| |
| |||||||
Log-Analyse und Auswertung: PC (Win7 Home) lahm, Avira WarnmeldungenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.11.2012, 16:33
| #1 |
| |  PC (Win7 Home) lahm, Avira Warnmeldungen Hallo, der rechner meiner Frau lahmt nach 1,5 Jahren Benutzung und bedarf wohl einiger Hygiene. Kann mir bitte jemand anhand des OTL-Protokolls helfen, das System wieder "normal" zu trimmen? Nach dem Scan spuckte OTL übrigens nur die "Extras.txt" aus, keine otl.txt. Die Avira fehlermeldung gibt an: "Adware/installcore.gen" und die Datei wurde in Quarantäne verschoben. --------------------------------------------------------------OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 10.11.2012 16:00:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXXX\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 50,93% Memory free
6,99 Gb Paging File | 4,89 Gb Available in Paging File | 69,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 175,22 Gb Free Space | 75,27% Space Free | Partition Type: NTFS
Computer Name: YYYYY | User Name: XXXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1148B45C-31DE-42B8-8C8A-BAEF4763FA35}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28258BC2-2B32-4544-9ADB-34D8AE9E7B87}" = rport=138 | protocol=17 | dir=out | app=system |
"{2D6452EB-DB56-4B2D-8002-6F5B88D93CED}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{2F0DE555-7A8C-474C-A800-7DCC0EC6D05E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4357F03D-A332-44D1-A74E-67007D5C42FC}" = rport=139 | protocol=6 | dir=out | app=system |
"{46239BC1-34CD-4D68-8151-E13DAF3298A1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4D8B2126-65F5-45F3-8357-CDB8F272163E}" = rport=137 | protocol=17 | dir=out | app=system |
"{58706030-25A2-4228-8249-8B42F420FF7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{609920CA-04B8-45C2-B860-7E5810E7B865}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6944F58E-3E2A-45D6-83AF-C4A91882D3CC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6EB3F093-CCF6-4D51-9B44-E425CF377BFF}" = rport=445 | protocol=6 | dir=out | app=system |
"{6FC8E994-DA71-4044-899D-E2EDB530CDDE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{80A1575E-FF62-48CD-BADF-B8F1F6C34692}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{81D8DA29-4B79-42CB-BE83-1B29F188A73D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{822D56DA-C891-4018-8E21-B0718C72A39E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86F9E275-9C52-4F4D-8BCA-4F92B236695B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90B05C39-65F7-45F5-AD4A-CCB70B342CE9}" = lport=139 | protocol=6 | dir=in | app=system |
"{9A94D0E4-5401-48F2-A20D-3DE432897E4E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AF195E4C-7AC7-4E48-8A83-FD6A866912A8}" = lport=138 | protocol=17 | dir=in | app=system |
"{B3E1FA72-0414-4118-BD7D-EA69396BC003}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA227FC6-7F8C-4E75-86B3-59C886B95A95}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CFBAF0DD-69D1-4AAF-A28F-AD714004884D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E5BA0F07-187C-4C37-9541-497000C55432}" = lport=445 | protocol=6 | dir=in | app=system |
"{FC194B23-62CA-44A2-944E-8E5A2AAD57FF}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11D1FDCA-C81D-4F3C-9CFD-C79621038D3D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20256206-6433-4957-89BA-92959FD431BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{26B8E90E-10B6-4377-B42A-3ED4901B281C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2927BCA7-DD67-4D02-A6AB-56DB219207AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2B68110E-77AB-48DE-AE07-F3C26F73E35B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{326489CB-686E-45F1-A3A7-03376702A539}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F77A891-5742-4B0B-A554-26738921FB74}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{554D016D-40FC-4211-A10B-AD6F16BCF12F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5623208D-4EA0-475B-9A17-ECBA9B3DB57D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5970D87E-5A8D-4B37-973B-A0A5687132CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{67891DA9-3746-40BC-8A24-3A4C7A55037D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{73499E0A-7F45-4D51-B100-010E568707B2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{7B1CCCFF-587F-414E-9B38-C145A6D71DF9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E60C624-8631-4BBF-9024-C335266A7FBA}" = protocol=6 | dir=out | app=system |
"{A03C926F-115E-4D2E-9C8A-46104C1386BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B4E8661E-FD70-45D0-A743-BFE0EDCEBE53}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5CC5C82-169B-440D-BD4C-DA2B83B1E606}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C02FB74F-69B1-41AC-8B6A-689EBBC48F77}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C1535C47-8A75-40BB-A9A3-F780DF1EA556}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{C717E7D2-CF2F-4E05-B23C-C699A0258AB6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C7D77C69-D242-4C7E-BDFC-24B897B5ACCA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E1663771-4227-4D7F-B3DC-36CD815A6249}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EDF4C321-BCCA-43AA-A313-F205A401F6A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"TCP Query User{44A3CE76-3203-4B70-A6BD-7F1E109E4A1A}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{81A09839-7E65-4DF1-B9FC-85F0626D5D7A}E:\windows\dsassistant\dsassistant.exe" = protocol=6 | dir=in | app=e:\windows\dsassistant\dsassistant.exe |
"TCP Query User{C1CA3264-70E1-4AAF-B283-59F4C741FF2B}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{F5312B8A-3167-4AAA-9ADF-91A8DD2035A2}C:\users\XXXXX\downloads\all6200_cd\extract\autorun.exe" = protocol=6 | dir=in | app=c:\users\XXXXX\downloads\all6200_cd\extract\autorun.exe |
"UDP Query User{0D5B6409-1A95-4081-8A66-647B8BE1C84E}C:\users\XXXXX\downloads\all6200_cd\extract\autorun.exe" = protocol=17 | dir=in | app=c:\users\XXXXX\downloads\all6200_cd\extract\autorun.exe |
"UDP Query User{1514B7C1-B5E9-4F28-A076-18AFF8344909}E:\windows\dsassistant\dsassistant.exe" = protocol=17 | dir=in | app=e:\windows\dsassistant\dsassistant.exe |
"UDP Query User{73CD49F3-E7C3-42C7-8A3D-5C018876511F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{C8792D33-BD4B-4E56-A787-F605147FFAFB}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{377672F0-6B8A-467D-8DDC-79338BCCD531}" = 64 Bit HP CIO Components Installer
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8DA5428C-3D35-317C-2FBA-485AAC49E9C0}" = ccc-utility64
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{CCC50A42-892B-AF23-6188-6E8D2FDF34E3}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BDE949A-3CF5-3852-B4F7-92EAE4F25F73}" = CCC Help English
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1D8635E1-46A9-1B10-6151-ED7169AB8C9A}" = GMX SMS-Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{45350494-82B7-3E53-85B7-79A1AD9AE080}" = Catalyst Control Center Graphics Light
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{525E7F71-67C1-806E-69D0-892CC3CE2F8E}" = Catalyst Control Center Graphics Full Existing
"{537306C2-CDAC-F606-5D46-D5727F58FAD3}" = Catalyst Control Center Graphics Previews Vista
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{88DDBE5E-8AC0-F463-AC50-E56FAA2E3CEB}" = Catalyst Control Center Graphics Previews Common
"{897B3B21-8691-26F5-97E8-A9955C20BB20}" = Catalyst Control Center HydraVision Full
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A842C34B-2083-6947-BC0E-5654BDBADCDA}" = Catalyst Control Center Graphics Full New
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{BA3B34EB-3F4B-0E19-0916-971C1AD3F0AD}" = Catalyst Control Center InstallProxy
"{CB166F48-6219-2DFD-8800-191BE6F5923A}" = ccc-core-static
"{E0B71631-6AA8-C596-A485-8480E92DD745}" = Catalyst Control Center Core Implementation
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Avira AntiVir Desktop" = Avira Free Antivirus
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"com.unitedinternet.ums.sms-mms-manager" = GMX SMS-Manager
"IrfanView" = IrfanView (remove only)
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PDFs Zusammenfügen 2" = PDFs Zusammenfügen 2
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox Packages" = Mozilla Firefox Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.06.2012 17:34:04 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.06.2012 17:34:10 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.06.2012 17:34:10 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.06.2012 17:34:10 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.06.2012 17:34:10 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.06.2012 17:34:11 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.06.2012 17:34:12 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.06.2012 17:34:12 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.06.2012 17:34:12 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.06.2012 17:34:26 | Computer Name = YYYYY | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ System Events ]
Error - 19.10.2012 17:42:59 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
Error - 24.10.2012 08:46:35 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
Error - 25.10.2012 16:36:50 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
Error - 26.10.2012 17:48:03 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
Error - 27.10.2012 18:22:19 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
Error - 28.10.2012 06:17:33 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
Error - 30.10.2012 18:27:36 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
Error - 04.11.2012 18:30:33 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
Error - 06.11.2012 19:15:08 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
Error - 08.11.2012 11:26:42 | Computer Name = YYYYY | Source = DCOM | ID = 10010
Description =
< End of report >
------------------------------------------------------ Herzlichen Dank Rainer |
|
10.11.2012, 20:26
| #2 |
| /// Malware-holic   | PC (Win7 Home) lahm, Avira Warnmeldungen__________________
__________________ |
|
12.11.2012, 13:13
| #3 |
| | PC (Win7 Home) lahm, Avira Warnmeldungen Hallo,
__________________anbei das Avira-Log: -------------------------------------------- Exportierte Ereignisse: 08.11.2012 20:48 [System-Scanner] Malware gefunden Die Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56fb9e37.qua' verschoben! 08.11.2012 20:46 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 08.11.2012 20:46 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 08.11.2012 16:57 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 08.11.2012 16:57 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 08.11.2012 10:53 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 08.11.2012 09:13 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 08.11.2012 09:13 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 05.11.2012 18:46 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern 05.11.2012 18:46 [Echtzeit-Scanner] Malware gefunden In der Datei 'C:\Users\XXXXX\Downloads\Firefox_Setup_16.0.1.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] gefunden. Ausgeführte Aktion: Zugriff verweigern -------------------------------------- Herzlichen Dank Rainer |
|
12.11.2012, 13:19
| #4 |
| /// Malware-holic | PC (Win7 Home) lahm, Avira Warnmeldungen von wo habt ihr firefox geladen, in zukunft bitte nur beim hersteller. malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
12.11.2012, 17:26
| #5 |
| | PC (Win7 Home) lahm, Avira Warnmeldungen Hi, das Programm liefert keine Treffer! Log folgend: ------------------------------------ Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.12.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 XXXXX :: INAJUNGERMANN [Administrator] 12.11.2012 14:32:59 mbam-log-2012-11-12 (14-32-59).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 362293 Laufzeit: 1 Stunde(n), 9 Minute(n), 20 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) ------------------------------------------- Viele Grüße und danke Rainer |
|
13.11.2012, 19:16
| #6 |
| /// Malware-holic | PC (Win7 Home) lahm, Avira Warnmeldungen hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ --> PC (Win7 Home) lahm, Avira Warnmeldungen |
|
17.11.2012, 18:10
| #7 |
| | PC (Win7 Home) lahm, Avira Warnmeldungen Hi Markus, anbei das tdss-killer-log: ------------------------------------ 18:06:47.0844 0936 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 18:06:48.0156 0936 ============================================================ 18:06:48.0156 0936 Current date / time: 2012/11/17 18:06:48.0156 18:06:48.0156 0936 SystemInfo: 18:06:48.0156 0936 18:06:48.0157 0936 OS Version: 6.1.7601 ServicePack: 1.0 18:06:48.0157 0936 Product type: Workstation 18:06:48.0157 0936 ComputerName: INAYYYYY 18:06:48.0158 0936 UserName: XXXXX 18:06:48.0158 0936 Windows directory: C:\Windows 18:06:48.0158 0936 System windows directory: C:\Windows 18:06:48.0158 0936 Running under WOW64 18:06:48.0158 0936 Processor architecture: Intel x64 18:06:48.0158 0936 Number of processors: 2 18:06:48.0158 0936 Page size: 0x1000 18:06:48.0158 0936 Boot type: Normal boot 18:06:48.0158 0936 ============================================================ 18:06:49.0197 0936 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x764A9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040 18:06:49.0200 0936 ============================================================ 18:06:49.0200 0936 \Device\Harddisk0\DR0: 18:06:49.0200 0936 MBR partitions: 18:06:49.0200 0936 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 18:06:49.0200 0936 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800 18:06:49.0200 0936 ============================================================ 18:06:49.0233 0936 C: <-> \Device\Harddisk0\DR0\Partition2 18:06:49.0234 0936 ============================================================ 18:06:49.0234 0936 Initialize success 18:06:49.0234 0936 ============================================================ 18:07:15.0095 2956 ============================================================ 18:07:15.0095 2956 Scan started 18:07:15.0095 2956 Mode: Manual; SigCheck; TDLFS; 18:07:15.0095 2956 ============================================================ 18:07:16.0393 2956 ================ Scan system memory ======================== 18:07:16.0393 2956 System memory - ok 18:07:16.0396 2956 ================ Scan services ============================= 18:07:16.0510 2956 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:07:16.0568 2956 1394ohci - ok 18:07:16.0596 2956 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:07:16.0610 2956 ACPI - ok 18:07:16.0627 2956 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:07:16.0707 2956 AcpiPmi - ok 18:07:16.0810 2956 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:07:16.0819 2956 AdobeARMservice - ok 18:07:16.0910 2956 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:07:16.0920 2956 AdobeFlashPlayerUpdateSvc - ok 18:07:16.0956 2956 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 18:07:16.0979 2956 adp94xx - ok 18:07:16.0997 2956 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 18:07:17.0016 2956 adpahci - ok 18:07:17.0029 2956 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 18:07:17.0049 2956 adpu320 - ok 18:07:17.0074 2956 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:07:17.0171 2956 AeLookupSvc - ok 18:07:17.0220 2956 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 18:07:17.0284 2956 AFD - ok 18:07:17.0325 2956 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:07:17.0339 2956 agp440 - ok 18:07:17.0367 2956 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 18:07:17.0426 2956 ALG - ok 18:07:17.0466 2956 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 18:07:17.0480 2956 aliide - ok 18:07:17.0498 2956 [ 1D317EA326423FF7630CF1DA3BD46A1C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 18:07:17.0564 2956 AMD External Events Utility - ok 18:07:17.0580 2956 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 18:07:17.0591 2956 amdide - ok 18:07:17.0614 2956 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 18:07:17.0667 2956 AmdK8 - ok 18:07:17.0689 2956 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 18:07:17.0724 2956 AmdPPM - ok 18:07:17.0755 2956 [ 12A5062C06E03FF70DB47800F91C7A13 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys 18:07:17.0784 2956 amdsata - ok 18:07:17.0822 2956 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 18:07:17.0846 2956 amdsbs - ok 18:07:17.0868 2956 [ 8A7F289B45CEACAC761E14D5FAC59EB9 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys 18:07:17.0878 2956 amdxata - ok 18:07:17.0945 2956 [ A5569C4429D1C5494049FBFE2B2D20FF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 18:07:17.0952 2956 AntiVirSchedulerService - ok 18:07:17.0960 2956 [ CB7EA00A4E70DF6828EBB68633D000D2 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 18:07:17.0968 2956 AntiVirService - ok 18:07:18.0003 2956 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 18:07:18.0170 2956 AppID - ok 18:07:18.0187 2956 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:07:18.0242 2956 AppIDSvc - ok 18:07:18.0288 2956 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 18:07:18.0334 2956 Appinfo - ok 18:07:18.0367 2956 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 18:07:18.0382 2956 arc - ok 18:07:18.0392 2956 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 18:07:18.0408 2956 arcsas - ok 18:07:18.0426 2956 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:07:18.0478 2956 AsyncMac - ok 18:07:18.0528 2956 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 18:07:18.0544 2956 atapi - ok 18:07:18.0583 2956 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 18:07:18.0597 2956 AtiHdmiService - ok 18:07:18.0691 2956 [ 19B5C61CB09BFF2BD69E063EE54B56C3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 18:07:18.0874 2956 atikmdag - ok 18:07:18.0917 2956 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 18:07:18.0927 2956 AtiPcie - ok 18:07:18.0979 2956 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:07:19.0051 2956 AudioEndpointBuilder - ok 18:07:19.0079 2956 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:07:19.0110 2956 AudioSrv - ok 18:07:19.0146 2956 [ 58AEE8F9E26595ADEB6F008FBB0D6174 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 18:07:19.0160 2956 avgntflt - ok 18:07:19.0201 2956 [ 37D3D3D28B107BCBC1C0137FF31AE480 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 18:07:19.0216 2956 avipbb - ok 18:07:19.0224 2956 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 18:07:19.0236 2956 avkmgr - ok 18:07:19.0269 2956 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:07:19.0340 2956 AxInstSV - ok 18:07:19.0380 2956 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 18:07:19.0439 2956 b06bdrv - ok 18:07:19.0468 2956 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:07:19.0521 2956 b57nd60a - ok 18:07:19.0585 2956 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 18:07:19.0645 2956 BDESVC - ok 18:07:19.0666 2956 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 18:07:19.0720 2956 Beep - ok 18:07:19.0782 2956 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 18:07:19.0826 2956 BFE - ok 18:07:19.0876 2956 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 18:07:19.0949 2956 BITS - ok 18:07:19.0974 2956 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 18:07:20.0007 2956 blbdrive - ok 18:07:20.0050 2956 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:07:20.0068 2956 bowser - ok 18:07:20.0091 2956 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:07:20.0171 2956 BrFiltLo - ok 18:07:20.0176 2956 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:07:20.0188 2956 BrFiltUp - ok 18:07:20.0222 2956 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 18:07:20.0276 2956 Browser - ok 18:07:20.0300 2956 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:07:20.0366 2956 Brserid - ok 18:07:20.0384 2956 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:07:20.0417 2956 BrSerWdm - ok 18:07:20.0440 2956 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:07:20.0472 2956 BrUsbMdm - ok 18:07:20.0476 2956 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:07:20.0491 2956 BrUsbSer - ok 18:07:20.0508 2956 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 18:07:20.0539 2956 BTHMODEM - ok 18:07:20.0576 2956 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 18:07:20.0622 2956 bthserv - ok 18:07:20.0639 2956 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:07:20.0674 2956 cdfs - ok 18:07:20.0716 2956 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 18:07:20.0748 2956 cdrom - ok 18:07:20.0798 2956 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 18:07:20.0855 2956 CertPropSvc - ok 18:07:20.0891 2956 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 18:07:20.0920 2956 circlass - ok 18:07:20.0953 2956 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 18:07:20.0966 2956 CLFS - ok 18:07:21.0005 2956 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:07:21.0020 2956 clr_optimization_v2.0.50727_32 - ok 18:07:21.0062 2956 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:07:21.0076 2956 clr_optimization_v2.0.50727_64 - ok 18:07:21.0132 2956 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:07:21.0156 2956 clr_optimization_v4.0.30319_32 - ok 18:07:21.0180 2956 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:07:21.0188 2956 clr_optimization_v4.0.30319_64 - ok 18:07:21.0214 2956 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:07:21.0239 2956 CmBatt - ok 18:07:21.0273 2956 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:07:21.0285 2956 cmdide - ok 18:07:21.0315 2956 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 18:07:21.0352 2956 CNG - ok 18:07:21.0376 2956 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:07:21.0388 2956 Compbatt - ok 18:07:21.0414 2956 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 18:07:21.0444 2956 CompositeBus - ok 18:07:21.0462 2956 COMSysApp - ok 18:07:21.0473 2956 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 18:07:21.0485 2956 crcdisk - ok 18:07:21.0524 2956 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:07:21.0581 2956 CryptSvc - ok 18:07:21.0629 2956 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:07:21.0677 2956 DcomLaunch - ok 18:07:21.0705 2956 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 18:07:21.0755 2956 defragsvc - ok 18:07:21.0801 2956 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:07:21.0848 2956 DfsC - ok 18:07:21.0881 2956 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 18:07:21.0925 2956 Dhcp - ok 18:07:21.0942 2956 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 18:07:21.0996 2956 discache - ok 18:07:22.0036 2956 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 18:07:22.0051 2956 Disk - ok 18:07:22.0087 2956 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:07:22.0154 2956 Dnscache - ok 18:07:22.0182 2956 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 18:07:22.0236 2956 dot3svc - ok 18:07:22.0267 2956 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 18:07:22.0314 2956 DPS - ok 18:07:22.0350 2956 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:07:22.0378 2956 drmkaud - ok 18:07:22.0419 2956 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:07:22.0459 2956 DXGKrnl - ok 18:07:22.0489 2956 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 18:07:22.0536 2956 EapHost - ok 18:07:22.0606 2956 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 18:07:22.0719 2956 ebdrv - ok 18:07:22.0748 2956 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 18:07:22.0803 2956 EFS - ok 18:07:22.0855 2956 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:07:22.0955 2956 ehRecvr - ok 18:07:22.0981 2956 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 18:07:23.0034 2956 ehSched - ok 18:07:23.0062 2956 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 18:07:23.0090 2956 elxstor - ok 18:07:23.0117 2956 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:07:23.0147 2956 ErrDev - ok 18:07:23.0182 2956 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 18:07:23.0248 2956 EventSystem - ok 18:07:23.0277 2956 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 18:07:23.0329 2956 exfat - ok 18:07:23.0351 2956 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:07:23.0398 2956 fastfat - ok 18:07:23.0440 2956 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 18:07:23.0488 2956 Fax - ok 18:07:23.0512 2956 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 18:07:23.0524 2956 fdc - ok 18:07:23.0548 2956 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 18:07:23.0595 2956 fdPHost - ok 18:07:23.0618 2956 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 18:07:23.0667 2956 FDResPub - ok 18:07:23.0690 2956 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:07:23.0704 2956 FileInfo - ok 18:07:23.0721 2956 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:07:23.0784 2956 Filetrace - ok 18:07:23.0800 2956 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 18:07:23.0827 2956 flpydisk - ok 18:07:23.0862 2956 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:07:23.0882 2956 FltMgr - ok 18:07:23.0932 2956 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 18:07:24.0015 2956 FontCache - ok 18:07:24.0057 2956 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:07:24.0070 2956 FontCache3.0.0.0 - ok 18:07:24.0100 2956 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:07:24.0115 2956 FsDepends - ok 18:07:24.0151 2956 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:07:24.0163 2956 Fs_Rec - ok 18:07:24.0199 2956 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:07:24.0213 2956 fvevol - ok 18:07:24.0230 2956 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 18:07:24.0244 2956 gagp30kx - ok 18:07:24.0254 2956 gdrv - ok 18:07:24.0290 2956 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 18:07:24.0363 2956 gpsvc - ok 18:07:24.0443 2956 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:07:24.0450 2956 gupdate - ok 18:07:24.0458 2956 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:07:24.0466 2956 gupdatem - ok 18:07:24.0484 2956 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:07:24.0529 2956 hcw85cir - ok 18:07:24.0568 2956 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:07:24.0607 2956 HdAudAddService - ok 18:07:24.0645 2956 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 18:07:24.0677 2956 HDAudBus - ok 18:07:24.0704 2956 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 18:07:24.0762 2956 HidBatt - ok 18:07:24.0776 2956 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 18:07:24.0808 2956 HidBth - ok 18:07:24.0824 2956 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 18:07:24.0853 2956 HidIr - ok 18:07:24.0874 2956 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 18:07:24.0920 2956 hidserv - ok 18:07:24.0966 2956 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 18:07:24.0979 2956 HidUsb - ok 18:07:25.0000 2956 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:07:25.0048 2956 hkmsvc - ok 18:07:25.0081 2956 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:07:25.0142 2956 HomeGroupListener - ok 18:07:25.0169 2956 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:07:25.0200 2956 HomeGroupProvider - ok 18:07:25.0251 2956 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:07:25.0265 2956 HpSAMD - ok 18:07:25.0309 2956 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:07:25.0367 2956 HTTP - ok 18:07:25.0399 2956 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:07:25.0407 2956 hwpolicy - ok 18:07:25.0429 2956 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 18:07:25.0444 2956 i8042prt - ok 18:07:25.0470 2956 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:07:25.0492 2956 iaStorV - ok 18:07:25.0539 2956 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:07:25.0592 2956 idsvc - ok 18:07:25.0625 2956 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 18:07:25.0639 2956 iirsp - ok 18:07:25.0665 2956 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 18:07:25.0745 2956 IKEEXT - ok 18:07:25.0807 2956 [ 76877DD763A2287F58908795F3F5CCCB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 18:07:25.0897 2956 IntcAzAudAddService - ok 18:07:25.0927 2956 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 18:07:25.0939 2956 intelide - ok 18:07:25.0963 2956 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:07:25.0992 2956 intelppm - ok 18:07:26.0022 2956 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:07:26.0060 2956 IPBusEnum - ok 18:07:26.0087 2956 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:07:26.0136 2956 IpFilterDriver - ok 18:07:26.0167 2956 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:07:26.0217 2956 iphlpsvc - ok 18:07:26.0241 2956 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:07:26.0268 2956 IPMIDRV - ok 18:07:26.0295 2956 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:07:26.0345 2956 IPNAT - ok 18:07:26.0372 2956 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:07:26.0451 2956 IRENUM - ok 18:07:26.0477 2956 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:07:26.0489 2956 isapnp - ok 18:07:26.0517 2956 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 18:07:26.0536 2956 iScsiPrt - ok 18:07:26.0549 2956 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 18:07:26.0562 2956 kbdclass - ok 18:07:26.0583 2956 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 18:07:26.0614 2956 kbdhid - ok 18:07:26.0635 2956 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 18:07:26.0645 2956 KeyIso - ok 18:07:26.0668 2956 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:07:26.0683 2956 KSecDD - ok 18:07:26.0710 2956 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:07:26.0726 2956 KSecPkg - ok 18:07:26.0750 2956 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:07:26.0800 2956 ksthunk - ok 18:07:26.0826 2956 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 18:07:26.0878 2956 KtmRm - ok 18:07:26.0926 2956 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 18:07:26.0985 2956 LanmanServer - ok 18:07:27.0013 2956 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:07:27.0060 2956 LanmanWorkstation - ok 18:07:27.0099 2956 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:07:27.0148 2956 lltdio - ok 18:07:27.0184 2956 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:07:27.0228 2956 lltdsvc - ok 18:07:27.0247 2956 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:07:27.0278 2956 lmhosts - ok 18:07:27.0305 2956 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 18:07:27.0319 2956 LSI_FC - ok 18:07:27.0341 2956 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 18:07:27.0356 2956 LSI_SAS - ok 18:07:27.0372 2956 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:07:27.0387 2956 LSI_SAS2 - ok 18:07:27.0406 2956 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:07:27.0424 2956 LSI_SCSI - ok 18:07:27.0443 2956 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 18:07:27.0478 2956 luafv - ok 18:07:27.0503 2956 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:07:27.0537 2956 Mcx2Svc - ok 18:07:27.0556 2956 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 18:07:27.0570 2956 megasas - ok 18:07:27.0586 2956 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 18:07:27.0605 2956 MegaSR - ok 18:07:27.0663 2956 Microsoft SharePoint Workspace Audit Service - ok 18:07:27.0686 2956 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 18:07:27.0744 2956 MMCSS - ok 18:07:27.0770 2956 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 18:07:27.0821 2956 Modem - ok 18:07:27.0849 2956 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:07:27.0878 2956 monitor - ok 18:07:27.0922 2956 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys 18:07:27.0936 2956 mouclass - ok 18:07:27.0954 2956 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:07:28.0000 2956 mouhid - ok 18:07:28.0031 2956 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:07:28.0041 2956 mountmgr - ok 18:07:28.0074 2956 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:07:28.0089 2956 MozillaMaintenance - ok 18:07:28.0104 2956 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 18:07:28.0124 2956 mpio - ok 18:07:28.0136 2956 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:07:28.0170 2956 mpsdrv - ok 18:07:28.0211 2956 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:07:28.0288 2956 MpsSvc - ok 18:07:28.0309 2956 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:07:28.0328 2956 MRxDAV - ok 18:07:28.0360 2956 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:07:28.0408 2956 mrxsmb - ok 18:07:28.0443 2956 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:07:28.0477 2956 mrxsmb10 - ok 18:07:28.0500 2956 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:07:28.0525 2956 mrxsmb20 - ok 18:07:28.0545 2956 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 18:07:28.0557 2956 msahci - ok 18:07:28.0590 2956 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:07:28.0606 2956 msdsm - ok 18:07:28.0624 2956 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 18:07:28.0661 2956 MSDTC - ok 18:07:28.0695 2956 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:07:28.0733 2956 Msfs - ok 18:07:28.0749 2956 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:07:28.0791 2956 mshidkmdf - ok 18:07:28.0823 2956 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:07:28.0835 2956 msisadrv - ok 18:07:28.0865 2956 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:07:28.0898 2956 MSiSCSI - ok 18:07:28.0902 2956 msiserver - ok 18:07:28.0926 2956 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:07:28.0969 2956 MSKSSRV - ok 18:07:28.0992 2956 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:07:29.0021 2956 MSPCLOCK - ok 18:07:29.0036 2956 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:07:29.0078 2956 MSPQM - ok 18:07:29.0109 2956 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:07:29.0128 2956 MsRPC - ok 18:07:29.0158 2956 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 18:07:29.0166 2956 mssmbios - ok 18:07:29.0186 2956 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:07:29.0231 2956 MSTEE - ok 18:07:29.0248 2956 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 18:07:29.0259 2956 MTConfig - ok 18:07:29.0286 2956 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 18:07:29.0302 2956 Mup - ok 18:07:29.0334 2956 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 18:07:29.0389 2956 napagent - ok 18:07:29.0428 2956 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:07:29.0466 2956 NativeWifiP - ok 18:07:29.0540 2956 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 18:07:29.0552 2956 NAUpdate - ok 18:07:29.0595 2956 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 18:07:29.0625 2956 NDIS - ok 18:07:29.0648 2956 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:07:29.0693 2956 NdisCap - ok 18:07:29.0729 2956 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:07:29.0759 2956 NdisTapi - ok 18:07:29.0787 2956 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:07:29.0833 2956 Ndisuio - ok 18:07:29.0876 2956 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:07:29.0946 2956 NdisWan - ok 18:07:29.0984 2956 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:07:30.0031 2956 NDProxy - ok 18:07:30.0099 2956 [ 2C723E42FC8D7B0209492828F921FB50 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 18:07:30.0124 2956 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:07:30.0124 2956 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:07:30.0158 2956 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:07:30.0203 2956 NetBIOS - ok 18:07:30.0232 2956 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:07:30.0275 2956 NetBT - ok 18:07:30.0298 2956 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 18:07:30.0308 2956 Netlogon - ok 18:07:30.0341 2956 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 18:07:30.0386 2956 Netman - ok 18:07:30.0416 2956 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 18:07:30.0480 2956 netprofm - ok 18:07:30.0513 2956 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:07:30.0527 2956 NetTcpPortSharing - ok 18:07:30.0556 2956 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 18:07:30.0568 2956 nfrd960 - ok 18:07:30.0614 2956 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:07:30.0639 2956 NlaSvc - ok 18:07:30.0658 2956 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:07:30.0688 2956 Npfs - ok 18:07:30.0707 2956 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 18:07:30.0755 2956 nsi - ok 18:07:30.0783 2956 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:07:30.0829 2956 nsiproxy - ok 18:07:30.0889 2956 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:07:30.0943 2956 Ntfs - ok 18:07:30.0955 2956 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 18:07:31.0007 2956 Null - ok 18:07:31.0022 2956 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:07:31.0037 2956 nvraid - ok 18:07:31.0065 2956 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:07:31.0081 2956 nvstor - ok 18:07:31.0093 2956 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:07:31.0109 2956 nv_agp - ok 18:07:31.0121 2956 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:07:31.0149 2956 ohci1394 - ok 18:07:31.0189 2956 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:07:31.0205 2956 ose64 - ok 18:07:31.0317 2956 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:07:31.0423 2956 osppsvc - ok 18:07:31.0458 2956 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:07:31.0521 2956 p2pimsvc - ok 18:07:31.0541 2956 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 18:07:31.0561 2956 p2psvc - ok 18:07:31.0586 2956 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 18:07:31.0600 2956 Parport - ok 18:07:31.0637 2956 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:07:31.0652 2956 partmgr - ok 18:07:31.0669 2956 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 18:07:31.0711 2956 PcaSvc - ok 18:07:31.0734 2956 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 18:07:31.0745 2956 pci - ok 18:07:31.0771 2956 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 18:07:31.0783 2956 pciide - ok 18:07:31.0808 2956 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 18:07:31.0826 2956 pcmcia - ok 18:07:31.0843 2956 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 18:07:31.0856 2956 pcw - ok 18:07:31.0871 2956 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:07:31.0963 2956 PEAUTH - ok 18:07:32.0028 2956 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:07:32.0041 2956 PerfHost - ok 18:07:32.0087 2956 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 18:07:32.0162 2956 pla - ok 18:07:32.0216 2956 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:07:32.0246 2956 PlugPlay - ok 18:07:32.0274 2956 [ 171E6D91A20AAC8D02172A64E82CE90B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 18:07:32.0298 2956 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:07:32.0298 2956 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:07:32.0323 2956 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:07:32.0353 2956 PNRPAutoReg - ok 18:07:32.0374 2956 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:07:32.0385 2956 PNRPsvc - ok 18:07:32.0429 2956 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:07:32.0489 2956 PolicyAgent - ok 18:07:32.0536 2956 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 18:07:32.0582 2956 Power - ok 18:07:32.0609 2956 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:07:32.0655 2956 PptpMiniport - ok 18:07:32.0691 2956 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 18:07:32.0722 2956 Processor - ok 18:07:32.0783 2956 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 18:07:32.0848 2956 ProfSvc - ok 18:07:32.0862 2956 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:07:32.0872 2956 ProtectedStorage - ok 18:07:32.0906 2956 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:07:32.0947 2956 Psched - ok 18:07:32.0985 2956 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 18:07:33.0046 2956 ql2300 - ok 18:07:33.0075 2956 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 18:07:33.0090 2956 ql40xx - ok 18:07:33.0113 2956 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 18:07:33.0160 2956 QWAVE - ok 18:07:33.0185 2956 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:07:33.0215 2956 QWAVEdrv - ok 18:07:33.0237 2956 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:07:33.0287 2956 RasAcd - ok 18:07:33.0323 2956 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:07:33.0364 2956 RasAgileVpn - ok 18:07:33.0381 2956 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 18:07:33.0414 2956 RasAuto - ok 18:07:33.0446 2956 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:07:33.0496 2956 Rasl2tp - ok 18:07:33.0519 2956 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 18:07:33.0580 2956 RasMan - ok 18:07:33.0607 2956 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:07:33.0659 2956 RasPppoe - ok 18:07:33.0678 2956 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:07:33.0724 2956 RasSstp - ok 18:07:33.0748 2956 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:07:33.0803 2956 rdbss - ok 18:07:33.0823 2956 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 18:07:33.0857 2956 rdpbus - ok 18:07:33.0879 2956 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:07:33.0907 2956 RDPCDD - ok 18:07:33.0927 2956 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:07:33.0972 2956 RDPENCDD - ok 18:07:33.0997 2956 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:07:34.0032 2956 RDPREFMP - ok 18:07:34.0062 2956 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:07:34.0105 2956 RDPWD - ok 18:07:34.0140 2956 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:07:34.0157 2956 rdyboost - ok 18:07:34.0180 2956 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:07:34.0230 2956 RemoteAccess - ok 18:07:34.0262 2956 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:07:34.0322 2956 RemoteRegistry - ok 18:07:34.0346 2956 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:07:34.0391 2956 RpcEptMapper - ok 18:07:34.0421 2956 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 18:07:34.0446 2956 RpcLocator - ok 18:07:34.0474 2956 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 18:07:34.0504 2956 RpcSs - ok 18:07:34.0529 2956 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:07:34.0585 2956 rspndr - ok 18:07:34.0613 2956 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys 18:07:34.0633 2956 RTHDMIAzAudService - ok 18:07:34.0659 2956 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 18:07:34.0737 2956 RTL8167 - ok 18:07:34.0760 2956 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 18:07:34.0771 2956 SamSs - ok 18:07:34.0803 2956 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:07:34.0820 2956 sbp2port - ok 18:07:34.0884 2956 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 18:07:34.0916 2956 SBSDWSCService - ok 18:07:34.0936 2956 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:07:35.0011 2956 SCardSvr - ok 18:07:35.0039 2956 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:07:35.0081 2956 scfilter - ok 18:07:35.0127 2956 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 18:07:35.0197 2956 Schedule - ok 18:07:35.0225 2956 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 18:07:35.0251 2956 SCPolicySvc - ok 18:07:35.0279 2956 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:07:35.0368 2956 SDRSVC - ok 18:07:35.0395 2956 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:07:35.0441 2956 secdrv - ok 18:07:35.0460 2956 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 18:07:35.0507 2956 seclogon - ok 18:07:35.0536 2956 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 18:07:35.0577 2956 SENS - ok 18:07:35.0594 2956 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:07:35.0642 2956 SensrSvc - ok 18:07:35.0651 2956 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 18:07:35.0663 2956 Serenum - ok 18:07:35.0688 2956 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 18:07:35.0719 2956 Serial - ok 18:07:35.0744 2956 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 18:07:35.0758 2956 sermouse - ok 18:07:35.0791 2956 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 18:07:35.0836 2956 SessionEnv - ok 18:07:35.0870 2956 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:07:35.0914 2956 sffdisk - ok 18:07:35.0928 2956 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:07:35.0956 2956 sffp_mmc - ok 18:07:35.0975 2956 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:07:36.0001 2956 sffp_sd - ok 18:07:36.0029 2956 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 18:07:36.0051 2956 sfloppy - ok 18:07:36.0068 2956 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:07:36.0128 2956 SharedAccess - ok 18:07:36.0160 2956 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:07:36.0213 2956 ShellHWDetection - ok 18:07:36.0247 2956 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:07:36.0261 2956 SiSRaid2 - ok 18:07:36.0275 2956 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 18:07:36.0288 2956 SiSRaid4 - ok 18:07:36.0307 2956 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:07:36.0347 2956 Smb - ok 18:07:36.0381 2956 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:07:36.0414 2956 SNMPTRAP - ok 18:07:36.0430 2956 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 18:07:36.0445 2956 spldr - ok 18:07:36.0473 2956 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 18:07:36.0544 2956 Spooler - ok 18:07:36.0619 2956 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 18:07:36.0723 2956 sppsvc - ok 18:07:36.0761 2956 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:07:36.0813 2956 sppuinotify - ok 18:07:36.0842 2956 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 18:07:36.0896 2956 srv - ok 18:07:36.0914 2956 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:07:36.0958 2956 srv2 - ok 18:07:36.0982 2956 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:07:37.0011 2956 srvnet - ok 18:07:37.0056 2956 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:07:37.0103 2956 SSDPSRV - ok 18:07:37.0122 2956 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:07:37.0164 2956 SstpSvc - ok 18:07:37.0185 2956 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 18:07:37.0197 2956 stexstor - ok 18:07:37.0240 2956 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 18:07:37.0298 2956 stisvc - ok 18:07:37.0328 2956 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 18:07:37.0339 2956 swenum - ok 18:07:37.0369 2956 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 18:07:37.0425 2956 swprv - ok 18:07:37.0479 2956 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 18:07:37.0544 2956 SysMain - ok 18:07:37.0583 2956 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:07:37.0615 2956 TabletInputService - ok 18:07:37.0646 2956 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 18:07:37.0698 2956 TapiSrv - ok 18:07:37.0734 2956 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 18:07:37.0776 2956 TBS - ok 18:07:37.0836 2956 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:07:37.0908 2956 Tcpip - ok 18:07:37.0954 2956 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:07:37.0992 2956 TCPIP6 - ok 18:07:38.0033 2956 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:07:38.0053 2956 tcpipreg - ok 18:07:38.0081 2956 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:07:38.0134 2956 TDPIPE - ok 18:07:38.0159 2956 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:07:38.0205 2956 TDTCP - ok 18:07:38.0239 2956 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:07:38.0288 2956 tdx - ok 18:07:38.0322 2956 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 18:07:38.0336 2956 TermDD - ok 18:07:38.0371 2956 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 18:07:38.0447 2956 TermService - ok 18:07:38.0476 2956 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 18:07:38.0512 2956 Themes - ok 18:07:38.0534 2956 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 18:07:38.0568 2956 THREADORDER - ok 18:07:38.0580 2956 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 18:07:38.0633 2956 TrkWks - ok 18:07:38.0691 2956 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:07:38.0732 2956 TrustedInstaller - ok 18:07:38.0773 2956 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:07:38.0802 2956 tssecsrv - ok 18:07:38.0824 2956 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:07:38.0867 2956 TsUsbFlt - ok 18:07:38.0890 2956 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:07:38.0942 2956 tunnel - ok 18:07:38.0970 2956 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 18:07:38.0989 2956 uagp35 - ok 18:07:39.0020 2956 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:07:39.0072 2956 udfs - ok 18:07:39.0108 2956 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:07:39.0141 2956 UI0Detect - ok 18:07:39.0163 2956 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:07:39.0178 2956 uliagpkx - ok 18:07:39.0210 2956 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 18:07:39.0243 2956 umbus - ok 18:07:39.0269 2956 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 18:07:39.0281 2956 UmPass - ok 18:07:39.0299 2956 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 18:07:39.0337 2956 upnphost - ok 18:07:39.0349 2956 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys 18:07:39.0401 2956 usbccgp - ok 18:07:39.0439 2956 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:07:39.0458 2956 usbcir - ok 18:07:39.0472 2956 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 18:07:39.0498 2956 usbehci - ok 18:07:39.0531 2956 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:07:39.0571 2956 usbhub - ok 18:07:39.0590 2956 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 18:07:39.0630 2956 usbohci - ok 18:07:39.0665 2956 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 18:07:39.0682 2956 usbprint - ok 18:07:39.0707 2956 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:07:39.0759 2956 USBSTOR - ok 18:07:39.0768 2956 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:07:39.0800 2956 usbuhci - ok 18:07:39.0824 2956 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 18:07:39.0855 2956 UxSms - ok 18:07:39.0864 2956 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 18:07:39.0873 2956 VaultSvc - ok 18:07:39.0909 2956 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:07:39.0922 2956 vdrvroot - ok 18:07:39.0956 2956 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 18:07:40.0028 2956 vds - ok 18:07:40.0072 2956 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:07:40.0103 2956 vga - ok 18:07:40.0117 2956 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 18:07:40.0164 2956 VgaSave - ok 18:07:40.0196 2956 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:07:40.0215 2956 vhdmp - ok 18:07:40.0226 2956 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 18:07:40.0251 2956 viaide - ok 18:07:40.0262 2956 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:07:40.0277 2956 volmgr - ok 18:07:40.0310 2956 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:07:40.0324 2956 volmgrx - ok 18:07:40.0340 2956 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:07:40.0359 2956 volsnap - ok 18:07:40.0382 2956 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 18:07:40.0397 2956 vsmraid - ok 18:07:40.0448 2956 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 18:07:40.0530 2956 VSS - ok 18:07:40.0549 2956 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 18:07:40.0575 2956 vwifibus - ok 18:07:40.0593 2956 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 18:07:40.0634 2956 W32Time - ok 18:07:40.0662 2956 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 18:07:40.0693 2956 WacomPen - ok 18:07:40.0741 2956 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:07:40.0788 2956 WANARP - ok 18:07:40.0791 2956 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:07:40.0817 2956 Wanarpv6 - ok 18:07:40.0865 2956 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 18:07:40.0937 2956 wbengine - ok 18:07:40.0962 2956 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:07:40.0983 2956 WbioSrvc - ok 18:07:41.0012 2956 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:07:41.0036 2956 wcncsvc - ok 18:07:41.0046 2956 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:07:41.0086 2956 WcsPlugInService - ok 18:07:41.0104 2956 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 18:07:41.0119 2956 Wd - ok 18:07:41.0154 2956 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:07:41.0202 2956 Wdf01000 - ok 18:07:41.0226 2956 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:07:41.0322 2956 WdiServiceHost - ok 18:07:41.0326 2956 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:07:41.0340 2956 WdiSystemHost - ok 18:07:41.0352 2956 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 18:07:41.0394 2956 WebClient - ok 18:07:41.0428 2956 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:07:41.0480 2956 Wecsvc - ok 18:07:41.0499 2956 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:07:41.0531 2956 wercplsupport - ok 18:07:41.0559 2956 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 18:07:41.0598 2956 WerSvc - ok 18:07:41.0629 2956 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:07:41.0658 2956 WfpLwf - ok 18:07:41.0674 2956 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:07:41.0688 2956 WIMMount - ok 18:07:41.0700 2956 WinDefend - ok 18:07:41.0704 2956 WinHttpAutoProxySvc - ok 18:07:41.0742 2956 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:07:41.0779 2956 Winmgmt - ok 18:07:41.0832 2956 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 18:07:41.0920 2956 WinRM - ok 18:07:41.0961 2956 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 18:07:42.0016 2956 Wlansvc - ok 18:07:42.0044 2956 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 18:07:42.0073 2956 WmiAcpi - ok 18:07:42.0108 2956 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:07:42.0139 2956 wmiApSrv - ok 18:07:42.0166 2956 WMPNetworkSvc - ok 18:07:42.0180 2956 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:07:42.0222 2956 WPCSvc - ok 18:07:42.0248 2956 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:07:42.0265 2956 WPDBusEnum - ok 18:07:42.0288 2956 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:07:42.0336 2956 ws2ifsl - ok 18:07:42.0370 2956 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 18:07:42.0405 2956 wscsvc - ok 18:07:42.0409 2956 WSearch - ok 18:07:42.0471 2956 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 18:07:42.0529 2956 wuauserv - ok 18:07:42.0553 2956 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:07:42.0613 2956 WudfPf - ok 18:07:42.0633 2956 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:07:42.0659 2956 WUDFRd - ok 18:07:42.0684 2956 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:07:42.0707 2956 wudfsvc - ok 18:07:42.0743 2956 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 18:07:42.0775 2956 WwanSvc - ok 18:07:42.0794 2956 ================ Scan global =============================== 18:07:42.0810 2956 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 18:07:42.0839 2956 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 18:07:42.0852 2956 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 18:07:42.0870 2956 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 18:07:42.0885 2956 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 18:07:42.0888 2956 [Global] - ok 18:07:42.0889 2956 ================ Scan MBR ================================== 18:07:42.0903 2956 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:07:43.0088 2956 \Device\Harddisk0\DR0 - ok 18:07:43.0089 2956 ================ Scan VBR ================================== 18:07:43.0119 2956 [ 29270709283999A3F65251D350B75F22 ] \Device\Harddisk0\DR0\Partition1 18:07:43.0121 2956 \Device\Harddisk0\DR0\Partition1 - ok 18:07:43.0131 2956 [ 686FBCBB049B59B6749DB7860F9F4971 ] \Device\Harddisk0\DR0\Partition2 18:07:43.0133 2956 \Device\Harddisk0\DR0\Partition2 - ok 18:07:43.0134 2956 ============================================================ 18:07:43.0134 2956 Scan finished 18:07:43.0134 2956 ============================================================ 18:07:43.0145 4428 Detected object count: 2 18:07:43.0145 4428 Actual detected object count: 2 18:07:56.0255 4428 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:07:56.0255 4428 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:07:56.0256 4428 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:07:56.0256 4428 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip ------------------------------------ Vielen Dank Rainer |
|
19.11.2012, 18:34
| #8 | |
| /// Malware-holic | PC (Win7 Home) lahm, Avira Warnmeldungen combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
19.11.2012, 19:28
| #9 |
| | PC (Win7 Home) lahm, Avira Warnmeldungen Hi Markus, erst nochmal danke für deine Hilfe. Hältst du denn weitere Versuche das System zu bereinigen für sinnvoller als eine Neuinstallation? Ansonsten werde ich zum kommenden Wochenende combofix durchlaufen lassen. Viele Grüße Rainer |
|
20.11.2012, 22:38
| #10 |
| /// Malware-holic | PC (Win7 Home) lahm, Avira Warnmeldungen Hi, ne Bereinigung ist natürlich mit Zeitaufwand und einem gewissen Risiko verbunden. Wir können auch neu aufsetzen, und den PC dann absichern. Das kann natürlich bei Zeitmangel ratsam sein
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
26.11.2012, 22:56
| #11 |
| | PC (Win7 Home) lahm, Avira Warnmeldungen Hi, würde gern das System neu aufsetzen. Mit Win7Pro und Backup auf einer extra-hdd. Wir haben im Heimnetzwerk ein 2TB-NAS aber ich kenn mich mit Linux nicht besonders, nee falsch, gar nicht aus. Wäre aber hervorragend wenn am Ende ein halbwegs sicheres System bleibt. Viele Grüße Rainer |
|
27.11.2012, 16:48
| #12 |
| /// Malware-holic | PC (Win7 Home) lahm, Avira Warnmeldungen hi, Die Platte kannst du nutzen. Linux ist nicht so schwer zu bedienen denke ich, schaus dir mal an. 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu PC (Win7 Home) lahm, Avira Warnmeldungen |
| adobe, adware/installcore.gen, avira, avira fehlermeldung, desktop, dll, error, excel, explorer, fehler, flash player, format, google, home, install.exe, logfile, mozilla, realtek, registry, rundll, scan, security, software, svchost.exe, system, tcp, udp, warnmeldungen, windows |
Linear-Darstellung
