| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GUV-Trojaner-Infektion über Jawa-SicherheitslückeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.01.2013, 20:19
| #1 |
 |  GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Hallo liebe Helfer! Ich wurde anscheinend überraschend vom GUV-Trojaner erwischt... Als ich den Computer vor einigen Tagen morgens anmachte konnte ich mich auf auf einer GUV-gesperrten Seite über meine Webcam sehen und wurde aufgefordert sofort 100 Euro per Safepay zu bezahlen. Nach kurzem Googlen war der Trojaner entlarvt und ich konnte über einen abgesicherten Start eine Systemwiederherstellung machen und den Computer so entsperren. Ich benutze Windows7 32-Bit und ZoneAlarm als Firewall und Virenscanner. Ich habe über den Virenscanner einen Trojaner identifiziert und diesen gelöscht. Er befand sich in einem Jawa-Unterverzeichnis. Außerdem habe ich auf eine Anleitung von Chip.de hin eine Dat-Datei gelöscht, die für diesen Trojaner beschrieben wurde. Ein erneuter Virenscan mit ZoneAlarm, der gerade noch läuft brachte direkt 2 neue Funde. Deshalb suche ich nun Hilfe und will das nicht mehr auf die leichte Schulter nehmen. Wie fange ich am besten an? Kann ich ein Log-File von ZoneAlarm posten oder muss ich zwingend nochmals mit Malwarebytes scannen? Nach einigem Stöbern hier bewundere ich bereits Eure großartige Arbeit und möchte mich schon mal im Voraus herzlich bedanken!  |
|
02.01.2013, 21:12
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Hallo und
__________________ Zitat:
 noch direkt auf deinem Rechner zugreifen um zu erfahren was da genau und wo gefunden wurde.Bitte alle Logs mit Funden posten siehe http://www.trojaner-board.de/125889-...tml#post941520
__________________ |
|
02.01.2013, 22:09
| #3 |
| | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Hallo Cosinus!
__________________Vielen Dank für die schnelle Antwort, mittlerweile habe ich auch die Auswertung von ZoneAlarm: Code:
ATTFilter ZoneAlarm Protokoll-Client v10.2.047.000
Windows 7-6.1.7601-Service Pack 1-SMP
Typ,Datum,Uhrzeit,Quelle,Ziel,Transport (Sicherheit)
Typ,Datum,Uhrzeit,Virusname,Dateiname,Modus,E-Mail-ID (Anti-Virus)
Typ,Datum,Uhrzeit,Quelle,Ziel,Aktion,Dienst (IM-Sicherheit)
Typ,Datum,Uhrzeit,Quelle,Ziel,Programm,Aktion (Schutz gegen gefährlichen Code)
Typ,Datum,Uhrzeit,Aktion,Produkt,Datei,Ereignis,Unterereignis,Klasse,Daten,Daten,… (OSFirewall)
Typ,Datum,Uhrzeit,Name,Typ,Modus (Anti-Spyware)
AV/treatment,2013/01/02,18:56:08 +1:00 GMT,HEUR:Exploit.Script.Generic,C:\Users\****\AppData\Local\Mozilla\Firefox\Profiles\jm2rhwio.default\Cache\9\B4\CABBEd01,Datei repariert,Manuell
,2013/01/02,18:56:08 +1:00 GMT,
AV/treatment,2013/01/02,19:09:46 +1:00 GMT,Trojan-Dropper.Win32.Injector.gvhi,C:\Users\****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\1ede2ede-3dcb3885,Gelöscht,Manuell
,2013/01/02,19:09:46 +1:00 GMT,
OSFW,2013/01/02,20:20:52 +1:00 GMT,UNKNOWN(0),Windows Problem Reporting,C:\Windows\System32\WerFault.exe,PROCESS,OPENPROCESS,,C:\Program Files\Apple Software Update\SoftwareUpdate.exe,hxxp://osalerts.zonealarm.com/osanalyze.jsp?Product=ZoneAlarm&ProductVersion=10.2.047.000&HU100=ZLN24771673163302-1001&CL=de&OEM=1001&SKU=0&Mode=6&QSRC=2&OS=Windows+7-6.1.7601-Service+Pack+1-SMP&LANG=1031&PN=Windows+Problem+Reporting&VER=6.1.7600.16385&FN=WerFault.exe&Created=3aee11d7&Size=360448&MD5=5feab868caedbbd1b7a145ca8261e4aa&SKIMP=2dba22e3d1f466954aeb0ea17031c061&&CT=6001&EV=1&SUB=1&SEV=3&ARG1=C%3A%5CProgram+Files%5CApple+Software+Update%5CSoftwareUpdate.exe
OSFW,2013/01/02,20:20:54 +1:00 GMT,ALLOWED,Windows Problem Reporting,C:\Windows\System32\WerFault.exe,PROCESS,OPENPROCESS,,C:\Program Files\Apple Software Update\SoftwareUpdate.exe,hxxp://osalerts.zonealarm.com/osanalyze.jsp?Product=ZoneAlarm&ProductVersion=10.2.047.000&HU100=ZLN24771673163302-1001&CL=de&OEM=1001&SKU=0&Mode=6&QSRC=2&OS=Windows+7-6.1.7601-Service+Pack+1-SMP&LANG=1031&PN=Windows+Problem+Reporting&VER=6.1.7600.16385&FN=WerFault.exe&Created=3aee11d7&Size=360448&MD5=5feab868caedbbd1b7a145ca8261e4aa&SKIMP=2dba22e3d1f466954aeb0ea17031c061&&CT=6001&EV=1&SUB=1&SEV=3&ARG1=C%3A%5CProgram+Files%5CApple+Software+Update%5CSoftwareUpdate.exe
OSFW,2013/01/02,20:38:22 +1:00 GMT,BLOCKED,Host Process for Windows Services,C:\Windows\System32\svchost.exe,REGISTRY,Unknown Sub Event(4),,HKCS\SERVICES\VSDATANT\PARAMETERS\ADAPTERS,hxxp://osalerts.zonealarm.com/osanalyze.jsp?Product=ZoneAlarm&ProductVersion=10.2.047.000&HU100=ZLN24771673163302-1001&CL=de&OEM=1001&SKU=0&Mode=6&QSRC=2&OS=Windows+7-6.1.7601-Service+Pack+1-SMP&LANG=1031&PN=Host+Process+for+Windows+Services&VER=6.1.7600.16385&FN=svchost.exe&Created=3aee11d5&Size=20992&MD5=54a47f6b5e09a77e61649109c6a08866&SKIMP=68d2c7ff79b172d7ba254f14e84fd3f0&&CT=2003&EV=4&SUB=22&SEV=3&ARG1=HKCS%5CSERVICES%5CVSDATANT%5CPARAMETERS%5CADAPTERS
OSFW,2013/01/02,20:38:22 +1:00 GMT,BLOCKED,Host Process for Windows Services,C:\Windows\System32\svchost.exe,REGISTRY,Unknown Sub Event(4),,HKCS\SERVICES\VSDATANT\PARAMETERS\ADAPTERS,hxxp://osalerts.zonealarm.com/osanalyze.jsp?Product=ZoneAlarm&ProductVersion=10.2.047.000&HU100=ZLN24771673163302-1001&CL=de&OEM=1001&SKU=0&Mode=6&QSRC=2&OS=Windows+7-6.1.7601-Service+Pack+1-SMP&LANG=1031&PN=Host+Process+for+Windows+Services&VER=6.1.7600.16385&FN=svchost.exe&Created=3aee11d5&Size=20992&MD5=54a47f6b5e09a77e61649109c6a08866&SKIMP=68d2c7ff79b172d7ba254f14e84fd3f0&&CT=2003&EV=4&SUB=22&SEV=3&ARG1=HKCS%5CSERVICES%5CVSDATANT%5CPARAMETERS%5CADAPTERS
AV/scan,2013/01/02,21:15:24 +1:00 GMT,C:\,Prüfung abgeschlossen,Manuell,273191 files scanned (2 detections)
,2013/01/02,21:21:40 +1:00 GMT,
,2013/01/02,21:21:46 +1:00 GMT,
OSFW,2013/01/02,21:44:22 +1:00 GMT,BLOCKED,Host Process for Windows Services,C:\Windows\System32\svchost.exe,REGISTRY,Unknown Sub Event(4),,HKCS\SERVICES\VSDATANT\PARAMETERS\ADAPTERS,hxxp://osalerts.zonealarm.com/osanalyze.jsp?Product=ZoneAlarm&ProductVersion=10.2.047.000&HU100=ZLN24771673163302-1001&CL=de&OEM=1001&SKU=0&Mode=6&QSRC=2&OS=Windows+7-6.1.7601-Service+Pack+1-SMP&LANG=1031&PN=Host+Process+for+Windows+Services&VER=6.1.7600.16385&FN=svchost.exe&Created=3aee11d5&Size=20992&MD5=54a47f6b5e09a77e61649109c6a08866&SKIMP=68d2c7ff79b172d7ba254f14e84fd3f0&&CT=2003&EV=4&SUB=22&SEV=3&ARG1=HKCS%5CSERVICES%5CVSDATANT%5CPARAMETERS%5CADAPTERS
OSFW,2013/01/02,21:44:22 +1:00 GMT,BLOCKED,Host Process for Windows Services,C:\Windows\System32\svchost.exe,REGISTRY,Unknown Sub Event(4),,HKCS\SERVICES\VSDATANT\PARAMETERS\ADAPTERS,hxxp://osalerts.zonealarm.com/osanalyze.jsp?Product=ZoneAlarm&ProductVersion=10.2.047.000&HU100=ZLN24771673163302-1001&CL=de&OEM=1001&SKU=0&Mode=6&QSRC=2&OS=Windows+7-6.1.7601-Service+Pack+1-SMP&LANG=1031&PN=Host+Process+for+Windows+Services&VER=6.1.7600.16385&FN=svchost.exe&Created=3aee11d5&Size=20992&MD5=54a47f6b5e09a77e61649109c6a08866&SKIMP=68d2c7ff79b172d7ba254f14e84fd3f0&&CT=2003&EV=4&SUB=22&SEV=3&ARG1=HKCS%5CSERVICES%5CVSDATANT%5CPARAMETERS%5CADAPTERS
AV/update,2013/01/02,21:55:22 +1:00 GMT,,Update Install Completed,Auto,Version: 1109564928
|
|
02.01.2013, 22:14
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.01.2013, 22:42
| #5 |
| | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Sorry, ich hatte das falsche Programm, scanne gerade nochmal mit mbar.exe und poste dann wieder. So, entschuldige nochmals. Hier ist das Log-File von mbar.exe. Auch keine Funde. Code:
ATTFilter Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2013.01.02.10
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
**** :: **** [administrator]
02.01.2013 23:39:10
mbar-log-2013-01-02 (23-39-10).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30154
Time elapsed: 28 minute(s), 9 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Geändert von James_2000 (02.01.2013 um 23:08 Uhr) |
|
03.01.2013, 11:17
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> GUV-Trojaner-Infektion über Jawa-Sicherheitslücke |
|
03.01.2013, 13:51
| #7 |
| | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Erledigt! Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-03 11:24:52
-----------------------------
11:24:52.376 OS Version: Windows 6.1.7601 Service Pack 1
11:24:52.376 Number of processors: 2 586 0xF0D
11:24:52.381 ComputerName: **** UserName: ****
11:25:02.695 Initialize success
11:27:08.481 AVAST engine defs: 13010201
11:27:48.913 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
11:27:48.916 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
11:27:48.947 Disk 0 MBR read successfully
11:27:48.950 Disk 0 MBR scan
11:27:48.964 Disk 0 Windows 7 default MBR code
11:27:48.968 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 275246 MB offset 63
11:27:48.986 Disk 0 Partition - 00 0F Extended LBA 29996 MB offset 563704785
11:27:49.015 Disk 0 Partition 2 00 0B FAT32 MSWIN4.1 29996 MB offset 563704848
11:27:49.030 Disk 0 scanning sectors +625137345
11:27:49.087 Disk 0 scanning C:\Windows\system32\drivers
11:28:17.296 Service scanning
11:29:03.547 Modules scanning
11:29:15.574 Disk 0 trace - called modules:
11:29:16.136 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
11:29:16.136 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87c65030]
11:29:16.152 3 CLASSPNP.SYS[8c9b459e] -> nt!IofCallDriver -> [0x86ecb8c8]
11:29:16.152 5 ACPI.sys[8bcbb3d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86af1028]
11:29:19.635 AVAST engine scan C:\Windows
11:29:28.228 AVAST engine scan C:\Windows\system32
11:33:28.405 AVAST engine scan C:\Windows\system32\drivers
11:33:48.047 AVAST engine scan C:\Users\****
13:01:51.573 AVAST engine scan C:\ProgramData
13:13:10.228 Scan finished successfully
13:34:55.297 Disk 0 MBR has been saved successfully to "C:\Users\****\Desktop\MBR.dat"
13:34:55.312 The log file has been saved successfully to "C:\Users\****\Desktop\aswMBR.txt"
Code:
ATTFilter 13:44:48.0607 4728 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:44:49.0043 4728 ============================================================
13:44:49.0043 4728 Current date / time: 2013/01/03 13:44:49.0043
13:44:49.0043 4728 SystemInfo:
13:44:49.0043 4728
13:44:49.0043 4728 OS Version: 6.1.7601 ServicePack: 1.0
13:44:49.0043 4728 Product type: Workstation
13:44:49.0043 4728 ComputerName: ****
13:44:49.0043 4728 UserName: ****
13:44:49.0043 4728 Windows directory: C:\Windows
13:44:49.0043 4728 System windows directory: C:\Windows
13:44:49.0043 4728 Processor architecture: Intel x86
13:44:49.0043 4728 Number of processors: 2
13:44:49.0043 4728 Page size: 0x1000
13:44:49.0043 4728 Boot type: Normal boot
13:44:49.0043 4728 ============================================================
13:44:49.0855 4728 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:44:50.0104 4728 ============================================================
13:44:50.0104 4728 \Device\Harddisk0\DR0:
13:44:50.0151 4728 MBR partitions:
13:44:50.0151 4728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x21997392
13:44:50.0182 4728 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x21997410, BlocksNum 0x3A962B1
13:44:50.0182 4728 ============================================================
13:44:50.0213 4728 C: <-> \Device\Harddisk0\DR0\Partition1
13:44:50.0213 4728 D: <-> \Device\Harddisk0\DR0\Partition2
13:44:50.0213 4728 ============================================================
13:44:50.0213 4728 Initialize success
13:44:50.0213 4728 ============================================================
13:45:49.0306 3480 ============================================================
13:45:49.0306 3480 Scan started
13:45:49.0306 3480 Mode: Manual; SigCheck; TDLFS;
13:45:49.0306 3480 ============================================================
13:45:50.0242 3480 ================ Scan system memory ========================
13:45:50.0242 3480 System memory - ok
13:45:50.0258 3480 ================ Scan services =============================
13:45:50.0445 3480 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:45:50.0617 3480 1394ohci - ok
13:45:50.0757 3480 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:45:50.0788 3480 ACDaemon - ok
13:45:50.0866 3480 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:45:50.0913 3480 ACPI - ok
13:45:50.0960 3480 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:45:51.0038 3480 AcpiPmi - ok
13:45:51.0178 3480 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
13:45:51.0241 3480 Ad-Aware Service - ok
13:45:51.0381 3480 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:45:51.0412 3480 AdobeARMservice - ok
13:45:51.0537 3480 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:45:51.0568 3480 AdobeFlashPlayerUpdateSvc - ok
13:45:51.0631 3480 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:45:51.0678 3480 adp94xx - ok
13:45:52.0411 3480 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:45:52.0442 3480 adpahci - ok
13:45:52.0458 3480 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:45:52.0473 3480 adpu320 - ok
13:45:52.0536 3480 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:45:52.0629 3480 AeLookupSvc - ok
13:45:52.0676 3480 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\Windows\system32\drivers\Afc.sys
13:45:52.0723 3480 Afc - ok
13:45:52.0754 3480 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
13:45:52.0832 3480 AFD - ok
13:45:52.0894 3480 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
13:45:52.0972 3480 AgereModemAudio - ok
13:45:53.0050 3480 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
13:45:53.0160 3480 AgereSoftModem - ok
13:45:53.0222 3480 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:45:53.0253 3480 agp440 - ok
13:45:53.0300 3480 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:45:53.0316 3480 aic78xx - ok
13:45:53.0362 3480 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
13:45:53.0409 3480 ALG - ok
13:45:53.0472 3480 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
13:45:53.0503 3480 aliide - ok
13:45:53.0550 3480 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:45:53.0581 3480 amdagp - ok
13:45:53.0612 3480 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
13:45:53.0643 3480 amdide - ok
13:45:53.0674 3480 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:45:53.0737 3480 AmdK8 - ok
13:45:53.0752 3480 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:45:53.0799 3480 AmdPPM - ok
13:45:53.0846 3480 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:45:53.0862 3480 amdsata - ok
13:45:53.0908 3480 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:45:53.0924 3480 amdsbs - ok
13:45:53.0940 3480 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:45:53.0971 3480 amdxata - ok
13:45:54.0049 3480 [ 7684252281CFB197AC4C38B33AC5B2A6 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
13:45:54.0096 3480 AnyDVD - ok
13:45:54.0127 3480 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
13:45:54.0189 3480 AppID - ok
13:45:54.0252 3480 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:45:54.0314 3480 AppIDSvc - ok
13:45:54.0345 3480 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
13:45:54.0408 3480 Appinfo - ok
13:45:54.0454 3480 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:45:54.0486 3480 Apple Mobile Device - ok
13:45:54.0532 3480 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
13:45:54.0610 3480 AppMgmt - ok
13:45:54.0642 3480 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:45:54.0657 3480 arc - ok
13:45:54.0688 3480 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:45:54.0704 3480 arcsas - ok
13:45:54.0751 3480 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:45:54.0922 3480 AsyncMac - ok
13:45:54.0954 3480 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
13:45:54.0969 3480 atapi - ok
13:45:55.0063 3480 [ B1E2002903F813636C9739531C10C797 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
13:45:55.0141 3480 ATSwpWDF - ok
13:45:55.0188 3480 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:45:55.0266 3480 AudioEndpointBuilder - ok
13:45:55.0297 3480 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:45:55.0344 3480 Audiosrv - ok
13:45:55.0390 3480 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:45:55.0500 3480 AxInstSV - ok
13:45:55.0546 3480 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
13:45:55.0609 3480 b06bdrv - ok
13:45:55.0640 3480 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:45:55.0687 3480 b57nd60x - ok
13:45:55.0780 3480 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
13:45:55.0890 3480 BDESVC - ok
13:45:55.0921 3480 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
13:45:56.0000 3480 Beep - ok
13:45:56.0062 3480 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
13:45:56.0156 3480 BFE - ok
13:45:56.0187 3480 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
13:45:56.0281 3480 BITS - ok
13:45:56.0312 3480 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:45:56.0359 3480 blbdrive - ok
13:45:56.0452 3480 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:45:56.0483 3480 Bonjour Service - ok
13:45:56.0530 3480 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:45:56.0561 3480 bowser - ok
13:45:56.0577 3480 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:45:56.0686 3480 BrFiltLo - ok
13:45:56.0702 3480 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:45:56.0749 3480 BrFiltUp - ok
13:45:56.0811 3480 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
13:45:56.0889 3480 Browser - ok
13:45:56.0936 3480 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:45:57.0030 3480 Brserid - ok
13:45:57.0046 3480 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:45:57.0108 3480 BrSerWdm - ok
13:45:57.0155 3480 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:45:57.0233 3480 BrUsbMdm - ok
13:45:57.0233 3480 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:45:57.0264 3480 BrUsbSer - ok
13:45:57.0342 3480 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:45:57.0420 3480 BthEnum - ok
13:45:57.0452 3480 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:45:57.0514 3480 BTHMODEM - ok
13:45:57.0545 3480 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:45:57.0576 3480 BthPan - ok
13:45:57.0623 3480 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:45:57.0670 3480 BTHPORT - ok
13:45:57.0732 3480 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
13:45:57.0810 3480 bthserv - ok
13:45:57.0857 3480 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:45:57.0904 3480 BTHUSB - ok
13:45:57.0966 3480 [ 2A0DE6423D6BE95C96124FC66046176E ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
13:45:57.0998 3480 BTWAMPFL - ok
13:45:58.0029 3480 [ CC0A5E69D19B5C1ECC6CF9BF3ACC3969 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
13:45:58.0044 3480 btwaudio - ok
13:45:58.0060 3480 [ 9ABEA4DC976E3F47DA2D4B169719CBAA ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
13:45:58.0091 3480 btwavdt - ok
13:45:58.0154 3480 [ EFCBB730C49B957D4FE973F3F6085217 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:45:58.0200 3480 btwdins - ok
13:45:58.0216 3480 [ A94032A7755164E13C75E0E7409AFD65 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
13:45:58.0232 3480 btwl2cap - ok
13:45:58.0247 3480 [ 1E5468447E4D18FBEA5F01267D6495A5 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
13:45:58.0278 3480 btwrchid - ok
13:45:58.0294 3480 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:45:58.0356 3480 cdfs - ok
13:45:58.0497 3480 [ BB402688E25E6A58188A4FBE8CFB58DF ] CDMA Device Service C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
13:45:58.0512 3480 CDMA Device Service ( UnsignedFile.Multi.Generic ) - warning
13:45:58.0512 3480 CDMA Device Service - detected UnsignedFile.Multi.Generic (1)
13:45:58.0559 3480 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:45:58.0606 3480 cdrom - ok
13:45:58.0668 3480 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
13:45:58.0731 3480 CertPropSvc - ok
13:45:58.0778 3480 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:45:58.0793 3480 circlass - ok
13:45:58.0824 3480 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
13:45:58.0856 3480 CLFS - ok
13:45:58.0934 3480 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:45:58.0965 3480 clr_optimization_v2.0.50727_32 - ok
13:45:59.0012 3480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:45:59.0043 3480 clr_optimization_v4.0.30319_32 - ok
13:45:59.0074 3480 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:45:59.0121 3480 CmBatt - ok
13:45:59.0136 3480 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:45:59.0152 3480 cmdide - ok
13:45:59.0199 3480 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
13:45:59.0246 3480 CNG - ok
13:45:59.0261 3480 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:45:59.0277 3480 Compbatt - ok
13:45:59.0308 3480 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:45:59.0355 3480 CompositeBus - ok
13:45:59.0402 3480 COMSysApp - ok
13:45:59.0417 3480 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:45:59.0464 3480 crcdisk - ok
13:45:59.0495 3480 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:45:59.0573 3480 CryptSvc - ok
13:45:59.0604 3480 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
13:45:59.0667 3480 CSC - ok
13:45:59.0714 3480 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
13:45:59.0776 3480 CscService - ok
13:45:59.0823 3480 [ 734BBE7C66E6FD6047A1BD29B9343B30 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
13:45:59.0854 3480 dc3d - ok
13:45:59.0885 3480 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
13:45:59.0963 3480 DcomLaunch - ok
13:45:59.0994 3480 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
13:46:00.0041 3480 defragsvc - ok
13:46:00.0072 3480 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:46:00.0150 3480 DfsC - ok
13:46:00.0228 3480 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
13:46:00.0260 3480 dg_ssudbus - ok
13:46:00.0322 3480 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:46:00.0384 3480 Dhcp - ok
13:46:00.0416 3480 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
13:46:00.0509 3480 discache - ok
13:46:00.0556 3480 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:46:00.0572 3480 Disk - ok
13:46:00.0587 3480 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:46:00.0681 3480 Dnscache - ok
13:46:00.0712 3480 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
13:46:00.0774 3480 dot3svc - ok
13:46:00.0821 3480 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
13:46:00.0868 3480 DPS - ok
13:46:00.0930 3480 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:46:00.0977 3480 drmkaud - ok
13:46:01.0055 3480 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:46:01.0133 3480 DXGKrnl - ok
13:46:01.0196 3480 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
13:46:01.0305 3480 EapHost - ok
13:46:01.0430 3480 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
13:46:01.0632 3480 ebdrv - ok
13:46:01.0679 3480 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
13:46:01.0726 3480 EFS - ok
13:46:01.0804 3480 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:46:01.0929 3480 ehRecvr - ok
13:46:01.0960 3480 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
13:46:02.0054 3480 ehSched - ok
13:46:02.0147 3480 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
13:46:02.0178 3480 ElbyCDIO - ok
13:46:02.0225 3480 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:46:02.0256 3480 elxstor - ok
13:46:02.0303 3480 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:46:02.0334 3480 ErrDev - ok
13:46:02.0381 3480 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
13:46:02.0444 3480 EventSystem - ok
13:46:02.0459 3480 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
13:46:02.0506 3480 exfat - ok
13:46:02.0537 3480 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:46:02.0584 3480 fastfat - ok
13:46:02.0631 3480 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
13:46:02.0740 3480 Fax - ok
13:46:02.0756 3480 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:46:02.0818 3480 fdc - ok
13:46:02.0849 3480 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
13:46:02.0912 3480 fdPHost - ok
13:46:02.0943 3480 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
13:46:03.0007 3480 FDResPub - ok
13:46:03.0023 3480 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:46:03.0054 3480 FileInfo - ok
13:46:03.0070 3480 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:46:03.0132 3480 Filetrace - ok
13:46:03.0194 3480 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:46:03.0241 3480 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
13:46:03.0241 3480 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
13:46:03.0257 3480 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:46:03.0304 3480 flpydisk - ok
13:46:03.0335 3480 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:46:03.0350 3480 FltMgr - ok
13:46:03.0397 3480 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
13:46:03.0491 3480 FontCache - ok
13:46:03.0553 3480 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:46:03.0584 3480 FontCache3.0.0.0 - ok
13:46:03.0600 3480 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:46:03.0616 3480 FsDepends - ok
13:46:03.0662 3480 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:46:03.0678 3480 Fs_Rec - ok
13:46:03.0725 3480 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:46:03.0740 3480 fvevol - ok
13:46:03.0787 3480 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:46:03.0803 3480 gagp30kx - ok
13:46:03.0850 3480 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:46:03.0865 3480 GEARAspiWDM - ok
13:46:03.0943 3480 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\Windows\system32\drivers\gfibto.sys
13:46:03.0959 3480 gfibto - ok
13:46:04.0021 3480 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
13:46:04.0115 3480 gpsvc - ok
13:46:04.0240 3480 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:04.0271 3480 gupdate - ok
13:46:04.0271 3480 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:04.0286 3480 gupdatem - ok
13:46:04.0318 3480 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:46:04.0396 3480 hcw85cir - ok
13:46:04.0442 3480 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:46:04.0505 3480 HdAudAddService - ok
13:46:04.0536 3480 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:46:04.0583 3480 HDAudBus - ok
13:46:04.0583 3480 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:46:04.0614 3480 HidBatt - ok
13:46:04.0645 3480 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:46:04.0692 3480 HidBth - ok
13:46:04.0708 3480 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:46:04.0739 3480 HidIr - ok
13:46:04.0770 3480 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
13:46:04.0832 3480 hidserv - ok
13:46:04.0879 3480 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:46:04.0910 3480 HidUsb - ok
13:46:04.0942 3480 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:46:05.0004 3480 hkmsvc - ok
13:46:05.0051 3480 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:46:05.0129 3480 HomeGroupListener - ok
13:46:05.0207 3480 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:46:05.0269 3480 HomeGroupProvider - ok
13:46:05.0316 3480 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:46:05.0332 3480 HpSAMD - ok
13:46:05.0378 3480 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:46:05.0425 3480 HTTP - ok
13:46:05.0456 3480 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:46:05.0472 3480 hwpolicy - ok
13:46:05.0503 3480 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:46:05.0550 3480 i8042prt - ok
13:46:05.0628 3480 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
13:46:05.0659 3480 IAANTMON - ok
13:46:05.0690 3480 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:46:05.0706 3480 iaStor - ok
13:46:05.0768 3480 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:46:05.0800 3480 iaStorV - ok
13:46:05.0893 3480 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:46:05.0971 3480 idsvc - ok
13:46:06.0002 3480 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:46:06.0034 3480 iirsp - ok
13:46:06.0080 3480 [ 2F95BEF56AEEEB45DE55EC44668E2695 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
13:46:06.0112 3480 IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning
13:46:06.0112 3480 IJPLMSVC - detected UnsignedFile.Multi.Generic (1)
13:46:06.0190 3480 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
13:46:06.0299 3480 IKEEXT - ok
13:46:06.0408 3480 [ 2B1B7E0CC16A361FC3E10D5C2E868C72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:46:06.0502 3480 IntcAzAudAddService - ok
13:46:06.0533 3480 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
13:46:06.0548 3480 intelide - ok
13:46:06.0580 3480 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:46:06.0626 3480 intelppm - ok
13:46:06.0673 3480 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:46:06.0736 3480 IPBusEnum - ok
13:46:06.0767 3480 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:46:06.0829 3480 IpFilterDriver - ok
13:46:06.0876 3480 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:46:06.0954 3480 iphlpsvc - ok
13:46:07.0001 3480 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:46:07.0048 3480 IPMIDRV - ok
13:46:07.0079 3480 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:46:07.0126 3480 IPNAT - ok
13:46:07.0204 3480 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:46:07.0250 3480 iPod Service - ok
13:46:07.0282 3480 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:46:07.0328 3480 IRENUM - ok
13:46:07.0360 3480 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:46:07.0375 3480 isapnp - ok
13:46:07.0406 3480 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:46:07.0438 3480 iScsiPrt - ok
13:46:07.0516 3480 [ EE8BED092A58A4FAEB08DC140729189E ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
13:46:07.0562 3480 ISWKL - ok
13:46:07.0609 3480 [ AA7FD6A7532EF23FDCFC030195C148F9 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
13:46:07.0625 3480 IswSvc - ok
13:46:07.0672 3480 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:46:07.0687 3480 kbdclass - ok
13:46:07.0718 3480 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:46:07.0765 3480 kbdhid - ok
13:46:07.0781 3480 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
13:46:07.0812 3480 KeyIso - ok
13:46:07.0890 3480 [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
13:46:07.0921 3480 KL1 - ok
13:46:07.0952 3480 [ BF485BFBA13C0AB116701FD9C55324D0 ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
13:46:07.0984 3480 kl2 - ok
13:46:08.0077 3480 [ 46FA00BEF951762919B66269371C22AF ] KLIF C:\Windows\system32\DRIVERS\klif.sys
13:46:08.0140 3480 KLIF - ok
13:46:08.0186 3480 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:46:08.0218 3480 KSecDD - ok
13:46:08.0249 3480 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:46:08.0264 3480 KSecPkg - ok
13:46:08.0311 3480 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
13:46:08.0374 3480 KtmRm - ok
13:46:08.0436 3480 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
13:46:08.0483 3480 LanmanServer - ok
13:46:08.0514 3480 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:46:08.0576 3480 LanmanWorkstation - ok
13:46:08.0623 3480 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:46:08.0686 3480 lltdio - ok
13:46:08.0732 3480 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:46:08.0826 3480 lltdsvc - ok
13:46:08.0842 3480 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
13:46:08.0888 3480 lmhosts - ok
13:46:08.0920 3480 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:46:08.0935 3480 LSI_FC - ok
13:46:08.0935 3480 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:46:08.0966 3480 LSI_SAS - ok
13:46:08.0966 3480 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:46:08.0998 3480 LSI_SAS2 - ok
13:46:08.0998 3480 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:46:09.0029 3480 LSI_SCSI - ok
13:46:09.0044 3480 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
13:46:09.0091 3480 luafv - ok
13:46:09.0138 3480 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:46:09.0154 3480 MBAMProtector - ok
13:46:09.0294 3480 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Users\****\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:46:09.0325 3480 MBAMScheduler - ok
13:46:09.0372 3480 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Users\****\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe
13:46:09.0403 3480 MBAMService - ok
13:46:09.0466 3480 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:46:09.0481 3480 Mcx2Svc - ok
13:46:09.0512 3480 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:46:09.0528 3480 megasas - ok
13:46:09.0575 3480 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:46:09.0590 3480 MegaSR - ok
13:46:09.0622 3480 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
13:46:09.0700 3480 MMCSS - ok
13:46:09.0715 3480 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
13:46:09.0778 3480 Modem - ok
13:46:09.0793 3480 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:46:09.0840 3480 monitor - ok
13:46:09.0856 3480 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:46:09.0887 3480 mouclass - ok
13:46:09.0902 3480 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:46:09.0949 3480 mouhid - ok
13:46:09.0980 3480 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:46:10.0012 3480 mountmgr - ok
13:46:10.0074 3480 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:46:10.0105 3480 MozillaMaintenance - ok
13:46:10.0152 3480 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
13:46:10.0168 3480 mpio - ok
13:46:10.0214 3480 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:46:10.0261 3480 mpsdrv - ok
13:46:10.0308 3480 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:46:10.0402 3480 MpsSvc - ok
13:46:10.0464 3480 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:46:10.0495 3480 MRxDAV - ok
13:46:10.0526 3480 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:10.0604 3480 mrxsmb - ok
13:46:10.0667 3480 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:10.0714 3480 mrxsmb10 - ok
13:46:10.0760 3480 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:10.0807 3480 mrxsmb20 - ok
13:46:10.0854 3480 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
13:46:10.0870 3480 msahci - ok
13:46:10.0885 3480 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:46:10.0901 3480 msdsm - ok
13:46:10.0932 3480 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
13:46:10.0979 3480 MSDTC - ok
13:46:11.0041 3480 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:46:11.0088 3480 Msfs - ok
13:46:11.0104 3480 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:46:11.0150 3480 mshidkmdf - ok
13:46:11.0197 3480 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:46:11.0213 3480 msisadrv - ok
13:46:11.0244 3480 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:46:11.0306 3480 MSiSCSI - ok
13:46:11.0322 3480 msiserver - ok
13:46:11.0353 3480 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:46:11.0416 3480 MSKSSRV - ok
13:46:11.0462 3480 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:11.0525 3480 MSPCLOCK - ok
13:46:11.0556 3480 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:46:11.0603 3480 MSPQM - ok
13:46:11.0650 3480 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:46:11.0665 3480 MsRPC - ok
13:46:11.0712 3480 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:46:11.0728 3480 mssmbios - ok
13:46:11.0759 3480 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:46:11.0806 3480 MSTEE - ok
13:46:11.0852 3480 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:46:11.0884 3480 MTConfig - ok
13:46:11.0899 3480 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
13:46:11.0930 3480 Mup - ok
13:46:11.0946 3480 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
13:46:12.0024 3480 napagent - ok
13:46:12.0055 3480 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:46:12.0086 3480 NativeWifiP - ok
13:46:12.0149 3480 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:46:12.0180 3480 NDIS - ok
13:46:12.0227 3480 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:46:12.0289 3480 NdisCap - ok
13:46:12.0320 3480 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:12.0383 3480 NdisTapi - ok
13:46:12.0430 3480 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:12.0461 3480 Ndisuio - ok
13:46:12.0492 3480 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:12.0554 3480 NdisWan - ok
13:46:12.0586 3480 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:46:12.0632 3480 NDProxy - ok
13:46:12.0726 3480 [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
13:46:12.0788 3480 Nero BackItUp Scheduler 3 - ok
13:46:12.0820 3480 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:46:12.0882 3480 NetBIOS - ok
13:46:12.0929 3480 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:46:12.0976 3480 NetBT - ok
13:46:13.0007 3480 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
13:46:13.0022 3480 Netlogon - ok
13:46:13.0069 3480 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
13:46:13.0147 3480 Netman - ok
13:46:13.0178 3480 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
13:46:13.0241 3480 netprofm - ok
13:46:13.0303 3480 [ 652881F65B35564575255A0E05E23C55 ] netr28 C:\Windows\system32\DRIVERS\netr28.sys
13:46:13.0366 3480 netr28 - ok
13:46:13.0412 3480 netr73 - ok
13:46:13.0444 3480 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:46:13.0475 3480 NetTcpPortSharing - ok
13:46:13.0522 3480 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:46:13.0553 3480 nfrd960 - ok
13:46:13.0584 3480 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
13:46:13.0631 3480 NlaSvc - ok
13:46:13.0724 3480 [ D36107465E716CF2335A25C54B6D11C2 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
13:46:13.0771 3480 NMIndexingService - ok
13:46:13.0787 3480 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:46:13.0834 3480 Npfs - ok
13:46:13.0865 3480 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
13:46:13.0896 3480 nsi - ok
13:46:13.0912 3480 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:46:13.0958 3480 nsiproxy - ok
13:46:14.0052 3480 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:46:14.0130 3480 Ntfs - ok
13:46:14.0146 3480 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
13:46:14.0208 3480 Null - ok
13:46:14.0551 3480 [ 66B4BF606FCC7F0622D4A21BB1461089 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:46:14.0926 3480 nvlddmkm - ok
13:46:14.0972 3480 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:46:15.0004 3480 nvraid - ok
13:46:15.0050 3480 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:46:15.0082 3480 nvstor - ok
13:46:15.0160 3480 [ D122F7C5F79C68868F5DC28CEFEB2ECF ] NVSvc C:\Windows\system32\nvvsvc.exe
13:46:15.0191 3480 NVSvc - ok
13:46:15.0331 3480 [ 003CB0A155568B4A53A301F07C734233 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
13:46:15.0456 3480 nvUpdatusService - ok
13:46:15.0487 3480 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:46:15.0503 3480 nv_agp - ok
13:46:15.0596 3480 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:46:15.0628 3480 odserv - ok
13:46:15.0674 3480 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:46:15.0721 3480 ohci1394 - ok
13:46:15.0768 3480 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:46:15.0784 3480 ose - ok
13:46:15.0846 3480 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:46:15.0924 3480 p2pimsvc - ok
13:46:15.0940 3480 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
13:46:15.0986 3480 p2psvc - ok
13:46:16.0018 3480 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:46:16.0049 3480 Parport - ok
13:46:16.0080 3480 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:46:16.0111 3480 partmgr - ok
13:46:16.0127 3480 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:46:16.0158 3480 Parvdm - ok
13:46:16.0189 3480 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:46:16.0220 3480 PcaSvc - ok
13:46:16.0267 3480 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
13:46:16.0345 3480 pccsmcfd - ok
13:46:16.0361 3480 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
13:46:16.0408 3480 pci - ok
13:46:16.0439 3480 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
13:46:16.0454 3480 pciide - ok
13:46:16.0486 3480 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:46:16.0517 3480 pcmcia - ok
13:46:16.0532 3480 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
13:46:16.0548 3480 pcw - ok
13:46:16.0595 3480 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:46:16.0673 3480 PEAUTH - ok
13:46:16.0735 3480 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:46:16.0860 3480 PeerDistSvc - ok
13:46:16.0938 3480 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
13:46:17.0047 3480 pla - ok
13:46:17.0110 3480 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:46:17.0188 3480 PlugPlay - ok
13:46:17.0203 3480 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:46:17.0250 3480 PNRPAutoReg - ok
13:46:17.0297 3480 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:46:17.0312 3480 PNRPsvc - ok
13:46:17.0344 3480 [ 7D7A9C17D5455203DEA11E5EF886CC59 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
13:46:17.0375 3480 Point32 - ok
13:46:17.0406 3480 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:46:17.0468 3480 PolicyAgent - ok
13:46:17.0515 3480 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
13:46:17.0562 3480 Power - ok
13:46:17.0593 3480 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:46:17.0656 3480 PptpMiniport - ok
13:46:17.0687 3480 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:46:17.0718 3480 Processor - ok
13:46:17.0765 3480 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
13:46:17.0843 3480 ProfSvc - ok
13:46:17.0858 3480 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:46:17.0890 3480 ProtectedStorage - ok
13:46:17.0921 3480 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:46:17.0968 3480 Psched - ok
13:46:18.0014 3480 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:46:18.0092 3480 ql2300 - ok
13:46:18.0124 3480 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:46:18.0139 3480 ql40xx - ok
13:46:18.0186 3480 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
13:46:18.0233 3480 QWAVE - ok
13:46:18.0264 3480 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:46:18.0311 3480 QWAVEdrv - ok
13:46:18.0342 3480 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:46:18.0373 3480 RasAcd - ok
13:46:18.0420 3480 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:46:18.0467 3480 RasAgileVpn - ok
13:46:18.0498 3480 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
13:46:18.0545 3480 RasAuto - ok
13:46:18.0576 3480 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:18.0654 3480 Rasl2tp - ok
13:46:18.0716 3480 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
13:46:18.0763 3480 RasMan - ok
13:46:18.0779 3480 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:18.0826 3480 RasPppoe - ok
13:46:18.0857 3480 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:46:18.0904 3480 RasSstp - ok
13:46:18.0950 3480 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:46:19.0044 3480 rdbss - ok
13:46:19.0075 3480 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:46:19.0122 3480 rdpbus - ok
13:46:19.0153 3480 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:19.0200 3480 RDPCDD - ok
13:46:19.0262 3480 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:46:19.0309 3480 RDPDR - ok
13:46:19.0340 3480 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:46:19.0387 3480 RDPENCDD - ok
13:46:19.0434 3480 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:46:19.0481 3480 RDPREFMP - ok
13:46:19.0559 3480 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:46:19.0606 3480 RdpVideoMiniport - ok
13:46:19.0652 3480 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:46:19.0699 3480 RDPWD - ok
13:46:19.0777 3480 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:46:19.0808 3480 rdyboost - ok
13:46:19.0871 3480 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
13:46:19.0933 3480 RemoteAccess - ok
13:46:19.0964 3480 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:46:20.0058 3480 RemoteRegistry - ok
13:46:20.0089 3480 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:46:20.0120 3480 RFCOMM - ok
13:46:20.0136 3480 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:46:20.0198 3480 RpcEptMapper - ok
13:46:20.0230 3480 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
13:46:20.0261 3480 RpcLocator - ok
13:46:20.0292 3480 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
13:46:20.0339 3480 RpcSs - ok
13:46:20.0386 3480 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:46:20.0448 3480 rspndr - ok
13:46:20.0510 3480 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
13:46:20.0542 3480 RTL8167 - ok
13:46:20.0588 3480 [ 0D1C1B0DE2819FE1EA25098183130B64 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
13:46:20.0620 3480 RTSTOR - ok
13:46:20.0682 3480 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
13:46:20.0713 3480 s0016bus - ok
13:46:20.0744 3480 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
13:46:20.0760 3480 s0016mdfl - ok
13:46:20.0776 3480 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
13:46:20.0791 3480 s0016mdm - ok
13:46:20.0822 3480 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
13:46:20.0838 3480 s0016mgmt - ok
13:46:20.0885 3480 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
13:46:20.0916 3480 s0016nd5 - ok
13:46:20.0932 3480 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
13:46:20.0947 3480 s0016obex - ok
13:46:20.0963 3480 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
13:46:20.0994 3480 s0016unic - ok
13:46:21.0025 3480 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:46:21.0088 3480 s3cap - ok
13:46:21.0103 3480 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
13:46:21.0119 3480 SamSs - ok
13:46:21.0306 3480 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
13:46:21.0462 3480 SBAMSvc - ok
13:46:21.0556 3480 [ 87574F4C899E8AEDDDC1EDF71D3E045E ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
13:46:21.0587 3480 sbapifs - ok
13:46:21.0649 3480 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:46:21.0696 3480 sbp2port - ok
13:46:21.0727 3480 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:46:21.0790 3480 SCardSvr - ok
13:46:21.0836 3480 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:46:21.0883 3480 scfilter - ok
13:46:21.0930 3480 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
13:46:22.0070 3480 Schedule - ok
13:46:22.0102 3480 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:46:22.0133 3480 SCPolicySvc - ok
13:46:22.0180 3480 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:46:22.0242 3480 SDRSVC - ok
13:46:22.0273 3480 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:46:22.0336 3480 secdrv - ok
13:46:22.0382 3480 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
13:46:22.0445 3480 seclogon - ok
13:46:22.0476 3480 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
13:46:22.0538 3480 SENS - ok
13:46:22.0585 3480 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:46:22.0648 3480 SensrSvc - ok
13:46:22.0679 3480 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:46:22.0710 3480 Serenum - ok
13:46:22.0741 3480 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:46:22.0772 3480 Serial - ok
13:46:22.0804 3480 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:46:22.0835 3480 sermouse - ok
13:46:22.0944 3480 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:46:23.0006 3480 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
13:46:23.0006 3480 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
13:46:23.0038 3480 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
13:46:23.0100 3480 SessionEnv - ok
13:46:23.0147 3480 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:46:23.0209 3480 sffdisk - ok
13:46:23.0225 3480 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:46:23.0272 3480 sffp_mmc - ok
13:46:23.0272 3480 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:46:23.0303 3480 sffp_sd - ok
13:46:23.0334 3480 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:46:23.0381 3480 sfloppy - ok
13:46:23.0443 3480 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:46:23.0506 3480 SharedAccess - ok
13:46:23.0552 3480 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:46:23.0615 3480 ShellHWDetection - ok
13:46:23.0662 3480 [ 93BEACC3815A4653A655C8BD7622FF63 ] Si3531 C:\Windows\system32\DRIVERS\Si3531.sys
13:46:23.0693 3480 Si3531 - ok
13:46:23.0724 3480 [ 165448BC832D424B97270C8D1276E24A ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
13:46:23.0740 3480 SiFilter - ok
13:46:23.0755 3480 [ 9BE8EA3A8C7E6D47E710F6FA14B7442B ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
13:46:23.0771 3480 SiRemFil - ok
13:46:23.0802 3480 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:46:23.0818 3480 sisagp - ok
13:46:23.0864 3480 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:46:23.0880 3480 SiSRaid2 - ok
13:46:23.0896 3480 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:46:23.0911 3480 SiSRaid4 - ok
13:46:24.0005 3480 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:46:24.0036 3480 SkypeUpdate - ok
13:46:24.0052 3480 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:46:24.0098 3480 Smb - ok
13:46:24.0145 3480 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:46:24.0161 3480 SNMPTRAP - ok
13:46:24.0176 3480 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
13:46:24.0192 3480 spldr - ok
13:46:24.0254 3480 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
13:46:24.0301 3480 Spooler - ok
13:46:24.0410 3480 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
13:46:24.0582 3480 sppsvc - ok
13:46:24.0613 3480 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:46:24.0691 3480 sppuinotify - ok
13:46:24.0738 3480 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:46:24.0785 3480 srv - ok
13:46:24.0816 3480 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:46:24.0863 3480 srv2 - ok
13:46:24.0894 3480 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:46:24.0925 3480 srvnet - ok
13:46:24.0956 3480 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:46:25.0019 3480 SSDPSRV - ok
13:46:25.0066 3480 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:46:25.0097 3480 SstpSvc - ok
13:46:25.0159 3480 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
13:46:25.0175 3480 ssudmdm - ok
13:46:25.0237 3480 Steam Client Service - ok
13:46:25.0331 3480 [ 9E1222C417291BC836210743624A8E5E ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:46:25.0378 3480 Stereo Service - ok
13:46:25.0409 3480 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:46:25.0424 3480 stexstor - ok
13:46:25.0471 3480 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
13:46:25.0549 3480 StiSvc - ok
13:46:25.0580 3480 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:46:25.0596 3480 storflt - ok
13:46:25.0627 3480 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
13:46:25.0674 3480 StorSvc - ok
13:46:25.0705 3480 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:46:25.0721 3480 storvsc - ok
13:46:25.0736 3480 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
13:46:25.0768 3480 swenum - ok
13:46:25.0799 3480 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
13:46:25.0846 3480 swprv - ok
13:46:25.0908 3480 [ 4C6DE67EBB6C487F7690A373FCFDE279 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:46:25.0924 3480 SynTP - ok
13:46:25.0986 3480 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
13:46:26.0048 3480 SysMain - ok
13:46:26.0095 3480 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:46:26.0126 3480 TabletInputService - ok
13:46:26.0158 3480 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
13:46:26.0204 3480 TapiSrv - ok
13:46:26.0236 3480 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
13:46:26.0329 3480 TBS - ok
13:46:26.0407 3480 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:46:26.0501 3480 Tcpip - ok
13:46:26.0532 3480 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:46:26.0579 3480 TCPIP6 - ok
13:46:26.0626 3480 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:46:26.0657 3480 tcpipreg - ok
13:46:26.0719 3480 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:46:26.0782 3480 TDPIPE - ok
13:46:26.0813 3480 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:46:26.0860 3480 TDTCP - ok
13:46:26.0891 3480 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:46:26.0969 3480 tdx - ok
13:46:27.0000 3480 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:46:27.0016 3480 TermDD - ok
13:46:27.0078 3480 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
13:46:27.0156 3480 TermService - ok
13:46:27.0218 3480 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
13:46:27.0234 3480 Themes - ok
13:46:27.0265 3480 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
13:46:27.0312 3480 THREADORDER - ok
13:46:27.0360 3480 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
13:46:27.0438 3480 TrkWks - ok
13:46:27.0500 3480 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:46:27.0563 3480 TrustedInstaller - ok
13:46:27.0594 3480 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:27.0656 3480 tssecsrv - ok
13:46:27.0734 3480 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:46:27.0781 3480 TsUsbFlt - ok
13:46:27.0843 3480 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:46:27.0906 3480 tunnel - ok
13:46:27.0937 3480 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:46:27.0953 3480 uagp35 - ok
13:46:27.0999 3480 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:46:28.0062 3480 udfs - ok
13:46:28.0093 3480 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:46:28.0171 3480 UI0Detect - ok
13:46:28.0202 3480 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:46:28.0249 3480 uliagpkx - ok
13:46:28.0280 3480 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:46:28.0296 3480 umbus - ok
13:46:28.0343 3480 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:46:28.0374 3480 UmPass - ok
13:46:28.0405 3480 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
13:46:28.0452 3480 UmRdpService - ok
13:46:28.0499 3480 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
13:46:28.0577 3480 upnphost - ok
13:46:28.0592 3480 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:28.0670 3480 usbccgp - ok
13:46:28.0701 3480 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:46:28.0748 3480 usbcir - ok
13:46:28.0779 3480 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:46:28.0811 3480 usbehci - ok
13:46:28.0826 3480 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:46:28.0873 3480 usbhub - ok
13:46:28.0904 3480 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:46:28.0951 3480 usbohci - ok
13:46:28.0998 3480 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:46:29.0013 3480 usbprint - ok
13:46:29.0045 3480 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:46:29.0076 3480 usbscan - ok
13:46:29.0091 3480 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:29.0185 3480 USBSTOR - ok
13:46:29.0216 3480 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:46:29.0247 3480 usbuhci - ok
13:46:29.0294 3480 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:46:29.0325 3480 usbvideo - ok
13:46:29.0341 3480 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
13:46:29.0403 3480 UxSms - ok
13:46:29.0419 3480 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
13:46:29.0450 3480 VaultSvc - ok
13:46:29.0466 3480 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:46:29.0481 3480 vdrvroot - ok
13:46:29.0513 3480 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
13:46:29.0591 3480 vds - ok
13:46:29.0622 3480 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:29.0669 3480 vga - ok
13:46:29.0700 3480 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:46:29.0762 3480 VgaSave - ok
13:46:29.0793 3480 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:46:29.0825 3480 vhdmp - ok
13:46:29.0856 3480 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:46:29.0871 3480 viaagp - ok
13:46:29.0887 3480 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
13:46:29.0934 3480 ViaC7 - ok
13:46:29.0949 3480 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
13:46:29.0981 3480 viaide - ok
13:46:29.0996 3480 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:46:30.0012 3480 vmbus - ok
13:46:30.0043 3480 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:46:30.0074 3480 VMBusHID - ok
13:46:30.0121 3480 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:46:30.0152 3480 volmgr - ok
13:46:30.0168 3480 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:46:30.0183 3480 volmgrx - ok
13:46:30.0215 3480 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:46:30.0230 3480 volsnap - ok
13:46:30.0324 3480 [ 6292C794BA68E0F46A6D45468461AFE1 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
13:46:30.0355 3480 Vsdatant - ok
13:46:30.0386 3480 vsmon - ok
13:46:30.0417 3480 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:46:30.0449 3480 vsmraid - ok
13:46:30.0495 3480 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
13:46:30.0636 3480 VSS - ok
13:46:30.0651 3480 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:46:30.0698 3480 vwifibus - ok
13:46:30.0729 3480 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:46:30.0761 3480 vwififlt - ok
13:46:30.0776 3480 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:46:30.0807 3480 vwifimp - ok
13:46:30.0839 3480 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
13:46:30.0917 3480 W32Time - ok
13:46:30.0948 3480 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:46:31.0010 3480 WacomPen - ok
13:46:31.0073 3480 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:46:31.0151 3480 WANARP - ok
13:46:31.0151 3480 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:46:31.0197 3480 Wanarpv6 - ok
13:46:31.0275 3480 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:46:31.0353 3480 WatAdminSvc - ok
13:46:31.0400 3480 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
13:46:31.0494 3480 wbengine - ok
13:46:31.0525 3480 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:46:31.0587 3480 WbioSrvc - ok
13:46:31.0634 3480 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:46:31.0697 3480 wcncsvc - ok
13:46:31.0712 3480 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:46:31.0806 3480 WcsPlugInService - ok
13:46:31.0837 3480 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:46:31.0868 3480 Wd - ok
13:46:31.0915 3480 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:46:31.0977 3480 Wdf01000 - ok
13:46:31.0993 3480 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:46:32.0102 3480 WdiServiceHost - ok
13:46:32.0102 3480 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:46:32.0149 3480 WdiSystemHost - ok
13:46:32.0180 3480 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
13:46:32.0243 3480 WebClient - ok
13:46:32.0274 3480 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:46:32.0321 3480 Wecsvc - ok
13:46:32.0336 3480 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:46:32.0399 3480 wercplsupport - ok
13:46:32.0445 3480 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
13:46:32.0508 3480 WerSvc - ok
13:46:32.0539 3480 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:46:32.0570 3480 WfpLwf - ok
13:46:32.0586 3480 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:46:32.0617 3480 WIMMount - ok
13:46:32.0679 3480 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:46:32.0773 3480 WinDefend - ok
13:46:32.0773 3480 WinHttpAutoProxySvc - ok
13:46:32.0835 3480 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:46:32.0898 3480 Winmgmt - ok
13:46:32.0945 3480 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
13:46:33.0038 3480 WinRM - ok
13:46:33.0132 3480 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:46:33.0194 3480 WinUsb - ok
13:46:33.0241 3480 [ 20A97B632A76CC977FCFB98F28CAAAB3 ] WisLMSvc C:\Program Files\Launch Manager\WisLMSvc.exe
13:46:33.0272 3480 WisLMSvc ( UnsignedFile.Multi.Generic ) - warning
13:46:33.0272 3480 WisLMSvc - detected UnsignedFile.Multi.Generic (1)
13:46:33.0319 3480 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:46:33.0397 3480 Wlansvc - ok
13:46:33.0506 3480 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:46:33.0553 3480 wlidsvc - ok
13:46:33.0584 3480 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:46:33.0647 3480 WmiAcpi - ok
13:46:33.0693 3480 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:46:33.0756 3480 wmiApSrv - ok
13:46:33.0849 3480 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:46:33.0943 3480 WMPNetworkSvc - ok
13:46:33.0974 3480 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:46:34.0005 3480 WPCSvc - ok
13:46:34.0052 3480 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:46:34.0099 3480 WPDBusEnum - ok
13:46:34.0130 3480 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:46:34.0193 3480 ws2ifsl - ok
13:46:34.0224 3480 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
13:46:34.0271 3480 wscsvc - ok
13:46:34.0286 3480 WSearch - ok
13:46:34.0364 3480 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
13:46:34.0473 3480 wuauserv - ok
13:46:34.0520 3480 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:46:34.0536 3480 WudfPf - ok
13:46:34.0583 3480 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:34.0614 3480 WUDFRd - ok
13:46:34.0692 3480 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:46:34.0739 3480 wudfsvc - ok
13:46:34.0785 3480 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:46:34.0848 3480 WwanSvc - ok
13:46:34.0910 3480 [ AB2D77BF7222B007717ABB61B15F9AE2 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys
13:46:34.0941 3480 X10Hid - ok
13:46:34.0973 3480 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
13:46:35.0004 3480 x10nets ( UnsignedFile.Multi.Generic ) - warning
13:46:35.0004 3480 x10nets - detected UnsignedFile.Multi.Generic (1)
13:46:35.0082 3480 ================ Scan global ===============================
13:46:35.0113 3480 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
13:46:35.0144 3480 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
13:46:35.0175 3480 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
13:46:35.0207 3480 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
13:46:35.0238 3480 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
13:46:35.0253 3480 [Global] - ok
13:46:35.0253 3480 ================ Scan MBR ==================================
13:46:35.0269 3480 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:46:35.0940 3480 \Device\Harddisk0\DR0 - ok
13:46:35.0940 3480 ================ Scan VBR ==================================
13:46:35.0940 3480 [ A3EC1A65E82EB3E893BCF15F4708492B ] \Device\Harddisk0\DR0\Partition1
13:46:35.0940 3480 \Device\Harddisk0\DR0\Partition1 - ok
13:46:35.0955 3480 [ CAD477FE0A8AD2C2D17B62AF9317E091 ] \Device\Harddisk0\DR0\Partition2
13:46:35.0955 3480 \Device\Harddisk0\DR0\Partition2 - ok
13:46:35.0971 3480 ============================================================
13:46:35.0971 3480 Scan finished
13:46:35.0971 3480 ============================================================
13:46:35.0987 5444 Detected object count: 6
13:46:35.0987 5444 Actual detected object count: 6
13:46:51.0633 5444 CDMA Device Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:46:51.0633 5444 CDMA Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:46:51.0633 5444 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:46:51.0633 5444 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:46:51.0633 5444 IJPLMSVC ( UnsignedFile.Multi.Generic ) - skipped by user
13:46:51.0633 5444 IJPLMSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:46:51.0649 5444 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
13:46:51.0649 5444 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:46:51.0649 5444 WisLMSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:46:51.0649 5444 WisLMSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:46:51.0649 5444 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
13:46:51.0649 5444 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
03.01.2013, 14:08
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2013, 15:03
| #9 |
| | GUV-Trojaner-Infektion über Jawa-SicherheitslückeCode:
ATTFilter ComboFix 13-01-03.02 - **** 03.01.2013 14:30:46.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3070.1870 [GMT 1:00]
ausgeführt von:: c:\users\****\Desktop\ComboFix.exe
AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\muzapp.exe
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-03 bis 2013-01-03 ))))))))))))))))))))))))))))))
.
.
2013-01-03 13:47 . 2013-01-03 13:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-03 13:47 . 2013-01-03 13:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-03 09:11 . 2013-01-03 09:11 -------- d-----w- c:\users\****\AppData\Roaming\LavasoftStatistics
2013-01-03 09:00 . 2013-01-03 09:00 -------- d-----w- c:\programdata\Ad-Aware Antivirus
2013-01-03 08:59 . 2013-01-03 08:59 -------- d-----w- c:\programdata\Lavasoft
2013-01-03 08:59 . 2013-01-03 09:54 -------- d-----w- c:\program files\Ad-Aware Antivirus
2013-01-03 08:59 . 2013-01-03 08:59 -------- d-----w- c:\windows\system32\drivers\VDD
2013-01-03 08:56 . 2013-01-03 08:56 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-01-03 08:56 . 2013-01-03 08:56 -------- d-----w- c:\programdata\blekko toolbars
2013-01-03 08:56 . 2013-01-03 08:56 -------- d-----w- c:\users\****\AppData\Local\adawarebp
2013-01-03 08:56 . 2013-01-03 08:56 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2013-01-03 08:56 . 2013-01-03 08:56 -------- d-----w- c:\program files\adawaretb
2013-01-03 08:56 . 2013-01-03 08:56 -------- d-----w- c:\program files\Toolbar Cleaner
2013-01-03 08:50 . 2013-01-03 10:01 -------- d-----w- c:\users\****\AppData\Roaming\Ad-Aware Antivirus
2013-01-02 21:18 . 2013-01-02 21:18 -------- d-----w- c:\users\****\AppData\Roaming\Malwarebytes
2013-01-02 21:17 . 2013-01-02 21:17 -------- d-----w- c:\programdata\Malwarebytes
2013-01-01 16:56 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F77B116-6599-43B9-8116-EEAF8C054931}\mpengine.dll
2012-12-31 12:32 . 2012-12-31 12:32 -------- d-----w- c:\users\****\AppData\Local\ArcSoft
2012-12-31 12:30 . 2012-12-31 13:29 -------- d--h--w- c:\programdata\ArcSoft
2012-12-31 12:29 . 2006-11-10 14:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys
2012-12-31 12:29 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-12-31 12:29 . 2012-12-31 12:31 -------- d-----w- c:\program files\Common Files\ArcSoft
2012-12-31 12:29 . 2012-12-31 12:29 -------- d-----w- c:\program files\ArcSoft
2012-12-31 12:28 . 2012-12-31 13:29 -------- d-----w- c:\users\****\AppData\Roaming\ArcSoft
2012-12-31 12:28 . 2001-09-05 03:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2012-12-31 12:28 . 2001-09-05 03:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-12-31 12:28 . 2001-09-05 03:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-12-31 12:28 . 2001-09-05 03:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-12-28 07:23 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-28 07:23 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-28 07:20 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-12-28 07:20 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2012-12-28 07:20 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2012-12-28 07:20 . 2012-08-24 16:57 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-12-28 07:20 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2012-12-22 19:58 . 2012-12-28 06:48 -------- d-----w- c:\users\****\AppData\Roaming\Juniper Networks
2012-12-19 04:37 . 2012-12-19 11:14 -------- dc----w- c:\users\****\AppData\Local\MigWiz
2012-12-12 16:36 . 2012-12-12 16:36 -------- d-----w- c:\users\****\AppData\Roaming\e-academy Inc
2012-12-12 16:36 . 2012-12-12 16:36 -------- d-----w- c:\users\****\AppData\Local\e-academy Inc
2012-12-12 16:33 . 2012-11-16 16:33 149536 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-12-12 16:33 . 2012-11-14 01:48 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-12-12 16:33 . 2012-11-14 01:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-12 16:33 . 2012-11-14 01:51 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-12-12 16:33 . 2012-11-14 01:49 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-12-12 16:33 . 2012-11-14 01:57 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-12-12 16:33 . 2012-11-14 01:52 194560 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2012-12-12 16:32 . 2012-11-16 16:33 757280 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2012-12-12 16:32 . 2012-11-14 02:09 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-12-12 16:32 . 2012-11-14 02:00 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-12-12 16:32 . 2012-11-14 02:01 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-12-12 16:32 . 2012-11-14 01:58 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-05 19:16 . 2012-12-05 19:16 -------- d-----w- c:\program files\iPod
2012-12-05 19:16 . 2012-12-05 19:17 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 13:55 . 2012-03-31 11:48 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-12 13:55 . 2011-05-21 18:17 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-16 07:39 . 2012-11-28 19:35 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40 . 2012-11-16 18:57 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 18:57 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-08 19:50 . 2012-06-28 09:11 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-08 19:50 . 2011-08-03 21:02 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-05 06:35 . 2012-02-05 06:35 57344 ----a-w- c:\program files\SicherLoeschen.exe
2012-12-05 09:02 . 2012-12-05 09:01 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2012-11-01 577536]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-11-12 968120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2009-08-05 413696]
"LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2009-07-07 343552]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2009-08-19 192000]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-05-03 73360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-11-28 151952]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-12-11 542104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2006-10-22 21:24 620152 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-11-28 13:13 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-10-15 08:14 202024 ----a-w- c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2011-04-13 13:02 1808784 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-11-28 23:49 151952 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2011-04-13 13:03 1298320 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
2012-11-01 04:16 577536 ----a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-11-12 02:45 1104824 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2012-11-12 02:45 968120 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-11-12 02:45 309688 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-09-20 07:51 1836328 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2007-02-04 10:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-04-01 16:31 6025216 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-11-20 00:00 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 07:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
R2 SBAMSvc;Ad-Aware;c:\program files\Ad-Aware Antivirus\SBAMSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 netr73;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr73.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x]
S0 Si3531;SiI-3531 SATA Controller;c:\windows\system32\DRIVERS\Si3531.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files\Ad-Aware Antivirus\AdAwareService.exe [x]
S2 CDMA Device Service;CDMA Device Service;c:\program files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [x]
S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [x]
S3 netr28;Ralink 802.11n-Drahtlostreiber für Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [x]
S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [x]
S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 77108052
*NewlyCreated* - ASWMBR
*NewlyCreated* - GFIBTO
*NewlyCreated* - SBAPIFS
*Deregistered* - 77108052
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 13:55]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 17:55]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 17:55]
.
2013-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-200173123-1151168856-31055751-1001Core.job
- c:\users\****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-14 20:04]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-200173123-1151168856-31055751-1001UA.job
- c:\users\****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-14 20:04]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jm2rhwio.default\
FF - prefs.js: browser.startup.homepage - about:newtab
FF - ExtSQL: 2013-01-03 09:56; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jm2rhwio.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - (no file)
HKLM-Run-ISW - (no file)
MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
MSConfigStartUp-LMgrOSD - c:\program files\Launch Manager\OSDCtrl.exe
MSConfigStartUp-snp2uvc - c:\windows\vsnp2uvc.exe
AddRemove-AnyDVD HD - c:\program files\AnyDVD HD\uninst.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe
AddRemove-Kies Air Discovery Service - c:\windows\system32\javaws.exe
AddRemove-Mendeley Desktop - c:\users\****\Documents\Mendeley Desktop\Uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-200173123-1151168856-31055751-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-200173123-1151168856-31055751-1001)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-200173123-1151168856-31055751-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-200173123-1151168856-31055751-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(656)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Zeit der Fertigstellung: 2013-01-03 14:53:00
ComboFix-quarantined-files.txt 2013-01-03 13:52
.
Vor Suchlauf: 8 Verzeichnis(se), 38.648.188.928 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 43.831.296.000 Bytes frei
.
- - End Of File - - ABB15137B921FF24A3654798560870E2
|
|
03.01.2013, 15:30
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GUV-Trojaner-Infektion über Jawa-SicherheitslückeZitat:
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2013, 15:34
| #11 |
| | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Es ist ein Privatrechner, aber ich bin Unimitarbeiter und erhalte dort auch Software für den Privatgebrauch. Es wird leider immer nur die Professional-Version angeboten. |
|
03.01.2013, 15:36
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Bei diesem Rechner handelt es sich auch um deinen Privatrechner?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2013, 15:38
| #13 |
| | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Ich habe meine erste Aussage nochmals editiert, da sie missverständlich war. Ja, es ist mein Privatrechner und die Software erhalte ich als Mitarbeiter von der Uni kostenlos zum Privatgebrauch. |
|
03.01.2013, 15:49
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2013, 16:11
| #15 |
| | GUV-Trojaner-Infektion über Jawa-Sicherheitslücke Hier die Ergebnisse vom AdwCleaner Code:
ATTFilter # AdwCleaner v2.104 - Datei am 03/01/2013 um 16:07:22 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : **** - ****
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\****\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\user.js
Ordner Gefunden : C:\Program Files\adawaretb
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\ProgramData\blekko toolbars
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\Users\****\AppData\Local\Conduit
Ordner Gefunden : C:\Users\****\AppData\LocalLow\adawaretb
Ordner Gefunden : C:\Users\****\AppData\LocalLow\boost_interprocess
Ordner Gefunden : C:\Users\****\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jm2rhwio.default\adawaretb
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gefunden : HKLM\SOFTWARE\Software
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v17.0.1 (de)
Datei : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jm2rhwio.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v12.10.1652.0
Datei : C:\Users\****\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [4525 octets] - [03/01/2013 16:07:22]
########## EOF - C:\AdwCleaner[R1].txt - [4585 octets] ##########
|
|
| Themen zu GUV-Trojaner-Infektion über Jawa-Sicherheitslücke |
| abgesicherten, anleitung, beste, besten, chip.de, computer, direkt, euro, firewall, google, ide, log-file, malwarebytes, neue, nicht mehr, scan, scannen, seite, start, suche, systemwiederherstellung, virenscan, webcam, windows, zonealarm |
Linear-Darstellung
