| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win64:Sirefef-A [Trj]Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.01.2013, 15:05
| #1 |
 | ![Win64:Sirefef-A [Trj] - Standard](images/icons/icon1.gif){kind=icon} Win64:Sirefef-A [Trj] Hallo alle zusammen, vorhin beim surfen hat sich plötzlich das bekannte Kontrollfenster geöffnet und gefragt, ob ich Adobe updaten wollte. Woltle ich eigentlich nicht, also hab ich auf nein geklickt. Allerdings hat sich das Fenster immer wieder geöffnet und so bin ich dann doch auf ja gegangen. Die Installation hat angefangen und ich hab sie dann abgebrochen. Und nun zeigt mir Avast dauernd an: Objekt:C:\$Recycle.Bin\S-1-5-18\...\80000000.@ Infektion:Win64:Sirefef-A [Trj] Aktion: in Container verschoben Prozess: C:\Windows\system32\services.exe Die Meldung kommt öfter, manchmal steht auch statt "in container verschoben" , "keine aktion erforderlich". Hab Windows 7 Ultimate 32bit Der Pc funktioniert bis jetzt normal weiter. Was muss ich tun? |
|
17.01.2013, 15:57
| #2 |
| /// TB-Ausbilder  | Win64:Sirefef-A [Trj] Lesestoff: Rootkit-Warnung Dein Computer wurde mit einem besonderen Schädling infiziert, der sich vor herkömmlichen Virenscannern und dem Betriebssystem selbst verstecken kann. Zusätzlich hat so ein Schädling meist auch Backdoor-Funktionalität, reißt also ganz bewußt Löcher durch alle Schutzmaßnahmen, damit er weiteren Schadcode nachladen oder die Daten, die er so sammelt, an die "bösen Jungs" weiterleiten kann. Was heißt das jetzt für dich?
Teile mir also mit, wie du dich entschieden hast. Schritt 1: Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es: Schritt 2: Scan mit aswMBR
Schritt 3: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.
Schritt 4: Scan mit DDS+ (mit attach) Downloade dir bitte DDS (von sUBs) und speichere die Datei auf deinem Desktop.
__________________ |
|
17.01.2013, 16:27
| #3 |
| | Win64:Sirefef-A [Trj] Also da ich kein online banking mache, gibts da wohl kein problem. Ich würde die bereinigung schon machen, denn neu aufsetzen fänd ich nicht so toll. Habe vorhin angefangen gehabt eine system-startzeit prüfung von avast zu machen und jetzt wird zwar der trojaner angezeigt, aber bei der ausführung 'in container verschieben' kommt der fehler 0xC000007F (an operation failed because the disk was full). Soll ich jetzt einfach die überprüfung abbrechen und alle deine schritte durchführen? Edit: neben sirefef-A (trj) wird auch sirefef-AO (rtk) angezeigt
__________________Geändert von BlueAzure (17.01.2013 um 16:40 Uhr) |
|
17.01.2013, 17:02
| #4 |
| /// TB-Ausbilder | Win64:Sirefef-A [Trj] Du sollst nichts anderes machen, ausser meiner Anweisungen. Steht in meinen Regeln, die du ja offenbar nicht gelesen hast.
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
17.01.2013, 17:05
| #5 |
| | Win64:Sirefef-A [Trj] Tut mir leid, da gibt es offenbar ein missverständnis. Die startzeitprüfung hatte ich schon gestartet bevor ich hier überhaupt gepostet habe. Dann fange ich jetzt mit deinen anweisungen an. |
|
17.01.2013, 17:09
| #6 |
| /// TB-Ausbilder | Win64:Sirefef-A [Trj] Ah verstehe, dann abbrechen und loslegen 
__________________ --> Win64:Sirefef-A [Trj] |
|
17.01.2013, 17:18
| #7 |
| | Win64:Sirefef-A [Trj] Okay hier ist der Log. Hoffe im Anhang ist okay, ansonsten kopier ich ab jetzt die Texte. EDIT: Hab den zweiten Schritt begonnen. Da ich Avast schon installiert und die neueste Version habe, komme ich anscheinend direkt in das Fenster wo man Scan, Fix, Save Log usw anklicken kann. Soll ich dann einfach so auf Scan gehen? Geändert von BlueAzure (17.01.2013 um 17:27 Uhr) |
|
17.01.2013, 17:28
| #8 |
| /// TB-Ausbilder | Win64:Sirefef-A [Trj] Am besten liest du jetzt nochmal meine Regeln. Und so gehts dann: So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
17.01.2013, 17:30
| #9 |
| | Win64:Sirefef-A [Trj] Oh okay, ich entschuldige mich! Dann hier: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:12 on 17/01/2013 (Flavia)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
|
|
17.01.2013, 17:31
| #10 |
| /// TB-Ausbilder | Win64:Sirefef-A [Trj] Jepp bitte Scan und dann Logfile.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
17.01.2013, 17:36
| #11 |
| | Win64:Sirefef-A [Trj] Okay, kurze Zeit nach Scan-Beginn kam der BlueScreen. Dann versuch ich den Scan jetzt noch mal mit der Einstellung none Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-17 17:38:35
-----------------------------
17:38:35.649 OS Version: Windows 6.1.7601 Service Pack 1
17:38:35.649 Number of processors: 4 586 0x3A09
17:38:35.649 ComputerName: FLAVIA-PC UserName: Flavia
17:38:39.869 Initialize success
17:38:40.029 AVAST engine defs: 13011700
17:38:46.937 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:38:46.937 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
17:38:46.953 Disk 0 MBR read successfully
17:38:46.953 Disk 0 MBR scan
17:38:46.953 Disk 0 Windows 7 default MBR code
17:38:46.968 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 456456 MB offset 63
17:38:46.968 Disk 0 Partition - 00 0F Extended LBA 20481 MB offset 934822350
17:38:47.000 Disk 0 Partition 2 00 0B FAT32 MSDOS5.0 20481 MB offset 934822413
17:38:47.000 Disk 0 scanning sectors +976768065
17:38:47.078 Disk 0 scanning C:\Windows\system32\drivers
17:38:59.579 Service scanning
17:39:20.957 Modules scanning
17:39:26.807 Disk 0 trace - called modules:
17:39:26.854 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
17:39:26.854 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x885f5ac8]
17:39:26.854 3 CLASSPNP.SYS[8d18a59e] -> nt!IofCallDriver -> [0x86acd308]
17:39:26.869 5 ACPI.sys[8caa73d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86ad6028]
17:39:26.869 Scan finished successfully
17:39:39.811 Disk 0 MBR has been saved successfully to "C:\Users\Flavia\Desktop\MBR.dat"
17:39:39.811 The log file has been saved successfully to "C:\Users\Flavia\Desktop\aswMBR.txt"
Code:
ATTFilter 17:41:40.0479 2296 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:41:40.0549 2296 ============================================================
17:41:40.0549 2296 Current date / time: 2013/01/17 17:41:40.0549
17:41:40.0549 2296 SystemInfo:
17:41:40.0549 2296
17:41:40.0549 2296 OS Version: 6.1.7601 ServicePack: 1.0
17:41:40.0549 2296 Product type: Workstation
17:41:40.0549 2296 ComputerName: FLAVIA-PC
17:41:40.0549 2296 UserName: Flavia
17:41:40.0549 2296 Windows directory: C:\Windows
17:41:40.0549 2296 System windows directory: C:\Windows
17:41:40.0549 2296 Processor architecture: Intel x86
17:41:40.0549 2296 Number of processors: 4
17:41:40.0549 2296 Page size: 0x1000
17:41:40.0549 2296 Boot type: Normal boot
17:41:40.0549 2296 ============================================================
17:41:41.0069 2296 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:41:41.0109 2296 ============================================================
17:41:41.0109 2296 \Device\Harddisk0\DR0:
17:41:41.0109 2296 MBR partitions:
17:41:41.0109 2296 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x37B8418F
17:41:41.0119 2296 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x37B8420D, BlocksNum 0x2800A34
17:41:41.0119 2296 ============================================================
17:41:41.0169 2296 C: <-> \Device\Harddisk0\DR0\Partition1
17:41:41.0169 2296 D: <-> \Device\Harddisk0\DR0\Partition2
17:41:41.0169 2296 ============================================================
17:41:41.0169 2296 Initialize success
17:41:41.0169 2296 ============================================================
17:42:04.0470 3860 ============================================================
17:42:04.0470 3860 Scan started
17:42:04.0470 3860 Mode: Manual; TDLFS;
17:42:04.0470 3860 ============================================================
17:42:04.0751 3860 ================ Scan system memory ========================
17:42:04.0751 3860 System memory - ok
17:42:04.0751 3860 ================ Scan services =============================
17:42:04.0923 3860 1394hub - ok
17:42:04.0985 3860 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:42:04.0985 3860 1394ohci - ok
17:42:05.0048 3860 [ E6F53D6C0DEA3D375362265E175CA638 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
17:42:05.0048 3860 acedrv11 - ok
17:42:05.0094 3860 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:42:05.0110 3860 ACPI - ok
17:42:05.0141 3860 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:42:05.0141 3860 AcpiPmi - ok
17:42:05.0172 3860 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\Windows\system32\drivers\adfs.sys
17:42:05.0172 3860 adfs - ok
17:42:05.0250 3860 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:42:05.0250 3860 adp94xx - ok
17:42:05.0282 3860 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:42:05.0282 3860 adpahci - ok
17:42:05.0328 3860 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:42:05.0328 3860 adpu320 - ok
17:42:05.0360 3860 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:42:05.0360 3860 AeLookupSvc - ok
17:42:05.0406 3860 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
17:42:05.0406 3860 AFD - ok
17:42:05.0453 3860 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:42:05.0453 3860 agp440 - ok
17:42:05.0484 3860 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:42:05.0500 3860 aic78xx - ok
17:42:05.0718 3860 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files\common files\akamai/netsession_win_ce5ba24.dll
17:42:05.0718 3860 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
17:42:05.0734 3860 Akamai ( HiddenFile.Multi.Generic ) - warning
17:42:05.0734 3860 Akamai - detected HiddenFile.Multi.Generic (1)
17:42:05.0781 3860 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:42:05.0781 3860 ALG - ok
17:42:05.0828 3860 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:42:05.0828 3860 aliide - ok
17:42:05.0843 3860 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:42:05.0843 3860 amdagp - ok
17:42:05.0859 3860 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:42:05.0859 3860 amdide - ok
17:42:05.0890 3860 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:42:05.0906 3860 AmdK8 - ok
17:42:05.0921 3860 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:42:05.0921 3860 AmdPPM - ok
17:42:05.0968 3860 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:42:05.0968 3860 amdsata - ok
17:42:05.0984 3860 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:42:05.0984 3860 amdsbs - ok
17:42:05.0999 3860 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:42:06.0015 3860 amdxata - ok
17:42:06.0077 3860 [ 459C0FFF8FF5EB4E8DF7E2EFDCB28DE1 ] apf003 C:\Windows\system32\apf003.sys
17:42:06.0077 3860 apf003 - ok
17:42:06.0124 3860 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:42:06.0124 3860 AppID - ok
17:42:06.0171 3860 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:42:06.0171 3860 AppIDSvc - ok
17:42:06.0202 3860 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
17:42:06.0202 3860 Appinfo - ok
17:42:06.0264 3860 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:42:06.0280 3860 Apple Mobile Device - ok
17:42:06.0327 3860 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
17:42:06.0327 3860 AppMgmt - ok
17:42:06.0374 3860 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:42:06.0374 3860 arc - ok
17:42:06.0389 3860 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:42:06.0389 3860 arcsas - ok
17:42:06.0514 3860 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:42:06.0514 3860 aspnet_state - ok
17:42:06.0545 3860 [ 6133404B5B260433922BBAC04E3254B2 ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
17:42:06.0545 3860 AsrAppCharger - ok
17:42:06.0608 3860 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:42:06.0608 3860 aswFsBlk - ok
17:42:06.0670 3860 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:42:06.0670 3860 aswMonFlt - ok
17:42:06.0732 3860 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
17:42:06.0732 3860 aswRdr - ok
17:42:06.0795 3860 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:42:06.0810 3860 aswSnx - ok
17:42:06.0842 3860 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:42:06.0842 3860 aswSP - ok
17:42:06.0920 3860 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:42:06.0920 3860 aswTdi - ok
17:42:06.0966 3860 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:42:06.0966 3860 AsyncMac - ok
17:42:06.0998 3860 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:42:06.0998 3860 atapi - ok
17:42:07.0044 3860 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:42:07.0060 3860 AudioEndpointBuilder - ok
17:42:07.0076 3860 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:42:07.0091 3860 Audiosrv - ok
17:42:07.0154 3860 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:42:07.0154 3860 avast! Antivirus - ok
17:42:07.0185 3860 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:42:07.0185 3860 AxInstSV - ok
17:42:07.0232 3860 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:42:07.0247 3860 b06bdrv - ok
17:42:07.0278 3860 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:42:07.0278 3860 b57nd60x - ok
17:42:07.0325 3860 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:42:07.0325 3860 BDESVC - ok
17:42:07.0356 3860 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
17:42:07.0356 3860 Beep - ok
17:42:07.0388 3860 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
17:42:07.0419 3860 BITS - ok
17:42:07.0434 3860 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:42:07.0434 3860 blbdrive - ok
17:42:07.0497 3860 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:42:07.0512 3860 Bonjour Service - ok
17:42:07.0637 3860 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:42:07.0637 3860 bowser - ok
17:42:07.0653 3860 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:42:07.0653 3860 BrFiltLo - ok
17:42:07.0668 3860 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:42:07.0668 3860 BrFiltUp - ok
17:42:07.0700 3860 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
17:42:07.0715 3860 Browser - ok
17:42:07.0731 3860 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:42:07.0731 3860 Brserid - ok
17:42:07.0746 3860 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:42:07.0746 3860 BrSerWdm - ok
17:42:07.0762 3860 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:42:07.0762 3860 BrUsbMdm - ok
17:42:07.0778 3860 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:42:07.0778 3860 BrUsbSer - ok
17:42:07.0793 3860 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:42:07.0809 3860 BTHMODEM - ok
17:42:07.0840 3860 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:42:07.0840 3860 bthserv - ok
17:42:07.0887 3860 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:42:07.0887 3860 cdfs - ok
17:42:07.0934 3860 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:42:07.0934 3860 cdrom - ok
17:42:07.0980 3860 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:42:07.0980 3860 CertPropSvc - ok
17:42:08.0006 3860 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:42:08.0006 3860 circlass - ok
17:42:08.0056 3860 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:42:08.0056 3860 CLFS - ok
17:42:08.0116 3860 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:42:08.0126 3860 clr_optimization_v2.0.50727_32 - ok
17:42:08.0186 3860 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:42:08.0196 3860 clr_optimization_v4.0.30319_32 - ok
17:42:08.0256 3860 [ 0187042EA17404BD54E903CB3A8B0C10 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:42:08.0256 3860 clwvd - ok
17:42:08.0296 3860 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:42:08.0296 3860 CmBatt - ok
17:42:08.0306 3860 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:42:08.0306 3860 cmdide - ok
17:42:08.0356 3860 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
17:42:08.0356 3860 CNG - ok
17:42:08.0376 3860 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:42:08.0376 3860 Compbatt - ok
17:42:08.0426 3860 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:42:08.0426 3860 CompositeBus - ok
17:42:08.0436 3860 COMSysApp - ok
17:42:08.0456 3860 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:42:08.0456 3860 crcdisk - ok
17:42:08.0506 3860 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:42:08.0506 3860 CryptSvc - ok
17:42:08.0546 3860 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
17:42:08.0556 3860 CSC - ok
17:42:08.0576 3860 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
17:42:08.0596 3860 CscService - ok
17:42:08.0636 3860 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:42:08.0656 3860 DcomLaunch - ok
17:42:08.0696 3860 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:42:08.0706 3860 defragsvc - ok
17:42:08.0736 3860 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:42:08.0736 3860 DfsC - ok
17:42:08.0766 3860 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:42:08.0766 3860 Dhcp - ok
17:42:08.0796 3860 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:42:08.0806 3860 discache - ok
17:42:08.0826 3860 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:42:08.0826 3860 Disk - ok
17:42:08.0856 3860 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:42:08.0856 3860 Dnscache - ok
17:42:08.0896 3860 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:42:08.0906 3860 dot3svc - ok
17:42:08.0946 3860 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:42:08.0946 3860 Dot4 - ok
17:42:08.0996 3860 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:42:08.0996 3860 Dot4Print - ok
17:42:09.0026 3860 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:42:09.0026 3860 dot4usb - ok
17:42:09.0066 3860 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:42:09.0066 3860 DPS - ok
17:42:09.0106 3860 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:42:09.0116 3860 drmkaud - ok
17:42:09.0166 3860 [ A564C3B47CB376163705106CC53F6283 ] DTSRVC C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
17:42:09.0166 3860 DTSRVC - ok
17:42:09.0206 3860 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:42:09.0216 3860 DXGKrnl - ok
17:42:09.0236 3860 EagleNT - ok
17:42:09.0256 3860 EagleXNt - ok
17:42:09.0296 3860 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:42:09.0296 3860 EapHost - ok
17:42:09.0386 3860 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:42:09.0466 3860 ebdrv - ok
17:42:09.0516 3860 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:42:09.0516 3860 EFS - ok
17:42:09.0666 3860 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:42:09.0686 3860 ehRecvr - ok
17:42:09.0736 3860 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:42:09.0746 3860 ehSched - ok
17:42:09.0786 3860 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:42:09.0796 3860 elxstor - ok
17:42:09.0816 3860 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:42:09.0826 3860 ErrDev - ok
17:42:09.0846 3860 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:42:09.0856 3860 EventSystem - ok
17:42:09.0906 3860 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:42:09.0906 3860 exfat - ok
17:42:09.0926 3860 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:42:09.0926 3860 fastfat - ok
17:42:09.0976 3860 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:42:09.0996 3860 Fax - ok
17:42:10.0006 3860 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:42:10.0006 3860 fdc - ok
17:42:10.0042 3860 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:42:10.0042 3860 fdPHost - ok
17:42:10.0057 3860 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:42:10.0057 3860 FDResPub - ok
17:42:10.0073 3860 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:42:10.0073 3860 FileInfo - ok
17:42:10.0088 3860 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:42:10.0088 3860 Filetrace - ok
17:42:10.0120 3860 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:42:10.0151 3860 FLEXnet Licensing Service - ok
17:42:10.0166 3860 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:42:10.0166 3860 flpydisk - ok
17:42:10.0182 3860 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:42:10.0198 3860 FltMgr - ok
17:42:10.0260 3860 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
17:42:10.0276 3860 FontCache - ok
17:42:10.0354 3860 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:42:10.0369 3860 FontCache3.0.0.0 - ok
17:42:10.0369 3860 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:42:10.0369 3860 FsDepends - ok
17:42:10.0385 3860 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:42:10.0385 3860 Fs_Rec - ok
17:42:10.0432 3860 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:42:10.0432 3860 fvevol - ok
17:42:10.0447 3860 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:42:10.0447 3860 gagp30kx - ok
17:42:10.0478 3860 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:42:10.0478 3860 GEARAspiWDM - ok
17:42:10.0541 3860 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:42:10.0556 3860 gpsvc - ok
17:42:10.0666 3860 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:42:10.0666 3860 gupdate - ok
17:42:10.0681 3860 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:42:10.0681 3860 gupdatem - ok
17:42:10.0712 3860 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:42:10.0728 3860 gusvc - ok
17:42:10.0759 3860 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:42:10.0759 3860 hcw85cir - ok
17:42:10.0822 3860 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:42:10.0822 3860 HdAudAddService - ok
17:42:10.0853 3860 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:42:10.0853 3860 HDAudBus - ok
17:42:10.0868 3860 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:42:10.0868 3860 HidBatt - ok
17:42:10.0884 3860 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:42:10.0884 3860 HidBth - ok
17:42:10.0900 3860 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:42:10.0900 3860 HidIr - ok
17:42:10.0931 3860 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
17:42:10.0931 3860 hidserv - ok
17:42:10.0978 3860 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:42:10.0978 3860 HidUsb - ok
17:42:11.0009 3860 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:42:11.0009 3860 hkmsvc - ok
17:42:11.0056 3860 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:42:11.0056 3860 HomeGroupListener - ok
17:42:11.0071 3860 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:42:11.0071 3860 HomeGroupProvider - ok
17:42:11.0212 3860 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
17:42:11.0227 3860 hpqcxs08 - ok
17:42:11.0258 3860 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
17:42:11.0258 3860 hpqddsvc - ok
17:42:11.0305 3860 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:42:11.0305 3860 HpSAMD - ok
17:42:11.0414 3860 [ 1664905CC1F7F176F8A592720D9629B9 ] hshld C:\Program Files\Hotspot Shield\bin\openvpnas.exe
17:42:11.0446 3860 hshld - ok
17:42:11.0492 3860 [ C08EC566056CCB470B2B98C0612BC0DB ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
17:42:11.0492 3860 HssDRV6 - ok
17:42:11.0680 3860 [ F01ED33CD4242EDC81E5DE532571F47F ] HssSrv C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
17:42:11.0680 3860 HssSrv - ok
17:42:11.0726 3860 [ 8B20915B82ACFE7108C3BFA45C0383AE ] HssTrayService C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
17:42:11.0726 3860 HssTrayService - ok
17:42:11.0773 3860 [ 35E91DF99B8CEAA477E0AB86052475D6 ] HssWd C:\Program Files\Hotspot Shield\bin\hsswd.exe
17:42:11.0773 3860 HssWd - ok
17:42:11.0836 3860 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:42:11.0851 3860 HTTP - ok
17:42:11.0882 3860 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:42:11.0882 3860 hwpolicy - ok
17:42:11.0929 3860 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:42:11.0945 3860 i8042prt - ok
17:42:11.0976 3860 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:42:11.0976 3860 iaStor - ok
17:42:12.0038 3860 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:42:12.0038 3860 IAStorDataMgrSvc - ok
17:42:12.0054 3860 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:42:12.0070 3860 iaStorV - ok
17:42:12.0132 3860 [ 7A95A3AD931B97FEC5067E40636CE37F ] ICQ Service C:\Program Files\ICQ6Toolbar\ICQ Service.exe
17:42:12.0132 3860 ICQ Service - ok
17:42:12.0226 3860 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:42:12.0226 3860 IDriverT - ok
17:42:12.0304 3860 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:42:12.0319 3860 idsvc - ok
17:42:12.0366 3860 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:42:12.0366 3860 iirsp - ok
17:42:12.0428 3860 [ F24395EAE5CDAAF36FDF4D9A4EF1B734 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
17:42:12.0428 3860 ikbevent - ok
17:42:12.0491 3860 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:42:12.0506 3860 IKEEXT - ok
17:42:12.0538 3860 [ D57DC259515E9F16511E6B3982C172B9 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
17:42:12.0538 3860 imsevent - ok
17:42:12.0647 3860 [ 7E9FEE5F83C74BE2FD48D163952E3CAA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:42:12.0678 3860 IntcAzAudAddService - ok
17:42:12.0725 3860 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:42:12.0725 3860 intelide - ok
17:42:12.0787 3860 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:42:12.0803 3860 intelppm - ok
17:42:12.0818 3860 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:42:12.0834 3860 IPBusEnum - ok
17:42:12.0865 3860 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:42:12.0865 3860 IpFilterDriver - ok
17:42:12.0896 3860 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:42:12.0896 3860 IPMIDRV - ok
17:42:12.0922 3860 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:42:12.0922 3860 IPNAT - ok
17:42:12.0982 3860 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:42:13.0002 3860 iPod Service - ok
17:42:13.0022 3860 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:42:13.0032 3860 IRENUM - ok
17:42:13.0082 3860 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:42:13.0082 3860 isapnp - ok
17:42:13.0122 3860 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:42:13.0122 3860 iScsiPrt - ok
17:42:13.0162 3860 [ 8D9E0DD04519253C17DFA0580295EEB8 ] ISCT C:\Windows\system32\DRIVERS\ISCTD.sys
17:42:13.0162 3860 ISCT - ok
17:42:13.0192 3860 [ 394A68607D63CF36D9732C953F43AF89 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
17:42:13.0202 3860 ISCTAgent - ok
17:42:13.0222 3860 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:42:13.0222 3860 kbdclass - ok
17:42:13.0262 3860 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:42:13.0262 3860 kbdhid - ok
17:42:13.0282 3860 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:42:13.0292 3860 KeyIso - ok
17:42:13.0322 3860 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:42:13.0322 3860 KSecDD - ok
17:42:13.0362 3860 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:42:13.0362 3860 KSecPkg - ok
17:42:13.0392 3860 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:42:13.0402 3860 KtmRm - ok
17:42:13.0452 3860 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
17:42:13.0462 3860 LanmanServer - ok
17:42:13.0492 3860 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:42:13.0502 3860 LanmanWorkstation - ok
17:42:13.0552 3860 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:42:13.0552 3860 lltdio - ok
17:42:13.0592 3860 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:42:13.0592 3860 lltdsvc - ok
17:42:13.0612 3860 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
17:42:13.0612 3860 lmhosts - ok
17:42:13.0652 3860 [ 75F29D77B0540FCF47EE3BE000BBABDA ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:42:13.0662 3860 LMS - ok
17:42:13.0682 3860 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:42:13.0682 3860 LSI_FC - ok
17:42:13.0702 3860 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:42:13.0712 3860 LSI_SAS - ok
17:42:13.0722 3860 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:42:13.0722 3860 LSI_SAS2 - ok
17:42:13.0742 3860 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:42:13.0742 3860 LSI_SCSI - ok
17:42:13.0762 3860 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:42:13.0762 3860 luafv - ok
17:42:13.0792 3860 [ 144011D14BD35F4E36136AE057B1AADD ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
17:42:13.0792 3860 LUsbFilt - ok
17:42:13.0822 3860 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:42:13.0832 3860 Mcx2Svc - ok
17:42:13.0842 3860 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:42:13.0842 3860 megasas - ok
17:42:13.0862 3860 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:42:13.0862 3860 MegaSR - ok
17:42:13.0892 3860 [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
17:42:13.0892 3860 MEI - ok
17:42:13.0972 3860 [ 033B947AF4A997820E86FCB070B1F450 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
17:42:13.0982 3860 Microsoft Office Groove Audit Service - ok
17:42:14.0012 3860 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:42:14.0012 3860 MMCSS - ok
17:42:14.0022 3860 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:42:14.0022 3860 Modem - ok
17:42:14.0032 3860 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:42:14.0032 3860 monitor - ok
17:42:14.0082 3860 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:42:14.0082 3860 mouclass - ok
17:42:14.0122 3860 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:42:14.0122 3860 mouhid - ok
17:42:14.0172 3860 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:42:14.0172 3860 mountmgr - ok
17:42:14.0192 3860 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:42:14.0192 3860 mpio - ok
17:42:14.0202 3860 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:42:14.0202 3860 mpsdrv - ok
17:42:14.0232 3860 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:42:14.0232 3860 MRxDAV - ok
17:42:14.0262 3860 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:42:14.0272 3860 mrxsmb - ok
17:42:14.0302 3860 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:42:14.0312 3860 mrxsmb10 - ok
17:42:14.0312 3860 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:42:14.0322 3860 mrxsmb20 - ok
17:42:14.0362 3860 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:42:14.0362 3860 msahci - ok
17:42:14.0392 3860 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:42:14.0392 3860 msdsm - ok
17:42:14.0422 3860 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:42:14.0422 3860 MSDTC - ok
17:42:14.0442 3860 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:42:14.0442 3860 Msfs - ok
17:42:14.0452 3860 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:42:14.0452 3860 mshidkmdf - ok
17:42:14.0482 3860 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:42:14.0482 3860 msisadrv - ok
17:42:14.0522 3860 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:42:14.0532 3860 MSiSCSI - ok
17:42:14.0532 3860 msiserver - ok
17:42:14.0552 3860 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:42:14.0562 3860 MSKSSRV - ok
17:42:14.0582 3860 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:42:14.0582 3860 MSPCLOCK - ok
17:42:14.0622 3860 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:42:14.0622 3860 MSPQM - ok
17:42:14.0642 3860 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:42:14.0642 3860 MsRPC - ok
17:42:14.0652 3860 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:42:14.0652 3860 mssmbios - ok
17:42:14.0662 3860 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:42:14.0662 3860 MSTEE - ok
17:42:14.0672 3860 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:42:14.0672 3860 MTConfig - ok
17:42:14.0692 3860 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:42:14.0692 3860 Mup - ok
17:42:14.0732 3860 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:42:14.0752 3860 napagent - ok
17:42:14.0772 3860 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:42:14.0782 3860 NativeWifiP - ok
17:42:14.0862 3860 [ 6D8FCDD5BB3B676EF58FA234073492C6 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
17:42:14.0882 3860 NBService - ok
17:42:14.0942 3860 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:42:14.0962 3860 NDIS - ok
17:42:14.0982 3860 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:42:14.0982 3860 NdisCap - ok
17:42:15.0002 3860 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:42:15.0002 3860 NdisTapi - ok
17:42:15.0052 3860 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:42:15.0052 3860 Ndisuio - ok
17:42:15.0092 3860 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:42:15.0092 3860 NdisWan - ok
17:42:15.0122 3860 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:42:15.0122 3860 NDProxy - ok
17:42:15.0182 3860 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:42:15.0182 3860 Net Driver HPZ12 - ok
17:42:15.0212 3860 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:42:15.0212 3860 NetBIOS - ok
17:42:15.0232 3860 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:42:15.0232 3860 NetBT - ok
17:42:15.0242 3860 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:42:15.0242 3860 Netlogon - ok
17:42:15.0292 3860 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:42:15.0292 3860 Netman - ok
17:42:15.0372 3860 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:42:15.0372 3860 NetMsmqActivator - ok
17:42:15.0382 3860 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:42:15.0382 3860 NetPipeActivator - ok
17:42:15.0402 3860 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:42:15.0422 3860 netprofm - ok
17:42:15.0482 3860 [ 105A0947E6E01E5A6B76DAD87547CD89 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
17:42:15.0502 3860 netr28u - ok
17:42:15.0512 3860 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:42:15.0512 3860 NetTcpActivator - ok
17:42:15.0512 3860 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:42:15.0522 3860 NetTcpPortSharing - ok
17:42:15.0542 3860 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:42:15.0542 3860 nfrd960 - ok
17:42:15.0592 3860 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:42:15.0592 3860 NlaSvc - ok
17:42:15.0682 3860 [ E32686B4E27D11F83E3F2844E104C66C ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
17:42:15.0682 3860 NMIndexingService - ok
17:42:15.0692 3860 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:42:15.0708 3860 Npfs - ok
17:42:15.0708 3860 npggsvc - ok
17:42:15.0723 3860 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:42:15.0739 3860 nsi - ok
17:42:15.0739 3860 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:42:15.0739 3860 nsiproxy - ok
17:42:15.0817 3860 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:42:15.0848 3860 Ntfs - ok
17:42:15.0879 3860 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:42:15.0879 3860 Null - ok
17:42:15.0942 3860 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
17:42:15.0942 3860 NVENETFD - ok
17:42:16.0176 3860 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:42:16.0222 3860 nvlddmkm - ok
17:42:16.0269 3860 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:42:16.0269 3860 nvraid - ok
17:42:16.0316 3860 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:42:16.0316 3860 nvstor - ok
17:42:16.0363 3860 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:42:16.0378 3860 nvsvc - ok
17:42:16.0503 3860 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:42:16.0534 3860 nvUpdatusService - ok
17:42:16.0597 3860 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:42:16.0597 3860 nv_agp - ok
17:42:16.0675 3860 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:42:16.0690 3860 odserv - ok
17:42:16.0722 3860 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:42:16.0722 3860 ohci1394 - ok
17:42:16.0753 3860 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:42:16.0768 3860 ose - ok
17:42:16.0862 3860 [ BE0D76074546FB0C72B2EE9BBBD3D2E8 ] OverwolfUpdaterService C:\Program Files\Overwolf\OverwolfUpdater.exe
17:42:16.0862 3860 OverwolfUpdaterService - ok
17:42:16.0893 3860 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:42:16.0909 3860 p2pimsvc - ok
17:42:16.0956 3860 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
17:42:16.0987 3860 p2psvc - ok
17:42:17.0034 3860 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:42:17.0034 3860 Parport - ok
17:42:17.0049 3860 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:42:17.0049 3860 partmgr - ok
17:42:17.0065 3860 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:42:17.0065 3860 Parvdm - ok
17:42:17.0080 3860 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:42:17.0096 3860 PcaSvc - ok
17:42:17.0112 3860 pccsmcfd - ok
17:42:17.0143 3860 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
17:42:17.0143 3860 pci - ok
17:42:17.0174 3860 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
17:42:17.0174 3860 pciide - ok
17:42:17.0205 3860 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:42:17.0205 3860 pcmcia - ok
17:42:17.0221 3860 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
17:42:17.0221 3860 pcw - ok
17:42:17.0252 3860 [ 18ED1D71FEF6F71D38C24263500BBD01 ] PdiPorts C:\Windows\system32\Drivers\PdiPorts.sys
17:42:17.0252 3860 PdiPorts - ok
17:42:17.0283 3860 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:42:17.0299 3860 PEAUTH - ok
17:42:17.0377 3860 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:42:17.0408 3860 PeerDistSvc - ok
17:42:17.0798 3860 [ 8B7AEC0ABA77DE5D2FEAC1824C15A3FA ] Ph3xIB32 C:\Windows\system32\DRIVERS\Ph3xIB32.sys
17:42:17.0829 3860 Ph3xIB32 - ok
17:42:17.0892 3860 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
17:42:17.0938 3860 pla - ok
17:42:17.0985 3860 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:42:18.0001 3860 PlugPlay - ok
17:42:18.0048 3860 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:42:18.0048 3860 Pml Driver HPZ12 - ok
17:42:18.0094 3860 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:42:18.0094 3860 PNRPAutoReg - ok
17:42:18.0126 3860 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:42:18.0126 3860 PNRPsvc - ok
17:42:18.0172 3860 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:42:18.0172 3860 PolicyAgent - ok
17:42:18.0204 3860 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
17:42:18.0219 3860 Power - ok
17:42:18.0235 3860 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:42:18.0235 3860 PptpMiniport - ok
17:42:18.0266 3860 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:42:18.0266 3860 Processor - ok
17:42:18.0297 3860 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
17:42:18.0297 3860 ProfSvc - ok
17:42:18.0313 3860 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:42:18.0313 3860 ProtectedStorage - ok
17:42:18.0328 3860 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:42:18.0328 3860 Psched - ok
17:42:18.0360 3860 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:42:18.0391 3860 ql2300 - ok
17:42:18.0406 3860 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:42:18.0422 3860 ql40xx - ok
17:42:18.0453 3860 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
17:42:18.0453 3860 QWAVE - ok
17:42:18.0469 3860 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:42:18.0469 3860 QWAVEdrv - ok
17:42:18.0484 3860 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:42:18.0484 3860 RasAcd - ok
17:42:18.0516 3860 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:42:18.0516 3860 RasAgileVpn - ok
17:42:18.0547 3860 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
17:42:18.0547 3860 RasAuto - ok
17:42:18.0562 3860 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:42:18.0562 3860 Rasl2tp - ok
17:42:18.0609 3860 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
17:42:18.0625 3860 RasMan - ok
17:42:18.0640 3860 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:42:18.0640 3860 RasPppoe - ok
17:42:18.0656 3860 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:42:18.0656 3860 RasSstp - ok
17:42:18.0672 3860 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:42:18.0687 3860 rdbss - ok
17:42:18.0703 3860 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:42:18.0703 3860 rdpbus - ok
17:42:18.0718 3860 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:42:18.0734 3860 RDPCDD - ok
17:42:18.0765 3860 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:42:18.0765 3860 RDPDR - ok
17:42:18.0796 3860 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:42:18.0796 3860 RDPENCDD - ok
17:42:18.0796 3860 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:42:18.0812 3860 RDPREFMP - ok
17:42:18.0906 3860 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:42:18.0906 3860 RdpVideoMiniport - ok
17:42:18.0937 3860 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:42:18.0937 3860 RDPWD - ok
17:42:18.0968 3860 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:42:18.0968 3860 rdyboost - ok
17:42:18.0999 3860 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
17:42:18.0999 3860 RemoteAccess - ok
17:42:19.0046 3860 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:42:19.0062 3860 RemoteRegistry - ok
17:42:19.0077 3860 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:42:19.0077 3860 RpcEptMapper - ok
17:42:19.0108 3860 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
17:42:19.0108 3860 RpcLocator - ok
17:42:19.0140 3860 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
17:42:19.0155 3860 RpcSs - ok
17:42:19.0171 3860 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:42:19.0171 3860 rspndr - ok
17:42:19.0218 3860 [ 3849D5D73BDD9B7BC4E3305DDC345B2C ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
17:42:19.0218 3860 RTL8167 - ok
17:42:19.0249 3860 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:42:19.0249 3860 s3cap - ok
17:42:19.0358 3860 [ 459927B1453D4E11D54EA4D089A01C6B ] S6000KNT C:\Windows\system32\Drivers\S6000KNT.sys
17:42:19.0420 3860 S6000KNT - ok
17:42:19.0436 3860 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
17:42:19.0452 3860 SamSs - ok
17:42:19.0483 3860 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:42:19.0483 3860 sbp2port - ok
17:42:19.0530 3860 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:42:19.0530 3860 SCardSvr - ok
17:42:19.0576 3860 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:42:19.0576 3860 scfilter - ok
17:42:19.0623 3860 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
17:42:19.0639 3860 Schedule - ok
17:42:19.0670 3860 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:42:19.0670 3860 SCPolicySvc - ok
17:42:19.0701 3860 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:42:19.0717 3860 SDRSVC - ok
17:42:19.0748 3860 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:42:19.0748 3860 secdrv - ok
17:42:19.0764 3860 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
17:42:19.0764 3860 seclogon - ok
17:42:19.0795 3860 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
17:42:19.0810 3860 SENS - ok
17:42:19.0842 3860 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:42:19.0842 3860 SensrSvc - ok
17:42:19.0857 3860 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:42:19.0857 3860 Serenum - ok
17:42:19.0873 3860 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:42:19.0873 3860 Serial - ok
17:42:19.0888 3860 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:42:19.0888 3860 sermouse - ok
17:42:19.0935 3860 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
17:42:19.0935 3860 SessionEnv - ok
17:42:19.0966 3860 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:42:19.0982 3860 sffdisk - ok
17:42:19.0982 3860 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:42:19.0982 3860 sffp_mmc - ok
17:42:19.0998 3860 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:42:19.0998 3860 sffp_sd - ok
17:42:20.0013 3860 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:42:20.0013 3860 sfloppy - ok
17:42:20.0060 3860 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:42:20.0076 3860 ShellHWDetection - ok
17:42:20.0107 3860 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:42:20.0107 3860 sisagp - ok
17:42:20.0122 3860 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:42:20.0122 3860 SiSRaid2 - ok
17:42:20.0138 3860 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:42:20.0138 3860 SiSRaid4 - ok
17:42:20.0200 3860 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:42:20.0200 3860 SkypeUpdate - ok
17:42:20.0232 3860 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:42:20.0232 3860 Smb - ok
17:42:20.0294 3860 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:42:20.0294 3860 SNMPTRAP - ok
17:42:20.0310 3860 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
17:42:20.0310 3860 spldr - ok
17:42:20.0341 3860 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
17:42:20.0372 3860 Spooler - ok
17:42:20.0466 3860 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
17:42:20.0544 3860 sppsvc - ok
17:42:20.0575 3860 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:42:20.0575 3860 sppuinotify - ok
17:42:20.0637 3860 [ A199171385BE17973FD800FA91F8F78A ] sptd C:\Windows\System32\Drivers\sptd.sys
17:42:20.0637 3860 sptd - ok
17:42:20.0668 3860 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:42:20.0684 3860 srv - ok
17:42:20.0700 3860 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:42:20.0700 3860 srv2 - ok
17:42:20.0715 3860 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:42:20.0715 3860 srvnet - ok
17:42:20.0746 3860 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:42:20.0746 3860 SSDPSRV - ok
17:42:20.0762 3860 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:42:20.0778 3860 SstpSvc - ok
17:42:20.0793 3860 StarOpen - ok
17:42:20.0887 3860 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:42:20.0887 3860 Stereo Service - ok
17:42:20.0934 3860 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:42:20.0934 3860 stexstor - ok
17:42:20.0965 3860 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
17:42:20.0996 3860 StiSvc - ok
17:42:20.0996 3860 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:42:20.0996 3860 storflt - ok
17:42:21.0043 3860 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:42:21.0043 3860 storvsc - ok
17:42:21.0058 3860 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
17:42:21.0058 3860 swenum - ok
17:42:21.0074 3860 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
17:42:21.0090 3860 swprv - ok
17:42:21.0105 3860 Synth3dVsc - ok
17:42:21.0152 3860 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
17:42:21.0183 3860 SysMain - ok
17:42:21.0214 3860 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:42:21.0230 3860 TabletInputService - ok
17:42:21.0246 3860 [ 0C3B2A9C4BD2DD9A6C2E4084314DD719 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
17:42:21.0246 3860 taphss - ok
17:42:21.0308 3860 [ A69C1848E37482C855D94AA05145086C ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
17:42:21.0308 3860 taphss6 - ok
17:42:21.0339 3860 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
17:42:21.0355 3860 TapiSrv - ok
17:42:21.0386 3860 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
17:42:21.0386 3860 TBS - ok
17:42:21.0448 3860 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:42:21.0480 3860 Tcpip - ok
17:42:21.0542 3860 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:42:21.0542 3860 TCPIP6 - ok
17:42:21.0589 3860 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:42:21.0589 3860 tcpipreg - ok
17:42:21.0620 3860 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:42:21.0620 3860 TDPIPE - ok
17:42:21.0667 3860 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:42:21.0667 3860 TDTCP - ok
17:42:21.0667 3860 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:42:21.0667 3860 tdx - ok
17:42:21.0698 3860 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:42:21.0698 3860 TermDD - ok
17:42:21.0714 3860 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
17:42:21.0729 3860 TermService - ok
17:42:21.0745 3860 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
17:42:21.0760 3860 Themes - ok
17:42:21.0776 3860 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
17:42:21.0776 3860 THREADORDER - ok
17:42:21.0776 3860 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
17:42:21.0776 3860 TrkWks - ok
17:42:21.0838 3860 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:42:21.0854 3860 TrustedInstaller - ok
17:42:21.0885 3860 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:42:21.0885 3860 tssecsrv - ok
17:42:21.0901 3860 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:42:21.0901 3860 TsUsbFlt - ok
17:42:21.0901 3860 tsusbhub - ok
17:42:21.0932 3860 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:42:21.0932 3860 tunnel - ok
17:42:21.0963 3860 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:42:21.0963 3860 uagp35 - ok
17:42:21.0979 3860 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:42:21.0979 3860 udfs - ok
17:42:22.0010 3860 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:42:22.0026 3860 UI0Detect - ok
17:42:22.0072 3860 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:42:22.0072 3860 uliagpkx - ok
17:42:22.0104 3860 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
17:42:22.0104 3860 umbus - ok
17:42:22.0135 3860 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:42:22.0135 3860 UmPass - ok
17:42:22.0166 3860 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
17:42:22.0166 3860 UmRdpService - ok
17:42:22.0197 3860 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
17:42:22.0213 3860 upnphost - ok
17:42:22.0244 3860 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:42:22.0244 3860 USBAAPL - ok
17:42:22.0291 3860 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:42:22.0291 3860 usbaudio - ok
17:42:22.0322 3860 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:42:22.0322 3860 usbccgp - ok
17:42:22.0353 3860 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:42:22.0353 3860 usbcir - ok
17:42:22.0400 3860 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:42:22.0416 3860 usbehci - ok
17:42:22.0447 3860 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:42:22.0447 3860 usbhub - ok
17:42:22.0494 3860 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:42:22.0494 3860 usbohci - ok
17:42:22.0509 3860 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:42:22.0509 3860 usbprint - ok
17:42:22.0556 3860 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:42:22.0556 3860 usbscan - ok
17:42:22.0603 3860 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
17:42:22.0603 3860 usbser - ok
17:42:22.0634 3860 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:42:22.0634 3860 USBSTOR - ok
17:42:22.0696 3860 [ FC43C9C666A1F5F288091BF2140ADA59 ] usbUDisc C:\Windows\system32\DRIVERS\USBDrv.sys
17:42:22.0696 3860 usbUDisc - ok
17:42:22.0728 3860 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:42:22.0728 3860 usbuhci - ok
17:42:22.0759 3860 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:42:22.0759 3860 usbvideo - ok
17:42:22.0806 3860 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
17:42:22.0806 3860 UxSms - ok
17:42:22.0821 3860 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
17:42:22.0821 3860 VaultSvc - ok
17:42:22.0884 3860 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:42:22.0884 3860 vdrvroot - ok
17:42:22.0915 3860 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
17:42:22.0930 3860 vds - ok
17:42:22.0977 3860 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:42:22.0977 3860 vga - ok
17:42:22.0993 3860 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:42:22.0993 3860 VgaSave - ok
17:42:23.0008 3860 VGPU - ok
17:42:23.0008 3860 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:42:23.0024 3860 vhdmp - ok
17:42:23.0055 3860 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:42:23.0055 3860 viaagp - ok
17:42:23.0071 3860 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:42:23.0071 3860 ViaC7 - ok
17:42:23.0086 3860 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
17:42:23.0086 3860 viaide - ok
17:42:23.0118 3860 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:42:23.0118 3860 vmbus - ok
17:42:23.0133 3860 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:42:23.0133 3860 VMBusHID - ok
17:42:23.0149 3860 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:42:23.0149 3860 volmgr - ok
17:42:23.0180 3860 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:42:23.0180 3860 volmgrx - ok
17:42:23.0196 3860 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:42:23.0196 3860 volsnap - ok
17:42:23.0227 3860 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:42:23.0227 3860 vsmraid - ok
17:42:23.0258 3860 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
17:42:23.0305 3860 VSS - ok
17:42:23.0320 3860 vtany - ok
17:42:23.0336 3860 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:42:23.0336 3860 vwifibus - ok
17:42:23.0367 3860 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:42:23.0367 3860 vwififlt - ok
17:42:23.0383 3860 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:42:23.0383 3860 vwifimp - ok
17:42:23.0430 3860 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
17:42:23.0461 3860 W32Time - ok
17:42:23.0461 3860 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:42:23.0461 3860 WacomPen - ok
17:42:23.0508 3860 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:42:23.0508 3860 WANARP - ok
17:42:23.0508 3860 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:42:23.0508 3860 Wanarpv6 - ok
17:42:23.0570 3860 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
17:42:23.0601 3860 wbengine - ok
17:42:23.0601 3860 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:42:23.0617 3860 WbioSrvc - ok
17:42:23.0648 3860 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:42:23.0679 3860 wcncsvc - ok
17:42:23.0679 3860 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:42:23.0695 3860 WcsPlugInService - ok
17:42:23.0710 3860 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:42:23.0710 3860 Wd - ok
17:42:23.0757 3860 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:42:23.0773 3860 Wdf01000 - ok
17:42:23.0788 3860 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:42:23.0788 3860 WdiServiceHost - ok
17:42:23.0804 3860 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:42:23.0804 3860 WdiSystemHost - ok
17:42:23.0820 3860 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
17:42:23.0820 3860 WebClient - ok
17:42:23.0835 3860 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:42:23.0835 3860 Wecsvc - ok
17:42:23.0866 3860 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:42:23.0866 3860 wercplsupport - ok
17:42:23.0898 3860 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
17:42:23.0898 3860 WerSvc - ok
17:42:23.0929 3860 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:42:23.0929 3860 WfpLwf - ok
17:42:23.0944 3860 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:42:23.0944 3860 WIMMount - ok
17:42:23.0960 3860 WinHttpAutoProxySvc - ok
17:42:24.0022 3860 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:42:24.0022 3860 Winmgmt - ok
17:42:24.0085 3860 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
17:42:24.0116 3860 WinRM - ok
17:42:24.0178 3860 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:42:24.0178 3860 WinUsb - ok
17:42:24.0226 3860 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:42:24.0257 3860 Wlansvc - ok
17:42:24.0367 3860 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:42:24.0413 3860 wlidsvc - ok
17:42:24.0445 3860 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:42:24.0445 3860 WmiAcpi - ok
17:42:24.0491 3860 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:42:24.0491 3860 wmiApSrv - ok
17:42:24.0585 3860 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:42:24.0616 3860 WMPNetworkSvc - ok
17:42:24.0632 3860 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:42:24.0632 3860 WPCSvc - ok
17:42:24.0647 3860 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:42:24.0663 3860 WPDBusEnum - ok
17:42:24.0693 3860 [ D8ECD27FBF0F8FC31695824DB9C1CB42 ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
17:42:24.0693 3860 WPRO_41_2001 - ok
17:42:24.0713 3860 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:42:24.0713 3860 ws2ifsl - ok
17:42:24.0723 3860 WSearch - ok
17:42:24.0803 3860 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
17:42:24.0823 3860 wuauserv - ok
17:42:24.0863 3860 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:42:24.0863 3860 WudfPf - ok
17:42:24.0883 3860 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:42:24.0883 3860 WUDFRd - ok
17:42:24.0923 3860 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:42:24.0933 3860 wudfsvc - ok
17:42:24.0963 3860 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:42:24.0983 3860 WwanSvc - ok
17:42:25.0023 3860 XDva288 - ok
17:42:25.0023 3860 XDva306 - ok
17:42:25.0043 3860 XDva327 - ok
17:42:25.0053 3860 XDva332 - ok
17:42:25.0053 3860 XDva341 - ok
17:42:25.0063 3860 XDva344 - ok
17:42:25.0073 3860 XDva349 - ok
17:42:25.0083 3860 XDva356 - ok
17:42:25.0083 3860 XDva375 - ok
17:42:25.0113 3860 XDva380 - ok
17:42:25.0113 3860 XDva387 - ok
17:42:25.0123 3860 xhunter1 - ok
17:42:25.0183 3860 [ 93781BA7B3346E3D82EC1DB30B3B713F ] xsherlock C:\Windows\system32\xsherlock.xem
17:42:25.0203 3860 xsherlock - ok
17:42:25.0253 3860 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
17:42:25.0253 3860 XUIF - ok
17:42:25.0263 3860 ================ Scan global ===============================
17:42:25.0303 3860 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:42:25.0333 3860 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
17:42:25.0353 3860 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
17:42:25.0393 3860 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:42:25.0433 3860 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:42:25.0443 3860 [Global] - ok
17:42:25.0443 3860 ================ Scan MBR ==================================
17:42:25.0453 3860 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:42:25.0653 3860 \Device\Harddisk0\DR0 - ok
17:42:25.0653 3860 ================ Scan VBR ==================================
17:42:25.0663 3860 [ 98655623BFF14F859A999730B486B1BE ] \Device\Harddisk0\DR0\Partition1
17:42:25.0663 3860 \Device\Harddisk0\DR0\Partition1 - ok
17:42:25.0673 3860 [ 4516CCF7B908FE21586E30E99EA1DC41 ] \Device\Harddisk0\DR0\Partition2
17:42:25.0683 3860 \Device\Harddisk0\DR0\Partition2 - ok
17:42:25.0683 3860 ============================================================
17:42:25.0683 3860 Scan finished
17:42:25.0683 3860 ============================================================
17:42:25.0693 1596 Detected object count: 1
17:42:25.0693 1596 Actual detected object count: 1
17:42:46.0352 1596 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
17:42:46.0352 1596 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
Die Datei bei Schritt 4 wird vor dem Download bei mir mit einer Warnung angezeigt, dass sie schädlich sein könnte. Ist das normal? Geändert von BlueAzure (17.01.2013 um 17:46 Uhr) |
|
17.01.2013, 20:20
| #12 |
| /// TB-Ausbilder | Win64:Sirefef-A [Trj] Meinst du ich biete dir was schädliches zum Download an? Führe bitte den Schritt durch.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
17.01.2013, 21:14
| #13 |
| | Win64:Sirefef-A [Trj] Sollte keine Anschuldigung sein, gehe nur lieber auf Nummer sicher, bevor vllt. doch irgendwas passiert. attach.txt [CODE]. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT .DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 27.12.2009 15:44:45
System Uptime: 17.01.2013 18:25:38 (3 hours ago)
.
Motherboard: ASRock | | H61M-DGS
Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz | CPUSocket | 3300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 446 GiB total, 187,48 GiB free.
D: is FIXED (FAT32) - 20 GiB total, 0,004 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP470: 11.11.2012 19:00:28 - Windows Backup
RP471: 18.11.2012 19:00:15 - Windows Backup
RP472: 25.11.2012 19:00:28 - Windows Backup
RP473: 02.12.2012 19:00:23 - Windows Backup
RP474: 09.12.2012 19:00:24 - Windows Backup
RP475: 16.12.2012 19:41:58 - Windows Backup
RP476: 23.12.2012 19:00:28 - Windows Backup
RP477: 30.12.2012 19:00:24 - Windows Backup
RP478: 06.01.2013 19:54:24 - Windows Backup
RP479: 13.01.2013 19:00:26 - Windows Backup
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
32 Bit HP CIO Components Installer
7-Zip 9.20
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Recommended Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Extra Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Digital Editions
Adobe Download Assistant
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.5.2 - Deutsch
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
AION Free-To-Play
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASRock App Charger v1.0.5
Audacity 2.0
avast! Free Antivirus
Bandisoft MPEG-1 Decoder
Bonjour
BufferChm
C4600
calibre
Connect
CyberLink YouCam
D3DX10
Destinations
DeviceDiscovery
Digitale Bibliothek 4
DivX-Setup
forteManager
Free AVI Video Converter version 5.0.18.1005
Free Studio version 5.1.7
Free Video to MP3 Converter version 5.0.18.1005
Free YouTube to MP3 Converter version 3.11.33.1005
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
Hotspot Shield 2.78
HP Customer Participation Program 13.0
HP Imaging Device Functions 13.0
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
HP Print Projects 1.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
ICQ Toolbar
ICQ7.5
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Smart Connect Technology 2.0 x86
iTunes
Java 7 Update 9
Java Auto Updater
Java(TM) 6 Update 37
JDownloader 0.9
K-Lite Mega Codec Pack 3.9.5
Kalydo Player 4.06.04
kuler
LAME v3.99.3 (for Windows)
LuPO 1.0.2.36
MarketResearch
MatheGrafix 9 (Version 9.50)
MEDION MD86511
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office Groove MUI (German) 2007
Microsoft Office InfoPath MUI (German) 2007
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NC Launcher (GameForge)
Nero 7 Ultra Edition
neroxml
NVIDIA 3D Vision Controller-Treiber 295.73
NVIDIA 3D Vision Driver 306.97
NVIDIA Control Panel 306.97
NVIDIA Display Control Panel
NVIDIA Graphics Driver 306.97
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.12.0209
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenAL
Overwolf
Pando Media Booster
PDF Settings CS4
Photoshop Camera Raw
PlayReady PC Runtime x86
Polipo 1.0.4.1
ProtectDisc Driver, Version 11
Proxifier version 3.0
PS_AIO_05_C4600_Software_Min
PVSonyDll
QuickTime
RealPlayer
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Scan
SDFormatter
SDK
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB969604)
Shop for HP Supplies
Skype™ 5.10
SmartWebPrinting
SolutionCenter
Spotify
Status
Suite Shared Configuration CS4
System Requirements Lab
Toolbox
Tor 0.2.2.38
TrayApp
Uniblue RegistryBooster 2010
Unity Web Player
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Outlook 2007 Junk Email Filter (kb976884)
VC80CRTRedist - 8.0.50727.4053
Veoh Web Player
Veoh Web Player Toolbar
Vidalia 0.2.20
Vindictus EU
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Viva Piñata
Viva Pinata
VLC media player 2.0.2
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR Archivierer
WinZip
WOT für Internet Explorer
Yontoo Layers 1.10.01
.
==== End Of File ===========================
Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Flavia at 21:09:42 on 2013-01-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1033.18.3565.2268 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Portrait Displays\forteManager\DTHtml.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe
C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe
C:\Users\Flavia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k Akamai
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.de/
uSearch Bar = Preserve
uProxyServer = hxxp=localhost:8118;https=localhost:8118;ftp=localhost:8118;socks=localhost:9050
uProxyOverride = localhost;127.0.01;<local>
mURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} -
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - c:\program files\veoh_web_player\prxtbVeoh.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} -
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - c:\program files\wot\WOT.dll
BHO: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - c:\program files\veoh_web_player\prxtbVeoh.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Zynga Toolbar: {7B13EC3E-999A-4B70-B9CB-2617B8323822} -
TB: Veoh Web Player Toolbar: {CD90BF73-20F6-44EF-993D-BB920303BD2E} - c:\program files\veoh_web_player\prxtbVeoh.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} -
TB: ICQToolBar: {855F3B16-6D32-4FE6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
TB: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - c:\program files\veoh_web_player\prxtbVeoh.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: ICQToolBar: {855F3B16-6D32-4FE6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [NCsoft Launcher] c:\program files\ncsoft\launcher\NCLauncher.exe /Minimized
uRun: [KPeerNexonEU] c:\nexon\nexon_eu_downloader\nxEULauncher.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Akamai NetSession Interface] "c:\users\flavia\appdata\local\akamai\netsession_win.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Spotify Web Helper] "c:\users\flavia\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DT LGE] c:\program files\common files\portrait displays\shared\DT_startup.exe -LGE
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [YouCam Mirage] "c:\program files\cyberlink\youcam\YCMMirage.exe"
mRun: [YouCam Tray] "c:\program files\cyberlink\youcam\YouCam.exe" /s
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
StartupFolder: c:\users\flavia\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Free YouTube to MP3 Converter - c:\users\flavia\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\icq7.5\ICQ.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: %SystemRoot%\system32\PrxerDrv.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} - hxxps://wstatic.plaync.co.kr/common/UniUpdate/NCLoader.8.cab
DPF: {640044E9-92A3-4B89-A615-1F65354D3A65} - hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} - hxxp://www.navigram.com/engine/v911/Navigram.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{657A77EB-A723-4E07-A64C-2D8A7EE0DA00} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{AFC83094-9D46-46C1-94F3-B7B4F6D485D8} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{B4CBB5E5-4013-4ACA-9F87-284345701218} : DHCPNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 AsrAppCharger;AsrAppCharger;c:\windows\system32\drivers\AsrAppCharger.sys [2012-11-9 15656]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-9-25 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-9-25 361032]
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2012-11-15 35592]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-2-24 185472]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-14 20992]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-9-25 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-9-25 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-5 44808]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2012-11-15 527728]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2012-11-15 389488]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2012-11-9 13336]
R2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2011-7-3 247608]
R2 ISCTAgent;ISCT Always Updated Agent;c:\program files\intel\intel(r) smart connect technology agent\iSCTAgent.exe [2012-2-9 116224]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-10-2 382824]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\drivers\clwvd.sys [2011-7-29 27760]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\drivers\ikbevent.sys [2012-2-9 21952]
R3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\drivers\imsevent.sys [2012-2-9 21952]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\drivers\ISCTD.sys [2012-2-9 39360]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-11-9 46080]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\netr28u.sys [2009-5-25 734208]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-11-9 414824]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2012-11-15 35592]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys [2012-11-9 31680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 apf003;apf003;c:\windows\system32\apf003.sys [2012-3-16 13232]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files\overwolf\OverwolfUpdater.exe [2012-7-1 18360]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2009-6-10 1311232]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-2-23 15872]
S3 S6000KNT;S6000KNT_WebCam Driver;c:\windows\system32\drivers\S6000KNT.sys [2011-12-25 3328472]
S3 usbUDisc;usbUDisc;c:\windows\system32\drivers\USBDrv.sys [2012-7-28 13824]
S3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [2012-7-1 670816]
SUnknown TsUsbFlt;TsUsbFlt; [x]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2013-01-17 16:34:24 86976 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2013-01-15 09:30:33 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3d0f5cc0-a4b6-4b74-927d-c5895d43d826}\mpengine.dll
2013-01-09 16:00:45 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-21 09:33:58 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 09:33:58 295424 ----a-w- c:\windows\system32\atmfd.dll
.
==================== Find3M ====================
.
2013-01-17 16:34:24 31680 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2012-12-19 11:23:24 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-19 11:23:24 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-15 01:36:52 35592 ----a-w- c:\windows\system32\drivers\taphss6.sys
2012-11-15 01:29:54 35592 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll
2012-10-30 22:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51:57 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51:07 41224 ----a-w- c:\windows\avastSS.scr
2012-10-20 18:25:41 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2012-10-20 18:25:40 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2006-05-03 10:06:54 163328 --sha-w- c:\windows\system32\flvDX.dll
.
============= FINISH: 21:12:13,78 ===============
|
|
18.01.2013, 15:43
| #14 |
| /// TB-Ausbilder | Win64:Sirefef-A [Trj] Dann geht es weiter: Schritt 1: Deinstallation von Programmen
Schritt 1: AdwCleaner: Werbeprogramme suchen und löschen Schritt 3: Temporäre Dateien löschen mit TFC Schritt 4: Scan mit Combofix
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
18.01.2013, 17:08
| #15 |
| | Win64:Sirefef-A [Trj] Hey, bevor ich die schritte durchführen kann, gibt es noch ein problem. Ich starte den pc grade zum ersten mal heute und bis zum willkommensbildschirm ist auch alles normal, aber nachdem ich mein passwort eingebe kommt nur 'willkommen' und es lädt und lädt und lädt. Nach einem neustart bin ich zwar bis zum desktop gekommen, aber der wurde nur schwarz angezeigt und man sah nur den mauspfeil. Was soll ich also machen? Abgesicherter modus oder so? |
|
| Themen zu Win64:Sirefef-A [Trj] |
| adobe, avast, bekannte, c:\windows, container, dauernd, erforderlich, funktionier, funktioniert, gefangen, installation, meldung, plötzlich, recycle.bin, surfe, surfen, system, system32, ultimate, update, updaten, win, win64, windows, windows 7, zusammen, öfter |
![Win64:Sirefef-A [Trj]](iconimages/plagegeister-aller-art-deren-bekaempfung/win64-sirefef-a-trj_ltr.gif)
Linear-Darstellung
