| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Yet another TR/ATRAPS.Gen2 topicWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.01.2013, 14:55
| #1 |
 |  Yet another TR/ATRAPS.Gen2 topic Hallo Board, wie im Titel erwähnt, handelt es sich bei meinem Trojaner um den TR/ATRAPS.Gen2 Ich habe die Schritte wie in ryders Einführung beschrieben durchgeführt. Ich habe mich für eine Bereinigung entschieden. Werde gleichzeitig auch Ubuntu installieren. Ich frage mich, ob der Trojaner sich auch in anderen Partitionen versteckt oder ob ich diese einfach unter Linux mounten kann, ohne eine Gefährdung auf Linux zu übertragen? Es wäre nett, wenn ich win7 dann halt noch zum zocken verwenden kann, also beide OS parallel. 1.) defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:53 on 19/01/2013 (Steffen)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-19 14:10:35
-----------------------------
14:10:35.415 OS Version: Windows x64 6.1.7601 Service Pack 1
14:10:35.415 Number of processors: 4 586 0x403
14:10:35.416 ComputerName: NR1 UserName:
14:10:36.507 Initialize success
14:13:02.908 AVAST engine defs: 13011900
14:19:54.496 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
14:19:54.501 Disk 0 Vendor: WDC_WD15EARS-00Z5B1 80.00A80 Size: 1430799MB BusType: 3
14:19:54.506 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-6
14:19:54.511 Disk 1 Vendor: WDC_WD6400AAKS-00A7B0 01.03B01 Size: 610476MB BusType: 3
14:19:54.517 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-3
14:19:54.523 Disk 2 Vendor: WDC_WD20EARS-00MVWB0 51.0AB51 Size: 1907725MB BusType: 3
14:19:54.539 Disk 1 MBR read successfully
14:19:54.546 Disk 1 MBR scan
14:19:54.565 Disk 1 Windows 7 default MBR code
14:19:54.581 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:19:54.595 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 101099 MB offset 206848
14:19:54.600 Disk 1 Partition - 00 0F Extended LBA 509275 MB offset 207259648
14:19:54.614 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 509274 MB offset 207261696
14:19:54.642 Disk 1 scanning C:\Windows\system32\drivers
14:20:04.501 Service scanning
14:20:24.343 Modules scanning
14:20:24.347 Disk 1 trace - called modules:
14:20:24.381 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
14:20:24.385 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8007af8060]
14:20:24.388 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8006b2a670]
14:20:24.395 5 ACPI.sys[fffff88000f607a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T1L0-6[0xfffffa800784d060]
14:20:25.842 AVAST engine scan C:\Windows
14:20:27.758 AVAST engine scan C:\Windows\system32
14:22:15.588 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:22:17.331 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:23:12.378 AVAST engine scan C:\Windows\system32\drivers
14:23:21.048 AVAST engine scan C:\Users\Steffen
14:33:08.579 AVAST engine scan C:\ProgramData
14:34:17.766 Scan finished successfully
14:35:20.467 Disk 1 MBR has been saved successfully to "C:\Users\Steffen\Desktop\MBR.dat"
14:35:20.471 The log file has been saved successfully to "C:\Users\Steffen\Desktop\aswMBR.txt"
DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by Steffen at 14:38:14 on 2013-01-19
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8190.6042 [GMT 1:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k bthaudiosvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - <orphaned>
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} -
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Steffen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [RGSC] E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
uRun: [Infinite_Screen] C:\Users\Steffen\AppData\Local\Temp\infinite_screen\perl\bin\infinite_screen.exe -xC:\Users\Steffen\AppData\Local\Temp\infinite_screen C:\Users\Steffen\AppData\Local\Temp\infinite_screen\screen
mRun: [NWEReboot] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{38AC3330-CF9A-4284-8284-64489FB50CA8} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{9D529AD2-136F-46C2-B1DB-9EC76E68CF86} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{CA2E234F-5CE6-49C4-B3BB-196ADF498C6C} : DHCPNameServer = 78.46.246.142 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Steffen\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2012-12-07 16:42; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-1-19 27800]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-1-19 85280]
R2 AntiVirService;Avira Echtzeit-Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-1-19 109344]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-1-19 99912]
R2 DirMngr;DirMngr;C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [2011-3-2 224256]
R2 HFGService;Handsfree Headset Service;C:\Windows\System32\svchost.exe -k bthaudiosvc [2009-7-14 27136]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [2012-5-1 270672]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 BthAudioHF;BthAudioHF-Dienst;C:\Windows\System32\drivers\BthAudioHF.sys [2009-12-21 52224]
S3 BthAvrcp;Bluetooth-AVRCP-Profil;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184]
S3 csr_a2dp;Bluetooth-AV-Profil;C:\Windows\System32\drivers\bthav.sys [2009-12-21 78848]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-4-1 341856]
S3 LVUVC64;Logitech Webcam 905(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-4-1 4184672]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2012-5-1 11776]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187.sys [2010-1-7 448512]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-10 59392]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
FileExt: .js: Applications\notepad++.exe="C:\Users\Steffen\Downloads\npp.5.9.8.bin\unicode\notepad++.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-01-19 12:16:55 -------- d-----w- C:\Users\Steffen\AppData\Roaming\Avira
2013-01-19 12:11:32 99912 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2013-01-19 12:11:32 27800 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2013-01-19 12:11:32 -------- d-----w- C:\ProgramData\Avira
2013-01-19 12:11:32 -------- d-----w- C:\Program Files (x86)\Avira
2013-01-17 08:41:19 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2013-01-15 07:25:52 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B92C6F7-E9FE-4983-84F7-D6DEB53AAAA6}\mpengine.dll
2013-01-14 09:05:25 -------- d-----w- C:\Users\Steffen\AppData\Roaming\.minecraft
2013-01-13 20:28:00 -------- d-----w- C:\Users\Steffen\AppData\Roaming\LibreOffice
2013-01-13 20:26:43 -------- d-----w- C:\Program Files (x86)\LibreOffice 3.6
2013-01-10 11:29:14 -------- d-----w- C:\Users\Steffen\AppData\Roaming\collection
2013-01-09 19:06:36 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-07 23:42:37 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-01-07 23:42:37 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-01-07 23:42:37 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-01-07 23:42:37 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
.
==================== Find3M ====================
.
2013-01-17 08:45:59 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-17 08:45:59 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-10 11:50:41 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-01-10 11:50:41 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-01-10 11:50:41 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-01-10 11:50:41 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-10-27 06:26:55 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-27 05:51:21 1188864 ----a-w- C:\Windows\System32\wininet.dll
.
============= FINISH: 14:38:30,11 ===============
attach: Code:
ATTFilter .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 07.10.2010 22:55:38
System Uptime: 19.01.2013 14:07:34 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-870A-UD3
Processor: AMD Phenom(tm) II X4 955 Processor | Socket M2 | 3200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 99 GiB total, 23,31 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 497 GiB total, 182,898 GiB free.
F: is CDROM ()
G: is FIXED (NTFS) - 1863 GiB total, 918,595 GiB free.
I: is FIXED (NTFS) - 1397 GiB total, 1010,587 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VirtualBox Host-Only Ethernet Adapter
Device ID: ROOT\NET\0000
Manufacturer: Oracle Corporation
Name: VirtualBox Host-Only Ethernet Adapter
PNP Device ID: ROOT\NET\0000
Service: VBoxNetAdp
.
Class GUID:
Description: USB (Universal Serial Bus)-Controller
Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_50071458&REV_03\4&91A636&0&0048
Manufacturer:
Name: USB (Universal Serial Bus)-Controller
PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_50071458&REV_03\4&91A636&0&0048
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
1&1 Surf-Stick
7-Zip 4.65 (x64 edition)
Activision(R)
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01) - Deutsch
Adobe Shockwave Player 11.5
Aquaria
µTorrent
Avira Free Antivirus
Blocks That Matter
Blur(TM)
Borderlands
CameraHelperMsi
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.9
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities WFT-E1/E2/E3/E4 Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Command & Conquer™ 4 Tiberian Twilight
Crysis® 2
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX-Setup
doxygen 1.7.3
Dual-Core Optimizer
erLT
Express Rip
FAKEFACTORY Cinematic Mod V10
FLV Downloader
GIMP 2.6.11
Git version 1.7.3.1-preview20101002
Google Chrome
Google Earth
Google Update Helper
Gpg4win (2.1.0)
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
Gratuitous Space Battles
Half-Life 2
Half-Life 2 Awakening 1.1
Half-Life 2: Deathmatch
Half-Life 2: Episode One
Half-Life 2: Episode Two
Hugin 2011.4.0
Inkscape 0.48.2
Java Auto Updater
Java(TM) 6 Update 29
LEGO Digital Designer
LibreOffice 3.6
Lightworks
LIMBO
Logitech Webcam Software
LuminanceHDR 2.0.2
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Matrox VFW Software Codecs, build 28
Mendeley Desktop 1.7.1
Metro 2033
Microsoft .NET Compact Framework 3.5
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended DEU Language Pack
Microsoft Access 2010
Microsoft Application Error Reporting
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
MiKTeX 2.8
Mozilla Firefox 18.0 (x86 de)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 de)
Mp3tag v2.48
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multiwinia
Navigator 11 - Setup Utility 11.0.23-3
Nero 7 Essentials
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
neroxml
Notepad++
NVIDIA 3D Vision Controller-Treiber 280.19
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Treiber 306.97
NVIDIA Grafiktreiber 306.97
NVIDIA HD-Audiotreiber 1.2.23.3
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.10.0514
NVIDIA Stereoscopic 3D Driver
NVIDIA Systemsteuerung 306.97
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenAL
OpenVPN 2.2.1
Opera 11.62
Oracle VM VirtualBox 4.1.8
Phase 5 HTML-Editor
Pidgin
pidgin-otr 3.2.0-1
Portal
Portal 2
PuTTY 0.60 x64
PVSonyDll
Python 2.6 pygtk-2.22.0
QuickTime
R for Windows 2.11.1
RESIDENT EVIL 5
Return to Castle Wolfenstein
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
SIP Communicator
Skype™ 5.10
Solar 2
Source SDK
Source SDK Base 2007
SpeedFan (remove only)
Texmaker
The Basement Collection
The Binding of Isaac
Tinn-R 2.3.5.2
UFRaw 0.18
Unity Web Player (All users)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053
VLC media player 2.0.1
Winamp
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Mobile Device Center Driver Update
WinMerge 2.12.4
.
==== End Of File ===========================
Code:
ATTFilter 14:35:51.0278 4996 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:35:51.0520 4996 ============================================================
14:35:51.0520 4996 Current date / time: 2013/01/19 14:35:51.0520
14:35:51.0520 4996 SystemInfo:
14:35:51.0520 4996
14:35:51.0521 4996 OS Version: 6.1.7601 ServicePack: 1.0
14:35:51.0521 4996 Product type: Workstation
14:35:51.0521 4996 ComputerName: NR1
14:35:51.0521 4996 UserName: Steffen
14:35:51.0521 4996 Windows directory: C:\Windows
14:35:51.0521 4996 System windows directory: C:\Windows
14:35:51.0521 4996 Running under WOW64
14:35:51.0521 4996 Processor architecture: Intel x64
14:35:51.0521 4996 Number of processors: 4
14:35:51.0521 4996 Page size: 0x1000
14:35:51.0521 4996 Boot type: Normal boot
14:35:51.0521 4996 ============================================================
14:35:52.0438 4996 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:35:52.0449 4996 Drive \Device\Harddisk1\DR1 - Size: 0x950AC4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x14300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:35:52.0449 4996 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C0D0DE00 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B600, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:35:52.0452 4996 ============================================================
14:35:52.0452 4996 \Device\Harddisk0\DR0:
14:35:52.0453 4996 MBR partitions:
14:35:52.0453 4996 \Device\Harddisk1\DR1:
14:35:52.0453 4996 MBR partitions:
14:35:52.0453 4996 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:35:52.0453 4996 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC575800
14:35:52.0464 4996 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xC5A9000, BlocksNum 0x3E2AD270
14:35:52.0464 4996 \Device\Harddisk2\DR2:
14:35:52.0465 4996 MBR partitions:
14:35:52.0465 4996 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06070
14:35:52.0465 4996 ============================================================
14:35:52.0490 4996 C: <-> \Device\Harddisk1\DR1\Partition2
14:35:52.0517 4996 E: <-> \Device\Harddisk1\DR1\Partition3
14:35:52.0991 4996 G: <-> \Device\Harddisk2\DR2\Partition1
14:35:52.0991 4996 ============================================================
14:35:52.0992 4996 Initialize success
14:35:52.0992 4996 ============================================================
14:36:09.0153 1788 ============================================================
14:36:09.0153 1788 Scan started
14:36:09.0153 1788 Mode: Manual; TDLFS;
14:36:09.0153 1788 ============================================================
14:36:10.0702 1788 ================ Scan system memory ========================
14:36:10.0702 1788 System memory - ok
14:36:10.0703 1788 ================ Scan services =============================
14:36:10.0843 1788 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:36:10.0845 1788 1394ohci - ok
14:36:10.0868 1788 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:36:10.0871 1788 ACPI - ok
14:36:10.0882 1788 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:36:10.0882 1788 AcpiPmi - ok
14:36:10.0934 1788 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:36:10.0935 1788 Adobe LM Service - ok
14:36:11.0011 1788 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:36:11.0012 1788 AdobeARMservice - ok
14:36:11.0090 1788 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:36:11.0094 1788 AdobeFlashPlayerUpdateSvc - ok
14:36:11.0135 1788 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:36:11.0152 1788 adp94xx - ok
14:36:11.0182 1788 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:36:11.0188 1788 adpahci - ok
14:36:11.0209 1788 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:36:11.0212 1788 adpu320 - ok
14:36:11.0243 1788 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:36:11.0245 1788 AeLookupSvc - ok
14:36:11.0290 1788 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:36:11.0306 1788 AFD - ok
14:36:11.0333 1788 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:36:11.0334 1788 agp440 - ok
14:36:11.0350 1788 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:36:11.0351 1788 ALG - ok
14:36:11.0364 1788 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:36:11.0364 1788 aliide - ok
14:36:11.0419 1788 ALSysIO - ok
14:36:11.0447 1788 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:36:11.0448 1788 AMD External Events Utility - ok
14:36:11.0452 1788 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:36:11.0453 1788 amdide - ok
14:36:11.0468 1788 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:36:11.0468 1788 AmdK8 - ok
14:36:11.0484 1788 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:36:11.0485 1788 AmdPPM - ok
14:36:11.0507 1788 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:36:11.0507 1788 amdsata - ok
14:36:11.0531 1788 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:36:11.0532 1788 amdsbs - ok
14:36:11.0546 1788 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:36:11.0546 1788 amdxata - ok
14:36:11.0665 1788 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:36:11.0666 1788 AntiVirSchedulerService - ok
14:36:11.0684 1788 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:36:11.0685 1788 AntiVirService - ok
14:36:11.0716 1788 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:36:11.0716 1788 AppID - ok
14:36:11.0737 1788 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:36:11.0738 1788 AppIDSvc - ok
14:36:11.0765 1788 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:36:11.0765 1788 Appinfo - ok
14:36:11.0783 1788 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:36:11.0784 1788 AppMgmt - ok
14:36:11.0791 1788 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:36:11.0792 1788 arc - ok
14:36:11.0804 1788 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:36:11.0804 1788 arcsas - ok
14:36:11.0898 1788 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:36:11.0900 1788 aspnet_state - ok
14:36:11.0923 1788 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:36:11.0924 1788 AsyncMac - ok
14:36:11.0942 1788 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:36:11.0943 1788 atapi - ok
14:36:12.0053 1788 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:36:12.0141 1788 atikmdag - ok
14:36:12.0176 1788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:36:12.0182 1788 AudioEndpointBuilder - ok
14:36:12.0199 1788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:36:12.0202 1788 AudioSrv - ok
14:36:12.0218 1788 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:36:12.0219 1788 avgntflt - ok
14:36:12.0247 1788 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:36:12.0247 1788 avipbb - ok
14:36:12.0255 1788 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:36:12.0255 1788 avkmgr - ok
14:36:12.0295 1788 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:36:12.0295 1788 AxInstSV - ok
14:36:12.0325 1788 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:36:12.0329 1788 b06bdrv - ok
14:36:12.0348 1788 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:36:12.0439 1788 b57nd60a - ok
14:36:12.0467 1788 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:36:12.0470 1788 BDESVC - ok
14:36:12.0542 1788 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:36:12.0543 1788 Beep - ok
14:36:12.0632 1788 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:36:12.0634 1788 blbdrive - ok
14:36:12.0678 1788 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:36:12.0680 1788 bowser - ok
14:36:12.0692 1788 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:36:12.0693 1788 BrFiltLo - ok
14:36:12.0711 1788 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:36:12.0711 1788 BrFiltUp - ok
14:36:12.0739 1788 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:36:12.0740 1788 Browser - ok
14:36:12.0753 1788 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:36:12.0754 1788 Brserid - ok
14:36:12.0770 1788 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:36:12.0770 1788 BrSerWdm - ok
14:36:12.0774 1788 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:36:12.0774 1788 BrUsbMdm - ok
14:36:12.0778 1788 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:36:12.0779 1788 BrUsbSer - ok
14:36:12.0807 1788 [ 07DCB3C254D584E3949FE2C0EE3963F2 ] BthAudioHF C:\Windows\system32\DRIVERS\BthAudioHF.sys
14:36:12.0807 1788 BthAudioHF - ok
14:36:12.0818 1788 [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
14:36:12.0819 1788 BthAvrcp - ok
14:36:12.0856 1788 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:36:12.0857 1788 BthEnum - ok
14:36:12.0863 1788 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:36:12.0864 1788 BTHMODEM - ok
14:36:12.0885 1788 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:36:12.0886 1788 BthPan - ok
14:36:12.0920 1788 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:36:12.0926 1788 BTHPORT - ok
14:36:12.0955 1788 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:36:12.0956 1788 bthserv - ok
14:36:12.0977 1788 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:36:12.0978 1788 BTHUSB - ok
14:36:12.0999 1788 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:36:12.0999 1788 cdfs - ok
14:36:13.0029 1788 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:36:13.0030 1788 cdrom - ok
14:36:13.0063 1788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:36:13.0065 1788 CertPropSvc - ok
14:36:13.0087 1788 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:36:13.0089 1788 circlass - ok
14:36:13.0116 1788 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:36:13.0133 1788 CLFS - ok
14:36:13.0179 1788 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:36:13.0180 1788 clr_optimization_v2.0.50727_32 - ok
14:36:13.0205 1788 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:36:13.0206 1788 clr_optimization_v2.0.50727_64 - ok
14:36:13.0262 1788 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:36:13.0263 1788 clr_optimization_v4.0.30319_32 - ok
14:36:13.0271 1788 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:36:13.0272 1788 clr_optimization_v4.0.30319_64 - ok
14:36:13.0281 1788 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:36:13.0281 1788 CmBatt - ok
14:36:13.0299 1788 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:36:13.0299 1788 cmdide - ok
14:36:13.0327 1788 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:36:13.0332 1788 CNG - ok
14:36:13.0343 1788 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:36:13.0344 1788 Compbatt - ok
14:36:13.0354 1788 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:36:13.0354 1788 CompositeBus - ok
14:36:13.0359 1788 COMSysApp - ok
14:36:13.0363 1788 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:36:13.0364 1788 crcdisk - ok
14:36:13.0404 1788 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:36:13.0405 1788 CryptSvc - ok
14:36:13.0440 1788 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:36:13.0445 1788 CSC - ok
14:36:13.0485 1788 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:36:13.0507 1788 CscService - ok
14:36:13.0533 1788 [ DF07C6D98BA7F81D0571E366B1CD6672 ] csr_a2dp C:\Windows\system32\drivers\bthav.sys
14:36:13.0535 1788 csr_a2dp - ok
14:36:13.0568 1788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:36:13.0585 1788 DcomLaunch - ok
14:36:13.0617 1788 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:36:13.0633 1788 defragsvc - ok
14:36:13.0669 1788 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:36:13.0671 1788 DfsC - ok
14:36:13.0691 1788 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:36:13.0698 1788 Dhcp - ok
14:36:13.0768 1788 [ 4F26BB00747D41E7C0FE8EBB2900F862 ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
14:36:13.0772 1788 DirMngr - ok
14:36:13.0794 1788 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:36:13.0795 1788 discache - ok
14:36:13.0819 1788 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:36:13.0821 1788 Disk - ok
14:36:13.0855 1788 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:36:13.0857 1788 Dnscache - ok
14:36:13.0884 1788 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:36:13.0886 1788 dot3svc - ok
14:36:13.0913 1788 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:36:13.0914 1788 DPS - ok
14:36:13.0943 1788 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:36:13.0943 1788 drmkaud - ok
14:36:13.0974 1788 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:36:13.0978 1788 DXGKrnl - ok
14:36:13.0993 1788 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:36:13.0993 1788 EapHost - ok
14:36:14.0045 1788 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:36:14.0096 1788 ebdrv - ok
14:36:14.0118 1788 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:36:14.0119 1788 EFS - ok
14:36:14.0154 1788 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:36:14.0171 1788 ehRecvr - ok
14:36:14.0192 1788 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:36:14.0193 1788 ehSched - ok
14:36:14.0209 1788 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:36:14.0213 1788 elxstor - ok
14:36:14.0220 1788 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:36:14.0220 1788 ErrDev - ok
14:36:14.0239 1788 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:36:14.0242 1788 EventSystem - ok
14:36:14.0255 1788 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:36:14.0256 1788 exfat - ok
14:36:14.0272 1788 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:36:14.0273 1788 fastfat - ok
14:36:14.0303 1788 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:36:14.0317 1788 Fax - ok
14:36:14.0347 1788 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:36:14.0348 1788 fdc - ok
14:36:14.0370 1788 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:36:14.0372 1788 fdPHost - ok
14:36:14.0392 1788 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:36:14.0394 1788 FDResPub - ok
14:36:14.0422 1788 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:36:14.0424 1788 FileInfo - ok
14:36:14.0434 1788 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:36:14.0435 1788 Filetrace - ok
14:36:14.0455 1788 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:36:14.0456 1788 flpydisk - ok
14:36:14.0477 1788 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:36:14.0479 1788 FltMgr - ok
14:36:14.0517 1788 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:36:14.0533 1788 FontCache - ok
14:36:14.0579 1788 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:36:14.0579 1788 FontCache3.0.0.0 - ok
14:36:14.0591 1788 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:36:14.0591 1788 FsDepends - ok
14:36:14.0612 1788 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:36:14.0612 1788 Fs_Rec - ok
14:36:14.0632 1788 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:36:14.0633 1788 fvevol - ok
14:36:14.0648 1788 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:36:14.0649 1788 gagp30kx - ok
14:36:14.0681 1788 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:36:14.0697 1788 gpsvc - ok
14:36:14.0740 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:14.0740 1788 gupdate - ok
14:36:14.0764 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:14.0766 1788 gupdatem - ok
14:36:14.0780 1788 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:36:14.0781 1788 hcw85cir - ok
14:36:14.0818 1788 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:36:14.0825 1788 HdAudAddService - ok
14:36:14.0858 1788 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:36:14.0860 1788 HDAudBus - ok
14:36:14.0908 1788 [ EE8C05F926521A0E24EDAF40F45D01E6 ] HFGService C:\Windows\System32\HFGService.dll
14:36:14.0917 1788 HFGService - ok
14:36:14.0931 1788 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:36:14.0932 1788 HidBatt - ok
14:36:14.0946 1788 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:36:14.0947 1788 HidBth - ok
14:36:14.0957 1788 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:36:14.0958 1788 HidIr - ok
14:36:14.0973 1788 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:36:14.0973 1788 hidserv - ok
14:36:14.0983 1788 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:36:14.0984 1788 HidUsb - ok
14:36:15.0007 1788 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:36:15.0008 1788 hkmsvc - ok
14:36:15.0033 1788 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:36:15.0036 1788 HomeGroupListener - ok
14:36:15.0060 1788 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:36:15.0062 1788 HomeGroupProvider - ok
14:36:15.0079 1788 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:36:15.0080 1788 HpSAMD - ok
14:36:15.0230 1788 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Users\Steffen\AppData\Local\Temp\7zS5696\hpslpsvc64.dll
14:36:15.0255 1788 HPSLPSVC - ok
14:36:15.0306 1788 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:36:15.0323 1788 HTTP - ok
14:36:15.0347 1788 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:36:15.0347 1788 hwpolicy - ok
14:36:15.0364 1788 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:36:15.0365 1788 i8042prt - ok
14:36:15.0390 1788 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:36:15.0394 1788 iaStorV - ok
14:36:15.0439 1788 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:36:15.0456 1788 idsvc - ok
14:36:15.0472 1788 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:36:15.0472 1788 iirsp - ok
14:36:15.0508 1788 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:36:15.0525 1788 IKEEXT - ok
14:36:15.0540 1788 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:36:15.0540 1788 intelide - ok
14:36:15.0561 1788 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:36:15.0562 1788 intelppm - ok
14:36:15.0585 1788 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:36:15.0586 1788 IPBusEnum - ok
14:36:15.0608 1788 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:36:15.0609 1788 IpFilterDriver - ok
14:36:15.0630 1788 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:36:15.0632 1788 IPMIDRV - ok
14:36:15.0646 1788 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:36:15.0648 1788 IPNAT - ok
14:36:15.0674 1788 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:36:15.0674 1788 IRENUM - ok
14:36:15.0691 1788 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:36:15.0692 1788 isapnp - ok
14:36:15.0716 1788 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:36:15.0721 1788 iScsiPrt - ok
14:36:15.0741 1788 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:36:15.0743 1788 kbdclass - ok
14:36:15.0762 1788 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:36:15.0762 1788 kbdhid - ok
14:36:15.0769 1788 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:36:15.0770 1788 KeyIso - ok
14:36:15.0794 1788 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:36:15.0795 1788 KSecDD - ok
14:36:15.0826 1788 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:36:15.0827 1788 KSecPkg - ok
14:36:15.0838 1788 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:36:15.0839 1788 ksthunk - ok
14:36:15.0867 1788 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:36:15.0871 1788 KtmRm - ok
14:36:15.0901 1788 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:36:15.0903 1788 LanmanServer - ok
14:36:15.0932 1788 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:36:15.0934 1788 LanmanWorkstation - ok
14:36:15.0951 1788 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:36:15.0951 1788 lltdio - ok
14:36:15.0967 1788 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:36:15.0970 1788 lltdsvc - ok
14:36:15.0977 1788 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:36:15.0978 1788 lmhosts - ok
14:36:15.0991 1788 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:36:15.0992 1788 LSI_FC - ok
14:36:16.0003 1788 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:36:16.0003 1788 LSI_SAS - ok
14:36:16.0016 1788 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:36:16.0017 1788 LSI_SAS2 - ok
14:36:16.0040 1788 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:36:16.0041 1788 LSI_SCSI - ok
14:36:16.0059 1788 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:36:16.0059 1788 luafv - ok
14:36:16.0093 1788 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:16.0093 1788 LVPr2M64 - ok
14:36:16.0099 1788 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:16.0099 1788 LVPr2Mon - ok
14:36:16.0120 1788 [ EF586B959F747E74C76603FF16AE417B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
14:36:16.0122 1788 LVRS64 - ok
14:36:16.0204 1788 [ EDF73BFA1BD24D74D1D64DC0ED28A7CD ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
14:36:16.0264 1788 LVUVC64 - ok
14:36:16.0304 1788 [ 035C83CD72E06C47000793D32B1A642D ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:36:16.0305 1788 massfilter - ok
14:36:16.0330 1788 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:36:16.0333 1788 Mcx2Svc - ok
14:36:16.0365 1788 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:36:16.0367 1788 megasas - ok
14:36:16.0405 1788 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:36:16.0410 1788 MegaSR - ok
14:36:16.0429 1788 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:36:16.0432 1788 MMCSS - ok
14:36:16.0440 1788 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:36:16.0440 1788 Modem - ok
14:36:16.0445 1788 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:36:16.0446 1788 monitor - ok
14:36:16.0465 1788 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:36:16.0465 1788 mouclass - ok
14:36:16.0489 1788 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:36:16.0490 1788 mouhid - ok
14:36:16.0510 1788 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:36:16.0510 1788 mountmgr - ok
14:36:16.0558 1788 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:36:16.0560 1788 MozillaMaintenance - ok
14:36:16.0583 1788 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:36:16.0584 1788 mpio - ok
14:36:16.0600 1788 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:36:16.0600 1788 mpsdrv - ok
14:36:16.0632 1788 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:36:16.0633 1788 MRxDAV - ok
14:36:16.0657 1788 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:36:16.0658 1788 mrxsmb - ok
14:36:16.0687 1788 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:36:16.0689 1788 mrxsmb10 - ok
14:36:16.0700 1788 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:36:16.0701 1788 mrxsmb20 - ok
14:36:16.0716 1788 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:36:16.0716 1788 msahci - ok
14:36:16.0736 1788 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:36:16.0737 1788 msdsm - ok
14:36:16.0751 1788 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:36:16.0753 1788 MSDTC - ok
14:36:16.0778 1788 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:36:16.0779 1788 Msfs - ok
14:36:16.0786 1788 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:36:16.0786 1788 mshidkmdf - ok
14:36:16.0792 1788 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:36:16.0793 1788 msisadrv - ok
14:36:16.0825 1788 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:36:16.0826 1788 MSiSCSI - ok
14:36:16.0831 1788 msiserver - ok
14:36:16.0857 1788 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:36:16.0858 1788 MSKSSRV - ok
14:36:16.0872 1788 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:36:16.0873 1788 MSPCLOCK - ok
14:36:16.0884 1788 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:36:16.0884 1788 MSPQM - ok
14:36:16.0923 1788 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:36:16.0939 1788 MsRPC - ok
14:36:16.0957 1788 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:36:16.0958 1788 mssmbios - ok
14:36:16.0966 1788 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:36:16.0967 1788 MSTEE - ok
14:36:16.0977 1788 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:36:16.0978 1788 MTConfig - ok
14:36:17.0014 1788 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:36:17.0014 1788 MTsensor - ok
14:36:17.0031 1788 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:36:17.0032 1788 Mup - ok
14:36:17.0064 1788 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:36:17.0069 1788 napagent - ok
14:36:17.0094 1788 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:36:17.0097 1788 NativeWifiP - ok
14:36:17.0163 1788 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:36:17.0166 1788 NAUpdate - ok
14:36:17.0207 1788 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:36:17.0222 1788 NDIS - ok
14:36:17.0233 1788 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:36:17.0234 1788 NdisCap - ok
14:36:17.0245 1788 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:36:17.0245 1788 NdisTapi - ok
14:36:17.0276 1788 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:36:17.0276 1788 Ndisuio - ok
14:36:17.0303 1788 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:36:17.0306 1788 NdisWan - ok
14:36:17.0333 1788 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:36:17.0334 1788 NDProxy - ok
14:36:17.0351 1788 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:36:17.0352 1788 NetBIOS - ok
14:36:17.0390 1788 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:36:17.0392 1788 NetBT - ok
14:36:17.0402 1788 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:36:17.0403 1788 Netlogon - ok
14:36:17.0428 1788 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:36:17.0431 1788 Netman - ok
14:36:17.0466 1788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0468 1788 NetMsmqActivator - ok
14:36:17.0472 1788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0473 1788 NetPipeActivator - ok
14:36:17.0493 1788 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:36:17.0497 1788 netprofm - ok
14:36:17.0501 1788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0503 1788 NetTcpActivator - ok
14:36:17.0506 1788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0507 1788 NetTcpPortSharing - ok
14:36:17.0524 1788 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:36:17.0524 1788 nfrd960 - ok
14:36:17.0555 1788 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:36:17.0558 1788 NlaSvc - ok
14:36:17.0570 1788 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:36:17.0571 1788 Npfs - ok
14:36:17.0581 1788 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:36:17.0582 1788 nsi - ok
14:36:17.0586 1788 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:36:17.0587 1788 nsiproxy - ok
14:36:17.0632 1788 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:36:17.0657 1788 Ntfs - ok
14:36:17.0721 1788 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:36:17.0721 1788 Null - ok
14:36:17.0773 1788 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
14:36:17.0794 1788 NVENETFD - ok
14:36:17.0862 1788 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:36:17.0865 1788 NVHDA - ok
14:36:18.0087 1788 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:36:18.0143 1788 nvlddmkm - ok
14:36:18.0171 1788 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:36:18.0172 1788 nvraid - ok
14:36:18.0189 1788 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:36:18.0190 1788 nvstor - ok
14:36:18.0243 1788 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
14:36:18.0254 1788 NVSvc - ok
14:36:18.0355 1788 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:36:18.0383 1788 nvUpdatusService - ok
14:36:18.0441 1788 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:36:18.0444 1788 nv_agp - ok
14:36:18.0477 1788 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:36:18.0479 1788 ohci1394 - ok
14:36:18.0535 1788 [ D29D5E61A5722630BB58940D1E4E231A ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
14:36:18.0537 1788 OpenVPNService - ok
14:36:18.0622 1788 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:36:18.0626 1788 ose - ok
14:36:18.0788 1788 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:36:18.0861 1788 osppsvc - ok
14:36:18.0884 1788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:36:18.0887 1788 p2pimsvc - ok
14:36:18.0912 1788 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:36:18.0915 1788 p2psvc - ok
14:36:18.0937 1788 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:36:18.0937 1788 Parport - ok
14:36:18.0959 1788 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:36:18.0960 1788 partmgr - ok
14:36:18.0970 1788 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:36:18.0972 1788 PcaSvc - ok
14:36:18.0986 1788 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:36:18.0987 1788 pci - ok
14:36:19.0003 1788 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:36:19.0004 1788 pciide - ok
14:36:19.0017 1788 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:36:19.0018 1788 pcmcia - ok
14:36:19.0028 1788 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:36:19.0029 1788 pcw - ok
14:36:19.0042 1788 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:36:19.0047 1788 PEAUTH - ok
14:36:19.0084 1788 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:36:19.0110 1788 PeerDistSvc - ok
14:36:19.0168 1788 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:36:19.0171 1788 PerfHost - ok
14:36:19.0246 1788 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:36:19.0269 1788 pla - ok
14:36:19.0308 1788 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:36:19.0313 1788 PlugPlay - ok
14:36:19.0324 1788 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:36:19.0325 1788 PNRPAutoReg - ok
14:36:19.0343 1788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:36:19.0345 1788 PNRPsvc - ok
14:36:19.0360 1788 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:36:19.0367 1788 PolicyAgent - ok
14:36:19.0385 1788 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:36:19.0388 1788 Power - ok
14:36:19.0427 1788 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:36:19.0428 1788 PptpMiniport - ok
14:36:19.0450 1788 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:36:19.0451 1788 Processor - ok
14:36:19.0475 1788 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:36:19.0477 1788 ProfSvc - ok
14:36:19.0486 1788 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:36:19.0487 1788 ProtectedStorage - ok
14:36:19.0512 1788 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:36:19.0513 1788 Psched - ok
14:36:19.0549 1788 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:36:19.0574 1788 ql2300 - ok
14:36:19.0592 1788 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:36:19.0593 1788 ql40xx - ok
14:36:19.0607 1788 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:36:19.0610 1788 QWAVE - ok
14:36:19.0620 1788 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:36:19.0621 1788 QWAVEdrv - ok
14:36:19.0656 1788 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
14:36:19.0658 1788 RapiMgr - ok
14:36:19.0666 1788 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:36:19.0666 1788 RasAcd - ok
14:36:19.0681 1788 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:36:19.0681 1788 RasAgileVpn - ok
14:36:19.0690 1788 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:36:19.0691 1788 RasAuto - ok
14:36:19.0709 1788 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:36:19.0710 1788 Rasl2tp - ok
14:36:19.0744 1788 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:36:19.0747 1788 RasMan - ok
14:36:19.0759 1788 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:36:19.0759 1788 RasPppoe - ok
14:36:19.0767 1788 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:36:19.0767 1788 RasSstp - ok
14:36:19.0795 1788 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:36:19.0797 1788 rdbss - ok
14:36:19.0809 1788 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:36:19.0809 1788 rdpbus - ok
14:36:19.0820 1788 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:36:19.0821 1788 RDPCDD - ok
14:36:19.0853 1788 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:36:19.0854 1788 RDPDR - ok
14:36:19.0863 1788 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:36:19.0863 1788 RDPENCDD - ok
14:36:19.0868 1788 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:36:19.0868 1788 RDPREFMP - ok
14:36:19.0883 1788 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:36:19.0884 1788 RDPWD - ok
14:36:19.0908 1788 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:36:19.0909 1788 rdyboost - ok
14:36:19.0930 1788 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:36:19.0931 1788 RemoteAccess - ok
14:36:19.0943 1788 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:36:19.0944 1788 RemoteRegistry - ok
14:36:19.0971 1788 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:36:19.0972 1788 RFCOMM - ok
14:36:19.0981 1788 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:36:19.0982 1788 RpcEptMapper - ok
14:36:19.0995 1788 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:36:19.0996 1788 RpcLocator - ok
14:36:20.0023 1788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:36:20.0026 1788 RpcSs - ok
14:36:20.0035 1788 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:36:20.0036 1788 rspndr - ok
14:36:20.0067 1788 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:36:20.0068 1788 RTL8167 - ok
14:36:20.0101 1788 [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187 C:\Windows\system32\DRIVERS\rtl8187.sys
14:36:20.0104 1788 RTL8187 - ok
14:36:20.0118 1788 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:36:20.0118 1788 s3cap - ok
14:36:20.0127 1788 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:36:20.0128 1788 SamSs - ok
14:36:20.0139 1788 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:36:20.0139 1788 sbp2port - ok
14:36:20.0156 1788 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:36:20.0158 1788 SCardSvr - ok
14:36:20.0180 1788 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:36:20.0180 1788 scfilter - ok
14:36:20.0221 1788 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:36:20.0236 1788 Schedule - ok
14:36:20.0263 1788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:36:20.0263 1788 SCPolicySvc - ok
14:36:20.0294 1788 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:36:20.0299 1788 SDRSVC - ok
14:36:20.0322 1788 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:36:20.0324 1788 secdrv - ok
14:36:20.0354 1788 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:36:20.0358 1788 seclogon - ok
14:36:20.0384 1788 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:36:20.0388 1788 SENS - ok
14:36:20.0408 1788 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:36:20.0411 1788 SensrSvc - ok
14:36:20.0433 1788 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:36:20.0434 1788 Serenum - ok
14:36:20.0456 1788 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:36:20.0458 1788 Serial - ok
14:36:20.0482 1788 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:36:20.0483 1788 sermouse - ok
14:36:20.0538 1788 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:36:20.0542 1788 SessionEnv - ok
14:36:20.0571 1788 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:36:20.0572 1788 sffdisk - ok
14:36:20.0589 1788 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:36:20.0590 1788 sffp_mmc - ok
14:36:20.0607 1788 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:36:20.0608 1788 sffp_sd - ok
14:36:20.0626 1788 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:36:20.0627 1788 sfloppy - ok
14:36:20.0663 1788 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:36:20.0667 1788 ShellHWDetection - ok
14:36:20.0693 1788 [ 0F498DEE92FD73DD999BAE4D506367F5 ] SI3132 C:\Windows\system32\DRIVERS\SI3132.sys
14:36:20.0694 1788 SI3132 - ok
14:36:20.0698 1788 [ 127CE10E01F53F2EDACA7FE42E5631EA ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
14:36:20.0698 1788 SiFilter - ok
14:36:20.0706 1788 [ B742C37002B8EBEF6E230DF9B4B28546 ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
14:36:20.0706 1788 SiRemFil - ok
14:36:20.0718 1788 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:36:20.0718 1788 SiSRaid2 - ok
14:36:20.0723 1788 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:36:20.0723 1788 SiSRaid4 - ok
14:36:20.0777 1788 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:36:20.0778 1788 SkypeUpdate - ok
14:36:20.0796 1788 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:36:20.0797 1788 Smb - ok
14:36:20.0826 1788 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:36:20.0827 1788 SNMPTRAP - ok
14:36:20.0869 1788 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
14:36:20.0870 1788 speedfan - ok
14:36:20.0887 1788 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:36:20.0888 1788 spldr - ok
14:36:20.0922 1788 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:36:20.0926 1788 Spooler - ok
14:36:21.0030 1788 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:36:21.0093 1788 sppsvc - ok
14:36:21.0111 1788 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:36:21.0113 1788 sppuinotify - ok
14:36:21.0141 1788 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\System32\Drivers\sptd.sys
14:36:21.0158 1788 sptd - ok
14:36:21.0193 1788 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:36:21.0197 1788 srv - ok
14:36:21.0215 1788 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:36:21.0218 1788 srv2 - ok
14:36:21.0231 1788 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:36:21.0232 1788 srvnet - ok
14:36:21.0252 1788 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:36:21.0254 1788 SSDPSRV - ok
14:36:21.0268 1788 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:36:21.0270 1788 SstpSvc - ok
14:36:21.0300 1788 Steam Client Service - ok
14:36:21.0370 1788 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:36:21.0376 1788 Stereo Service - ok
14:36:21.0400 1788 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:36:21.0401 1788 stexstor - ok
14:36:21.0451 1788 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:36:21.0468 1788 stisvc - ok
14:36:21.0484 1788 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:36:21.0484 1788 storflt - ok
14:36:21.0505 1788 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:36:21.0506 1788 StorSvc - ok
14:36:21.0520 1788 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:36:21.0521 1788 storvsc - ok
14:36:21.0538 1788 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:36:21.0538 1788 swenum - ok
14:36:21.0555 1788 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:36:21.0571 1788 swprv - ok
14:36:21.0625 1788 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:36:21.0656 1788 SysMain - ok
14:36:21.0682 1788 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:36:21.0684 1788 TabletInputService - ok
14:36:21.0710 1788 [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
14:36:21.0710 1788 tap0901 - ok
14:36:21.0736 1788 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:36:21.0739 1788 TapiSrv - ok
14:36:21.0753 1788 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:36:21.0755 1788 TBS - ok
14:36:21.0814 1788 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:36:21.0857 1788 Tcpip - ok
14:36:21.0898 1788 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:36:21.0910 1788 TCPIP6 - ok
14:36:21.0935 1788 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:36:21.0936 1788 tcpipreg - ok
14:36:21.0954 1788 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:36:21.0954 1788 TDPIPE - ok
14:36:21.0978 1788 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:36:21.0978 1788 TDTCP - ok
14:36:22.0003 1788 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:36:22.0004 1788 tdx - ok
14:36:22.0014 1788 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:36:22.0015 1788 TermDD - ok
14:36:22.0040 1788 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:36:22.0057 1788 TermService - ok
14:36:22.0066 1788 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:36:22.0068 1788 Themes - ok
14:36:22.0078 1788 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:36:22.0079 1788 THREADORDER - ok
14:36:22.0089 1788 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:36:22.0091 1788 TrkWks - ok
14:36:22.0127 1788 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:36:22.0128 1788 TrustedInstaller - ok
14:36:22.0147 1788 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:36:22.0148 1788 tssecsrv - ok
14:36:22.0171 1788 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:36:22.0171 1788 TsUsbFlt - ok
14:36:22.0204 1788 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:36:22.0204 1788 tunnel - ok
14:36:22.0217 1788 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:36:22.0217 1788 uagp35 - ok
14:36:22.0243 1788 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:36:22.0246 1788 udfs - ok
14:36:22.0299 1788 [ 2E071263A409931F8AFF3A6A656E920C ] UI Assistant Service C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
14:36:22.0300 1788 UI Assistant Service - ok
14:36:22.0312 1788 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:36:22.0313 1788 UI0Detect - ok
14:36:22.0328 1788 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:36:22.0329 1788 uliagpkx - ok
14:36:22.0352 1788 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:36:22.0352 1788 umbus - ok
14:36:22.0360 1788 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:36:22.0360 1788 UmPass - ok
14:36:22.0385 1788 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:36:22.0391 1788 UmRdpService - ok
14:36:22.0460 1788 [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:36:22.0466 1788 UMVPFSrv - ok
14:36:22.0504 1788 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:36:22.0521 1788 upnphost - ok
14:36:22.0544 1788 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:36:22.0547 1788 usbaudio - ok
14:36:22.0588 1788 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:36:22.0590 1788 usbccgp - ok
14:36:22.0620 1788 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:36:22.0622 1788 usbcir - ok
14:36:22.0644 1788 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:36:22.0645 1788 usbehci - ok
14:36:22.0671 1788 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:36:22.0687 1788 usbhub - ok
14:36:22.0707 1788 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:36:22.0708 1788 usbohci - ok
14:36:22.0731 1788 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:36:22.0732 1788 usbprint - ok
14:36:22.0751 1788 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:36:22.0753 1788 USBSTOR - ok
14:36:22.0762 1788 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:36:22.0763 1788 usbuhci - ok
14:36:22.0795 1788 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
14:36:22.0796 1788 usb_rndisx - ok
14:36:22.0806 1788 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:36:22.0807 1788 UxSms - ok
14:36:22.0819 1788 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:36:22.0820 1788 VaultSvc - ok
14:36:22.0854 1788 [ C30F3D43CEB6F79ADE9B805387E5F63C ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:36:22.0855 1788 VBoxDrv - ok
14:36:22.0919 1788 [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:36:22.0921 1788 VBoxNetAdp - ok
14:36:22.0928 1788 [ 7B657669C53A0E6583F07EBAA303D9EA ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:36:22.0929 1788 VBoxNetFlt - ok
14:36:22.0968 1788 [ CF3EE68CD9723E9F21E3198A0F690400 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:36:22.0969 1788 VBoxUSBMon - ok
14:36:22.0978 1788 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:36:22.0978 1788 vdrvroot - ok
14:36:23.0005 1788 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:36:23.0021 1788 vds - ok
14:36:23.0037 1788 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:36:23.0038 1788 vga - ok
14:36:23.0045 1788 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:36:23.0046 1788 VgaSave - ok
14:36:23.0065 1788 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:36:23.0067 1788 vhdmp - ok
14:36:23.0082 1788 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:36:23.0082 1788 viaide - ok
14:36:23.0094 1788 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:36:23.0095 1788 vmbus - ok
14:36:23.0110 1788 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:36:23.0111 1788 VMBusHID - ok
14:36:23.0115 1788 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:36:23.0115 1788 volmgr - ok
14:36:23.0148 1788 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:36:23.0151 1788 volmgrx - ok
14:36:23.0168 1788 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:36:23.0170 1788 volsnap - ok
14:36:23.0204 1788 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:36:23.0205 1788 vsmraid - ok
14:36:23.0263 1788 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:36:23.0301 1788 VSS - ok
14:36:23.0310 1788 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:36:23.0310 1788 vwifibus - ok
14:36:23.0316 1788 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:36:23.0317 1788 vwififlt - ok
14:36:23.0325 1788 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:36:23.0325 1788 vwifimp - ok
14:36:23.0345 1788 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:36:23.0349 1788 W32Time - ok
14:36:23.0362 1788 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:36:23.0363 1788 WacomPen - ok
14:36:23.0386 1788 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:36:23.0387 1788 WANARP - ok
14:36:23.0400 1788 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:36:23.0401 1788 Wanarpv6 - ok
14:36:23.0447 1788 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:36:23.0473 1788 wbengine - ok
14:36:23.0482 1788 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:36:23.0485 1788 WbioSrvc - ok
14:36:23.0514 1788 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
14:36:23.0517 1788 WcesComm - ok
14:36:23.0547 1788 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:36:23.0551 1788 wcncsvc - ok
14:36:23.0563 1788 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:36:23.0564 1788 WcsPlugInService - ok
14:36:23.0573 1788 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:36:23.0574 1788 Wd - ok
14:36:23.0609 1788 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:36:23.0632 1788 Wdf01000 - ok
14:36:23.0652 1788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:36:23.0656 1788 WdiServiceHost - ok
14:36:23.0664 1788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:36:23.0669 1788 WdiSystemHost - ok
14:36:23.0708 1788 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:36:23.0716 1788 WebClient - ok
14:36:23.0736 1788 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:36:23.0745 1788 Wecsvc - ok
14:36:23.0761 1788 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:36:23.0766 1788 wercplsupport - ok
14:36:23.0788 1788 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:36:23.0792 1788 WerSvc - ok
14:36:23.0808 1788 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:36:23.0809 1788 WfpLwf - ok
14:36:23.0824 1788 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:36:23.0825 1788 WIMMount - ok
14:36:23.0831 1788 WinHttpAutoProxySvc - ok
14:36:23.0879 1788 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:36:23.0881 1788 Winmgmt - ok
14:36:23.0933 1788 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:36:23.0968 1788 WinRM - ok
14:36:24.0011 1788 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:36:24.0012 1788 WinUsb - ok
14:36:24.0042 1788 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:36:24.0058 1788 Wlansvc - ok
14:36:24.0192 1788 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:36:24.0243 1788 wlidsvc - ok
14:36:24.0251 1788 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:36:24.0252 1788 WmiAcpi - ok
14:36:24.0277 1788 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:36:24.0278 1788 wmiApSrv - ok
14:36:24.0292 1788 WMPNetworkSvc - ok
14:36:24.0298 1788 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:36:24.0299 1788 WPCSvc - ok
14:36:24.0326 1788 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:36:24.0328 1788 WPDBusEnum - ok
14:36:24.0340 1788 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:36:24.0341 1788 ws2ifsl - ok
14:36:24.0344 1788 WSearch - ok
14:36:24.0379 1788 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:36:24.0380 1788 WudfPf - ok
14:36:24.0388 1788 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:36:24.0389 1788 WUDFRd - ok
14:36:24.0415 1788 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:36:24.0417 1788 wudfsvc - ok
14:36:24.0429 1788 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:36:24.0432 1788 WwanSvc - ok
14:36:24.0474 1788 [ 3762B4C538B9D710F85042849C20319F ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:36:24.0475 1788 ZTEusbmdm6k - ok
14:36:24.0504 1788 [ 3762B4C538B9D710F85042849C20319F ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:36:24.0505 1788 ZTEusbnmea - ok
14:36:24.0536 1788 [ 3762B4C538B9D710F85042849C20319F ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:36:24.0537 1788 ZTEusbser6k - ok
14:36:24.0625 1788 ================ Scan global ===============================
14:36:24.0661 1788 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:36:24.0688 1788 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:24.0696 1788 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:24.0713 1788 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:36:24.0737 1788 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:36:24.0740 1788 [Global] - ok
14:36:24.0740 1788 ================ Scan MBR ==================================
14:36:24.0743 1788 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:36:24.0838 1788 \Device\Harddisk0\DR0 - ok
14:36:24.0850 1788 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:36:25.0062 1788 \Device\Harddisk1\DR1 - ok
14:36:25.0069 1788 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:36:25.0676 1788 \Device\Harddisk2\DR2 - ok
14:36:25.0677 1788 ================ Scan VBR ==================================
14:36:25.0682 1788 [ 038E15ACA723E15A511F829D69359BF4 ] \Device\Harddisk1\DR1\Partition1
14:36:25.0685 1788 \Device\Harddisk1\DR1\Partition1 - ok
14:36:25.0714 1788 [ 05AC193644A2634F0F2367971DA86463 ] \Device\Harddisk1\DR1\Partition2
14:36:25.0716 1788 \Device\Harddisk1\DR1\Partition2 - ok
14:36:25.0725 1788 [ 47000BFDEF05A45EA48B3FC5D8453F97 ] \Device\Harddisk1\DR1\Partition3
14:36:25.0727 1788 \Device\Harddisk1\DR1\Partition3 - ok
14:36:25.0729 1788 [ 62B41225929F02256BDF3763C969E7C2 ] \Device\Harddisk2\DR2\Partition1
14:36:25.0730 1788 \Device\Harddisk2\DR2\Partition1 - ok
14:36:25.0731 1788 ============================================================
14:36:25.0731 1788 Scan finished
14:36:25.0731 1788 ============================================================
14:36:25.0741 3936 Detected object count: 0
14:36:25.0741 3936 Actual detected object count: 0
14:36:47.0006 4472 ============================================================
14:36:47.0006 4472 Scan started
14:36:47.0006 4472 Mode: Manual; TDLFS;
14:36:47.0006 4472 ============================================================
|
|
19.01.2013, 14:58
| #2 |
| | Yet another TR/ATRAPS.Gen2 topicCode:
ATTFilter
14:36:48.0143 4472 ================ Scan system memory ========================
14:36:48.0143 4472 System memory - ok
14:36:48.0144 4472 ================ Scan services =============================
14:36:48.0252 4472 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:36:48.0254 4472 1394ohci - ok
14:36:48.0278 4472 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:36:48.0280 4472 ACPI - ok
14:36:48.0291 4472 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:36:48.0291 4472 AcpiPmi - ok
14:36:48.0327 4472 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:36:48.0328 4472 Adobe LM Service - ok
14:36:48.0362 4472 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:36:48.0362 4472 AdobeARMservice - ok
14:36:48.0439 4472 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:36:48.0441 4472 AdobeFlashPlayerUpdateSvc - ok
14:36:48.0465 4472 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:36:48.0467 4472 adp94xx - ok
14:36:48.0480 4472 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:36:48.0481 4472 adpahci - ok
14:36:48.0492 4472 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:36:48.0492 4472 adpu320 - ok
14:36:48.0510 4472 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:36:48.0510 4472 AeLookupSvc - ok
14:36:48.0545 4472 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:36:48.0547 4472 AFD - ok
14:36:48.0566 4472 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:36:48.0567 4472 agp440 - ok
14:36:48.0576 4472 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:36:48.0577 4472 ALG - ok
14:36:48.0589 4472 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:36:48.0590 4472 aliide - ok
14:36:48.0636 4472 ALSysIO - ok
14:36:48.0656 4472 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:36:48.0657 4472 AMD External Events Utility - ok
14:36:48.0660 4472 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:36:48.0660 4472 amdide - ok
14:36:48.0669 4472 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:36:48.0669 4472 AmdK8 - ok
14:36:48.0677 4472 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:36:48.0677 4472 AmdPPM - ok
14:36:48.0699 4472 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:36:48.0700 4472 amdsata - ok
14:36:48.0715 4472 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:36:48.0716 4472 amdsbs - ok
14:36:48.0730 4472 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:36:48.0730 4472 amdxata - ok
14:36:48.0850 4472 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:36:48.0852 4472 AntiVirSchedulerService - ok
14:36:48.0886 4472 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:36:48.0888 4472 AntiVirService - ok
14:36:48.0934 4472 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:36:48.0935 4472 AppID - ok
14:36:48.0972 4472 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:36:48.0973 4472 AppIDSvc - ok
14:36:49.0000 4472 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:36:49.0001 4472 Appinfo - ok
14:36:49.0044 4472 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:36:49.0047 4472 AppMgmt - ok
14:36:49.0068 4472 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:36:49.0070 4472 arc - ok
14:36:49.0088 4472 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:36:49.0089 4472 arcsas - ok
14:36:49.0148 4472 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:36:49.0149 4472 aspnet_state - ok
14:36:49.0157 4472 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:36:49.0157 4472 AsyncMac - ok
14:36:49.0176 4472 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:36:49.0177 4472 atapi - ok
14:36:49.0279 4472 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:36:49.0307 4472 atikmdag - ok
14:36:49.0343 4472 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:36:49.0346 4472 AudioEndpointBuilder - ok
14:36:49.0360 4472 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:36:49.0363 4472 AudioSrv - ok
14:36:49.0378 4472 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:36:49.0378 4472 avgntflt - ok
14:36:49.0389 4472 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:36:49.0390 4472 avipbb - ok
14:36:49.0398 4472 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:36:49.0398 4472 avkmgr - ok
14:36:49.0421 4472 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:36:49.0421 4472 AxInstSV - ok
14:36:49.0434 4472 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:36:49.0436 4472 b06bdrv - ok
14:36:49.0449 4472 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:36:49.0450 4472 b57nd60a - ok
14:36:49.0467 4472 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:36:49.0468 4472 BDESVC - ok
14:36:49.0476 4472 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:36:49.0476 4472 Beep - ok
14:36:49.0483 4472 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:36:49.0483 4472 blbdrive - ok
14:36:49.0511 4472 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:36:49.0512 4472 bowser - ok
14:36:49.0526 4472 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:36:49.0526 4472 BrFiltLo - ok
14:36:49.0536 4472 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:36:49.0537 4472 BrFiltUp - ok
14:36:49.0556 4472 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:36:49.0557 4472 Browser - ok
14:36:49.0570 4472 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:36:49.0571 4472 Brserid - ok
14:36:49.0587 4472 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:36:49.0588 4472 BrSerWdm - ok
14:36:49.0590 4472 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:36:49.0591 4472 BrUsbMdm - ok
14:36:49.0594 4472 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:36:49.0594 4472 BrUsbSer - ok
14:36:49.0616 4472 [ 07DCB3C254D584E3949FE2C0EE3963F2 ] BthAudioHF C:\Windows\system32\DRIVERS\BthAudioHF.sys
14:36:49.0616 4472 BthAudioHF - ok
14:36:49.0628 4472 [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
14:36:49.0628 4472 BthAvrcp - ok
14:36:49.0649 4472 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:36:49.0649 4472 BthEnum - ok
14:36:49.0655 4472 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:36:49.0656 4472 BTHMODEM - ok
14:36:49.0677 4472 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:36:49.0678 4472 BthPan - ok
14:36:49.0704 4472 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:36:49.0706 4472 BTHPORT - ok
14:36:49.0714 4472 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:36:49.0715 4472 bthserv - ok
14:36:49.0728 4472 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:36:49.0728 4472 BTHUSB - ok
14:36:49.0741 4472 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:36:49.0742 4472 cdfs - ok
14:36:49.0763 4472 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:36:49.0763 4472 cdrom - ok
14:36:49.0788 4472 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:36:49.0788 4472 CertPropSvc - ok
14:36:49.0792 4472 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:36:49.0792 4472 circlass - ok
14:36:49.0806 4472 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:36:49.0807 4472 CLFS - ok
14:36:49.0847 4472 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:36:49.0849 4472 clr_optimization_v2.0.50727_32 - ok
14:36:49.0882 4472 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:36:49.0884 4472 clr_optimization_v2.0.50727_64 - ok
14:36:49.0922 4472 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:36:49.0925 4472 clr_optimization_v4.0.30319_32 - ok
14:36:49.0939 4472 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:36:49.0942 4472 clr_optimization_v4.0.30319_64 - ok
14:36:49.0952 4472 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:36:49.0953 4472 CmBatt - ok
14:36:49.0975 4472 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:36:49.0976 4472 cmdide - ok
14:36:50.0003 4472 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:36:50.0006 4472 CNG - ok
14:36:50.0019 4472 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:36:50.0020 4472 Compbatt - ok
14:36:50.0031 4472 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:36:50.0031 4472 CompositeBus - ok
14:36:50.0035 4472 COMSysApp - ok
14:36:50.0040 4472 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:36:50.0040 4472 crcdisk - ok
14:36:50.0072 4472 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:36:50.0074 4472 CryptSvc - ok
14:36:50.0108 4472 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:36:50.0111 4472 CSC - ok
14:36:50.0145 4472 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:36:50.0150 4472 CscService - ok
14:36:50.0176 4472 [ DF07C6D98BA7F81D0571E366B1CD6672 ] csr_a2dp C:\Windows\system32\drivers\bthav.sys
14:36:50.0177 4472 csr_a2dp - ok
14:36:50.0192 4472 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:36:50.0196 4472 DcomLaunch - ok
14:36:50.0217 4472 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:36:50.0219 4472 defragsvc - ok
14:36:50.0245 4472 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:36:50.0246 4472 DfsC - ok
14:36:50.0258 4472 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:36:50.0260 4472 Dhcp - ok
14:36:50.0312 4472 [ 4F26BB00747D41E7C0FE8EBB2900F862 ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
14:36:50.0316 4472 DirMngr - ok
14:36:50.0355 4472 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:36:50.0356 4472 discache - ok
14:36:50.0388 4472 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:36:50.0389 4472 Disk - ok
14:36:50.0425 4472 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:36:50.0429 4472 Dnscache - ok
14:36:50.0461 4472 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:36:50.0463 4472 dot3svc - ok
14:36:50.0490 4472 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:36:50.0491 4472 DPS - ok
14:36:50.0512 4472 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:36:50.0512 4472 drmkaud - ok
14:36:50.0536 4472 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:36:50.0542 4472 DXGKrnl - ok
14:36:50.0547 4472 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:36:50.0548 4472 EapHost - ok
14:36:50.0610 4472 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:36:50.0629 4472 ebdrv - ok
14:36:50.0653 4472 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:36:50.0654 4472 EFS - ok
14:36:50.0690 4472 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:36:50.0693 4472 ehRecvr - ok
14:36:50.0711 4472 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:36:50.0711 4472 ehSched - ok
14:36:50.0727 4472 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:36:50.0730 4472 elxstor - ok
14:36:50.0739 4472 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:36:50.0739 4472 ErrDev - ok
14:36:50.0758 4472 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:36:50.0760 4472 EventSystem - ok
14:36:50.0773 4472 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:36:50.0774 4472 exfat - ok
14:36:50.0790 4472 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:36:50.0791 4472 fastfat - ok
14:36:50.0822 4472 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:36:50.0825 4472 Fax - ok
14:36:50.0832 4472 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:36:50.0833 4472 fdc - ok
14:36:50.0839 4472 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:36:50.0839 4472 fdPHost - ok
14:36:50.0852 4472 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:36:50.0852 4472 FDResPub - ok
14:36:50.0865 4472 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:36:50.0865 4472 FileInfo - ok
14:36:50.0877 4472 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:36:50.0878 4472 Filetrace - ok
14:36:50.0890 4472 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:36:50.0890 4472 flpydisk - ok
14:36:50.0912 4472 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:36:50.0913 4472 FltMgr - ok
14:36:50.0950 4472 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:36:50.0955 4472 FontCache - ok
14:36:50.0989 4472 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:36:50.0989 4472 FontCache3.0.0.0 - ok
14:36:51.0001 4472 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:36:51.0003 4472 FsDepends - ok
14:36:51.0039 4472 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:36:51.0040 4472 Fs_Rec - ok
14:36:51.0069 4472 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:36:51.0072 4472 fvevol - ok
14:36:51.0092 4472 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:36:51.0094 4472 gagp30kx - ok
14:36:51.0139 4472 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:36:51.0150 4472 gpsvc - ok
14:36:51.0175 4472 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:51.0176 4472 gupdate - ok
14:36:51.0180 4472 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:51.0181 4472 gupdatem - ok
14:36:51.0190 4472 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:36:51.0191 4472 hcw85cir - ok
14:36:51.0209 4472 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:36:51.0211 4472 HdAudAddService - ok
14:36:51.0226 4472 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:36:51.0227 4472 HDAudBus - ok
14:36:51.0256 4472 [ EE8C05F926521A0E24EDAF40F45D01E6 ] HFGService C:\Windows\System32\HFGService.dll
14:36:51.0260 4472 HFGService - ok
14:36:51.0274 4472 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:36:51.0275 4472 HidBatt - ok
14:36:51.0290 4472 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:36:51.0291 4472 HidBth - ok
14:36:51.0301 4472 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:36:51.0302 4472 HidIr - ok
14:36:51.0325 4472 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:36:51.0325 4472 hidserv - ok
14:36:51.0343 4472 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:36:51.0344 4472 HidUsb - ok
14:36:51.0367 4472 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:36:51.0369 4472 hkmsvc - ok
14:36:51.0394 4472 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:36:51.0396 4472 HomeGroupListener - ok
14:36:51.0419 4472 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:36:51.0421 4472 HomeGroupProvider - ok
14:36:51.0430 4472 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:36:51.0431 4472 HpSAMD - ok
14:36:51.0604 4472 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Users\Steffen\AppData\Local\Temp\7zS5696\hpslpsvc64.dll
14:36:51.0608 4472 HPSLPSVC - ok
14:36:51.0709 4472 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:36:51.0712 4472 HTTP - ok
14:36:51.0731 4472 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:36:51.0731 4472 hwpolicy - ok
14:36:51.0745 4472 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:36:51.0746 4472 i8042prt - ok
14:36:51.0766 4472 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:36:51.0767 4472 iaStorV - ok
14:36:51.0797 4472 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:36:51.0801 4472 idsvc - ok
14:36:51.0814 4472 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:36:51.0814 4472 iirsp - ok
14:36:51.0833 4472 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:36:51.0837 4472 IKEEXT - ok
14:36:51.0849 4472 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:36:51.0849 4472 intelide - ok
14:36:51.0862 4472 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:36:51.0862 4472 intelppm - ok
14:36:51.0878 4472 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:36:51.0879 4472 IPBusEnum - ok
14:36:51.0901 4472 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:36:51.0903 4472 IpFilterDriver - ok
14:36:51.0931 4472 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:36:51.0933 4472 IPMIDRV - ok
14:36:51.0947 4472 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:36:51.0949 4472 IPNAT - ok
14:36:51.0966 4472 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:36:51.0967 4472 IRENUM - ok
14:36:51.0984 4472 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:36:51.0985 4472 isapnp - ok
14:36:52.0007 4472 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:36:52.0008 4472 iScsiPrt - ok
14:36:52.0017 4472 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:36:52.0017 4472 kbdclass - ok
14:36:52.0029 4472 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:36:52.0030 4472 kbdhid - ok
14:36:52.0037 4472 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:36:52.0038 4472 KeyIso - ok
14:36:52.0062 4472 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:36:52.0062 4472 KSecDD - ok
14:36:52.0094 4472 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:36:52.0095 4472 KSecPkg - ok
14:36:52.0114 4472 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:36:52.0115 4472 ksthunk - ok
14:36:52.0143 4472 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:36:52.0146 4472 KtmRm - ok
14:36:52.0177 4472 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:36:52.0179 4472 LanmanServer - ok
14:36:52.0208 4472 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:36:52.0210 4472 LanmanWorkstation - ok
14:36:52.0227 4472 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:36:52.0227 4472 lltdio - ok
14:36:52.0251 4472 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:36:52.0254 4472 lltdsvc - ok
14:36:52.0261 4472 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:36:52.0262 4472 lmhosts - ok
14:36:52.0276 4472 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:36:52.0277 4472 LSI_FC - ok
14:36:52.0287 4472 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:36:52.0288 4472 LSI_SAS - ok
14:36:52.0301 4472 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:36:52.0302 4472 LSI_SAS2 - ok
14:36:52.0317 4472 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:36:52.0317 4472 LSI_SCSI - ok
14:36:52.0326 4472 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:36:52.0327 4472 luafv - ok
14:36:52.0352 4472 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:52.0353 4472 LVPr2M64 - ok
14:36:52.0355 4472 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:52.0356 4472 LVPr2Mon - ok
14:36:52.0372 4472 [ EF586B959F747E74C76603FF16AE417B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
14:36:52.0374 4472 LVRS64 - ok
14:36:52.0483 4472 [ EDF73BFA1BD24D74D1D64DC0ED28A7CD ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
14:36:52.0517 4472 LVUVC64 - ok
14:36:52.0547 4472 [ 035C83CD72E06C47000793D32B1A642D ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:36:52.0547 4472 massfilter - ok
14:36:52.0572 4472 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:36:52.0573 4472 Mcx2Svc - ok
14:36:52.0583 4472 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:36:52.0583 4472 megasas - ok
14:36:52.0596 4472 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:36:52.0597 4472 MegaSR - ok
14:36:52.0613 4472 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:36:52.0614 4472 MMCSS - ok
14:36:52.0618 4472 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:36:52.0619 4472 Modem - ok
14:36:52.0623 4472 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:36:52.0624 4472 monitor - ok
14:36:52.0649 4472 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:36:52.0650 4472 mouclass - ok
14:36:52.0657 4472 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:36:52.0657 4472 mouhid - ok
14:36:52.0677 4472 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:36:52.0678 4472 mountmgr - ok
14:36:52.0709 4472 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:36:52.0710 4472 MozillaMaintenance - ok
14:36:52.0734 4472 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:36:52.0735 4472 mpio - ok
14:36:52.0751 4472 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:36:52.0751 4472 mpsdrv - ok
14:36:52.0791 4472 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:36:52.0792 4472 MRxDAV - ok
14:36:52.0817 4472 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:36:52.0820 4472 mrxsmb - ok
14:36:52.0865 4472 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:36:52.0870 4472 mrxsmb10 - ok
14:36:52.0902 4472 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:36:52.0905 4472 mrxsmb20 - ok
14:36:52.0917 4472 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:36:52.0918 4472 msahci - ok
14:36:52.0946 4472 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:36:52.0949 4472 msdsm - ok
14:36:52.0970 4472 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:36:52.0974 4472 MSDTC - ok
14:36:52.0996 4472 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:36:52.0997 4472 Msfs - ok
14:36:53.0012 4472 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:36:53.0012 4472 mshidkmdf - ok
14:36:53.0018 4472 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:36:53.0019 4472 msisadrv - ok
14:36:53.0042 4472 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:36:53.0044 4472 MSiSCSI - ok
14:36:53.0047 4472 msiserver - ok
14:36:53.0057 4472 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:36:53.0058 4472 MSKSSRV - ok
14:36:53.0072 4472 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:36:53.0073 4472 MSPCLOCK - ok
14:36:53.0084 4472 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:36:53.0085 4472 MSPQM - ok
14:36:53.0112 4472 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:36:53.0115 4472 MsRPC - ok
14:36:53.0133 4472 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:36:53.0133 4472 mssmbios - ok
14:36:53.0137 4472 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:36:53.0137 4472 MSTEE - ok
14:36:53.0141 4472 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:36:53.0142 4472 MTConfig - ok
14:36:53.0165 4472 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:36:53.0165 4472 MTsensor - ok
14:36:53.0174 4472 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:36:53.0174 4472 Mup - ok
14:36:53.0206 4472 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:36:53.0210 4472 napagent - ok
14:36:53.0228 4472 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:36:53.0230 4472 NativeWifiP - ok
14:36:53.0289 4472 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:36:53.0292 4472 NAUpdate - ok
14:36:53.0333 4472 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:36:53.0338 4472 NDIS - ok
14:36:53.0351 4472 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:36:53.0351 4472 NdisCap - ok
14:36:53.0362 4472 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:36:53.0363 4472 NdisTapi - ok
14:36:53.0385 4472 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:36:53.0385 4472 Ndisuio - ok
14:36:53.0412 4472 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:36:53.0415 4472 NdisWan - ok
14:36:53.0442 4472 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:36:53.0443 4472 NDProxy - ok
14:36:53.0460 4472 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:36:53.0461 4472 NetBIOS - ok
14:36:53.0501 4472 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:36:53.0505 4472 NetBT - ok
14:36:53.0520 4472 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:36:53.0521 4472 Netlogon - ok
14:36:53.0537 4472 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:36:53.0540 4472 Netman - ok
14:36:53.0558 4472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:53.0560 4472 NetMsmqActivator - ok
14:36:53.0564 4472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:53.0565 4472 NetPipeActivator - ok
14:36:53.0594 4472 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:36:53.0598 4472 netprofm - ok
14:36:53.0602 4472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:53.0603 4472 NetTcpActivator - ok
14:36:53.0607 4472 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:53.0608 4472 NetTcpPortSharing - ok
14:36:53.0616 4472 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:36:53.0617 4472 nfrd960 - ok
14:36:53.0647 4472 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:36:53.0649 4472 NlaSvc - ok
14:36:53.0655 4472 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:36:53.0655 4472 Npfs - ok
14:36:53.0666 4472 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:36:53.0666 4472 nsi - ok
14:36:53.0675 4472 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:36:53.0675 4472 nsiproxy - ok
14:36:53.0723 4472 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:36:53.0730 4472 Ntfs - ok
14:36:53.0738 4472 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:36:53.0738 4472 Null - ok
14:36:53.0762 4472 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
14:36:53.0764 4472 NVENETFD - ok
14:36:53.0786 4472 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:36:53.0787 4472 NVHDA - ok
14:36:53.0985 4472 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:36:54.0043 4472 nvlddmkm - ok
14:36:54.0072 4472 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:36:54.0073 4472 nvraid - ok
14:36:54.0090 4472 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:36:54.0091 4472 nvstor - ok
14:36:54.0119 4472 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
14:36:54.0123 4472 NVSvc - ok
14:36:54.0181 4472 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:36:54.0186 4472 nvUpdatusService - ok
14:36:54.0199 4472 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:36:54.0200 4472 nv_agp - ok
14:36:54.0211 4472 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:36:54.0211 4472 ohci1394 - ok
14:36:54.0253 4472 [ D29D5E61A5722630BB58940D1E4E231A ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
14:36:54.0253 4472 OpenVPNService - ok
14:36:54.0307 4472 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:36:54.0307 4472 ose - ok
14:36:54.0411 4472 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:36:54.0432 4472 osppsvc - ok
14:36:54.0485 4472 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:36:54.0487 4472 p2pimsvc - ok
14:36:54.0513 4472 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:36:54.0515 4472 p2psvc - ok
14:36:54.0529 4472 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:36:54.0530 4472 Parport - ok
14:36:54.0552 4472 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:36:54.0552 4472 partmgr - ok
14:36:54.0563 4472 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:36:54.0564 4472 PcaSvc - ok
14:36:54.0578 4472 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:36:54.0579 4472 pci - ok
14:36:54.0588 4472 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:36:54.0588 4472 pciide - ok
14:36:54.0602 4472 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:36:54.0603 4472 pcmcia - ok
14:36:54.0613 4472 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:36:54.0613 4472 pcw - ok
14:36:54.0627 4472 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:36:54.0630 4472 PEAUTH - ok
14:36:54.0668 4472 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:36:54.0675 4472 PeerDistSvc - ok
14:36:54.0761 4472 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:36:54.0764 4472 PerfHost - ok
14:36:54.0846 4472 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:36:54.0868 4472 pla - ok
14:36:54.0901 4472 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:36:54.0904 4472 PlugPlay - ok
14:36:54.0917 4472 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:36:54.0918 4472 PNRPAutoReg - ok
14:36:54.0935 4472 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:36:54.0938 4472 PNRPsvc - ok
14:36:54.0952 4472 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:36:54.0956 4472 PolicyAgent - ok
14:36:54.0978 4472 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:36:54.0980 4472 Power - ok
14:36:55.0012 4472 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:36:55.0012 4472 PptpMiniport - ok
14:36:55.0026 4472 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:36:55.0027 4472 Processor - ok
14:36:55.0051 4472 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:36:55.0053 4472 ProfSvc - ok
14:36:55.0062 4472 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:36:55.0063 4472 ProtectedStorage - ok
14:36:55.0088 4472 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:36:55.0089 4472 Psched - ok
14:36:55.0125 4472 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:36:55.0134 4472 ql2300 - ok
14:36:55.0151 4472 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:36:55.0152 4472 ql40xx - ok
14:36:55.0167 4472 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:36:55.0169 4472 QWAVE - ok
14:36:55.0179 4472 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:36:55.0180 4472 QWAVEdrv - ok
14:36:55.0199 4472 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
14:36:55.0201 4472 RapiMgr - ok
14:36:55.0208 4472 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:36:55.0209 4472 RasAcd - ok
14:36:55.0232 4472 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:36:55.0233 4472 RasAgileVpn - ok
14:36:55.0241 4472 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:36:55.0243 4472 RasAuto - ok
14:36:55.0268 4472 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:36:55.0269 4472 Rasl2tp - ok
14:36:55.0295 4472 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:36:55.0297 4472 RasMan - ok
14:36:55.0310 4472 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:36:55.0310 4472 RasPppoe - ok
14:36:55.0318 4472 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:36:55.0318 4472 RasSstp - ok
14:36:55.0345 4472 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:36:55.0347 4472 rdbss - ok
14:36:55.0360 4472 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:36:55.0360 4472 rdpbus - ok
14:36:55.0371 4472 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:36:55.0372 4472 RDPCDD - ok
14:36:55.0404 4472 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:36:55.0405 4472 RDPDR - ok
14:36:55.0408 4472 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:36:55.0408 4472 RDPENCDD - ok
14:36:55.0412 4472 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:36:55.0413 4472 RDPREFMP - ok
14:36:55.0434 4472 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:36:55.0435 4472 RDPWD - ok
14:36:55.0459 4472 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:36:55.0460 4472 rdyboost - ok
14:36:55.0481 4472 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:36:55.0482 4472 RemoteAccess - ok
14:36:55.0494 4472 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:36:55.0495 4472 RemoteRegistry - ok
14:36:55.0522 4472 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:36:55.0523 4472 RFCOMM - ok
14:36:55.0532 4472 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:36:55.0533 4472 RpcEptMapper - ok
14:36:55.0546 4472 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:36:55.0547 4472 RpcLocator - ok
14:36:55.0574 4472 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:36:55.0577 4472 RpcSs - ok
14:36:55.0586 4472 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:36:55.0587 4472 rspndr - ok
14:36:55.0610 4472 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:36:55.0610 4472 RTL8167 - ok
14:36:55.0635 4472 [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187 C:\Windows\system32\DRIVERS\rtl8187.sys
14:36:55.0637 4472 RTL8187 - ok
14:36:55.0652 4472 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:36:55.0653 4472 s3cap - ok
14:36:55.0670 4472 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:36:55.0673 4472 SamSs - ok
14:36:55.0690 4472 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:36:55.0693 4472 sbp2port - ok
14:36:55.0709 4472 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:36:55.0715 4472 SCardSvr - ok
14:36:55.0739 4472 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:36:55.0741 4472 scfilter - ok
14:36:55.0781 4472 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:36:55.0789 4472 Schedule - ok
14:36:55.0814 4472 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:36:55.0815 4472 SCPolicySvc - ok
14:36:55.0843 4472 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:36:55.0845 4472 SDRSVC - ok
14:36:55.0857 4472 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:36:55.0857 4472 secdrv - ok
14:36:55.0880 4472 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:36:55.0881 4472 seclogon - ok
14:36:55.0893 4472 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:36:55.0894 4472 SENS - ok
14:36:55.0900 4472 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:36:55.0902 4472 SensrSvc - ok
14:36:55.0909 4472 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:36:55.0909 4472 Serenum - ok
14:36:55.0922 4472 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:36:55.0923 4472 Serial - ok
14:36:55.0941 4472 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:36:55.0942 4472 sermouse - ok
14:36:55.0971 4472 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:36:55.0973 4472 SessionEnv - ok
14:36:55.0996 4472 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:36:55.0997 4472 sffdisk - ok
14:36:56.0006 4472 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:36:56.0007 4472 sffp_mmc - ok
14:36:56.0017 4472 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:36:56.0017 4472 sffp_sd - ok
14:36:56.0027 4472 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:36:56.0027 4472 sfloppy - ok
14:36:56.0056 4472 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:36:56.0059 4472 ShellHWDetection - ok
14:36:56.0086 4472 [ 0F498DEE92FD73DD999BAE4D506367F5 ] SI3132 C:\Windows\system32\DRIVERS\SI3132.sys
14:36:56.0087 4472 SI3132 - ok
14:36:56.0090 4472 [ 127CE10E01F53F2EDACA7FE42E5631EA ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
14:36:56.0091 4472 SiFilter - ok
14:36:56.0098 4472 [ B742C37002B8EBEF6E230DF9B4B28546 ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
14:36:56.0099 4472 SiRemFil - ok
14:36:56.0119 4472 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:36:56.0119 4472 SiSRaid2 - ok
14:36:56.0124 4472 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:36:56.0124 4472 SiSRaid4 - ok
14:36:56.0153 4472 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:36:56.0154 4472 SkypeUpdate - ok
14:36:56.0164 4472 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:36:56.0166 4472 Smb - ok
14:36:56.0194 4472 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:36:56.0197 4472 SNMPTRAP - ok
14:36:56.0229 4472 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
14:36:56.0232 4472 speedfan - ok
14:36:56.0247 4472 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:36:56.0248 4472 spldr - ok
14:36:56.0285 4472 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:36:56.0296 4472 Spooler - ok
14:36:56.0380 4472 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:36:56.0401 4472 sppsvc - ok
14:36:56.0420 4472 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:36:56.0422 4472 sppuinotify - ok
14:36:56.0449 4472 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\System32\Drivers\sptd.sys
14:36:56.0452 4472 sptd - ok
14:36:56.0485 4472 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:36:56.0487 4472 srv - ok
14:36:56.0499 4472 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:36:56.0501 4472 srv2 - ok
14:36:56.0515 4472 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:36:56.0516 4472 srvnet - ok
14:36:56.0527 4472 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:36:56.0529 4472 SSDPSRV - ok
14:36:56.0536 4472 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:36:56.0537 4472 SstpSvc - ok
14:36:56.0551 4472 Steam Client Service - ok
14:36:56.0593 4472 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:36:56.0594 4472 Stereo Service - ok
14:36:56.0609 4472 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:36:56.0609 4472 stexstor - ok
14:36:56.0638 4472 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:36:56.0642 4472 stisvc - ok
14:36:56.0660 4472 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:36:56.0660 4472 storflt - ok
14:36:56.0681 4472 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:36:56.0682 4472 StorSvc - ok
14:36:56.0688 4472 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:36:56.0688 4472 storvsc - ok
14:36:56.0697 4472 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:36:56.0697 4472 swenum - ok
14:36:56.0714 4472 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:36:56.0717 4472 swprv - ok
14:36:56.0897 4472 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:36:56.0915 4472 SysMain - ok
14:36:56.0941 4472 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:36:56.0943 4472 TabletInputService - ok
14:36:56.0961 4472 [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
14:36:56.0961 4472 tap0901 - ok
14:36:56.0987 4472 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:36:56.0990 4472 TapiSrv - ok
14:36:57.0012 4472 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:36:57.0014 4472 TBS - ok
14:36:57.0060 4472 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:36:57.0071 4472 Tcpip - ok
14:36:57.0110 4472 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:36:57.0120 4472 TCPIP6 - ok
14:36:57.0144 4472 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:36:57.0145 4472 tcpipreg - ok
14:36:57.0155 4472 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:36:57.0155 4472 TDPIPE - ok
14:36:57.0170 4472 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:36:57.0171 4472 TDTCP - ok
14:36:57.0196 4472 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:36:57.0196 4472 tdx - ok
14:36:57.0206 4472 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:36:57.0207 4472 TermDD - ok
14:36:57.0232 4472 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:36:57.0236 4472 TermService - ok
14:36:57.0242 4472 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:36:57.0243 4472 Themes - ok
14:36:57.0254 4472 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:36:57.0255 4472 THREADORDER - ok
14:36:57.0265 4472 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:36:57.0267 4472 TrkWks - ok
14:36:57.0303 4472 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:36:57.0304 4472 TrustedInstaller - ok
14:36:57.0323 4472 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:36:57.0323 4472 tssecsrv - ok
14:36:57.0347 4472 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:36:57.0347 4472 TsUsbFlt - ok
14:36:57.0371 4472 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:36:57.0372 4472 tunnel - ok
14:36:57.0384 4472 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:36:57.0385 4472 uagp35 - ok
14:36:57.0411 4472 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:36:57.0412 4472 udfs - ok
14:36:57.0469 4472 [ 2E071263A409931F8AFF3A6A656E920C ] UI Assistant Service C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
14:36:57.0473 4472 UI Assistant Service - ok
14:36:57.0488 4472 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:36:57.0492 4472 UI0Detect - ok
14:36:57.0505 4472 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:36:57.0507 4472 uliagpkx - ok
14:36:57.0528 4472 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:36:57.0530 4472 umbus - ok
14:36:57.0544 4472 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:36:57.0545 4472 UmPass - ok
14:36:57.0559 4472 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:36:57.0561 4472 UmRdpService - ok
14:36:57.0608 4472 [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:36:57.0610 4472 UMVPFSrv - ok
14:36:57.0627 4472 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:36:57.0630 4472 upnphost - ok
14:36:57.0644 4472 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:36:57.0645 4472 usbaudio - ok
14:36:57.0672 4472 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:36:57.0673 4472 usbccgp - ok
14:36:57.0695 4472 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:36:57.0696 4472 usbcir - ok
14:36:57.0719 4472 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:36:57.0720 4472 usbehci - ok
14:36:57.0745 4472 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:36:57.0747 4472 usbhub - ok
14:36:57.0766 4472 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:36:57.0766 4472 usbohci - ok
14:36:57.0773 4472 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:36:57.0774 4472 usbprint - ok
14:36:57.0793 4472 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:36:57.0794 4472 USBSTOR - ok
14:36:57.0802 4472 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:36:57.0802 4472 usbuhci - ok
14:36:57.0821 4472 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
14:36:57.0822 4472 usb_rndisx - ok
14:36:57.0832 4472 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:36:57.0833 4472 UxSms - ok
14:36:57.0845 4472 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:36:57.0846 4472 VaultSvc - ok
14:36:57.0872 4472 [ C30F3D43CEB6F79ADE9B805387E5F63C ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:36:57.0873 4472 VBoxDrv - ok
14:36:57.0895 4472 [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:36:57.0897 4472 VBoxNetAdp - ok
14:36:57.0904 4472 [ 7B657669C53A0E6583F07EBAA303D9EA ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:36:57.0905 4472 VBoxNetFlt - ok
14:36:57.0927 4472 [ CF3EE68CD9723E9F21E3198A0F690400 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:36:57.0928 4472 VBoxUSBMon - ok
14:36:57.0937 4472 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:36:57.0938 4472 vdrvroot - ok
14:36:57.0965 4472 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:36:57.0969 4472 vds - ok
14:36:57.0980 4472 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:36:57.0980 4472 vga - ok
14:36:57.0988 4472 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:36:57.0988 4472 VgaSave - ok
14:36:58.0008 4472 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:36:58.0009 4472 vhdmp - ok
14:36:58.0024 4472 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:36:58.0025 4472 viaide - ok
14:36:58.0036 4472 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:36:58.0038 4472 vmbus - ok
14:36:58.0053 4472 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:36:58.0053 4472 VMBusHID - ok
14:36:58.0057 4472 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:36:58.0058 4472 volmgr - ok
14:36:58.0082 4472 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:36:58.0085 4472 volmgrx - ok
14:36:58.0102 4472 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:36:58.0104 4472 volsnap - ok
14:36:58.0113 4472 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:36:58.0114 4472 vsmraid - ok
14:36:58.0161 4472 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:36:58.0172 4472 VSS - ok
14:36:58.0176 4472 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:36:58.0176 4472 vwifibus - ok
14:36:58.0184 4472 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:36:58.0185 4472 vwififlt - ok
14:36:58.0193 4472 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:36:58.0193 4472 vwifimp - ok
14:36:58.0212 4472 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:36:58.0214 4472 W32Time - ok
14:36:58.0230 4472 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:36:58.0230 4472 WacomPen - ok
14:36:58.0246 4472 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:36:58.0246 4472 WANARP - ok
14:36:58.0249 4472 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:36:58.0249 4472 Wanarpv6 - ok
14:36:58.0288 4472 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:36:58.0295 4472 wbengine - ok
14:36:58.0308 4472 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:36:58.0310 4472 WbioSrvc - ok
14:36:58.0331 4472 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
14:36:58.0333 4472 WcesComm - ok
14:36:58.0355 4472 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:36:58.0358 4472 wcncsvc - ok
14:36:58.0364 4472 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:36:58.0365 4472 WcsPlugInService - ok
14:36:58.0374 4472 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:36:58.0375 4472 Wd - ok
14:36:58.0409 4472 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:36:58.0412 4472 Wdf01000 - ok
14:36:58.0418 4472 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:36:58.0420 4472 WdiServiceHost - ok
14:36:58.0422 4472 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:36:58.0424 4472 WdiSystemHost - ok
14:36:58.0448 4472 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:36:58.0450 4472 WebClient - ok
14:36:58.0460 4472 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:36:58.0462 4472 Wecsvc - ok
14:36:58.0470 4472 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:36:58.0471 4472 wercplsupport - ok
14:36:58.0480 4472 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:36:58.0481 4472 WerSvc - ok
14:36:58.0492 4472 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:36:58.0493 4472 WfpLwf - ok
14:36:58.0500 4472 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:36:58.0500 4472 WIMMount - ok
14:36:58.0505 4472 WinHttpAutoProxySvc - ok
14:36:58.0538 4472 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:36:58.0539 4472 Winmgmt - ok
14:36:58.0590 4472 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:36:58.0599 4472 WinRM - ok
14:36:58.0629 4472 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:36:58.0629 4472 WinUsb - ok
14:36:58.0666 4472 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:36:58.0682 4472 Wlansvc - ok
14:36:58.0818 4472 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:36:58.0838 4472 wlidsvc - ok
14:36:58.0852 4472 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:36:58.0853 4472 WmiAcpi - ok
14:36:58.0869 4472 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:36:58.0871 4472 wmiApSrv - ok
14:36:58.0876 4472 WMPNetworkSvc - ok
14:36:58.0882 4472 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:36:58.0883 4472 WPCSvc - ok
14:36:58.0902 4472 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:36:58.0904 4472 WPDBusEnum - ok
14:36:58.0916 4472 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:36:58.0917 4472 ws2ifsl - ok
14:36:58.0920 4472 WSearch - ok
14:36:58.0946 4472 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:36:58.0947 4472 WudfPf - ok
14:36:58.0955 4472 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:36:58.0957 4472 WUDFRd - ok
14:36:58.0982 4472 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:36:58.0984 4472 wudfsvc - ok
14:36:58.0997 4472 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:36:58.0999 4472 WwanSvc - ok
14:36:59.0025 4472 [ 3762B4C538B9D710F85042849C20319F ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:36:59.0026 4472 ZTEusbmdm6k - ok
14:36:59.0038 4472 [ 3762B4C538B9D710F85042849C20319F ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:36:59.0039 4472 ZTEusbnmea - ok
14:36:59.0053 4472 [ 3762B4C538B9D710F85042849C20319F ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:36:59.0054 4472 ZTEusbser6k - ok
14:36:59.0078 4472 ================ Scan global ===============================
14:36:59.0096 4472 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:36:59.0122 4472 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:59.0127 4472 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:59.0139 4472 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:36:59.0162 4472 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:36:59.0164 4472 [Global] - ok
14:36:59.0164 4472 ================ Scan MBR ==================================
14:36:59.0166 4472 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:36:59.0186 4472 \Device\Harddisk0\DR0 - ok
14:36:59.0193 4472 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:36:59.0388 4472 \Device\Harddisk1\DR1 - ok
14:36:59.0394 4472 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:36:59.0429 4472 \Device\Harddisk2\DR2 - ok
14:36:59.0430 4472 ================ Scan VBR ==================================
14:36:59.0435 4472 [ 038E15ACA723E15A511F829D69359BF4 ] \Device\Harddisk1\DR1\Partition1
14:36:59.0438 4472 \Device\Harddisk1\DR1\Partition1 - ok
14:36:59.0465 4472 [ 05AC193644A2634F0F2367971DA86463 ] \Device\Harddisk1\DR1\Partition2
14:36:59.0467 4472 \Device\Harddisk1\DR1\Partition2 - ok
14:36:59.0476 4472 [ 47000BFDEF05A45EA48B3FC5D8453F97 ] \Device\Harddisk1\DR1\Partition3
14:36:59.0478 4472 \Device\Harddisk1\DR1\Partition3 - ok
14:36:59.0480 4472 [ 62B41225929F02256BDF3763C969E7C2 ] \Device\Harddisk2\DR2\Partition1
14:36:59.0481 4472 \Device\Harddisk2\DR2\Partition1 - ok
14:36:59.0482 4472 ============================================================
14:36:59.0482 4472 Scan finished
14:36:59.0482 4472 ============================================================
14:36:59.0490 4200 Detected object count: 0
14:36:59.0490 4200 Actual detected object count: 0
14:37:02.0664 2884 Deinitialize success
 |
|
19.01.2013, 15:43
| #3 |
| /// Helfer-Team  | Yet another TR/ATRAPS.Gen2 topic Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers danach: Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ |
|
19.01.2013, 17:32
| #4 | |
| | Yet another TR/ATRAPS.Gen2 topic Hallo t'john, wenn ich die mbar ausführe, kommt eine Fehlermeldung, dass die Datei zu alt sei: Zitat:
|
|
19.01.2013, 18:15
| #5 |
| /// Helfer-Team | Yet another TR/ATRAPS.Gen2 topic In Ordnung |
|
19.01.2013, 18:43
| #6 |
| | Yet another TR/ATRAPS.Gen2 topic Hm, das scheint mir komisch. Eine neuere Version gibt es nicht und der Download führt zur selben Version. Nachdem ich mehrmals die alte (von dir verlinkte) ausführen wollte, ging es plötzlich, mit folgendem Output: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 0.00.0.0000
v0000.00.00.00
Windows 7 Service Pack 1 x64 NTFS
8.0.7601.17514
Steffen :: NR1
19.01.2013 18:40:01
mbar-log-2013-01-19 (18-40-01).txt
20356
30
0
0
0
0
0
0
0
Code:
ATTFilter Scan finished
=======================================
Es gab auch keinen Neustart und keine Möglichkeit aufzuräumen (CleanUp). Ist das so in Ordnung, kann ich mit dem zweiten Schritt weitermachen? |
|
19.01.2013, 20:00
| #7 |
| /// Helfer-Team | Yet another TR/ATRAPS.Gen2 topic Malware mit Combofix beseitigen Lade Combofix von einem der folgenden Download-Spiegel herunter: BleepingComputer.com - ForoSpyware.com und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig! Beachte die ausführliche Original-Anleitung. Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:
Vorbereitung und wichtige Hinweise
Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen! |
|
19.01.2013, 22:40
| #8 |
| | Yet another TR/ATRAPS.Gen2 topic Add-Remove Programs.txt: Code:
ATTFilter 1&1 Surf-Stick
Activision(R)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01) - Deutsch
Adobe Shockwave Player 11.5
Aquaria
µTorrent
Avira Free Antivirus
Blocks That Matter
Blur(TM)
Borderlands
CameraHelperMsi
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.9
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities WFT-E1/E2/E3/E4 Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Command & Conquer™ 4 Tiberian Twilight
Crysis® 2
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX-Setup
doxygen 1.7.3
Dual-Core Optimizer
erLT
Express Rip
FAKEFACTORY Cinematic Mod V10
FLV Downloader
GIMP 2.6.11
Git version 1.7.3.1-preview20101002
Google Chrome
Google Earth
Google Update Helper
Gpg4win (2.1.0)
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
Gratuitous Space Battles
Half-Life 2
Half-Life 2 Awakening 1.1
Half-Life 2: Deathmatch
Half-Life 2: Episode One
Half-Life 2: Episode Two
Hugin 2011.4.0
Inkscape 0.48.2
Java Auto Updater
Java(TM) 6 Update 29
LEGO Digital Designer
LibreOffice 3.6
Lightworks
LIMBO
Logitech Webcam Software
LuminanceHDR 2.0.2
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Mendeley Desktop 1.7.1
Metro 2033
Microsoft .NET Compact Framework 3.5
Microsoft Access 2010
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
MiKTeX 2.8
Mozilla Firefox 18.0 (x86 de)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 de)
Mp3tag v2.48
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multiwinia
Navigator 11 - Setup Utility 11.0.23-3
Nero 7 Essentials
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
neroxml
Notepad++
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
OpenVPN 2.2.1
Opera 11.62
Phase 5 HTML-Editor
Pidgin
pidgin-otr 3.2.0-1
Portal
Portal 2
Python 2.6 pygtk-2.22.0
QuickTime
R for Windows 2.11.1
RESIDENT EVIL 5
Return to Castle Wolfenstein
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Skype™ 5.10
Solar 2
Source SDK
Source SDK Base 2007
SpeedFan (remove only)
Texmaker
The Basement Collection
The Binding of Isaac
Tinn-R 2.3.5.2
UFRaw 0.18
Unity Web Player (All users)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053
VLC media player 2.0.1
Winamp
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinMerge 2.12.4
Code:
ATTFilter ComboFix 13-01-17.04 - Steffen 19.01.2013 22:16:14.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8190.6423 [GMT 1:00]
ausgeführt von:: c:\users\Steffen\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\$recycle.bin\S-1-5-18\$315c205da7786cc596b7af5891b907c0\@
c:\$recycle.bin\S-1-5-18\$315c205da7786cc596b7af5891b907c0\n
c:\users\Steffen\AppData\Local\.#
c:\users\Steffen\AppData\Local\Temp\7zS5696\HPSLPSVC64.DLL
c:\users\Steffen\AppData\Roaming\Local
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\3.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\4.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\5.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-19 bis 2013-01-19 ))))))))))))))))))))))))))))))
.
.
2013-01-19 17:31 . 2013-01-19 17:31 -------- d-----w- c:\programdata\Malwarebytes
2013-01-19 16:42 . 2013-01-19 16:42 308640 ----a-w- c:\windows\system32\javaws.exe
2013-01-19 16:42 . 2013-01-19 16:42 1081760 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-19 16:42 . 2013-01-19 16:42 188832 ----a-w- c:\windows\system32\javaw.exe
2013-01-19 16:42 . 2013-01-19 16:42 188832 ----a-w- c:\windows\system32\java.exe
2013-01-19 16:42 . 2013-01-19 16:42 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-01-19 16:42 . 2013-01-19 16:42 -------- d-----w- c:\program files\Java
2013-01-19 12:16 . 2013-01-19 12:16 -------- d-----w- c:\users\Steffen\AppData\Roaming\Avira
2013-01-19 12:11 . 2013-01-19 12:11 -------- d-----w- c:\programdata\Avira
2013-01-19 12:11 . 2013-01-19 12:11 -------- d-----w- c:\program files (x86)\Avira
2013-01-19 12:11 . 2012-12-03 14:36 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-01-19 12:11 . 2012-12-03 14:36 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-01-19 12:11 . 2012-11-16 19:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-01-17 08:41 . 2013-01-17 08:41 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2013-01-15 07:25 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B92C6F7-E9FE-4983-84F7-D6DEB53AAAA6}\mpengine.dll
2013-01-15 07:25 . 2013-01-04 15:53 9060864 ----a-w- c:\windows\system32\mshtml.dll
2013-01-14 09:05 . 2013-01-19 16:38 -------- d-----w- c:\users\Steffen\AppData\Roaming\.minecraft
2013-01-13 20:28 . 2013-01-13 20:28 -------- d-----w- c:\users\Steffen\AppData\Roaming\LibreOffice
2013-01-13 20:26 . 2013-01-13 20:27 -------- d-----w- c:\program files (x86)\LibreOffice 3.6
2013-01-10 11:29 . 2013-01-10 11:29 -------- d-----w- c:\users\Steffen\AppData\Roaming\collection
2013-01-09 19:06 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-08 22:31 . 2013-01-09 08:23 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-01-07 23:42 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-01-07 23:42 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-01-07 23:42 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-01-07 23:42 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-19 16:42 . 2011-01-06 15:30 960416 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-19 14:05 . 2012-04-03 14:57 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-19 14:05 . 2011-05-26 14:54 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-10 11:50 . 2012-01-03 16:18 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-01-10 11:50 . 2012-01-03 16:18 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-01-10 11:50 . 2012-01-03 16:18 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-01-10 11:50 . 2012-01-03 16:18 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-01-09 22:45 . 2010-10-08 08:52 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-11-30 04:45 . 2013-01-09 19:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-12 12:28 . 2012-12-12 19:56 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-12 11:52 . 2012-12-12 19:56 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 19:56 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 19:56 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 19:56 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 19:56 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-27 06:26 . 2012-12-12 19:56 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-10-27 05:51 . 2012-12-12 19:56 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-10-27 05:51 . 2012-12-12 19:56 1494528 ----a-w- c:\windows\system32\urlmon.dll
2012-10-27 05:51 . 2012-12-12 19:56 134144 ----a-w- c:\windows\system32\url.dll
2012-10-27 05:49 . 2012-12-12 19:56 97792 ----a-w- c:\windows\system32\mshtmled.dll
2012-10-27 05:49 . 2012-12-12 19:56 735744 ----a-w- c:\windows\system32\msfeeds.dll
2012-10-27 05:49 . 2012-12-12 19:56 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-10-27 05:49 . 2012-12-12 19:56 247808 ----a-w- c:\windows\system32\ieui.dll
2012-10-27 05:49 . 2012-12-12 19:56 2453504 ----a-w- c:\windows\system32\iertutil.dll
2012-10-27 05:49 . 2012-12-12 19:56 12295680 ----a-w- c:\windows\system32\ieframe.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files (x86)\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-08 1226608]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"UIExec"="c:\program files (x86)\1&1 Surf-Stick\UIExec.exe" [2011-08-25 153424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-04 384800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 ALSysIO;ALSysIO;c:\users\Steffen\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BthAudioHF;BthAudioHF-Dienst;c:\windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
R3 csr_a2dp;Bluetooth-AV-Profil;c:\windows\system32\drivers\bthav.sys [2009-12-21 78848]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2011-04-01 341856]
R3 LVUVC64;Logitech Webcam 905(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2011-04-01 4184672]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011-03-26 11776]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 448512]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-19 834544]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 224048]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 130864]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
S2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [2011-03-02 224256]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\1&1 Surf-Stick\AssistantServices.exe [2011-08-25 270672]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 165680]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 14:05]
.
2013-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-08 16:58]
.
2013-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-08 16:58]
.
2013-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1048336132-1139700247-469780242-1001Core.job
- c:\users\Steffen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-02 20:13]
.
2013-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1048336132-1139700247-469780242-1001UA.job
- c:\users\Steffen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-02 20:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - ExtSQL: 2012-12-07 16:42; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - (no file)
BHO-{1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - (no file)
Wow6432Node-HKCU-Run-RGSC - e:\rockstar games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKLM-Run-NWEReboot - (no file)
Wow6432Node-HKLM-Run-DivX Download Manager - c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe
WebBrowser-{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-UnityWebPlayer - c:\program files (x86)\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1048336132-1139700247-469780242-1001\Software\SecuROM\License information*]
"datasecu"=hex:03,e7,ad,7d,e2,f6,5e,ee,ac,55,35,7a,6f,36,85,57,2d,19,c5,11,14,
24,f6,e7,1d,2a,d7,36,bc,a0,c8,61,b6,c4,05,53,0b,37,ab,55,4a,a8,c3,2a,3e,b9,\
"rkeysecu"=hex:8f,35,95,71,16,ec,ca,00,1d,fb,6d,e7,38,7a,c6,9e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-19 22:29:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-01-19 21:29
.
Vor Suchlauf: 11 Verzeichnis(se), 23.957.585.920 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 24.496.013.312 Bytes frei
.
- - End Of File - - 878367023D62E45A5215D4561D0FBFAD
|
|
19.01.2013, 23:25
| #9 |
| /// Helfer-Team | Yet another TR/ATRAPS.Gen2 topic Nochmal Malwarebytes Anti-Rootkit BETA - Download - Filepony probieren |
|
20.01.2013, 12:04
| #10 |
| | Yet another TR/ATRAPS.Gen2 topic Guten morgen, habe das Ding nun über Nacht laufen lassen und gerade vorhin kam dieser Output: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org
Database version: v2013.01.19.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Steffen :: NR1 [administrator]
20.01.2013 10:19:35
mbar-log-2013-01-20 (10-19-35).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 37692
Time elapsed: 10 hour(s), 24 minute(s), 49 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 8.0.7601.17514
Java version: 1.6.0_29
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED, G:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 3.214000 GHz
Memory total: 8587370496, free: 5967978496
------------ Kernel report ------------
01/19/2013 23:45:16
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\nvstor.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\DRIVERS\SI3132.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\SiWinAcc.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\SysWOW64\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\SiRemFil.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\drivers\ipnat.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\Drivers\PROCEXP113.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\imagehlp.dll
\Windows\System32\msctf.dll
\Windows\System32\kernel32.dll
\Windows\System32\difxapi.dll
\Windows\System32\nsi.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\user32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\imm32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\gdi32.dll
\Windows\System32\iertutil.dll
\Windows\System32\lpk.dll
\Windows\System32\shell32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\normaliz.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\usp10.dll
\Windows\System32\psapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\urlmon.dll
\Windows\System32\wininet.dll
\Windows\System32\clbcatq.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\crypt32.dll
\Windows\System32\comctl32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\wintrust.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8007afa060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-3\
Lower Device Object: 0xfffffa800783c060
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8007af9060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T1L0-6\
Lower Device Object: 0xfffffa800784e680
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007af8060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\
Lower Device Object: 0xfffffa8007835680
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Downloaded database version: v2013.01.19.11
Initializing...
Done!
<<<2>>>
Device number: 1, partition: 2
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8007af9060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007af9940, DeviceName: Unknown, DriverName: \Driver\SiRemFil\
DevicePointer: 0xfffffa8007af9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007af9060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8006b279b0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800784e680, DeviceName: \Device\Ide\IdeDeviceP2T1L0-6\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xfffff8a00d7c51e0, 0xfffffa8007af9060, 0xfffffa8009fc22f0
Lower DeviceData: 0xfffff8a00e23c920, 0xfffffa800784e680, 0xfffffa80097b72b0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007af8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007af8940, DeviceName: Unknown, DriverName: \Driver\SiRemFil\
DevicePointer: 0xfffffa8007af8b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007af8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007839520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007835680, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xfffff8a01371ed00, 0xfffffa8007af8060, 0xfffffa800a987090
Lower DeviceData: 0xfffff8a010184d20, 0xfffffa8007835680, 0xfffffa8009df8150
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DD6DB48A
Partition information:
Partition 0 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 2930275057
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1500301910016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-2930257168-2930277168)...
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9630962
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 207050752
Partition 2 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 207259648 Numsec = 1042995824
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 640130801152 bytes
Sector size: 512 bytes
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa8007afa060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007afa940, DeviceName: Unknown, DriverName: \Driver\SiRemFil\
DevicePointer: 0xfffffa8007afab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007afa060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800783a520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800783c060, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xfffff8a00ec12670, 0xfffffa8007afa060, 0xfffffa800a5b3140
Lower DeviceData: 0xfffff8a0035bf450, 0xfffffa800783c060, 0xfffffa800a6fe430
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7501CBE6
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 3907018864
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 2000394706432 bytes
Sector size: 512 bytes
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
|
|
20.01.2013, 15:05
| #11 |
| /// Helfer-Team | Yet another TR/ATRAPS.Gen2 topic http://www.trojaner-board.de/129789-...tml#post994108 (adwCleaner) danach: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
|
20.01.2013, 16:34
| #12 |
| | Yet another TR/ATRAPS.Gen2 topic adwcleaner hatte ich gestern schon laufen, das hier ist von gestern: Code:
ATTFilter # AdwCleaner v2.106 - Datei am 19/01/2013 um 22:05:15 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Steffen - NR1
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Steffen\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Users\Steffen\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Steffen\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Steffen\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Steffen\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\Conduit
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2849855
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v18.0 (de)
Datei : C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\prefs.js
Gelöscht : user_pref("CT2319825..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2319825..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2319825..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2319825.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2319825.CurrentServerDate", "25-3-2011");
Gelöscht : user_pref("CT2319825.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2319825.DialogsGetterLastCheckTime", "Fri Mar 25 2011 16:35:53 GMT+0100");
Gelöscht : user_pref("CT2319825.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2319825.FirstServerDate", "25-3-2011");
Gelöscht : user_pref("CT2319825.FirstTimeFF3", true);
Gelöscht : user_pref("CT2319825.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2319825.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2319825.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2319825.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2319825.IsGrouping", false);
Gelöscht : user_pref("CT2319825.LanguagePackLastCheckTime", "Fri Mar 25 2011 16:35:54 GMT+0100");
Gelöscht : user_pref("CT2319825.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2319825.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2319825.LastLogin_3.3.3.2", "Fri Mar 25 2011 16:35:53 GMT+0100");
Gelöscht : user_pref("CT2319825.LatestVersion", "3.2.5.2");
Gelöscht : user_pref("CT2319825.Locale", "de");
Gelöscht : user_pref("CT2319825.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2319825.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2319825.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2319825.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2319825.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2319825.SearchInNewTabLastCheckTime", "Fri Mar 25 2011 16:35:53 GMT+0100");
Gelöscht : user_pref("CT2319825.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2319825.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2319825.ServiceMapLastCheckTime", "Fri Mar 25 2011 16:35:52 GMT+0100");
Gelöscht : user_pref("CT2319825.SettingsLastCheckTime", "Fri Mar 25 2011 16:35:52 GMT+0100");
Gelöscht : user_pref("CT2319825.SettingsLastUpdate", "1300876832");
Gelöscht : user_pref("CT2319825.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2319825.ThirdPartyComponentsLastCheck", "Fri Mar 25 2011 16:35:52 GMT+0100");
Gelöscht : user_pref("CT2319825.ThirdPartyComponentsLastUpdate", "1255344657");
Gelöscht : user_pref("CT2319825.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2319825");
Gelöscht : user_pref("CT2319825.Uninstall", true);
Gelöscht : user_pref("CT2319825.UserID", "UN11785589511515127");
Gelöscht : user_pref("CT2319825.alertChannelId", "715912");
Gelöscht : user_pref("CT2319825.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Gelöscht : user_pref("CT2319825.globalFirstTimeInfoLastCheckTime", "Fri Mar 25 2011 16:35:54 GMT+0100");
Gelöscht : user_pref("CT2319825.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2319825.myStuffEnabled", true);
Gelöscht : user_pref("CT2319825.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2319825.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2319825.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2319825.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2319825.testingCtid", "");
Gelöscht : user_pref("CT2319825.toolbarAppMetaDataLastCheckTime", "Fri Mar 25 2011 16:35:53 GMT+0100");
Gelöscht : user_pref("CT2319825.toolbarContextMenuLastCheckTime", "Fri Mar 25 2011 16:35:54 GMT+0100");
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 25);
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.firstRun", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "C2095A818D1F5B2C62F564470C8E5404");
Gelöscht : user_pref("extensions.BabylonToolbar.lastActv", "25");
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 25);
-\\ Google Chrome v24.0.1312.52
Datei : C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v11.62.1347.0
Datei : C:\Users\Steffen\AppData\Roaming\Opera\Opera\operaprefs.ini
Gelöscht : video/mpeg=4,"C:\Program Files (x86)\Winamp\winamp.exe" "%s",C:\Program Files (x86)\VideoLAN\VLC\npv[...]
Gelöscht : application/x-winampx-1.0.0.1=6,,,,,|
Gelöscht : application/x-winampx-1.0.0.1=,0
*************************
AdwCleaner[S1].txt - [8977 octets] - [19/01/2013 22:05:15]
########## EOF - C:\AdwCleaner[S1].txt - [9037 octets] ##########
Code:
ATTFilter # AdwCleaner v2.106 - Datei am 20/01/2013 um 16:28:22 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Steffen - NR1
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Steffen\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v18.0 (de)
Datei : C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v24.0.1312.52
Datei : C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v11.62.1347.0
Datei : C:\Users\Steffen\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [9074 octets] - [19/01/2013 22:05:15]
AdwCleaner[S2].txt - [1063 octets] - [20/01/2013 16:28:22]
########## EOF - C:\AdwCleaner[S2].txt - [1123 octets] ##########
|
|
20.01.2013, 17:58
| #13 | |
| /// Helfer-Team | Yet another TR/ATRAPS.Gen2 topicZitat:
das logfile hast du ja nicht gepostet. wo ist das Emsisoft Logfile....  |
|
20.01.2013, 17:59
| #14 |
| | Yet another TR/ATRAPS.Gen2 topic ist noch in der Mache, hatte gedacht ich kann das gleich im Anschluß posten  . |
|
20.01.2013, 18:02
| #15 |
| /// Helfer-Team | Yet another TR/ATRAPS.Gen2 topic ok, mit Logfile wieder melden! |
|
| Themen zu Yet another TR/ATRAPS.Gen2 topic |
| 4d36e972-e325-11ce-bfc1-08002be10318, adobe, antivir, aswmbr, avast, avira, classpnp.sys, computer, defender, desktop.ini, dxgkrnl, echtzeit-scanner, error, explorer, file, firefox, flash player, fontcache, frage, google, lanmanworkstation, log file, mozilla, nvidia, pdf, plug-in, policyagent, realtek, required, svchost.exe, system, temp, trojaner, trustedinstaller, tunnel, updates, usb, virtualbox, windows, wlansvc, wsearch |
Linear-Darstellung
