15:16:07.0185 2672 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:16:07.0200 2672 Brserid - ok
15:16:07.0200 2672 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:16:07.0216 2672 BrSerWdm - ok
15:16:07.0232 2672 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:16:07.0232 2672 BrUsbMdm - ok
15:16:07.0247 2672 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:16:07.0247 2672 BrUsbSer - ok
15:16:07.0263 2672 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:16:07.0278 2672 BTHMODEM - ok
15:16:07.0278 2672 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:16:07.0310 2672 bthserv - ok
15:16:07.0325 2672 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:16:07.0341 2672 cdfs - ok
15:16:07.0356 2672 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:16:07.0372 2672 cdrom - ok
15:16:07.0388 2672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:16:07.0403 2672 CertPropSvc - ok
15:16:07.0419 2672 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:16:07.0434 2672 circlass - ok
15:16:07.0450 2672 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:16:07.0466 2672 CLFS - ok
15:16:07.0528 2672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:16:07.0559 2672 clr_optimization_v2.0.50727_32 - ok
15:16:07.0590 2672 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:16:07.0622 2672 clr_optimization_v2.0.50727_64 - ok
15:16:07.0684 2672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:16:07.0700 2672 clr_optimization_v4.0.30319_32 - ok
15:16:07.0715 2672 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:16:07.0731 2672 clr_optimization_v4.0.30319_64 - ok
15:16:07.0731 2672 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:16:07.0746 2672 CmBatt - ok
15:16:07.0746 2672 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:16:07.0762 2672 cmdide - ok
15:16:07.0793 2672 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:16:07.0809 2672 CNG - ok
15:16:07.0809 2672 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:16:07.0824 2672 Compbatt - ok
15:16:07.0840 2672 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:16:07.0856 2672 CompositeBus - ok
15:16:07.0871 2672 COMSysApp - ok
15:16:07.0871 2672 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:16:07.0887 2672 crcdisk - ok
15:16:07.0902 2672 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:16:07.0918 2672 CryptSvc - ok
15:16:07.0934 2672 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:16:07.0949 2672 CSC - ok
15:16:07.0965 2672 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:16:07.0980 2672 CscService - ok
15:16:07.0996 2672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:16:08.0027 2672 DcomLaunch - ok
15:16:08.0058 2672 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:16:08.0074 2672 defragsvc - ok
15:16:08.0105 2672 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:16:08.0136 2672 DfsC - ok
15:16:08.0152 2672 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:16:08.0168 2672 Dhcp - ok
15:16:08.0183 2672 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:16:08.0199 2672 discache - ok
15:16:08.0214 2672 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:16:08.0230 2672 Disk - ok
15:16:08.0246 2672 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:16:08.0261 2672 Dnscache - ok
15:16:08.0277 2672 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:16:08.0308 2672 dot3svc - ok
15:16:08.0324 2672 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:16:08.0339 2672 DPS - ok
15:16:08.0370 2672 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:16:08.0370 2672 drmkaud - ok
15:16:08.0402 2672 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:16:08.0417 2672 DXGKrnl - ok
15:16:08.0417 2672 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:16:08.0448 2672 EapHost - ok
15:16:08.0542 2672 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:16:08.0573 2672 ebdrv - ok
15:16:08.0589 2672 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:16:08.0604 2672 EFS - ok
15:16:08.0636 2672 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:16:08.0651 2672 ehRecvr - ok
15:16:08.0667 2672 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:16:08.0682 2672 ehSched - ok
15:16:08.0698 2672 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:16:08.0714 2672 elxstor - ok
15:16:08.0729 2672 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:16:08.0745 2672 ErrDev - ok
15:16:08.0760 2672 [ DCD7487D00AA4DFFAEB4C8B086AF1134 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
15:16:08.0776 2672 ES lite Service - ok
15:16:08.0792 2672 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:16:08.0823 2672 EventSystem - ok
15:16:08.0854 2672 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:16:08.0901 2672 exfat - ok
15:16:08.0916 2672 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:16:08.0948 2672 fastfat - ok
15:16:08.0979 2672 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:16:09.0026 2672 Fax - ok
15:16:09.0041 2672 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:16:09.0057 2672 fdc - ok
15:16:09.0088 2672 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:16:09.0119 2672 fdPHost - ok
15:16:09.0119 2672 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:16:09.0150 2672 FDResPub - ok
15:16:09.0150 2672 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:16:09.0166 2672 FileInfo - ok
15:16:09.0166 2672 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:16:09.0197 2672 Filetrace - ok
15:16:09.0197 2672 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:16:09.0213 2672 flpydisk - ok
15:16:09.0228 2672 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:16:09.0228 2672 FltMgr - ok
15:16:09.0275 2672 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:16:09.0338 2672 FontCache - ok
15:16:09.0369 2672 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:16:09.0384 2672 FontCache3.0.0.0 - ok
15:16:09.0416 2672 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:16:09.0416 2672 FsDepends - ok
15:16:09.0447 2672 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:16:09.0462 2672 Fs_Rec - ok
15:16:09.0478 2672 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:16:09.0494 2672 fvevol - ok
15:16:09.0509 2672 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:16:09.0525 2672 gagp30kx - ok
15:16:09.0540 2672 [ 46E2828BCA26B31FA5A1DD4D84DF633D ] gdrv C:\Windows\gdrv.sys
15:16:09.0540 2672 gdrv - ok
15:16:09.0572 2672 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:16:09.0603 2672 gpsvc - ok
15:16:09.0665 2672 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:16:09.0681 2672 gupdate - ok
15:16:09.0728 2672 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:16:09.0743 2672 gupdatem - ok
15:16:09.0759 2672 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:16:09.0774 2672 gusvc - ok
15:16:09.0790 2672 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:16:09.0806 2672 hcw85cir - ok
15:16:09.0837 2672 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:16:09.0868 2672 HdAudAddService - ok
15:16:09.0884 2672 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:16:09.0899 2672 HDAudBus - ok
15:16:09.0915 2672 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:16:09.0915 2672 HidBatt - ok
15:16:09.0930 2672 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:16:09.0946 2672 HidBth - ok
15:16:09.0962 2672 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:16:09.0977 2672 HidIr - ok
15:16:09.0993 2672 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:16:10.0040 2672 hidserv - ok
15:16:10.0055 2672 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:16:10.0086 2672 HidUsb - ok
15:16:10.0102 2672 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:16:10.0133 2672 hkmsvc - ok
15:16:10.0164 2672 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:16:10.0164 2672 HomeGroupListener - ok
15:16:10.0196 2672 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:16:10.0196 2672 HomeGroupProvider - ok
15:16:10.0211 2672 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:16:10.0227 2672 HpSAMD - ok
15:16:10.0258 2672 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:16:10.0305 2672 HTTP - ok
15:16:10.0320 2672 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:16:10.0336 2672 hwpolicy - ok
15:16:10.0352 2672 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:16:10.0367 2672 i8042prt - ok
15:16:10.0383 2672 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:16:10.0383 2672 iaStorV - ok
15:16:10.0461 2672 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:16:10.0461 2672 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:16:10.0461 2672 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:16:10.0508 2672 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:16:10.0554 2672 idsvc - ok
15:16:10.0586 2672 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:16:10.0601 2672 iirsp - ok
15:16:10.0617 2672 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:16:10.0648 2672 IKEEXT - ok
15:16:10.0726 2672 [ 4B071AEBBC13D60430EE0371B262F681 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:16:10.0757 2672 IntcAzAudAddService - ok
15:16:10.0788 2672 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:16:10.0788 2672 intelide - ok
15:16:10.0804 2672 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:16:10.0820 2672 intelppm - ok
15:16:10.0835 2672 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:16:10.0866 2672 IPBusEnum - ok
15:16:10.0882 2672 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:16:10.0898 2672 IpFilterDriver - ok
15:16:10.0913 2672 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:16:10.0929 2672 IPMIDRV - ok
15:16:10.0944 2672 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:16:10.0976 2672 IPNAT - ok
15:16:10.0991 2672 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:16:11.0007 2672 IRENUM - ok
15:16:11.0007 2672 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:16:11.0022 2672 isapnp - ok
15:16:11.0038 2672 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:16:11.0054 2672 iScsiPrt - ok
15:16:11.0069 2672 [ DB85FE8D6CBAA2047CB4DA1B2C193D76 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
15:16:11.0085 2672 JRAID - ok
15:16:11.0100 2672 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:16:11.0100 2672 kbdclass - ok
15:16:11.0116 2672 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:16:11.0132 2672 kbdhid - ok
15:16:11.0132 2672 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:16:11.0147 2672 KeyIso - ok
15:16:11.0163 2672 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:16:11.0163 2672 KSecDD - ok
15:16:11.0178 2672 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:16:11.0194 2672 KSecPkg - ok
15:16:11.0194 2672 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:16:11.0225 2672 ksthunk - ok
15:16:11.0241 2672 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:16:11.0272 2672 KtmRm - ok
15:16:11.0288 2672 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:16:11.0319 2672 LanmanServer - ok
15:16:11.0334 2672 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:16:11.0366 2672 LanmanWorkstation - ok
15:16:11.0381 2672 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:16:11.0412 2672 lltdio - ok
15:16:11.0412 2672 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:16:11.0444 2672 lltdsvc - ok
15:16:11.0459 2672 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:16:11.0475 2672 lmhosts - ok
15:16:11.0506 2672 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:16:11.0506 2672 LSI_FC - ok
15:16:11.0522 2672 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:16:11.0537 2672 LSI_SAS - ok
15:16:11.0537 2672 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:16:11.0553 2672 LSI_SAS2 - ok
15:16:11.0568 2672 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:16:11.0568 2672 LSI_SCSI - ok
15:16:11.0584 2672 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:16:11.0615 2672 luafv - ok
15:16:11.0646 2672 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:16:11.0646 2672 Mcx2Svc - ok
15:16:11.0662 2672 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:16:11.0662 2672 megasas - ok
15:16:11.0678 2672 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:16:11.0693 2672 MegaSR - ok
15:16:11.0693 2672 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:16:11.0724 2672 MMCSS - ok
15:16:11.0740 2672 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:16:11.0756 2672 Modem - ok
15:16:11.0771 2672 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:16:11.0787 2672 monitor - ok
15:16:11.0802 2672 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:16:11.0802 2672 mouclass - ok
15:16:11.0834 2672 [ 21B7ACEA1BB49C3371DD5427BF309D6A ] moufiltr C:\Windows\system32\DRIVERS\moufiltr.sys
15:16:11.0849 2672 moufiltr - ok
15:16:11.0865 2672 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:16:11.0880 2672 mouhid - ok
15:16:11.0896 2672 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:16:11.0912 2672 mountmgr - ok
15:16:11.0958 2672 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:16:11.0990 2672 MozillaMaintenance - ok
15:16:12.0021 2672 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:16:12.0036 2672 MpFilter - ok
15:16:12.0052 2672 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:16:12.0068 2672 mpio - ok
15:16:12.0083 2672 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:16:12.0114 2672 mpsdrv - ok
15:16:12.0146 2672 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:16:12.0192 2672 MRxDAV - ok
15:16:12.0208 2672 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:16:12.0239 2672 mrxsmb - ok
15:16:12.0255 2672 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:16:12.0270 2672 mrxsmb10 - ok
15:16:12.0286 2672 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:16:12.0302 2672 mrxsmb20 - ok
15:16:12.0317 2672 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:16:12.0333 2672 msahci - ok
15:16:12.0348 2672 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:16:12.0348 2672 msdsm - ok
15:16:12.0364 2672 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:16:12.0380 2672 MSDTC - ok
15:16:12.0395 2672 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:16:12.0426 2672 Msfs - ok
15:16:12.0426 2672 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:16:12.0458 2672 mshidkmdf - ok
15:16:12.0458 2672 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:16:12.0473 2672 msisadrv - ok
15:16:12.0489 2672 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:16:12.0520 2672 MSiSCSI - ok
15:16:12.0520 2672 msiserver - ok
15:16:12.0536 2672 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:16:12.0567 2672 MSKSSRV - ok
15:16:12.0598 2672 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:16:12.0614 2672 MSPCLOCK - ok
15:16:12.0614 2672 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:16:12.0645 2672 MSPQM - ok
15:16:12.0676 2672 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:16:12.0676 2672 MsRPC - ok
15:16:12.0692 2672 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:16:12.0692 2672 mssmbios - ok
15:16:12.0707 2672 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:16:12.0723 2672 MSTEE - ok
15:16:12.0738 2672 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:16:12.0738 2672 MTConfig - ok
15:16:12.0754 2672 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:16:12.0770 2672 Mup - ok
15:16:12.0801 2672 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:16:12.0848 2672 napagent - ok
15:16:12.0879 2672 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:16:12.0894 2672 NativeWifiP - ok
15:16:12.0926 2672 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:16:12.0957 2672 NDIS - ok
15:16:12.0957 2672 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:16:12.0988 2672 NdisCap - ok
15:16:13.0004 2672 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:16:13.0035 2672 NdisTapi - ok
15:16:13.0050 2672 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:16:13.0066 2672 Ndisuio - ok
15:16:13.0082 2672 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:16:13.0113 2672 NdisWan - ok
15:16:13.0128 2672 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:16:13.0144 2672 NDProxy - ok
15:16:13.0160 2672 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:16:13.0175 2672 NetBIOS - ok
15:16:13.0191 2672 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:16:13.0206 2672 NetBT - ok
15:16:13.0222 2672 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:16:13.0222 2672 Netlogon - ok
15:16:13.0253 2672 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:16:13.0284 2672 Netman - ok
15:16:13.0316 2672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:13.0316 2672 NetMsmqActivator - ok
15:16:13.0347 2672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:13.0362 2672 NetPipeActivator - ok
15:16:13.0362 2672 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:16:13.0394 2672 netprofm - ok
15:16:13.0394 2672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:13.0409 2672 NetTcpActivator - ok
15:16:13.0409 2672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:13.0409 2672 NetTcpPortSharing - ok
15:16:13.0440 2672 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:16:13.0440 2672 nfrd960 - ok
15:16:13.0472 2672 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:16:13.0472 2672 NisDrv - ok
15:16:13.0518 2672 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
15:16:13.0518 2672 NisSrv - ok
15:16:13.0550 2672 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:16:13.0596 2672 NlaSvc - ok
15:16:13.0612 2672 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:16:13.0643 2672 Npfs - ok
15:16:13.0659 2672 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:16:13.0674 2672 nsi - ok
15:16:13.0690 2672 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:16:13.0721 2672 nsiproxy - ok
15:16:13.0784 2672 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:16:13.0815 2672 Ntfs - ok
15:16:13.0830 2672 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:16:13.0862 2672 Null - ok
15:16:13.0893 2672 [ 5F1FF880ADACF7E0FF7C27BA188B05DA ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:16:13.0908 2672 NVHDA - ok
15:16:14.0376 2672 [ 39DEFE644321F9A4B7F527664F628DEA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:16:14.0532 2672 nvlddmkm - ok
15:16:14.0564 2672 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:16:14.0579 2672 nvraid - ok
15:16:14.0595 2672 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:16:14.0595 2672 nvstor - ok
15:16:14.0657 2672 [ A8BD627C6B78745CE8D591E9636E533F ] nvsvc C:\Windows\system32\nvvsvc.exe
15:16:14.0688 2672 nvsvc - ok
15:16:14.0751 2672 [ ABF9218BC7B87ED93C0B5DEAD9E2F7E9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:16:14.0813 2672 nvUpdatusService - ok
15:16:14.0844 2672 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:16:14.0860 2672 nv_agp - ok
15:16:14.0876 2672 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:16:14.0891 2672 ohci1394 - ok
15:16:14.0922 2672 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:16:14.0954 2672 ose - ok
15:16:14.0985 2672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:16:15.0000 2672 p2pimsvc - ok
15:16:15.0016 2672 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:16:15.0032 2672 p2psvc - ok
15:16:15.0047 2672 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:16:15.0063 2672 Parport - ok
15:16:15.0078 2672 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:16:15.0094 2672 partmgr - ok
15:16:15.0110 2672 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:16:15.0110 2672 PcaSvc - ok
15:16:15.0125 2672 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:16:15.0141 2672 pci - ok
15:16:15.0141 2672 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:16:15.0156 2672 pciide - ok
15:16:15.0156 2672 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:16:15.0172 2672 pcmcia - ok
15:16:15.0188 2672 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:16:15.0188 2672 pcw - ok
15:16:15.0203 2672 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:16:15.0234 2672 PEAUTH - ok
15:16:15.0266 2672 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:16:15.0281 2672 PeerDistSvc - ok
15:16:15.0344 2672 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:16:15.0390 2672 PerfHost - ok
15:16:15.0422 2672 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:16:15.0468 2672 pla - ok
15:16:15.0500 2672 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:16:15.0531 2672 PlugPlay - ok
15:16:15.0546 2672 PnkBstrA - ok
15:16:15.0562 2672 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:16:15.0578 2672 PNRPAutoReg - ok
15:16:15.0593 2672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:16:15.0593 2672 PNRPsvc - ok
15:16:15.0609 2672 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:16:15.0640 2672 PolicyAgent - ok
15:16:15.0656 2672 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:16:15.0687 2672 Power - ok
15:16:15.0702 2672 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:16:15.0734 2672 PptpMiniport - ok
15:16:15.0734 2672 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:16:15.0749 2672 Processor - ok
15:16:15.0765 2672 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:16:15.0780 2672 ProfSvc - ok
15:16:15.0780 2672 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:16:15.0796 2672 ProtectedStorage - ok
15:16:15.0812 2672 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:16:15.0843 2672 Psched - ok
15:16:15.0874 2672 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:16:15.0905 2672 ql2300 - ok
15:16:15.0921 2672 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:16:15.0921 2672 ql40xx - ok
15:16:15.0921 2672 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:16:15.0936 2672 QWAVE - ok
15:16:15.0952 2672 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:16:15.0968 2672 QWAVEdrv - ok
15:16:16.0014 2672 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:16:16.0046 2672 RapiMgr - ok
15:16:16.0061 2672 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:16:16.0092 2672 RasAcd - ok
15:16:16.0108 2672 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:16:16.0124 2672 RasAgileVpn - ok
15:16:16.0139 2672 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:16:16.0170 2672 RasAuto - ok
15:16:16.0186 2672 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:16:16.0202 2672 Rasl2tp - ok
15:16:16.0233 2672 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:16:16.0264 2672 RasMan - ok
15:16:16.0280 2672 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:16:16.0295 2672 RasPppoe - ok
15:16:16.0326 2672 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:16:16.0342 2672 RasSstp - ok
15:16:16.0358 2672 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:16:16.0389 2672 rdbss - ok
15:16:16.0389 2672 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:16:16.0404 2672 rdpbus - ok
15:16:16.0404 2672 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:16:16.0436 2672 RDPCDD - ok
15:16:16.0451 2672 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:16:16.0451 2672 RDPDR - ok
15:16:16.0467 2672 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:16:16.0498 2672 RDPENCDD - ok
15:16:16.0514 2672 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:16:16.0529 2672 RDPREFMP - ok
15:16:16.0560 2672 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:16:16.0560 2672 RDPWD - ok
15:16:16.0592 2672 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:16:16.0592 2672 rdyboost - ok
15:16:16.0638 2672 [ F38405956C690AF82CF913FD66E658A1 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:16:16.0654 2672 RealNetworks Downloader Resolver Service - ok
15:16:16.0685 2672 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:16:16.0763 2672 RemoteAccess - ok
15:16:16.0779 2672 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:16:16.0810 2672 RemoteRegistry - ok
15:16:16.0826 2672 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:16:16.0857 2672 RpcEptMapper - ok
15:16:16.0872 2672 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:16:16.0872 2672 RpcLocator - ok
15:16:16.0888 2672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:16:16.0919 2672 RpcSs - ok
15:16:16.0935 2672 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:16:16.0966 2672 rspndr - ok
15:16:16.0982 2672 [ 67C7695D3B18682ADDF8419EDA4BBFB8 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
15:16:16.0997 2672 RTHDMIAzAudService - ok
15:16:17.0013 2672 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:16:17.0028 2672 RTL8167 - ok
15:16:17.0060 2672 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:16:17.0060 2672 s3cap - ok
15:16:17.0075 2672 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:16:17.0075 2672 SamSs - ok
15:16:17.0091 2672 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:16:17.0106 2672 sbp2port - ok
15:16:17.0106 2672 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:16:17.0138 2672 SCardSvr - ok
15:16:17.0153 2672 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:16:17.0169 2672 scfilter - ok
15:16:17.0200 2672 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:16:17.0231 2672 Schedule - ok
15:16:17.0247 2672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:16:17.0278 2672 SCPolicySvc - ok
15:16:17.0294 2672 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:16:17.0294 2672 SDRSVC - ok
15:16:17.0309 2672 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:16:17.0340 2672 secdrv - ok
15:16:17.0356 2672 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:16:17.0372 2672 seclogon - ok
15:16:17.0387 2672 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:16:17.0418 2672 SENS - ok
15:16:17.0434 2672 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:16:17.0434 2672 SensrSvc - ok
15:16:17.0465 2672 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:16:17.0465 2672 Serenum - ok
15:16:17.0481 2672 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:16:17.0481 2672 Serial - ok
15:16:17.0512 2672 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:16:17.0512 2672 sermouse - ok
15:16:17.0574 2672 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:16:17.0621 2672 SessionEnv - ok
15:16:17.0652 2672 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:16:17.0652 2672 sffdisk - ok
15:16:17.0652 2672 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:16:17.0668 2672 sffp_mmc - ok
15:16:17.0668 2672 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:16:17.0684 2672 sffp_sd - ok
15:16:17.0715 2672 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:16:17.0715 2672 sfloppy - ok
15:16:17.0730 2672 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:16:17.0762 2672 ShellHWDetection - ok
15:16:17.0777 2672 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:16:17.0793 2672 SiSRaid2 - ok
15:16:17.0808 2672 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:16:17.0808 2672 SiSRaid4 - ok
15:16:17.0964 2672 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:16:18.0011 2672 Skype C2C Service - ok
15:16:18.0042 2672 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:16:18.0042 2672 SkypeUpdate - ok
15:16:18.0074 2672 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:16:18.0089 2672 Smb - ok
15:16:18.0120 2672 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:16:18.0120 2672 SNMPTRAP - ok
15:16:18.0136 2672 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:16:18.0136 2672 spldr - ok
15:16:18.0167 2672 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
15:16:18.0198 2672 Spooler - ok
15:16:18.0292 2672 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:16:18.0339 2672 sppsvc - ok
15:16:18.0354 2672 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:16:18.0386 2672 sppuinotify - ok
15:16:18.0401 2672 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:16:18.0417 2672 srv - ok
15:16:18.0432 2672 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:16:18.0448 2672 srv2 - ok
15:16:18.0464 2672 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:16:18.0464 2672 srvnet - ok
15:16:18.0495 2672 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:16:18.0510 2672 SSDPSRV - ok
15:16:18.0526 2672 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:16:18.0557 2672 SstpSvc - ok
15:16:18.0573 2672 Steam Client Service - ok
15:16:18.0620 2672 [ 2C25A72B53B28034BE260D81C4EA4955 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:16:18.0651 2672 Stereo Service - ok
15:16:18.0666 2672 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:16:18.0682 2672 stexstor - ok
15:16:18.0713 2672 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:16:18.0744 2672 stisvc - ok
15:16:18.0760 2672 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:16:18.0760 2672 storflt - ok
15:16:18.0776 2672 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:16:18.0791 2672 StorSvc - ok
15:16:18.0807 2672 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:16:18.0807 2672 storvsc - ok
15:16:18.0822 2672 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:16:18.0822 2672 swenum - ok
15:16:18.0838 2672 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:16:18.0869 2672 swprv - ok
15:16:18.0916 2672 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:16:18.0932 2672 SysMain - ok
15:16:18.0947 2672 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:16:18.0963 2672 TabletInputService - ok
15:16:18.0978 2672 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
15:16:18.0994 2672 taphss - ok
15:16:19.0010 2672 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:16:19.0041 2672 TapiSrv - ok
15:16:19.0041 2672 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:16:19.0072 2672 TBS - ok
15:16:19.0119 2672 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:16:19.0150 2672 Tcpip - ok
15:16:19.0212 2672 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:16:19.0275 2672 TCPIP6 - ok
15:16:19.0306 2672 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:16:19.0368 2672 tcpipreg - ok
15:16:19.0384 2672 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:16:19.0415 2672 TDPIPE - ok
15:16:19.0446 2672 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:16:19.0462 2672 TDTCP - ok
15:16:19.0478 2672 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:16:19.0509 2672 tdx - ok
15:16:19.0509 2672 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:16:19.0524 2672 TermDD - ok
15:16:19.0540 2672 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:16:19.0571 2672 TermService - ok
15:16:19.0587 2672 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:16:19.0602 2672 Themes - ok
15:16:19.0618 2672 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:16:19.0634 2672 THREADORDER - ok
15:16:19.0649 2672 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:16:19.0680 2672 TrkWks - ok
15:16:19.0727 2672 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:16:19.0758 2672 TrustedInstaller - ok
15:16:19.0774 2672 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:16:19.0805 2672 tssecsrv - ok
15:16:19.0836 2672 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:16:19.0852 2672 TsUsbFlt - ok
15:16:19.0868 2672 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:16:19.0899 2672 tunnel - ok
15:16:19.0914 2672 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:16:19.0914 2672 uagp35 - ok
15:16:19.0930 2672 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:16:19.0961 2672 udfs - ok
15:16:19.0977 2672 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:16:19.0992 2672 UI0Detect - ok
15:16:19.0992 2672 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:16:20.0008 2672 uliagpkx - ok
15:16:20.0039 2672 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:16:20.0039 2672 umbus - ok
15:16:20.0055 2672 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:16:20.0055 2672 UmPass - ok
15:16:20.0070 2672 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:16:20.0086 2672 UmRdpService - ok
15:16:20.0102 2672 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:16:20.0133 2672 upnphost - ok
15:16:20.0133 2672 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:16:20.0148 2672 usbccgp - ok
15:16:20.0164 2672 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:16:20.0211 2672 usbcir - ok
15:16:20.0226 2672 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:16:20.0258 2672 usbehci - ok
15:16:20.0273 2672 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:16:20.0289 2672 usbhub - ok
15:16:20.0304 2672 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:16:20.0320 2672 usbohci - ok
15:16:20.0320 2672 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:16:20.0336 2672 usbprint - ok
15:16:20.0367 2672 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:16:20.0382 2672 usbscan - ok
15:16:20.0382 2672 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:16:20.0398 2672 USBSTOR - ok
15:16:20.0398 2672 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:16:20.0414 2672 usbuhci - ok
15:16:20.0429 2672 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:16:20.0429 2672 usb_rndisx - ok
15:16:20.0445 2672 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:16:20.0476 2672 UxSms - ok
15:16:20.0492 2672 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:16:20.0492 2672 VaultSvc - ok
15:16:20.0507 2672 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:16:20.0523 2672 vdrvroot - ok
15:16:20.0554 2672 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:16:20.0570 2672 vds - ok
15:16:20.0585 2672 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:16:20.0585 2672 vga - ok
15:16:20.0601 2672 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:16:20.0632 2672 VgaSave - ok
15:16:20.0648 2672 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:16:20.0663 2672 vhdmp - ok
15:16:20.0679 2672 [ C2C95D62C90CA809240112B41C1765F2 ] vhidmini C:\Windows\system32\DRIVERS\walvhid.sys
15:16:20.0694 2672 vhidmini - ok
15:16:20.0694 2672 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:16:20.0710 2672 viaide - ok
15:16:20.0726 2672 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:16:20.0726 2672 vmbus - ok
15:16:20.0741 2672 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:16:20.0757 2672 VMBusHID - ok
15:16:20.0757 2672 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:16:20.0772 2672 volmgr - ok
15:16:20.0804 2672 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:16:20.0804 2672 volmgrx - ok
15:16:20.0819 2672 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:16:20.0835 2672 volsnap - ok
15:16:20.0866 2672 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:16:20.0866 2672 vsmraid - ok
15:16:20.0928 2672 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:16:20.0975 2672 VSS - ok
15:16:20.0975 2672 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:16:20.0991 2672 vwifibus - ok
15:16:21.0006 2672 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:16:21.0022 2672 vwififlt - ok
15:16:21.0038 2672 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:16:21.0069 2672 W32Time - ok
15:16:21.0084 2672 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:16:21.0100 2672 WacomPen - ok
15:16:21.0116 2672 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:16:21.0131 2672 WANARP - ok
15:16:21.0147 2672 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:16:21.0162 2672 Wanarpv6 - ok
15:16:21.0225 2672 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:16:21.0256 2672 wbengine - ok
15:16:21.0272 2672 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:16:21.0287 2672 WbioSrvc - ok
15:16:21.0318 2672 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
15:16:21.0318 2672 WcesComm - ok
15:16:21.0350 2672 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:16:21.0412 2672 wcncsvc - ok
15:16:21.0428 2672 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:16:21.0443 2672 WcsPlugInService - ok
15:16:21.0459 2672 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:16:21.0474 2672 Wd - ok
15:16:21.0490 2672 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:16:21.0521 2672 Wdf01000 - ok
15:16:21.0521 2672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:16:21.0537 2672 WdiServiceHost - ok
15:16:21.0537 2672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:16:21.0552 2672 WdiSystemHost - ok
15:16:21.0584 2672 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:16:21.0599 2672 WebClient - ok
15:16:21.0599 2672 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:16:21.0630 2672 Wecsvc - ok
15:16:21.0646 2672 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:16:21.0662 2672 wercplsupport - ok
15:16:21.0693 2672 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:16:21.0708 2672 WerSvc - ok
15:16:21.0724 2672 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:16:21.0755 2672 WfpLwf - ok
15:16:21.0755 2672 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:16:21.0771 2672 WIMMount - ok
15:16:21.0771 2672 WinHttpAutoProxySvc - ok
15:16:21.0818 2672 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:16:21.0849 2672 Winmgmt - ok
15:16:21.0880 2672 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:16:21.0927 2672 WinRM - ok
15:16:21.0958 2672 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:16:21.0974 2672 WinUsb - ok
15:16:21.0989 2672 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:16:22.0005 2672 Wlansvc - ok
15:16:22.0114 2672 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:16:22.0145 2672 wlidsvc - ok
15:16:22.0161 2672 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:16:22.0176 2672 WmiAcpi - ok
15:16:22.0192 2672 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:16:22.0192 2672 wmiApSrv - ok
15:16:22.0208 2672 WMPNetworkSvc - ok
15:16:22.0208 2672 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:16:22.0223 2672 WPCSvc - ok
15:16:22.0239 2672 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:16:22.0254 2672 WPDBusEnum - ok
15:16:22.0270 2672 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:16:22.0286 2672 ws2ifsl - ok
15:16:22.0301 2672 WSearch - ok
15:16:22.0317 2672 WTService - ok
15:16:22.0317 2672 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:16:22.0348 2672 WudfPf - ok
15:16:22.0364 2672 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:16:22.0395 2672 WUDFRd - ok
15:16:22.0410 2672 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:16:22.0442 2672 wudfsvc - ok
15:16:22.0457 2672 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:16:22.0457 2672 WwanSvc - ok
15:16:22.0488 2672 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:16:22.0504 2672 xusb21 - ok
15:16:22.0504 2672 ================ Scan global ===============================
15:16:22.0520 2672 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:16:22.0535 2672 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:16:22.0566 2672 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:16:22.0598 2672 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:16:22.0613 2672 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:16:22.0613 2672 [Global] - ok
15:16:22.0613 2672 ================ Scan MBR ==================================
15:16:22.0613 2672 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:16:22.0941 2672 \Device\Harddisk0\DR0 - ok
15:16:22.0941 2672 ================ Scan VBR ==================================
15:16:22.0956 2672 [ D3643F90E9ADFB5315D8306F1F65C28F ] \Device\Harddisk0\DR0\Partition1
15:16:22.0956 2672 \Device\Harddisk0\DR0\Partition1 - ok
15:16:22.0972 2672 [ 5DFBC6F5697EBAF80C7D8F479B1CAEB0 ] \Device\Harddisk0\DR0\Partition2
15:16:22.0972 2672 \Device\Harddisk0\DR0\Partition2 - ok
15:16:22.0988 2672 [ B0BEC0720339FE50B3779937F2093ABC ] \Device\Harddisk0\DR0\Partition3
15:16:22.0988 2672 \Device\Harddisk0\DR0\Partition3 - ok
15:16:23.0003 2672 [ F7042CB62906A8D6A4B1307E348CA86D ] \Device\Harddisk0\DR0\Partition4
15:16:23.0003 2672 \Device\Harddisk0\DR0\Partition4 - ok
15:16:23.0003 2672 ============================================================
15:16:23.0003 2672 Scan finished
15:16:23.0003 2672 ============================================================
15:16:23.0003 0892 Detected object count: 1
15:16:23.0003 0892 Actual detected object count: 1
15:16:25.0421 0892 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:25.0421 0892 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
 Dann genieß die letzten Stunden im Forum ;-) |
|
21.08.2012, 14:31
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.08.2012, 16:35
| #21 |
| | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DNCode:
ATTFilter ComboFix 12-08-20.02 - Dennis 21.08.2012 16:59:07.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16375.14425 [GMT 2:00]
ausgeführt von:: c:\users\Dennis\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
E:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-21 bis 2012-08-21 ))))))))))))))))))))))))))))))
.
.
2012-08-21 15:03 . 2012-08-21 15:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-21 12:50 . 2012-08-21 12:50 -------- d-----w- C:\found.001
2012-08-21 12:14 . 2012-08-21 12:14 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-18 17:46 . 2012-08-18 17:46 -------- d-----w- C:\_OTL
2012-08-17 05:10 . 2012-08-17 05:10 -------- d-----w- c:\program files (x86)\Microsoft Research
2012-08-15 19:22 . 2012-08-15 19:22 -------- d-----w- c:\program files (x86)\ESET
2012-08-15 17:53 . 2012-08-15 17:53 -------- d-----w- c:\users\Dennis\AppData\Roaming\Malwarebytes
2012-08-15 17:52 . 2012-08-15 17:52 -------- d-----w- c:\programdata\Malwarebytes
2012-08-15 17:52 . 2012-08-15 17:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-15 17:52 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-15 16:21 . 2012-08-15 16:21 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2012-08-15 16:21 . 2012-08-15 16:21 129176 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
2012-08-11 22:22 . 2012-07-03 16:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-11 22:22 . 2012-07-03 16:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-11 22:22 . 2012-07-03 16:21 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-11 22:22 . 2012-07-03 16:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-11 22:22 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-11 22:22 . 2012-07-03 16:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-11 22:22 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-11 22:22 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-08-11 22:22 . 2012-07-03 16:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-11 22:21 . 2012-08-11 22:21 -------- d-----w- c:\programdata\AVAST Software
2012-08-11 22:21 . 2012-08-11 22:21 -------- d-----w- c:\program files\AVAST Software
2012-08-11 22:14 . 2012-08-11 22:21 -------- d-----w- c:\users\Dennis\AppData\Local\ElevatedDiagnostics
2012-08-11 22:08 . 2012-08-11 22:08 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-08-11 16:07 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{92D5622D-9E58-488D-A713-77EB89EBA23D}\mpengine.dll
2012-08-10 16:16 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-09 16:57 . 2012-08-09 16:57 -------- d-----w- c:\users\UpdatusUser
2012-08-09 16:56 . 2012-06-28 23:56 2667062 ----a-w- c:\windows\system32\nvcoproc.bin
2012-08-09 16:56 . 2012-06-28 23:55 3266408 ----a-w- c:\windows\system32\nvsvc64.dll
2012-08-09 16:56 . 2012-06-28 23:55 6193000 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-09 16:56 . 2012-06-28 23:55 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-08-09 16:56 . 2012-06-28 23:55 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-09 16:56 . 2012-06-28 23:55 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-09 16:56 . 2012-06-28 23:55 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-08-09 16:56 . 2012-06-29 03:37 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-08-09 16:56 . 2012-06-29 03:37 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-08-09 16:56 . 2012-08-09 16:56 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 15:04 . 2011-03-23 17:34 23080 ----a-w- c:\windows\gdrv.sys
2012-08-21 12:48 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-08-15 17:46 . 2012-04-06 08:50 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 17:46 . 2011-05-25 10:04 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 16:21 . 2011-11-29 08:16 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-08-15 16:21 . 2011-11-29 08:16 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-07-11 20:29 . 2011-03-23 18:09 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-28 15:44 . 2012-06-28 15:44 428904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-06-12 03:08 . 2012-07-11 20:32 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 14:19 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 14:19 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 14:19 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 14:19 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 14:19 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 14:19 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 14:19 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-24 09:24 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-24 09:24 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-24 09:24 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-24 09:24 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-24 09:24 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-24 09:24 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-24 09:24 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-24 09:24 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-24 09:24 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-11 20:29 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-11 20:29 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-11 20:29 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-11 20:29 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-11 20:29 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-11 20:29 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-11 20:29 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-11 20:29 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-11 20:29 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-11 20:29 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-11 20:29 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-11 20:29 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-11 20:29 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-11 20:29 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-11 20:29 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-11 20:29 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-11 20:29 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-11 20:29 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-11 20:29 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 14:19 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 14:19 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 14:19 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 14:19 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 14:19 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 14:19 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 14:19 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 14:19 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 14:19 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"Steam"="e:\steam\steam.exe" [2012-08-11 1353080]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-08-15 296096]
.
c:\users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R0 35188807;35188807;c:\windows\system32\drivers\01094634.sys [x]
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 41053492;41053492; [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-08 9884672]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-08 307712]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-29 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [2008-10-03 225296]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-08 204288]
S2 AODDriver4.1.0;AODDriver4.1.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2012-02-10 56448]
S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2012-02-10 136616]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-29 1258856]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-03-23 31920]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-06-28 382312]
S2 WTService;WTService;c:\windows\system32\atwtusb.exe [2011-07-19 897536]
S3 arusb_win7x;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7x.sys [2010-06-01 769024]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-05-21 188776]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 17:46]
.
2012-08-11 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-08-11 16:21]
.
2012-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 19:29]
.
2012-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 19:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-01-20 6963744]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-20 1833504]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AtwtusbIcon"="AtwtusbIcon.exe" [2010-10-18 839912]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: battlefield.com
TCP: DhcpNameServer = 192.168.0.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} -
FF - ProfilePath - c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\vv5gd4cy.default\
FF - prefs.js: browser.startup.homepage - http://www.trojaner-board.de/search....orum/index.php
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-35188807.sys
SafeBoot-MsMpSvc
BHO-{BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - c:\program files\WEB.DE Toolbar\IE\uitb.dll
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-BattlEye for A2 - e:\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe
AddRemove-{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB} - c:\program files (x86)\Common Files\BioWare\Uninstall Mass Effect 2.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1847071707-787877189-3692908809-1001\Software\SecuROM\License information*]
"datasecu"=hex:a9,a8,cd,a2,3d,8d,04,d7,ea,05,93,b6,50,26,f3,52,3c,f7,36,93,f1,
cd,04,63,34,7c,4b,07,6b,cd,f7,66,e7,77,c5,fd,a0,73,a6,63,a7,6f,41,a6,e7,12,\
"rkeysecu"=hex:d4,1e,0d,45,42,4f,4a,6b,81,bf,b2,46,f6,8f,f8,90
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-21 17:09:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-21 15:09
.
Vor Suchlauf: 15 Verzeichnis(se), 11.182.895.104 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 10.810.871.808 Bytes frei
.
- - End Of File - - 90CF8B242346F5EC9466C3688CE963C9
|
|
30.08.2012, 11:41
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter Driver::
35188807
41053492
File::
c:\windows\system32\drivers\01094634.sys
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.08.2012, 15:33
| #23 |
| | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN Willkommen zurück, Cosinus :-) Code:
ATTFilter ComboFix 12-08-29.03 - Dennis 30.08.2012 16:13:10.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16375.14225 [GMT 2:00]
ausgeführt von:: c:\users\Dennis\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Dennis\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
FILE ::
"c:\windows\system32\drivers\01094634.sys"
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_41053492
-------\Service_35188807
-------\Service_41053492
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-28 bis 2012-08-30 ))))))))))))))))))))))))))))))
.
.
2012-08-30 14:17 . 2012-08-30 14:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-28 15:00 . 2003-01-06 11:13 57344 ----a-w- C:\h2format.exe
2012-08-21 12:50 . 2012-08-21 12:50 -------- d-----w- C:\found.001
2012-08-21 12:14 . 2012-08-21 12:14 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-18 17:46 . 2012-08-18 17:46 -------- d-----w- C:\_OTL
2012-08-17 05:10 . 2012-08-17 05:10 -------- d-----w- c:\program files (x86)\Microsoft Research
2012-08-15 19:22 . 2012-08-15 19:22 -------- d-----w- c:\program files (x86)\ESET
2012-08-15 17:53 . 2012-08-15 17:53 -------- d-----w- c:\users\Dennis\AppData\Roaming\Malwarebytes
2012-08-15 17:52 . 2012-08-15 17:52 -------- d-----w- c:\programdata\Malwarebytes
2012-08-15 17:52 . 2012-08-15 17:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-15 17:52 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-15 16:21 . 2012-08-15 16:21 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2012-08-15 16:21 . 2012-08-15 16:21 129176 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
2012-08-13 11:35 . 2012-08-13 11:35 5115584 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-08-11 22:22 . 2012-08-21 09:13 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-11 22:22 . 2012-08-21 09:13 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-11 22:22 . 2012-08-21 09:13 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-11 22:22 . 2012-08-21 09:13 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-11 22:22 . 2012-08-21 09:13 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-11 22:22 . 2012-08-21 09:13 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-11 22:22 . 2012-08-21 09:12 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-11 22:22 . 2012-08-21 09:12 41224 ----a-w- c:\windows\avastSS.scr
2012-08-11 22:22 . 2012-08-21 09:12 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-11 22:21 . 2012-08-11 22:21 -------- d-----w- c:\programdata\AVAST Software
2012-08-11 22:21 . 2012-08-11 22:21 -------- d-----w- c:\program files\AVAST Software
2012-08-11 22:14 . 2012-08-11 22:21 -------- d-----w- c:\users\Dennis\AppData\Local\ElevatedDiagnostics
2012-08-11 22:08 . 2012-08-11 22:08 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-08-11 16:07 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{92D5622D-9E58-488D-A713-77EB89EBA23D}\mpengine.dll
2012-08-10 16:16 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-09 16:57 . 2012-08-09 16:57 -------- d-----w- c:\users\UpdatusUser
2012-08-09 16:56 . 2012-06-28 23:56 2667062 ----a-w- c:\windows\system32\nvcoproc.bin
2012-08-09 16:56 . 2012-06-28 23:55 3266408 ----a-w- c:\windows\system32\nvsvc64.dll
2012-08-09 16:56 . 2012-06-28 23:55 6193000 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-09 16:56 . 2012-06-28 23:55 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-08-09 16:56 . 2012-06-28 23:55 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-09 16:56 . 2012-06-28 23:55 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-09 16:56 . 2012-06-28 23:55 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-08-09 16:56 . 2012-06-29 03:37 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-08-09 16:56 . 2012-06-29 03:37 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-08-09 16:56 . 2012-08-09 16:56 -------- d-----w- c:\programdata\NVIDIA Corporation
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-30 14:19 . 2011-03-23 17:34 23080 ----a-w- c:\windows\gdrv.sys
2012-08-21 12:48 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-08-15 17:46 . 2012-04-06 08:50 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 17:46 . 2011-05-25 10:04 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 16:21 . 2011-11-29 08:16 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-08-15 16:21 . 2011-11-29 08:16 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-07-11 20:29 . 2011-03-23 18:09 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-28 15:44 . 2012-06-28 15:44 428904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-06-12 03:08 . 2012-07-11 20:32 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 14:19 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 14:19 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 14:19 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 14:19 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 14:19 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 14:19 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 14:19 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-24 09:24 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-24 09:24 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-24 09:24 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-24 09:24 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-24 09:24 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-24 09:24 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-24 09:24 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-24 09:24 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-24 09:24 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-11 20:29 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-11 20:29 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-11 20:29 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-11 20:29 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-11 20:29 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-11 20:29 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-11 20:29 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-11 20:29 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-11 20:29 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-11 20:29 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-11 20:29 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-11 20:29 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-11 20:29 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-11 20:29 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-11 20:29 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-11 20:29 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-11 20:29 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-11 20:29 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-11 20:29 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 14:19 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 14:19 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 14:19 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 14:19 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 14:19 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 14:19 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 14:19 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 14:19 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 14:19 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-21_15.05.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-08-30 14:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-08-21 15:04 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-08-21 15:04 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-30 14:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-21 15:04 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-30 14:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-23 17:42 . 2012-08-21 15:29 39286 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-24 14:49 29374 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-03-23 17:42 . 2012-08-24 14:49 11032 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1847071707-787877189-3692908809-1001_UserData.bin
+ 2012-08-21 16:06 . 2012-08-21 16:06 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-08-30 14:19 . 2012-08-30 14:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-21 15:04 . 2012-08-21 15:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-30 14:19 . 2012-08-30 14:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-21 15:04 . 2012-08-21 15:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-03-24 20:25 . 2012-08-27 14:04 279810 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-03-26 14:27 . 2012-08-30 14:02 270252 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2009-07-14 02:36 . 2012-08-28 14:06 663070 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-23 14:24 663070 c:\windows\system32\perfh009.dat
+ 2009-07-14 17:58 . 2012-08-28 14:06 709452 c:\windows\system32\perfh007.dat
- 2009-07-14 17:58 . 2012-06-23 14:24 709452 c:\windows\system32\perfh007.dat
+ 2009-07-14 02:36 . 2012-08-28 14:06 126160 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-23 14:24 126160 c:\windows\system32\perfc009.dat
+ 2009-07-14 17:58 . 2012-08-28 14:06 153944 c:\windows\system32\perfc007.dat
- 2009-07-14 17:58 . 2012-06-23 14:24 153944 c:\windows\system32\perfc007.dat
+ 2011-03-23 17:30 . 2012-08-21 16:06 212992 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-03-23 17:30 . 2012-08-18 17:32 212992 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-08-28 14:25 108896 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 05:01 . 2012-08-21 15:03 282180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-30 14:18 282180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:54 . 2012-08-21 16:06 4898816 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-18 17:32 4898816 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 02:34 . 2012-08-30 14:18 10854400 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2011-03-23 20:10 . 2012-08-30 14:18 49308156 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1847071707-787877189-3692908809-1001-8192.dat
+ 2011-03-23 20:10 . 2012-08-24 14:46 25005272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1847071707-787877189-3692908809-1001-12288.dat
+ 2012-08-28 14:02 . 2012-08-28 14:02 10141696 c:\windows\Installer\1470e1d6.msi
+ 2012-08-30 14:18 . 2012-08-30 14:18 10854400 c:\windows\erdnt\subs\SCHEMA.DAT
+ 2012-08-30 14:10 . 2012-08-30 14:10 10854400 c:\windows\erdnt\Hiv-backup\SCHEMA.DAT
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"Steam"="e:\steam\steam.exe" [2012-08-11 1353080]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-08-15 296096]
.
c:\users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-08 9884672]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-08 307712]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-29 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [2008-10-03 225296]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-08 204288]
S2 AODDriver4.1.0;AODDriver4.1.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2012-02-10 56448]
S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2012-02-10 136616]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-29 1258856]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-03-23 31920]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-06-28 382312]
S2 WTService;WTService;c:\windows\system32\atwtusb.exe [2011-07-19 897536]
S3 arusb_win7x;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7x.sys [2010-06-01 769024]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-05-21 188776]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 17:46]
.
2012-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 19:29]
.
2012-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 19:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}]
c:\program files\WEB.DE Toolbar\IE\uitb.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-01-20 6963744]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-20 1833504]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AtwtusbIcon"="AtwtusbIcon.exe" [2010-10-18 839912]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"combofix"="c:\combofix\CF18361.3XE" [2010-11-20 345088]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: battlefield.com
TCP: DhcpNameServer = 192.168.0.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} -
FF - ProfilePath - c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\vv5gd4cy.default\
FF - prefs.js: browser.startup.homepage - http://www.trojaner-board.de/search....orum/index.php
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1847071707-787877189-3692908809-1001\Software\SecuROM\License information*]
"datasecu"=hex:a9,a8,cd,a2,3d,8d,04,d7,ea,05,93,b6,50,26,f3,52,3c,f7,36,93,f1,
cd,04,63,34,7c,4b,07,6b,cd,f7,66,e7,77,c5,fd,a0,73,a6,63,a7,6f,41,a6,e7,12,\
"rkeysecu"=hex:d4,1e,0d,45,42,4f,4a,6b,81,bf,b2,46,f6,8f,f8,90
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-30 16:26:55 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-30 14:26
ComboFix2.txt 2012-08-21 15:09
.
Vor Suchlauf: 21 Verzeichnis(se), 11.888.578.560 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 11.633.025.024 Bytes frei
.
- - End Of File - - EE4B9AFE4713F43C87870102266D7324
|
|
30.08.2012, 19:52
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DNCode:
ATTFilter AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
Zwei Virenscanner parallel sind Gift für das System!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.08.2012, 11:32
| #25 |
| | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN Im Eröffnungsbeitrag stand schon, das Avast installiert wurde und auch in meinem vorletzten Beitrag habe ich noch von Avast gesprochen. Die Security Essentials funktionierten seit dem Befall nicht mehr. |
|
31.08.2012, 11:37
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN Das steht aber jetzt erst im zweiten Log von CF! Erst da tauchten die Einträge von Avast und MSE auf! Bitte einen der beiden umgehend deinstallieren!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.08.2012, 16:46
| #27 |
| | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN Fertig. MSE ist wieder Single. |
|
31.08.2012, 19:48
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.09.2012, 11:35
| #29 |
| | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DNCode:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 12:19:21 on 01.09.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "tablet.cpl" - "WALTOP International Corp." - C:\Windows\system32\tablet.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AODDriver4.0" (AODDriver4.0) - ? - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys (File not found) "AODDriver4.01" (AODDriver4.01) - ? - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys (File not found) "AODDriver4.1.0" (AODDriver4.1.0) - "Advanced Micro Devices" - C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "gdrv" (gdrv) - "Windows (R) Server 2003 DDK provider" - C:\Windows\gdrv.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} "WEB.DE NewTab Protocol" - ? - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files (x86)\7-Zip\7-zip.dll {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\OFFICE11\msohev.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files (x86)\real\realplayer\rpshell.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout64" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} "DeviceVM Url Search Hook" - "DeviceVM Inc." - C:\Windows\SysWOW64\dvmurl.dll -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {67DABFBF-D0AB-41FA-9C46-CC0F21721616} "DivXBrowserPlugin Object" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll / hxxp://download.divx.com/player/DivXBrowserPlugin.cab {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} "Dldrv2 Control" - "GIGA" - C:\Windows\DOWNLO~1\Dldrv.ocx / hxxp://download.gigabyte.com.tw/object/Dldrv.ocx {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_3_300_271.ocx / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab {E6F480FC-BD44-4CBA-B74A-89AF7842937D} "SysInfo Class" - "Husdawg, LLC" - C:\Program Files (x86)\SystemRequirementsLab\srldetect_cyri_4.4.26.0.dll / hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab {5D6F45B3-9043-443D-A792-115447494D24} "UnoCtrl Class" - "Microsoft" - C:\Windows\Downloaded Program Files\GAME_UNO1.dll / hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "@C:\Windows\WindowsMobile\INetRepl.dll,-222" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealDownloader" - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "OpenOffice.org 3.3.lnk" - ? - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "ISUSPM Startup" - "InstallShield Software Corporation" - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup "msnmsgr" - "Microsoft Corporation" - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background "Steam" - "Valve Corporation" - "E:\Steam\steam.exe" -silent -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "amd_dc_opt" - "AMD" - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe "DivXUpdate" - ? - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "ISUSScheduler" - "InstallShield Software Corporation" - "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start "JMB36X IDE Setup" - ? - C:\Windows\RaidTool\xInsIDE.exe (File found, but it contains no detailed information) "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "TkBellExe" - "RealNetworks, Inc." - "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - C:\Program Files\Microsoft Security Client\NisSrv.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "AODService" (AODService) - ? - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe (File found, but it contains no detailed information) "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe "ES lite Service for program management." (ES lite Service) - ? - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE (File found, but it contains no detailed information) "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Updater Service" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Security Client\MsMpEng.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe "NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe (File not found) "RealNetworks Downloader Resolver Service" (RealNetworks Downloader Resolver Service) - ? - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (File found, but it contains no detailed information) "Skype C2C Service" (Skype C2C Service) - "Skype Technologies S.A." - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files (x86)\Common Files\Steam\SteamService.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE "WTService" (WTService) - ? - C:\Windows\system32\atwtusb.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-01 12:21:08
-----------------------------
12:21:08.747 OS Version: Windows x64 6.1.7601 Service Pack 1
12:21:08.747 Number of processors: 4 586 0x402
12:21:08.747 ComputerName: DENNIS-PC UserName: Dennis
12:21:09.621 Initialize success
12:22:04.349 AVAST engine defs: 12090100
12:22:28.405 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000062
12:22:28.405 Disk 0 Vendor: AMD_____ 1.10 Size: 476837MB BusType: 8
12:22:28.420 Disk 0 MBR read successfully
12:22:28.436 Disk 0 MBR scan
12:22:28.436 Disk 0 Windows 7 default MBR code
12:22:28.467 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:22:28.483 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 79900 MB offset 206848
12:22:28.514 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 138500 MB offset 163842048
12:22:28.561 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 258335 MB offset 447490048
12:22:28.592 Disk 0 scanning C:\Windows\system32\drivers
12:22:35.705 Service scanning
12:22:51.274 Modules scanning
12:22:51.290 Disk 0 trace - called modules:
12:22:51.820 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll ahcix64s.sys
12:22:51.836 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800e093060]
12:22:51.836 3 CLASSPNP.SYS[fffff880019b843f] -> nt!IofCallDriver -> [0xfffffa800ccd1710]
12:22:51.851 5 ACPI.sys[fffff88000f3f7a1] -> nt!IofCallDriver -> \Device\00000062[0xfffffa800db0f9c0]
12:22:52.928 AVAST engine scan C:\Windows
12:22:55.221 AVAST engine scan C:\Windows\system32
12:25:04.296 AVAST engine scan C:\Windows\system32\drivers
12:25:12.595 AVAST engine scan C:\Users\Dennis
12:29:28.591 AVAST engine scan C:\ProgramData
12:29:52.412 Scan finished successfully
12:32:15.870 Disk 0 MBR has been saved successfully to "C:\Users\Dennis\Desktop\MBR.dat"
12:32:15.886 The log file has been saved successfully to "C:\Users\Dennis\Desktop\aswMBR.txt"
|
|
01.09.2012, 12:27
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Live Security Platinum & Win64:Sirefef-F & Java:Downloader-DN |
| 5 minuten, adobe, antivirus, autorun, avast, bho, browser, error, fehler, festplatte, firefox, flash player, format, google earth, helper, launch, logfile, mozilla, netzwerk, nvidia update, origin, plug-in, programm, realtek, registry, rundll, scan, security, software, teamspeak, win64, windows, youtube downloader |
Linear-Darstellung
