| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Lapptop Zeusvirus verseucht !Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.01.2013, 17:49
| #16 |
 |  Lapptop Zeusvirus verseucht ! Ja ich weiß, ich habe es ja versucht als code tag, war aber wie gesagt zu groß. scanne gerade das Lappi mit aswMBR , sobald das fertig ist poste ich beides. |
|
28.01.2013, 18:08
| #17 |
| | Lapptop Zeusvirus verseucht !Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-28 17:44:26
-----------------------------
17:44:26.711 OS Version: Windows x64 6.1.7600
17:44:26.711 Number of processors: 2 586 0x170A
17:44:26.726 ComputerName: MERLE-PC UserName: Merle
17:44:28.084 Initialize success
17:44:41.344 AVAST engine defs: 13012800
17:45:58.626 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:45:58.626 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
17:45:58.642 Disk 0 MBR read successfully
17:45:58.657 Disk 0 MBR scan
17:45:58.657 Disk 0 Windows VISTA default MBR code
17:45:58.673 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13000 MB offset 2048
17:45:58.689 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 26626048
17:45:58.704 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 463838 MB offset 26830848
17:45:58.735 Disk 0 scanning C:\Windows\system32\drivers
17:46:11.372 Service scanning
17:46:42.697 Modules scanning
17:46:42.713 Disk 0 trace - called modules:
17:46:42.760 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:46:42.775 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005751060]
17:46:42.775 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800472e050]
17:46:44.008 AVAST engine scan C:\Windows
17:46:54.335 AVAST engine scan C:\Windows\system32
17:51:03.538 AVAST engine scan C:\Windows\system32\drivers
17:51:15.503 AVAST engine scan C:\Users\Merle
18:01:17.048 AVAST engine scan C:\ProgramData
18:02:46.378 Scan finished successfully
18:03:47.077 Disk 0 MBR has been saved successfully to "C:\Users\Merle\Desktop\MBR.dat"
18:03:47.093 The log file has been saved successfully to "C:\Users\Merle\Desktop\aswMBR.txt"
|
|
28.01.2013, 22:41
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Lapptop Zeusvirus verseucht ! Note: MBAR geht wieder, auf der Malwarebytes-Website kann man sich nun Version mbar-1.01.0.1017.zip runterladen
__________________Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Geändert von cosinus (28.01.2013 um 22:49 Uhr) |
|
29.01.2013, 08:22
| #19 |
| | Lapptop Zeusvirus verseucht ! Soll ich mbar auch noch durchlaufen lassen und das Log posten ? Oder hatte sich das erledigt ? |
|
29.01.2013, 12:40
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lapptop Zeusvirus verseucht ! Ja, mach bitte erst MBAR, dann den TDSS-Killer
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.01.2013, 16:36
| #21 |
| | Lapptop Zeusvirus verseucht !Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7600 Windows 7 x64
Account is Administrative
Internet Explorer version: 8.0.7600.16385
Java version: 1.6.0_27
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4220444672, free: 2312007680
------------ Kernel report ------------
01/29/2013 15:52:57
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\system32\DRIVERS\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\DRIVERS\cmderd.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\cmdguard.sys
\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\cmdhlp.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\inspect.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys
\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\k57nd60a.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\SysWOW64\Drivers\DKbFltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\??\C:\Windows\system32\drivers\UBHelper.sys
\??\C:\Windows\system32\drivers\NTIDrvr.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\agrsm64.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\drivers\IntcHdmi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\ipnat.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\msctf.dll
\Windows\System32\normaliz.dll
\Windows\System32\psapi.dll
\Windows\System32\nsi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\msvcrt.dll
\Windows\System32\ws2_32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\lpk.dll
\Windows\System32\user32.dll
\Windows\System32\shell32.dll
\Windows\System32\usp10.dll
\Windows\System32\imagehlp.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\advapi32.dll
\Windows\System32\kernel32.dll
\Windows\System32\sechost.dll
\Windows\System32\difxapi.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\gdi32.dll
\Windows\System32\imm32.dll
\Windows\System32\urlmon.dll
\Windows\System32\iertutil.dll
\Windows\System32\shlwapi.dll
\Windows\System32\crypt32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\comctl32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005745060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004741050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.01.29.06
Downloaded database version: v2013.01.23.01
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005745060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005745ab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005745060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004741050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xfffff8a00b541290, 0xfffffa8005745060, 0xfffffa8004885790
Lower DeviceData: 0xfffff8a00b571680, 0xfffffa8004741050, 0xfffffa8004870090
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
File user open failed: C:\Windows\system32\drivers\sfi.dat (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1CFF1CFF
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 26624000
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 26626048 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 26830848 Numsec = 949940272
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Performing system, memory and registry scan...
Infected: c:\Users\Merle\Downloads\SoftonicDownloader_fuer_photoscape.exe --> [PUP.OfferBundler.ST]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7600 Windows 7 x64
Account is Administrative
Internet Explorer version: 8.0.7600.16385
Java version: 1.6.0_27
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4220444672, free: 2946891776
Removal queue found; removal started
Removing c:\Users\Merle\Downloads\SoftonicDownloader_fuer_photoscape.exe...
Removal finished
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7600 Windows 7 x64
Account is Administrative
Internet Explorer version: 8.0.7600.16385
Java version: 1.6.0_27
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4220444672, free: 2349056000
------------ Kernel report ------------
01/29/2013 16:15:57
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\system32\DRIVERS\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\DRIVERS\cmderd.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\cmdguard.sys
\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\cmdhlp.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\inspect.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys
\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\k57nd60a.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\SysWOW64\Drivers\DKbFltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\??\C:\Windows\system32\drivers\UBHelper.sys
\??\C:\Windows\system32\drivers\NTIDrvr.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\agrsm64.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\drivers\IntcHdmi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\ipnat.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\oleaut32.dll
\Windows\System32\iertutil.dll
\Windows\System32\msctf.dll
\Windows\System32\msvcrt.dll
\Windows\System32\urlmon.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\lpk.dll
\Windows\System32\comdlg32.dll
\Windows\System32\psapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\kernel32.dll
\Windows\System32\usp10.dll
\Windows\System32\ole32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\shell32.dll
\Windows\System32\user32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\setupapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\Wldap32.dll
\Windows\System32\imm32.dll
\Windows\System32\wininet.dll
\Windows\System32\clbcatq.dll
\Windows\System32\sechost.dll
\Windows\System32\difxapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\wintrust.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\KernelBase.dll
\Windows\System32\crypt32.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005729700
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004725050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005729700, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800572a040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005729700, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004725050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xfffff8a00a65d590, 0xfffffa8005729700, 0xfffffa80040d75b0
Lower DeviceData: 0xfffff8a00c443ec0, 0xfffffa8004725050, 0xfffffa80040f95f0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
File user open failed: C:\Windows\system32\drivers\sfi.dat (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1CFF1CFF
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 26624000
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 26626048 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 26830848 Numsec = 949940272
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
"Threads detected" !! Wie soll ich weiter verfahren, das ist so nicht beschrieben ?? |
|
29.01.2013, 16:55
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lapptop Zeusvirus verseucht ! Würdest du bitte mal die Anleitungen lesen?  Dann müsstest du auch nicht x Mal nachfragen und hättest zu MBAR das richtige Log gepostet 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2013, 17:06
| #23 |
| | Lapptop Zeusvirus verseucht !Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org
Database version: v2013.01.29.06
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Merle :: MERLE-PC [administrator]
29.01.2013 16:09:56
mbar-log-2013-01-29 (16-09-56).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31475
Time elapsed: 15 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
c:\Users\Merle\Downloads\SoftonicDownloader_fuer_photoscape.exe (PUP.OfferBundler.ST) -> Delete on reboot.
(end)
|
|
29.01.2013, 17:07
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lapptop Zeusvirus verseucht ! So und was steht in meiner Anleitung zum TDSS? Damit erübrigt sich die Frage zu dem Tool auch!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2013, 17:07
| #25 |
| | Lapptop Zeusvirus verseucht !Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org
Database version: v2013.01.29.06
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Merle :: MERLE-PC [administrator]
29.01.2013 16:33:19
mbar-log-2013-01-29 (16-33-19).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31460
Time elapsed: 17 minute(s), 10 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
29.01.2013, 17:12
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lapptop Zeusvirus verseucht ! Aber deine Frage wird durch meine Anleitung beantwortet! Ich weiß ja, dass du vieles nicht kennst, aber gerade deswegen sind die Anleitungen ja so ausführlich! Überleg wieviel Zeit ich damit verplempere wenn jeder nochmal alles nachfragt nur weil die Anleitungen nicht richtig gelesen werden 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2013, 17:55
| #27 |
| | Lapptop Zeusvirus verseucht !Code:
ATTFilter 17:19:37.0316 2864 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:19:37.0441 2864 ============================================================
17:19:37.0441 2864 Current date / time: 2013/01/29 17:19:37.0441
17:19:37.0441 2864 SystemInfo:
17:19:37.0441 2864
17:19:37.0441 2864 OS Version: 6.1.7600 ServicePack: 0.0
17:19:37.0441 2864 Product type: Workstation
17:19:37.0441 2864 ComputerName: MERLE-PC
17:19:37.0441 2864 UserName: Merle
17:19:37.0441 2864 Windows directory: C:\Windows
17:19:37.0441 2864 System windows directory: C:\Windows
17:19:37.0441 2864 Running under WOW64
17:19:37.0441 2864 Processor architecture: Intel x64
17:19:37.0441 2864 Number of processors: 2
17:19:37.0441 2864 Page size: 0x1000
17:19:37.0441 2864 Boot type: Normal boot
17:19:37.0441 2864 ============================================================
17:19:39.0765 2864 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:19:39.0781 2864 ============================================================
17:19:39.0781 2864 \Device\Harddisk0\DR0:
17:19:39.0781 2864 MBR partitions:
17:19:39.0781 2864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
17:19:39.0781 2864 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x389EF030
17:19:39.0781 2864 ============================================================
17:19:39.0859 2864 C: <-> \Device\Harddisk0\DR0\Partition2
17:19:39.0859 2864 ============================================================
17:19:39.0859 2864 Initialize success
17:19:39.0859 2864 ============================================================
17:50:52.0686 3496 ============================================================
17:50:52.0686 3496 Scan started
17:50:52.0686 3496 Mode: Manual; SigCheck; TDLFS;
17:50:52.0686 3496 ============================================================
17:50:54.0839 3496 ================ Scan system memory ========================
17:50:54.0839 3496 System memory - ok
17:50:54.0839 3496 ================ Scan services =============================
17:50:55.0261 3496 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:50:55.0511 3496 1394ohci - ok
17:50:55.0542 3496 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:50:55.0573 3496 ACPI - ok
17:50:55.0620 3496 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:50:55.0698 3496 AcpiPmi - ok
17:50:56.0276 3496 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:50:56.0292 3496 AdobeFlashPlayerUpdateSvc - ok
17:50:56.0386 3496 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:50:56.0401 3496 adp94xx - ok
17:50:56.0495 3496 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:50:56.0526 3496 adpahci - ok
17:50:56.0573 3496 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:50:56.0588 3496 adpu320 - ok
17:50:56.0635 3496 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:50:56.0713 3496 AeLookupSvc - ok
17:50:56.0822 3496 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
17:50:56.0916 3496 AFD - ok
17:50:57.0088 3496 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
17:50:57.0166 3496 AgereModemAudio - ok
17:50:57.0368 3496 [ C98356D813B581E9C425B42A5D146CE0 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
17:50:57.0446 3496 AgereSoftModem - ok
17:50:57.0509 3496 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:50:57.0540 3496 agp440 - ok
17:50:57.0587 3496 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:50:57.0665 3496 ALG - ok
17:50:57.0743 3496 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:50:57.0774 3496 aliide - ok
17:50:57.0821 3496 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:50:57.0821 3496 amdide - ok
17:50:57.0899 3496 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:50:57.0977 3496 AmdK8 - ok
17:50:57.0992 3496 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:50:58.0055 3496 AmdPPM - ok
17:50:58.0117 3496 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:50:58.0133 3496 amdsata - ok
17:50:58.0226 3496 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:50:58.0242 3496 amdsbs - ok
17:50:58.0320 3496 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:50:58.0336 3496 amdxata - ok
17:50:58.0460 3496 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:50:59.0022 3496 AppID - ok
17:50:59.0053 3496 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:50:59.0116 3496 AppIDSvc - ok
17:50:59.0178 3496 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:50:59.0256 3496 Appinfo - ok
17:50:59.0459 3496 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:50:59.0474 3496 Apple Mobile Device - ok
17:50:59.0552 3496 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:50:59.0568 3496 arc - ok
17:50:59.0630 3496 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:50:59.0724 3496 arcsas - ok
17:50:59.0755 3496 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:50:59.0849 3496 AsyncMac - ok
17:50:59.0927 3496 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:50:59.0927 3496 atapi - ok
17:51:00.0332 3496 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
17:51:00.0473 3496 athr - ok
17:51:00.0660 3496 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:51:00.0863 3496 AudioEndpointBuilder - ok
17:51:00.0863 3496 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:51:00.0925 3496 AudioSrv - ok
17:51:01.0034 3496 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:51:01.0112 3496 AxInstSV - ok
17:51:01.0237 3496 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:51:01.0331 3496 b06bdrv - ok
17:51:01.0440 3496 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:51:01.0518 3496 b57nd60a - ok
17:51:01.0846 3496 [ B44879610F2DC4A046B14BEFA3AE72DE ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:51:01.0955 3496 BCM43XX - ok
17:51:02.0002 3496 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:51:02.0064 3496 BDESVC - ok
17:51:02.0126 3496 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:51:02.0220 3496 Beep - ok
17:51:02.0345 3496 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:51:02.0454 3496 BFE - ok
17:51:02.0563 3496 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
17:51:02.0688 3496 BITS - ok
17:51:02.0750 3496 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:51:02.0766 3496 blbdrive - ok
17:51:02.0860 3496 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:51:02.0875 3496 Bonjour Service - ok
17:51:02.0891 3496 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:51:02.0938 3496 bowser - ok
17:51:02.0969 3496 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:51:03.0000 3496 BrFiltLo - ok
17:51:03.0016 3496 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:51:03.0047 3496 BrFiltUp - ok
17:51:03.0062 3496 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:51:03.0172 3496 BridgeMP - ok
17:51:03.0234 3496 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
17:51:03.0265 3496 Browser - ok
17:51:03.0328 3496 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:51:03.0390 3496 Brserid - ok
17:51:03.0421 3496 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:51:03.0452 3496 BrSerWdm - ok
17:51:03.0499 3496 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:51:03.0562 3496 BrUsbMdm - ok
17:51:03.0577 3496 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:51:03.0624 3496 BrUsbSer - ok
17:51:03.0686 3496 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:51:03.0733 3496 BTHMODEM - ok
17:51:03.0780 3496 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:51:03.0827 3496 bthserv - ok
17:51:03.0858 3496 catchme - ok
17:51:03.0889 3496 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:51:03.0936 3496 cdfs - ok
17:51:03.0967 3496 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:51:03.0998 3496 cdrom - ok
17:51:04.0076 3496 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:51:04.0139 3496 CertPropSvc - ok
17:51:04.0186 3496 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:51:04.0232 3496 circlass - ok
17:51:04.0264 3496 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:51:04.0279 3496 CLFS - ok
17:51:04.0388 3496 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:51:04.0404 3496 clr_optimization_v2.0.50727_32 - ok
17:51:04.0466 3496 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:51:04.0466 3496 clr_optimization_v2.0.50727_64 - ok
17:51:04.0544 3496 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:51:04.0544 3496 clr_optimization_v4.0.30319_32 - ok
17:51:04.0576 3496 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:51:04.0576 3496 clr_optimization_v4.0.30319_64 - ok
17:51:04.0607 3496 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:51:04.0622 3496 CmBatt - ok
17:51:04.0747 3496 [ 2A73F94DD98F3CD70618A45D778D203E ] cmdagent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
17:51:04.0778 3496 cmdagent - ok
17:51:04.0810 3496 [ 79E33C4C8719965A650955C139970841 ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
17:51:04.0825 3496 cmderd - ok
17:51:04.0841 3496 [ 6AD70719603268981E37961AEBBE0098 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
17:51:04.0856 3496 cmdGuard - ok
17:51:04.0888 3496 [ C11A9B345FB92C99463B1B5A4624A131 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
17:51:04.0888 3496 cmdHlp - ok
17:51:04.0919 3496 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:51:04.0934 3496 cmdide - ok
17:51:04.0966 3496 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
17:51:04.0981 3496 CNG - ok
17:51:04.0997 3496 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:51:05.0012 3496 Compbatt - ok
17:51:05.0028 3496 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:51:05.0044 3496 CompositeBus - ok
17:51:05.0059 3496 COMSysApp - ok
17:51:05.0090 3496 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:51:05.0122 3496 crcdisk - ok
17:51:05.0184 3496 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:51:05.0246 3496 CryptSvc - ok
17:51:05.0309 3496 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:51:05.0387 3496 DcomLaunch - ok
17:51:05.0465 3496 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:51:05.0543 3496 defragsvc - ok
17:51:05.0574 3496 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:51:05.0621 3496 DfsC - ok
17:51:05.0668 3496 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:51:05.0699 3496 Dhcp - ok
17:51:05.0699 3496 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:51:05.0746 3496 discache - ok
17:51:05.0777 3496 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:51:05.0792 3496 Disk - ok
17:51:05.0839 3496 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
17:51:05.0839 3496 DKbFltr - ok
17:51:05.0870 3496 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:51:05.0902 3496 Dnscache - ok
17:51:05.0948 3496 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:51:05.0995 3496 dot3svc - ok
17:51:06.0026 3496 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:51:06.0089 3496 DPS - ok
17:51:06.0120 3496 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:51:06.0136 3496 drmkaud - ok
17:51:06.0182 3496 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:51:06.0198 3496 DXGKrnl - ok
17:51:06.0229 3496 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:51:06.0276 3496 EapHost - ok
17:51:06.0510 3496 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:51:06.0619 3496 ebdrv - ok
17:51:06.0635 3496 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
17:51:06.0666 3496 EFS - ok
17:51:06.0728 3496 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:51:06.0775 3496 ehRecvr - ok
17:51:06.0822 3496 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:51:06.0853 3496 ehSched - ok
17:51:06.0900 3496 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:51:06.0916 3496 elxstor - ok
17:51:06.0978 3496 [ F2B2DFF1EB90B439128A0CFEA0CBB8E8 ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
17:51:07.0009 3496 ePowerSvc - ok
17:51:07.0103 3496 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
17:51:07.0134 3496 EPSON_PM_RPCV4_01 - ok
17:51:07.0165 3496 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:51:07.0196 3496 ErrDev - ok
17:51:07.0259 3496 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:51:07.0306 3496 EventSystem - ok
17:51:07.0337 3496 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:51:07.0399 3496 exfat - ok
17:51:07.0399 3496 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:51:07.0446 3496 fastfat - ok
17:51:07.0477 3496 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:51:07.0524 3496 Fax - ok
17:51:07.0555 3496 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:51:07.0571 3496 fdc - ok
17:51:07.0586 3496 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:51:07.0633 3496 fdPHost - ok
17:51:07.0664 3496 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:51:07.0711 3496 FDResPub - ok
17:51:07.0727 3496 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:51:07.0758 3496 FileInfo - ok
17:51:07.0789 3496 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:51:07.0836 3496 Filetrace - ok
17:51:07.0852 3496 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:51:07.0883 3496 flpydisk - ok
17:51:07.0898 3496 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:51:07.0914 3496 FltMgr - ok
17:51:07.0976 3496 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
17:51:08.0023 3496 FontCache - ok
17:51:08.0086 3496 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:51:08.0101 3496 FontCache3.0.0.0 - ok
17:51:08.0101 3496 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:51:08.0117 3496 FsDepends - ok
17:51:08.0132 3496 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:51:08.0148 3496 Fs_Rec - ok
17:51:08.0179 3496 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:51:08.0195 3496 fvevol - ok
17:51:08.0242 3496 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:51:08.0257 3496 gagp30kx - ok
17:51:08.0320 3496 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:51:08.0320 3496 GEARAspiWDM - ok
17:51:08.0382 3496 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:51:08.0413 3496 gpsvc - ok
17:51:08.0491 3496 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
17:51:08.0507 3496 Greg_Service - ok
17:51:08.0600 3496 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:51:08.0616 3496 gupdate - ok
17:51:08.0632 3496 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:51:08.0632 3496 gupdatem - ok
17:51:08.0694 3496 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:51:08.0710 3496 gusvc - ok
17:51:08.0741 3496 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:51:08.0803 3496 hcw85cir - ok
17:51:08.0866 3496 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:51:08.0897 3496 HdAudAddService - ok
17:51:08.0928 3496 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:51:08.0944 3496 HDAudBus - ok
17:51:08.0990 3496 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:51:09.0006 3496 HidBatt - ok
17:51:09.0006 3496 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:51:09.0037 3496 HidBth - ok
17:51:09.0053 3496 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:51:09.0084 3496 HidIr - ok
17:51:09.0100 3496 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:51:09.0146 3496 hidserv - ok
17:51:09.0193 3496 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:51:09.0209 3496 HidUsb - ok
17:51:09.0224 3496 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:51:09.0271 3496 hkmsvc - ok
17:51:09.0302 3496 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:51:09.0334 3496 HomeGroupListener - ok
17:51:09.0349 3496 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:51:09.0380 3496 HomeGroupProvider - ok
17:51:09.0474 3496 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:51:09.0474 3496 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:51:09.0474 3496 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:51:09.0505 3496 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:51:09.0521 3496 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:51:09.0521 3496 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:51:09.0552 3496 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:51:09.0552 3496 HpSAMD - ok
17:51:09.0614 3496 [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:51:09.0630 3496 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:51:09.0630 3496 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:51:09.0661 3496 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:51:09.0708 3496 HTTP - ok
17:51:09.0724 3496 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:51:09.0739 3496 hwpolicy - ok
17:51:09.0755 3496 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:51:09.0770 3496 i8042prt - ok
17:51:09.0817 3496 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:51:09.0833 3496 IAANTMON - ok
17:51:09.0864 3496 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:51:09.0880 3496 iaStor - ok
17:51:09.0911 3496 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
17:51:09.0926 3496 iaStorV - ok
17:51:09.0973 3496 [ 7A95A3AD931B97FEC5067E40636CE37F ] ICQ Service C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
17:51:09.0989 3496 ICQ Service - ok
17:51:10.0067 3496 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:51:10.0082 3496 idsvc - ok
17:51:10.0410 3496 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:51:10.0613 3496 igfx - ok
17:51:10.0660 3496 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:51:10.0675 3496 iirsp - ok
17:51:10.0738 3496 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:51:10.0784 3496 IKEEXT - ok
17:51:10.0816 3496 [ 8EA90BB95748B8FDBE8577D20A939A10 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
17:51:10.0831 3496 inspect - ok
17:51:10.0894 3496 [ 450BEC18B45BCCFDC923E11F856DBDA7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:51:10.0925 3496 IntcAzAudAddService - ok
17:51:10.0972 3496 [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
17:51:10.0987 3496 IntcHdmiAddService - ok
17:51:11.0003 3496 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:51:11.0003 3496 intelide - ok
17:51:11.0050 3496 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:51:11.0081 3496 intelppm - ok
17:51:11.0128 3496 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:51:11.0159 3496 IPBusEnum - ok
17:51:11.0206 3496 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:51:11.0252 3496 IpFilterDriver - ok
17:51:11.0299 3496 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:51:11.0346 3496 iphlpsvc - ok
17:51:11.0377 3496 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:51:11.0393 3496 IPMIDRV - ok
17:51:11.0424 3496 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:51:11.0471 3496 IPNAT - ok
17:51:11.0518 3496 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:51:11.0533 3496 iPod Service - ok
17:51:11.0564 3496 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:51:11.0580 3496 IRENUM - ok
17:51:11.0596 3496 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:51:11.0611 3496 isapnp - ok
17:51:11.0642 3496 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:51:11.0658 3496 iScsiPrt - ok
17:51:11.0705 3496 [ 249EE2D26CB1530F3BEDE0AC8B9E3099 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
17:51:11.0720 3496 k57nd60a - ok
17:51:11.0736 3496 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:51:11.0752 3496 kbdclass - ok
17:51:11.0767 3496 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:51:11.0798 3496 kbdhid - ok
17:51:11.0814 3496 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
17:51:11.0830 3496 KeyIso - ok
17:51:11.0845 3496 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:51:11.0861 3496 KSecDD - ok
17:51:11.0892 3496 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:51:11.0892 3496 KSecPkg - ok
17:51:11.0908 3496 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:51:11.0954 3496 ksthunk - ok
17:51:11.0986 3496 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:51:12.0048 3496 KtmRm - ok
17:51:12.0095 3496 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
17:51:12.0095 3496 L1E - ok
17:51:12.0142 3496 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:51:12.0188 3496 LanmanServer - ok
17:51:12.0220 3496 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:51:12.0266 3496 LanmanWorkstation - ok
17:51:12.0313 3496 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:51:12.0344 3496 lltdio - ok
17:51:12.0391 3496 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:51:12.0438 3496 lltdsvc - ok
17:51:12.0454 3496 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:51:12.0485 3496 lmhosts - ok
17:51:12.0516 3496 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:51:12.0532 3496 LSI_FC - ok
17:51:12.0532 3496 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:51:12.0547 3496 LSI_SAS - ok
17:51:12.0547 3496 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:51:12.0563 3496 LSI_SAS2 - ok
17:51:12.0578 3496 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:51:12.0578 3496 LSI_SCSI - ok
17:51:12.0594 3496 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:51:12.0641 3496 luafv - ok
17:51:12.0672 3496 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:51:12.0688 3496 MBAMProtector - ok
17:51:12.0719 3496 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:51:12.0734 3496 MBAMScheduler - ok
17:51:12.0766 3496 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:51:12.0797 3496 MBAMService - ok
17:51:12.0875 3496 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
17:51:12.0875 3496 McComponentHostService - ok
17:51:12.0922 3496 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:51:12.0953 3496 Mcx2Svc - ok
17:51:12.0984 3496 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:51:12.0984 3496 megasas - ok
17:51:13.0000 3496 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:51:13.0015 3496 MegaSR - ok
17:51:13.0078 3496 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:51:13.0078 3496 Microsoft Office Groove Audit Service - ok
17:51:13.0124 3496 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:51:13.0187 3496 MMCSS - ok
17:51:13.0218 3496 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:51:13.0265 3496 Modem - ok
17:51:13.0280 3496 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:51:13.0312 3496 monitor - ok
17:51:13.0343 3496 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:51:13.0374 3496 mouclass - ok
17:51:13.0452 3496 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:51:13.0468 3496 mouhid - ok
17:51:13.0499 3496 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:51:13.0514 3496 mountmgr - ok
17:51:13.0608 3496 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:51:13.0639 3496 MozillaMaintenance - ok
17:51:13.0655 3496 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:51:13.0670 3496 mpio - ok
17:51:13.0702 3496 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:51:13.0748 3496 mpsdrv - ok
17:51:13.0780 3496 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:51:13.0842 3496 MpsSvc - ok
17:51:13.0858 3496 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:51:13.0889 3496 MRxDAV - ok
17:51:13.0920 3496 [ B7F3D2C40BDF8FFB73EBFB19C77734E2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:51:13.0936 3496 mrxsmb - ok
17:51:13.0967 3496 [ 86C6F88B5168CE21CF8D69D0B3FF5D19 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:51:13.0998 3496 mrxsmb10 - ok
17:51:14.0014 3496 [ B081069251C8E9F42CB8769D07148F9C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:51:14.0029 3496 mrxsmb20 - ok
17:51:14.0060 3496 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:51:14.0076 3496 msahci - ok
17:51:14.0123 3496 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
17:51:14.0138 3496 MSCamSvc - ok
17:51:14.0138 3496 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:51:14.0154 3496 msdsm - ok
17:51:14.0185 3496 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:51:14.0201 3496 MSDTC - ok
17:51:14.0216 3496 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:51:14.0248 3496 Msfs - ok
17:51:14.0279 3496 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:51:14.0326 3496 mshidkmdf - ok
17:51:14.0341 3496 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:51:14.0341 3496 msisadrv - ok
17:51:14.0388 3496 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:51:14.0435 3496 MSiSCSI - ok
17:51:14.0435 3496 msiserver - ok
17:51:14.0466 3496 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:51:14.0497 3496 MSKSSRV - ok
17:51:14.0497 3496 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:51:14.0560 3496 MSPCLOCK - ok
17:51:14.0575 3496 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:51:14.0622 3496 MSPQM - ok
17:51:14.0638 3496 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:51:14.0669 3496 MsRPC - ok
17:51:14.0684 3496 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:51:14.0700 3496 mssmbios - ok
17:51:14.0716 3496 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:51:14.0762 3496 MSTEE - ok
17:51:14.0778 3496 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:51:14.0809 3496 MTConfig - ok
17:51:14.0856 3496 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:51:14.0872 3496 Mup - ok
17:51:14.0887 3496 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
17:51:14.0887 3496 mwlPSDFilter - ok
17:51:14.0903 3496 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
17:51:14.0903 3496 mwlPSDNServ - ok
17:51:14.0918 3496 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
17:51:14.0918 3496 mwlPSDVDisk - ok
17:51:14.0981 3496 [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
17:51:14.0996 3496 MWLService - ok
17:51:15.0028 3496 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:51:15.0074 3496 napagent - ok
17:51:15.0121 3496 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:51:15.0152 3496 NativeWifiP - ok
17:51:15.0199 3496 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:51:15.0215 3496 NDIS - ok
17:51:15.0246 3496 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:51:15.0293 3496 NdisCap - ok
17:51:15.0308 3496 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:51:15.0355 3496 NdisTapi - ok
17:51:15.0371 3496 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:51:15.0418 3496 Ndisuio - ok
17:51:15.0449 3496 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:51:15.0496 3496 NdisWan - ok
17:51:15.0496 3496 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:51:15.0558 3496 NDProxy - ok
17:51:15.0620 3496 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:51:15.0636 3496 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:51:15.0636 3496 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:51:15.0652 3496 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:51:15.0698 3496 NetBIOS - ok
17:51:15.0698 3496 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:51:15.0761 3496 NetBT - ok
17:51:15.0776 3496 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
17:51:15.0792 3496 Netlogon - ok
17:51:15.0823 3496 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:51:15.0870 3496 Netman - ok
17:51:15.0886 3496 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:51:15.0948 3496 netprofm - ok
17:51:15.0979 3496 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:51:15.0979 3496 NetTcpPortSharing - ok
17:51:16.0010 3496 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:51:16.0026 3496 nfrd960 - ok
17:51:16.0057 3496 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:51:16.0104 3496 NlaSvc - ok
17:51:16.0120 3496 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:51:16.0166 3496 Npfs - ok
17:51:16.0166 3496 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:51:16.0229 3496 nsi - ok
17:51:16.0229 3496 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:51:16.0291 3496 nsiproxy - ok
17:51:16.0338 3496 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:51:16.0385 3496 Ntfs - ok
17:51:16.0463 3496 [ 14E66F603FB187713AEB02AD3B0390CF ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
17:51:16.0463 3496 NTI IScheduleSvc - ok
17:51:16.0510 3496 [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
17:51:16.0525 3496 NTIBackupSvc - ok
17:51:16.0572 3496 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
17:51:16.0588 3496 NTIDrvr - ok
17:51:16.0619 3496 [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
17:51:16.0650 3496 NTISchedulerSvc - ok
17:51:16.0681 3496 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:51:16.0728 3496 Null - ok
17:51:16.0775 3496 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:51:16.0806 3496 nvraid - ok
17:51:16.0837 3496 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
17:51:16.0853 3496 nvstor - ok
17:51:16.0868 3496 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:51:16.0884 3496 nv_agp - ok
17:51:17.0024 3496 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:51:17.0040 3496 odserv - ok
17:51:17.0071 3496 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:51:17.0087 3496 ohci1394 - ok
17:51:17.0134 3496 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:51:17.0134 3496 ose - ok
17:51:17.0180 3496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:51:17.0212 3496 p2pimsvc - ok
17:51:17.0227 3496 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:51:17.0243 3496 p2psvc - ok
17:51:17.0290 3496 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:51:17.0305 3496 Parport - ok
17:51:17.0321 3496 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:51:17.0336 3496 partmgr - ok
17:51:17.0368 3496 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:51:17.0399 3496 PcaSvc - ok
17:51:17.0399 3496 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:51:17.0414 3496 pci - ok
17:51:17.0430 3496 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:51:17.0446 3496 pciide - ok
17:51:17.0461 3496 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:51:17.0461 3496 pcmcia - ok
17:51:17.0477 3496 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:51:17.0492 3496 pcw - ok
17:51:17.0508 3496 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:51:17.0586 3496 PEAUTH - ok
17:51:17.0648 3496 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:51:17.0680 3496 PerfHost - ok
17:51:17.0726 3496 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:51:17.0820 3496 pla - ok
17:51:17.0851 3496 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:51:17.0929 3496 PlugPlay - ok
17:51:17.0960 3496 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:51:17.0992 3496 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:51:17.0992 3496 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:51:18.0007 3496 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:51:18.0023 3496 PNRPAutoReg - ok
17:51:18.0054 3496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:51:18.0070 3496 PNRPsvc - ok
17:51:18.0101 3496 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:51:18.0163 3496 PolicyAgent - ok
17:51:18.0210 3496 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:51:18.0241 3496 Power - ok
17:51:18.0288 3496 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:51:18.0319 3496 PptpMiniport - ok
17:51:18.0335 3496 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:51:18.0350 3496 Processor - ok
17:51:18.0413 3496 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
17:51:18.0491 3496 ProfSvc - ok
17:51:18.0522 3496 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
17:51:18.0538 3496 ProtectedStorage - ok
17:51:18.0553 3496 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:51:18.0584 3496 Psched - ok
17:51:18.0631 3496 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:51:18.0678 3496 ql2300 - ok
17:51:18.0694 3496 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:51:18.0709 3496 ql40xx - ok
17:51:18.0725 3496 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:51:18.0756 3496 QWAVE - ok
17:51:18.0787 3496 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:51:18.0834 3496 QWAVEdrv - ok
17:51:18.0865 3496 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:51:18.0943 3496 RasAcd - ok
17:51:19.0006 3496 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:51:19.0037 3496 RasAgileVpn - ok
17:51:19.0068 3496 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:51:19.0115 3496 RasAuto - ok
17:51:19.0162 3496 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:51:19.0240 3496 Rasl2tp - ok
17:51:19.0286 3496 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:51:19.0333 3496 RasMan - ok
17:51:19.0364 3496 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:51:19.0411 3496 RasPppoe - ok
17:51:19.0411 3496 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:51:19.0458 3496 RasSstp - ok
17:51:19.0474 3496 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:51:19.0520 3496 rdbss - ok
17:51:19.0536 3496 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:51:19.0552 3496 rdpbus - ok
17:51:19.0567 3496 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:51:19.0614 3496 RDPCDD - ok
17:51:19.0630 3496 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:51:19.0676 3496 RDPENCDD - ok
17:51:19.0692 3496 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:51:19.0739 3496 RDPREFMP - ok
17:51:19.0739 3496 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:51:19.0801 3496 RDPWD - ok
17:51:19.0832 3496 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:51:19.0848 3496 rdyboost - ok
17:51:19.0879 3496 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:51:19.0910 3496 RemoteAccess - ok
17:51:19.0957 3496 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:51:20.0020 3496 RemoteRegistry - ok
17:51:20.0035 3496 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:51:20.0098 3496 RpcEptMapper - ok
17:51:20.0113 3496 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:51:20.0129 3496 RpcLocator - ok
17:51:20.0176 3496 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
17:51:20.0207 3496 RpcSs - ok
17:51:20.0254 3496 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:51:20.0300 3496 rspndr - ok
17:51:20.0347 3496 [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
17:51:20.0363 3496 RSUSBSTOR - ok
17:51:20.0394 3496 RtsUIR - ok
17:51:20.0410 3496 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
17:51:20.0425 3496 SamSs - ok
17:51:20.0456 3496 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:51:20.0456 3496 sbp2port - ok
17:51:20.0488 3496 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:51:20.0519 3496 SCardSvr - ok
17:51:20.0534 3496 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:51:20.0581 3496 scfilter - ok
17:51:20.0628 3496 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
17:51:20.0675 3496 Schedule - ok
17:51:20.0690 3496 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:51:20.0722 3496 SCPolicySvc - ok
17:51:20.0768 3496 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:51:20.0800 3496 SDRSVC - ok
17:51:20.0831 3496 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:51:20.0893 3496 secdrv - ok
17:51:20.0909 3496 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:51:20.0956 3496 seclogon - ok
17:51:20.0971 3496 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:51:21.0034 3496 SENS - ok
17:51:21.0049 3496 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:51:21.0080 3496 SensrSvc - ok
17:51:21.0112 3496 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:51:21.0127 3496 Serenum - ok
17:51:21.0127 3496 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:51:21.0158 3496 Serial - ok
17:51:21.0174 3496 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:51:21.0205 3496 sermouse - ok
17:51:21.0236 3496 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:51:21.0283 3496 SessionEnv - ok
17:51:21.0299 3496 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:51:21.0330 3496 sffdisk - ok
17:51:21.0361 3496 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:51:21.0377 3496 sffp_mmc - ok
17:51:21.0392 3496 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:51:21.0408 3496 sffp_sd - ok
17:51:21.0439 3496 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:51:21.0455 3496 sfloppy - ok
17:51:21.0502 3496 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:51:21.0548 3496 SharedAccess - ok
17:51:21.0580 3496 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:51:21.0611 3496 ShellHWDetection - ok
17:51:21.0626 3496 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:51:21.0626 3496 SiSRaid2 - ok
17:51:21.0658 3496 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:51:21.0673 3496 SiSRaid4 - ok
17:51:21.0689 3496 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:51:21.0720 3496 Smb - ok
17:51:21.0767 3496 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:51:21.0782 3496 SNMPTRAP - ok
17:51:21.0798 3496 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:51:21.0798 3496 spldr - ok
17:51:21.0829 3496 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
17:51:21.0876 3496 Spooler - ok
17:51:21.0970 3496 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:51:22.0048 3496 sppsvc - ok
17:51:22.0063 3496 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:51:22.0094 3496 sppuinotify - ok
17:51:22.0126 3496 [ 148D50904D2A0DF29A19778715EB35BB ] srv C:\Windows\system32\DRIVERS\srv.sys
17:51:22.0141 3496 srv - ok
17:51:22.0172 3496 [ CE2189FE31D36678AC9EB7DDEE08EC96 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:51:22.0188 3496 srv2 - ok
17:51:22.0219 3496 [ CB69EDEB069A49577592835659CD0E46 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:51:22.0235 3496 srvnet - ok
17:51:22.0266 3496 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:51:22.0313 3496 SSDPSRV - ok
17:51:22.0328 3496 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:51:22.0375 3496 SstpSvc - ok
17:51:22.0391 3496 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:51:22.0406 3496 stexstor - ok
17:51:22.0422 3496 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:51:22.0453 3496 stisvc - ok
17:51:22.0469 3496 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:51:22.0469 3496 swenum - ok
17:51:22.0500 3496 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:51:22.0547 3496 swprv - ok
17:51:22.0578 3496 [ ED6D1424E5B0C21A57B28DD8508D6843 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:51:22.0594 3496 SynTP - ok
17:51:22.0656 3496 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:51:22.0734 3496 SysMain - ok
17:51:22.0765 3496 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:51:22.0796 3496 TabletInputService - ok
17:51:22.0828 3496 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:51:22.0874 3496 TapiSrv - ok
17:51:22.0890 3496 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:51:22.0937 3496 TBS - ok
17:51:22.0999 3496 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:51:23.0030 3496 Tcpip - ok
17:51:23.0093 3496 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:51:23.0140 3496 TCPIP6 - ok
17:51:23.0186 3496 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:51:23.0218 3496 tcpipreg - ok
17:51:23.0233 3496 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:51:23.0280 3496 TDPIPE - ok
17:51:23.0296 3496 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:51:23.0327 3496 TDTCP - ok
17:51:23.0342 3496 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:51:23.0405 3496 tdx - ok
17:51:23.0420 3496 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:51:23.0420 3496 TermDD - ok
17:51:23.0452 3496 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:51:23.0514 3496 TermService - ok
17:51:23.0530 3496 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:51:23.0561 3496 Themes - ok
17:51:23.0576 3496 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:51:23.0608 3496 THREADORDER - ok
17:51:23.0654 3496 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:51:23.0701 3496 TrkWks - ok
17:51:23.0748 3496 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:51:23.0764 3496 TrustedInstaller - ok
17:51:23.0779 3496 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:51:23.0826 3496 tssecsrv - ok
17:51:23.0857 3496 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:51:23.0904 3496 tunnel - ok
17:51:23.0920 3496 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:51:23.0935 3496 uagp35 - ok
17:51:23.0966 3496 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
17:51:23.0966 3496 UBHelper - ok
17:51:23.0982 3496 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:51:24.0044 3496 udfs - ok
17:51:24.0060 3496 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:51:24.0076 3496 UI0Detect - ok
17:51:24.0107 3496 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:51:24.0107 3496 uliagpkx - ok
17:51:24.0138 3496 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:51:24.0169 3496 umbus - ok
17:51:24.0185 3496 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:51:24.0200 3496 UmPass - ok
17:51:24.0232 3496 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
17:51:24.0247 3496 Updater Service - ok
17:51:24.0278 3496 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:51:24.0310 3496 upnphost - ok
17:51:24.0356 3496 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:51:24.0403 3496 USBAAPL64 - ok
17:51:24.0434 3496 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:51:24.0466 3496 usbaudio - ok
17:51:24.0497 3496 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:51:24.0512 3496 usbccgp - ok
17:51:24.0512 3496 USBCCID - ok
17:51:24.0528 3496 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:51:24.0559 3496 usbcir - ok
17:51:24.0559 3496 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:51:24.0575 3496 usbehci - ok
17:51:24.0606 3496 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:51:24.0622 3496 usbhub - ok
17:51:24.0637 3496 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:51:24.0653 3496 usbohci - ok
17:51:24.0684 3496 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:51:24.0700 3496 usbprint - ok
17:51:24.0731 3496 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:51:24.0746 3496 usbscan - ok
17:51:24.0778 3496 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:51:24.0809 3496 USBSTOR - ok
17:51:24.0824 3496 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:51:24.0840 3496 usbuhci - ok
17:51:24.0887 3496 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:51:24.0902 3496 usbvideo - ok
17:51:24.0918 3496 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:51:24.0949 3496 UxSms - ok
17:51:24.0965 3496 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
17:51:24.0980 3496 VaultSvc - ok
17:51:25.0012 3496 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:51:25.0012 3496 vdrvroot - ok
17:51:25.0043 3496 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:51:25.0074 3496 vds - ok
17:51:25.0090 3496 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:51:25.0105 3496 vga - ok
17:51:25.0121 3496 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:51:25.0168 3496 VgaSave - ok
17:51:25.0183 3496 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:51:25.0199 3496 vhdmp - ok
17:51:25.0214 3496 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:51:25.0230 3496 viaide - ok
17:51:25.0230 3496 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:51:25.0246 3496 volmgr - ok
17:51:25.0261 3496 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:51:25.0277 3496 volmgrx - ok
17:51:25.0292 3496 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:51:25.0308 3496 volsnap - ok
17:51:25.0324 3496 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:51:25.0339 3496 vsmraid - ok
17:51:25.0402 3496 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:51:25.0448 3496 VSS - ok
17:51:25.0464 3496 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:51:25.0480 3496 vwifibus - ok
17:51:25.0495 3496 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:51:25.0526 3496 vwififlt - ok
17:51:25.0620 3496 [ CE6C085771812D5EE863CC7EF93CAEF2 ] VX1000 C:\Windows\system32\DRIVERS\VX1000.sys
17:51:25.0667 3496 VX1000 - ok
17:51:25.0698 3496 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:51:25.0745 3496 W32Time - ok
17:51:25.0776 3496 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:51:25.0792 3496 WacomPen - ok
17:51:25.0823 3496 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:51:25.0870 3496 WANARP - ok
17:51:25.0870 3496 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:51:25.0901 3496 Wanarpv6 - ok
17:51:25.0963 3496 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:51:26.0026 3496 wbengine - ok
17:51:26.0041 3496 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:51:26.0072 3496 WbioSrvc - ok
17:51:26.0104 3496 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:51:26.0135 3496 wcncsvc - ok
17:51:26.0150 3496 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:51:26.0182 3496 WcsPlugInService - ok
17:51:26.0213 3496 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:51:26.0213 3496 Wd - ok
17:51:26.0244 3496 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:51:26.0275 3496 Wdf01000 - ok
17:51:26.0291 3496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:51:26.0306 3496 WdiServiceHost - ok
17:51:26.0306 3496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:51:26.0322 3496 WdiSystemHost - ok
17:51:26.0369 3496 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
17:51:26.0400 3496 WebClient - ok
17:51:26.0431 3496 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:51:26.0478 3496 Wecsvc - ok
17:51:26.0494 3496 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:51:26.0556 3496 wercplsupport - ok
17:51:26.0572 3496 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:51:26.0603 3496 WerSvc - ok
17:51:26.0618 3496 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:51:26.0665 3496 WfpLwf - ok
17:51:26.0681 3496 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:51:26.0681 3496 WIMMount - ok
17:51:26.0712 3496 WinDefend - ok
17:51:26.0712 3496 WinHttpAutoProxySvc - ok
17:51:26.0774 3496 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:51:26.0837 3496 Winmgmt - ok
17:51:26.0884 3496 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:51:26.0962 3496 WinRM - ok
17:51:27.0024 3496 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:51:27.0055 3496 WinUsb - ok
17:51:27.0086 3496 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:51:27.0118 3496 Wlansvc - ok
17:51:27.0164 3496 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:51:27.0164 3496 WmiAcpi - ok
17:51:27.0211 3496 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:51:27.0242 3496 wmiApSrv - ok
17:51:27.0274 3496 WMPNetworkSvc - ok
17:51:27.0305 3496 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:51:27.0336 3496 WPCSvc - ok
17:51:27.0352 3496 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:51:27.0367 3496 WPDBusEnum - ok
17:51:27.0398 3496 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:51:27.0445 3496 ws2ifsl - ok
17:51:27.0492 3496 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
17:51:27.0539 3496 wscsvc - ok
17:51:27.0539 3496 WSearch - ok
17:51:27.0632 3496 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:51:27.0679 3496 wuauserv - ok
17:51:27.0742 3496 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:51:27.0773 3496 WudfPf - ok
17:51:27.0804 3496 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:51:27.0851 3496 WUDFRd - ok
17:51:27.0882 3496 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:51:27.0929 3496 wudfsvc - ok
17:51:27.0944 3496 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:51:27.0976 3496 WwanSvc - ok
17:51:27.0991 3496 ================ Scan global ===============================
17:51:28.0022 3496 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:51:28.0038 3496 [ B200DECA2186858595A97FBE63E896CC ] C:\Windows\system32\winsrv.dll
17:51:28.0054 3496 [ B200DECA2186858595A97FBE63E896CC ] C:\Windows\system32\winsrv.dll
17:51:28.0069 3496 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:51:28.0100 3496 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:51:28.0100 3496 [Global] - ok
17:51:28.0100 3496 ================ Scan MBR ==================================
17:51:28.0116 3496 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:51:28.0366 3496 \Device\Harddisk0\DR0 - ok
17:51:28.0366 3496 ================ Scan VBR ==================================
17:51:28.0366 3496 [ D5D0DBF67A6FDAB222744DC280CCC7F0 ] \Device\Harddisk0\DR0\Partition1
17:51:28.0366 3496 \Device\Harddisk0\DR0\Partition1 - ok
17:51:28.0412 3496 [ 6B2C23903AC659BDF6B47AABA7CE43C8 ] \Device\Harddisk0\DR0\Partition2
17:51:28.0412 3496 \Device\Harddisk0\DR0\Partition2 - ok
17:51:28.0412 3496 ============================================================
17:51:28.0412 3496 Scan finished
17:51:28.0412 3496 ============================================================
17:51:28.0428 5844 Detected object count: 5
17:51:28.0428 5844 Actual detected object count: 5
17:51:35.0526 5844 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:51:35.0526 5844 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:51:35.0526 5844 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:51:35.0526 5844 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:51:35.0526 5844 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:51:35.0526 5844 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:51:35.0542 5844 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:51:35.0542 5844 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:51:35.0542 5844 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:51:35.0542 5844 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
 |
|
29.01.2013, 20:23
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lapptop Zeusvirus verseucht ! adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2013, 20:42
| #29 |
| | Lapptop Zeusvirus verseucht !Code:
ATTFilter # AdwCleaner v2.109 - Datei am 29/01/2013 um 20:41:12 erstellt
# Aktualisiert am 26/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium (64 bits)
# Benutzer : Merle - MERLE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Merle\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
Gefunden : ICQ Service
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Users\Merle\AppData\Roaming\Mozilla\Firefox\Profiles\gk48dn0q.default\searchplugins\icqplugin.xml
Datei Gefunden : C:\Users\Merle\AppData\Roaming\Mozilla\Firefox\Profiles\gk48dn0q.default\searchplugins\icqplugin-1.xml
Datei Gefunden : C:\Users\Merle\AppData\Roaming\Mozilla\Firefox\Profiles\gk48dn0q.default\searchplugins\icqplugin-2.xml
Datei Gefunden : C:\Users\Merle\AppData\Roaming\Mozilla\Firefox\Profiles\gk48dn0q.default\searchplugins\icqplugin-3.xml
Ordner Gefunden : C:\Program Files (x86)\Common Files\Plasmoo
Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\Merle\AppData\Roaming\Mozilla\Firefox\Profiles\gk48dn0q.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gefunden : HKU\S-1-5-21-799065356-3053342187-607352754-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKU\S-1-5-21-799065356-3053342187-607352754-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7600.16766
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.icq.com/
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Mozilla Firefox v18.0.1 (de)
Datei : C:\Users\Merle\AppData\Roaming\Mozilla\Firefox\Profiles\gk48dn0q.default\prefs.js
Gefunden : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Gefunden : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\Merle\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [4117 octets] - [29/01/2013 20:41:12]
########## EOF - C:\AdwCleaner[R1].txt - [4177 octets] ##########
|
|
29.01.2013, 21:17
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lapptop Zeusvirus verseucht ! adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Lapptop Zeusvirus verseucht ! |
| compu, durchgeführt, e-mail, hoffe, laptop, otl scan, verseucht, web.de |
Linear-Darstellung
