|
Plagegeister aller Art und deren Bekämpfung: Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
21.02.2013, 15:24 | #1 |
| Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar Hallo liebe Community, habe seit ca. 2-3 Monaten(weiss leider nicht mehr genau) folgendes Problem: Prozessor fährt im Idle oder unter Last(am bestem im Idle nachvollziehbar) nach etwa 3 Minuten hoch auf ca. 26% Auslastung laut TaskManager und 23% RAM(RAM-Auslastung bleibt gleich,egal ob Fehlerfall oder nicht). Dazu läuft der Grafikkartenlüfter auf ca. 40%, wobei die Temp. der Graka auf etwa 87 Grad hoch geht. Nach dieser Zeit ist bei mir noch kein Bildschirmschoner aktiv. Ich habe kein einziges Programm geöffnet! Der Fehlerfall tritt aber auch ein wenn ich ein Programm ausführe und einfach für die 3 minuten nichts mit der Maus oder Tastatur mache. Wenn ich also nach der zeit bis der "Fehler" auftritt die Maus bewege, fährt alles wieder in den Normalzustand zurück, d.h. etwa 1%Prozessor Last und der Grafikkartenlüfter drosselt sich wieder auf normale Geschwindigkeit herunter. Die Grafikkartentemp. sinkt sofort wieder auf die im Idle bei mir normalen 50%. Anschliessend werden meine beiden Monitore für kurze Zeit Schwarz, nach etwa 1 sekunde ist das Bild wieder da und ich bekomme die Fehlermeldung: ""Der Anzeigetreiber wurde nach einem Fehler Wiederhergestellt" "Der Anzeigetreiber "NVIDIA Windows Kernel Mode Driver, Version 314.07 reagiert nicht mehr und wurde wiederhergestellt." Dieses "Spielchen" kann ich beliebig oft wiederholen und ist zu 90% vorhanden nach Neustart. Ich habe dann etwa 1 Woche lang über google versucht das Problem "Der Anzeigetreiber..." zu beheben, ohne Erfolg. Da meiner Meinung nach diese Fehlermeldung nichts mit meinem eigentlichen Problem zu tun hat. Ich habe viele verschiedene Treiber getestet, habe meine Monitore an der Internen Grafikkarte angeschlossen, in der Registry TDR Keys umgeschrieben, Programme deinstalliert und aus dem Systemstart rausgetan, alles ohne Erfolg. Eines Tages bemerkte ich dann unter "msconfig" "Systemstart", das ich ein bestimmtes Systemstartelement nicht deaktivieren kann. Also ich konnte es deaktivieren aber beim nächsten Neustart war der Haken wieder drin. Hierbei handelt es sich um folgendes: Systemstartelement Hersteller Befehl GuardHostComputer BigDefenseIndustries C:\Users\...\AppData.... unter folgendem Ort: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Nun versuchte ich den Ordner aus der Registry zu löschen, jedoch nach einiger zeit bzw. nach einen Neustart war selbiges wieder vorhanden. Ich glaube das mein Problem mit dem Bildschirmausfall und Anzeigetreiberfehlermeldung mit diesem "Programm/Trojaner" zusammenhängt. Wo ich mir diesen eingefangen habe glaube ich zu wissen, möchte dies aber nicht hier posten. Meine Sicherheitssoftware hat auch schon Viren festgestellt und in Quarantäne verschoben, leider habe ich diese anschliessend entfernen lassen Diese hier hab ich noch im Verlauf von Microsoft Security Essentials drinstehen: Trojan:Win32/Zeeborot.A Exploit:Java/CVE-2012-1723 Exploit:Java/CVE-2013-0422 TrojanDropper:Win32/Alureon.V OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.02.2013 14:06:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = G:\Grusch\Software gegen Trojaner 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,89 Gb Total Physical Memory | 6,13 Gb Available Physical Memory | 77,71% Memory free 15,78 Gb Paging File | 13,97 Gb Available in Paging File | 88,49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,21 Gb Total Space | 125,78 Gb Free Space | 64,43% Space Free | Partition Type: NTFS Drive D: | 298,09 Gb Total Space | 122,00 Gb Free Space | 40,93% Space Free | Partition Type: NTFS Drive G: | 736,20 Gb Total Space | 307,85 Gb Free Space | 41,82% Space Free | Partition Type: NTFS Computer Name: BATMAN-PC | User Name: Batman | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.02.21 13:50:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\Grusch\Software gegen Trojaner\OTL.exe PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe ========== Modules (No Company Name) ========== MOD - [2012.08.22 14:46:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ========== Services (SafeList) ========== SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.02.19 18:40:23 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.02.09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.01.27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013.01.27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2013.01.19 03:50:09 | 002,070,304 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.12.14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.09.06 10:50:24 | 000,248,248 | R--- | M] (Western Digital) [Disabled | Stopped] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService) SRV - [2012.09.01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012.08.09 19:25:50 | 000,207,872 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Serviio\bin\ServiioService.exe -- (Serviio) SRV - [2011.12.15 11:40:08 | 001,977,224 | R--- | M] (Western Digital ) [Disabled | Stopped] -- C:\Programme\Western Digital\WD SmartWare\WDFME.exe -- (WDFMEService) SRV - [2011.12.15 11:40:08 | 001,338,264 | R--- | M] (Western Digital ) [Disabled | Stopped] -- C:\Programme\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService) SRV - [2011.12.15 11:40:06 | 000,319,384 | R--- | M] (WDC) [Disabled | Stopped] -- C:\Programme\Western Digital\WD SmartWare\WDDMService.exe -- (WDDMService) SRV - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.08.30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.01.20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.12.19 06:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.12.14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012.09.28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.09.01 17:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012.09.01 17:01:56 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF) DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012.03.27 01:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.03.27 01:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.03.27 01:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.20 05:39:16 | 000,205,312 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB) DRV:64bit: - [2012.01.20 05:39:04 | 000,254,464 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv) DRV:64bit: - [2011.12.16 13:18:56 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.08.11 23:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2013.01.28 18:57:06 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2013.01.28 18:56:51 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012.10.30 13:52:05 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2010.02.04 09:09:00 | 000,014,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys -- (GPCIDrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = G:\Grusch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AC 58 A3 0E 14 8D CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {72349996-FB7D-4E70-8B3D-22F59F3829FA} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{72349996-FB7D-4E70-8B3D-22F59F3829FA}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7MERD_deDE502 IE - HKCU\..\SearchScopes\{A85AB85A-F7FA-491E-AFEE-4C62B7659F3F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=08E77021-1286-4C48-A64F-DB57B8D40B82&apn_sauid=599D2609-1A26-44A2-B105-970B22074A69 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll File not found FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Batman\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Batman\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - homepage: hxxp://de.yahoo.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://de.yahoo.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Batman\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Batman\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Batman\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Batman\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Batman\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKCU..\Run: [{A40125CC-3BBD-5CE4-5FBD-93EE0B0FAD45}] C:\Users\Batman\AppData\Roaming\Buofy\wazu.exe (Big Defense Industrial) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.5.11.0.cab (SysInfo Class) O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/bin/LogitechDeviceDetection32.cab (Geräteerkennung) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DE69099-F348-441B-8233-A69E06C19BAF}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.21 13:39:40 | 000,000,000 | ---D | C] -- C:\Users\Batman\AppData\Roaming\Malwarebytes [2013.02.21 13:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.02.21 13:39:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.21 13:39:27 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.02.21 13:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.02.19 20:53:13 | 000,000,000 | ---D | C] -- C:\Users\Batman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast [2013.02.19 20:53:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast [2013.02.19 20:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast [2013.02.19 11:11:02 | 000,000,000 | ---D | C] -- C:\Users\Batman\AppData\Roaming\elsterformular [2013.02.19 11:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular [2013.02.19 11:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular [2013.02.19 11:08:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular [2013.02.12 07:40:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV [2013.02.12 07:40:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV [2013.01.28 18:51:47 | 000,000,000 | ---D | C] -- C:\Users\Batman\AppData\Local\NVIDIA [2013.01.28 18:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD ========== Files - Modified Within 30 Days ========== [2013.02.21 14:03:39 | 000,000,000 | ---- | M] () -- C:\Users\Batman\defogger_reenable [2013.02.21 13:56:07 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525669722-3757799730-524398789-1000UA.job [2013.02.21 13:38:15 | 000,034,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.21 13:38:15 | 000,034,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.21 13:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.21 13:34:56 | 001,502,164 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.21 13:34:56 | 000,655,188 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.21 13:34:56 | 000,617,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.21 13:34:56 | 000,130,558 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.21 13:34:56 | 000,106,948 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.21 13:30:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.21 13:30:12 | 2060,599,295 | -HS- | M] () -- C:\hiberfil.sys [2013.02.21 13:00:47 | 000,000,110 | ---- | M] () -- C:\.dir [2013.02.21 10:56:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525669722-3757799730-524398789-1000Core.job [2013.02.19 20:53:13 | 000,000,991 | ---- | M] () -- C:\Users\Batman\Desktop\SopCast.lnk [2013.02.19 18:17:59 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2013.02.19 11:08:52 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk [2013.02.14 07:42:17 | 000,416,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.12 08:19:31 | 000,000,445 | ---- | M] () -- C:\Users\Batman\Desktop\Yahoo!.website [2013.02.10 04:25:27 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2013.02.09 14:25:36 | 003,035,306 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2013.02.07 17:53:39 | 000,002,370 | ---- | M] () -- C:\Users\Batman\Desktop\Google Chrome.lnk [2013.01.28 18:57:06 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys [2013.01.28 18:51:39 | 000,001,347 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk [2013.01.28 18:30:51 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\ET6.lnk [2013.01.28 18:29:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2013.01.28 18:07:28 | 000,001,635 | ---- | M] () -- C:\Users\Batman\Desktop\Everest (2).lnk [2013.01.28 18:07:05 | 000,001,635 | ---- | M] () -- C:\Users\Batman\Desktop\Everest.lnk ========== Files Created - No Company Name ========== [2013.02.21 14:03:39 | 000,000,000 | ---- | C] () -- C:\Users\Batman\defogger_reenable [2013.02.20 17:56:47 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.02.20 17:40:49 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.02.19 20:53:13 | 000,000,991 | ---- | C] () -- C:\Users\Batman\Desktop\SopCast.lnk [2013.02.19 11:08:52 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk [2013.01.28 18:51:39 | 000,001,347 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk [2013.01.28 18:30:51 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\ET6.lnk [2013.01.28 18:29:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2013.01.28 18:07:28 | 000,001,635 | ---- | C] () -- C:\Users\Batman\Desktop\Everest (2).lnk [2013.01.28 18:07:05 | 000,001,635 | ---- | C] () -- C:\Users\Batman\Desktop\Everest.lnk [2013.01.21 17:22:45 | 000,000,451 | ---- | C] () -- C:\Program Files (x86)\release [2013.01.21 17:22:41 | 000,003,409 | ---- | C] () -- C:\Program Files (x86)\COPYRIGHT [2013.01.21 17:22:41 | 000,000,983 | ---- | C] () -- C:\Program Files (x86)\Welcome.html [2013.01.21 17:22:41 | 000,000,041 | ---- | C] () -- C:\Program Files (x86)\LICENSE [2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.12.14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012.12.14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2012.09.27 06:06:24 | 083,023,306 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad [2012.09.15 11:50:06 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2012.09.07 18:21:47 | 000,007,597 | ---- | C] () -- C:\Users\Batman\AppData\Local\resmon.resmoncfg [2012.09.07 17:47:58 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.04.20 12:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.01.14 17:55:30 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Buofy [2012.09.07 17:14:53 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\DAEMON Tools Lite [2013.02.12 08:22:22 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Ecte [2013.02.19 11:11:04 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\elsterformular [2012.10.23 17:56:06 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\GetRightToGo [2013.01.17 08:55:14 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Ifoz [2012.09.07 20:12:35 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Leadertech [2012.10.11 18:35:05 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Samsung [2013.02.11 17:59:07 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\TS3Client [2013.01.14 18:32:48 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\UltraMixer [2013.02.21 13:02:53 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\UseNeXT [2013.01.05 18:52:21 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\WinISO Computing [2013.01.19 19:49:08 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\XMedia Recode [2013.01.14 19:51:59 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Xudolo [2013.01.17 08:55:47 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Zoeh ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.02.2013 14:06:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = G:\Grusch\Software gegen Trojaner 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,89 Gb Total Physical Memory | 6,13 Gb Available Physical Memory | 77,71% Memory free 15,78 Gb Paging File | 13,97 Gb Available in Paging File | 88,49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,21 Gb Total Space | 125,78 Gb Free Space | 64,43% Space Free | Partition Type: NTFS Drive D: | 298,09 Gb Total Space | 122,00 Gb Free Space | 40,93% Space Free | Partition Type: NTFS Drive G: | 736,20 Gb Total Space | 307,85 Gb Free Space | 41,82% Space Free | Partition Type: NTFS Computer Name: BATMAN-PC | User Name: Batman | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{007C08B4-1FB7-41C9-B45F-6F0CDA9F4FCD}" = rport=138 | protocol=17 | dir=out | app=system | "{1A1C6F3A-8B95-42A6-9C5C-E3D5A7536624}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{288DD8DA-E361-4C78-B091-EFDC706536F3}" = lport=138 | protocol=17 | dir=in | app=system | "{288EC36E-8682-4E2C-BCAD-8B1E8A3D0FC4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2E89FD0B-BDA8-4D07-8FE6-3D624009CE99}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{3059EFEC-79E2-4354-9B1A-4CE8FD5C58D5}" = lport=139 | protocol=6 | dir=in | app=system | "{30BF6F63-01BC-4D3B-A289-DA99D9B95765}" = lport=137 | protocol=17 | dir=in | app=system | "{3701ACEC-12C7-4712-A147-118379A01AD8}" = rport=139 | protocol=6 | dir=out | app=system | "{3A719920-1620-40F1-9FB4-2BEE52A6BB54}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3D2F0433-11D0-4888-B1AD-E267DB7CD89C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4A8A84A8-D7D5-49EE-8812-877FC199481B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{51DFB9D9-7F32-43C5-880A-8D60A13BC061}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{521F2BE8-1847-466A-A322-AAAD93CD8DF5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{52CE1070-AB95-4394-8974-D3C41A7A6E26}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{55B0E640-3DBA-4BE0-9B09-00046BBBFFD7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6F9E10A5-6E45-4820-A7B3-FD74A05BE67E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{75D7E9E5-FE32-445E-8270-083FA50CA2B9}" = lport=445 | protocol=6 | dir=in | app=system | "{765C6ABD-FEDE-4F11-962E-0F19DF33953C}" = lport=2869 | protocol=6 | dir=in | app=system | "{7927A278-4664-41CD-9CA3-533DC5171867}" = lport=10243 | protocol=6 | dir=in | app=system | "{7DF631B9-AC2F-4E8D-9F1A-C02E11CF716F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{830CD9FC-B8D9-45DF-935A-82AEA0B10F2C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{952F73D2-C253-4FC2-B37C-37ABACA1460A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{9B6687C1-DE5C-4643-94ED-74ABD274DBAC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9EFC1B6A-20CA-462E-963F-8EC1A71AA77A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{B11DEEB4-0561-4614-9BA6-CA68C442E6DA}" = rport=10243 | protocol=6 | dir=out | app=system | "{CCD1E8D2-650C-4780-9A78-2C9999C6805A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CDE1A126-730F-458B-B019-4BAE1D25E017}" = rport=445 | protocol=6 | dir=out | app=system | "{DFABD753-9AF7-472A-818B-DA8BEBB41CC3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E6B64889-4E4D-4A2B-B3D8-1FCC299EE8DB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EC054133-15DE-4546-8E48-3F79339D0455}" = rport=137 | protocol=17 | dir=out | app=system | "{EFE43F76-CF86-4B9D-9CF2-200F74E97F0E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07460A1F-DC06-4A25-A8F8-F9F48F888F58}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{0786838A-64AC-4554-A901-2F372AE0E990}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe | "{0FB81636-7031-4E8A-A637-1CBA33E20516}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1389A610-6845-4B3C-9196-C235E5944135}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{16BB9BD2-3DAF-408F-9B97-B2ACD868EC37}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{186C93E7-C722-427C-955B-CD8C8195EC6B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{27AA9FA9-9264-41FF-9CCC-A53FAAC7EDC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2D90EC49-676D-4270-802F-CC0CBF584280}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{434A7D4F-277E-4C5E-A514-2631E4290348}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4A630E42-5705-4E1F-B304-0EFDBDD3373E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{4AB5C89D-29A2-424E-9095-162F8B569020}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5290AB23-459B-471B-9592-627D3F197A9D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{57FE506C-E5A1-44BA-B080-7B35528D2F5E}" = protocol=17 | dir=in | app=c:\program files\serviio\bin\serviioservice.exe | "{7E242F12-0851-42A3-813D-F6E4DE299DB9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{80B4A846-DB5C-4DE6-958C-17E37958BE33}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{85ABE5E4-BD9A-4EA7-8419-42CBCC9D2661}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{87674EBE-E4E9-47E1-B6F3-3B197F05D1D3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8A079AD1-90BB-4451-A7B2-732E417ADFB1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8DFB6317-6C92-4523-A766-682D214329D7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{98622B6E-D7CD-46F6-947A-EEDBBEE9B215}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{9A503EF0-15FD-45AA-82F3-6332469D567C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{9EFB00BF-C7E3-4801-B115-6213842B1ED2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A84809B5-7D37-419D-8044-79809D711BD8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AD4220F6-472D-411B-A555-8886C166C9E9}" = protocol=6 | dir=out | app=system | "{AF41363E-E358-436F-873E-8FD72592FFB8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C614E08E-78E0-409D-90E7-DA3C654D00C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{CF965A79-4613-47CF-B099-EB8A7BF08640}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{CFFAF3E9-7D68-4FDD-BBE0-1F2A4FF39214}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{D1EAD7C3-3A4C-4C15-86A9-FA6BC83A7A6E}" = protocol=6 | dir=in | app=c:\program files\serviio\bin\serviioconsole.exe | "{D273E3A1-3724-4716-AE8C-3E2688B63A9F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{DE53B62F-CD33-4DA9-AE35-7995CBFF402D}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe | "{E3E60118-EBE9-4353-9E06-F4E53EA21B37}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E4F1FEA9-AD00-48A6-8B05-BB31152FC056}" = protocol=6 | dir=in | app=c:\program files\serviio\bin\serviioservice.exe | "{FF4ED90A-5E8E-42B6-94D7-60CF29EF91E6}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe | "TCP Query User{2820D502-EBB6-4E14-8DE2-6DC2669C431C}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "TCP Query User{69E38D47-624E-4248-B24B-5B4015089C2A}C:\users\batman\appdata\roaming\zoeh\piar.exe" = protocol=6 | dir=in | app=c:\users\batman\appdata\roaming\zoeh\piar.exe | "TCP Query User{8F0489F9-B9A0-49A6-B71D-43D6E1177877}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "TCP Query User{900F0861-A2FD-4E60-ADFB-6F6B6B37BF25}C:\program files (x86)\gigabyte\et6\updexe.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\et6\updexe.exe | "TCP Query User{9C26E59B-B6CB-478A-81E5-898ED1B94FE2}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | "TCP Query User{A57BEFA3-433E-4BBD-9748-6BDA8CACA227}G:\games\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=g:\games\guild wars 2\gw2.exe | "TCP Query User{C2D2B001-D819-4FDB-9DCB-3C4A9E04F5B9}C:\program files (x86)\gigabyte\et6\gbtupd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\et6\gbtupd.exe | "TCP Query User{D6816564-B29F-4D4B-889F-F6E5EC7CE070}C:\users\batman\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\batman\appdata\local\temp\gw2.exe | "UDP Query User{07C638B6-E3D0-43B2-A671-42E6EFF58206}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "UDP Query User{07E2CFDE-A6C3-4341-AE33-AFCBFEA3F02A}G:\games\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=g:\games\guild wars 2\gw2.exe | "UDP Query User{0F9A0491-6986-4D0E-816A-D7AE0FD6BA9C}C:\program files (x86)\gigabyte\et6\updexe.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\et6\updexe.exe | "UDP Query User{3BD745EF-4136-4925-BACB-C879EF04FECF}C:\users\batman\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\batman\appdata\local\temp\gw2.exe | "UDP Query User{69A63EA8-D446-4EA9-B0C9-A5F13BED4C01}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | "UDP Query User{756C3B5B-50F1-4B5C-80FC-B49B4192CC01}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{D28FA7C4-0233-43FC-BB57-F6967F9128EA}C:\users\batman\appdata\roaming\zoeh\piar.exe" = protocol=17 | dir=in | app=c:\users\batman\appdata\roaming\zoeh\piar.exe | "UDP Query User{DFD3663C-9A6A-420A-9436-EAFADE0A9B01}C:\program files (x86)\gigabyte\et6\gbtupd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\et6\gbtupd.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6AEC3114-709D-4CFF-9296-ECE23ED19F97}" = System Requirements Lab for Intel (64-bit) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89BDAE1A-7B8E-4A0E-A169-02F7F366451D}" = iCloud "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.0.1 (BETA) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.47.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client "{EC39CC32-E144-42E4-9A59-53C20B408BDE}" = WD SmartWare "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft Security Client" = Microsoft Security Essentials "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "Serviio" = Serviio "sp6" = Logitech SetPoint 6.32 "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.10.2 "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0801.1 "{5588D686-D23B-4C9D-BDFA-2A7875CD3722}" = GIGABYTE OC_GURU II "{6B1F9121-5599-47F9-9F82-9FEA0F03C47F}" = 3DPower B12.0619.1 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72E40002-8CEC-47C1-A099-83AC8E173BF0}" = WD Drive Utilities "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{83270912-15C7-4336-822E-E8F1B1BBCA60}" = WD Security "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.4.1 "{E8CE0E34-8308-4146-BDB9-B5A9FB5536F1}_is1" = Sniper Elite V2 Version v1.0 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.0 "ElsterFormular" = ElsterFormular "Guild Wars" = GUILD WARS "Guild Wars 2" = Guild Wars 2 "Hdd Speed Test Tool_is1" = Hdd Speed Test Tool v. 1.0.14 (RC 1) "InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0801.1 "IsoBuster_is1" = IsoBuster 3.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "SopCast" = SopCast 3.0.3 "TeamSpeak 3 Client" = TeamSpeak 3 Client "UseNeXT_is1" = UseNeXT "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "VLC media player" = VLC media player 0.9.9 "WinISO" = WinISO ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 19.02.2013 15:53:04 | Computer Name = Batman-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ns475E.tmp, Version: 0.0.0.0, Zeitstempel: 0x43d67499 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x7efde000 ID des fehlerhaften Prozesses: 0xc18 Startzeit der fehlerhaften Anwendung: 0x01ce0edaba4c7e62 Pfad der fehlerhaften Anwendung: C:\Users\Batman\AppData\Local\Temp\nsb11BC.tmp\ns475E.tmp Pfad des fehlerhaften Moduls: unknown Berichtskennung: f90ed2bc-7acd-11e2-908c-902b3432f49d Error - 19.02.2013 15:53:11 | Computer Name = Batman-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ns677C.tmp, Version: 0.0.0.0, Zeitstempel: 0x43d67499 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x7efde000 ID des fehlerhaften Prozesses: 0xd4c Startzeit der fehlerhaften Anwendung: 0x01ce0edabf340f04 Pfad der fehlerhaften Anwendung: C:\Users\Batman\AppData\Local\Temp\nsb11BC.tmp\ns677C.tmp Pfad des fehlerhaften Moduls: unknown Berichtskennung: fce3b6d9-7acd-11e2-908c-902b3432f49d Error - 19.02.2013 15:53:12 | Computer Name = Batman-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ns6D08.tmp, Version: 0.0.0.0, Zeitstempel: 0x43d67499 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x7efde000 ID des fehlerhaften Prozesses: 0x112c Startzeit der fehlerhaften Anwendung: 0x01ce0edac00aea29 Pfad der fehlerhaften Anwendung: C:\Users\Batman\AppData\Local\Temp\nsb11BC.tmp\ns6D08.tmp Pfad des fehlerhaften Moduls: unknown Berichtskennung: fdba91fe-7acd-11e2-908c-902b3432f49d Error - 20.02.2013 03:50:31 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 20.02.2013 05:06:31 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 20.02.2013 08:11:47 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 20.02.2013 08:28:31 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 20.02.2013 12:43:41 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 20.02.2013 12:51:29 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 20.02.2013 12:59:41 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 20.02.2013 13:13:25 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 21.02.2013 03:01:25 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 21.02.2013 08:05:31 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 21.02.2013 08:26:48 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = Error - 21.02.2013 08:32:06 | Computer Name = Batman-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 12.02.2013 03:20:47 | Computer Name = Batman-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 12.02.2013 03:20:47 | Computer Name = Batman-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 12.02.2013 03:20:49 | Computer Name = Batman-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 12.02.2013 03:20:49 | Computer Name = Batman-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 12.02.2013 03:20:49 | Computer Name = Batman-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 12.02.2013 03:20:49 | Computer Name = Batman-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 12.02.2013 03:20:49 | Computer Name = Batman-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 12.02.2013 03:21:25 | Computer Name = Batman-PC | Source = DCOM | ID = 10010 Description = Error - 19.02.2013 13:10:13 | Computer Name = Batman-PC | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 21.02.2013 08:03:54 | Computer Name = Batman-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Server" wurde mit folgendem Fehler beendet: %%14 < End of report > Betriebssystem und Hardware, falls dies erforderlich ist: Windows 7 Professional SP1 64bit Intel i5-3470 3.20 GHz 3.60 GHz 2x 4GB Kingston HyperX Genesis DDR3 Nvidia Geforce GTX 470 OC von Gigabyte Mainboard Gigabyte GA-Z77X-D3H 2x WD Elements Green 500GB in Raid 0 1x WD Elements 320GB als Backup Ich hoffe das ich bis hierher alles richtig gemacht habe und würde mich über Hilfestellung zur Beseitigung meines Problems freuen. Danke im vorraus, MfG Master Stix Geändert von Master Stix (21.02.2013 um 15:51 Uhr) |
21.02.2013, 15:55 | #2 |
/// Malware-holic | Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar Hi
__________________otl fix Fixen mit OTL
Code:
ATTFilter :OTL O4 - HKCU..\Run: [{A40125CC-3BBD-5CE4-5FBD-93EE0B0FAD45}] C:\Users\Batman\AppData\Roaming\Buofy\wazu.exe (Big Defense Industrial) [2013.02.12 08:22:22 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Ecte [2013.01.17 08:55:14 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Ifoz [2013.01.14 19:51:59 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Xudolo [2013.01.17 08:55:47 | 000,000,000 | ---D | M] -- C:\Users\Batman\AppData\Roaming\Zoeh :files C:\Users\Batman\AppData\Roaming\Buofy :Commands [emptytemp]
starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die + E Taste.
__________________ |
21.02.2013, 18:15 | #3 |
| Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar All processes killed
__________________========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{A40125CC-3BBD-5CE4-5FBD-93EE0B0FAD45} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40125CC-3BBD-5CE4-5FBD-93EE0B0FAD45}\ not found. C:\Users\Batman\AppData\Roaming\Buofy\wazu.exe moved successfully. C:\Users\Batman\AppData\Roaming\Ecte folder moved successfully. C:\Users\Batman\AppData\Roaming\Ifoz folder moved successfully. C:\Users\Batman\AppData\Roaming\Xudolo folder moved successfully. C:\Users\Batman\AppData\Roaming\Zoeh folder moved successfully. ========== FILES ========== C:\Users\Batman\AppData\Roaming\Buofy folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Batman ->Temp folder emptied: 90091 bytes ->Temporary Internet Files folder emptied: 21631121 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 602 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 10310 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 23746 bytes Total Files Cleaned = 21,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 02212013_181142 Files\Folders moved on Reboot... C:\Users\Batman\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... OTL Fix durchgeführt, System Neustart gemacht, Uploads erfolgreich gewesen. Trojaner steht immer noch unter Systemstartelemente drin aber unter anderem Namen. Wie soll ich weiter vorgehen? Bin euch sehr dankbar für die überaus schnelle hilfe, bitte seht mir nach falls ich irgendwelche logs oder so nicht ordnungsgemäss gepostet habe, bin nicht gut in sowas. MfG Master Stix |
21.02.2013, 19:02 | #4 |
/// Malware-holic | Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar Sehr gut. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
21.02.2013, 19:14 | #5 |
| Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar hab TDSSKiller gestartet, doch "leider" sagt er mir, nachdem der scan nach 9sekunden vorbei ist: No threats found Logfile ist zu lang für den thread. ich nutze den upload channel |
21.02.2013, 19:14 | #6 |
/// Malware-holic | Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar log posten bitte. wo es zu finden ist, steht in der anleitung. ich möchte immer alle logs sehen, egal obs funde gab oder nicht.
__________________ --> Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar |
21.02.2013, 19:36 | #7 |
| Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar ok, sry, habs zu überlesen, habe vorhergehenden post editiert. Logfile von TDSSKiller über UploadChannel hochgeladen. Kann es aber natürlich auch als Anhang zum Thread hinzufügen. Danke |
21.02.2013, 19:45 | #8 |
/// Malware-holic | Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar logs bitte hier posten teilen oder anhängen wenn zu groß.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
21.02.2013, 19:48 | #9 |
| Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar 19:10:30.0610 4396 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 19:10:30.0938 4396 ============================================================ 19:10:30.0938 4396 Current date / time: 2013/02/21 19:10:30.0938 19:10:30.0938 4396 SystemInfo: 19:10:30.0938 4396 19:10:30.0938 4396 OS Version: 6.1.7601 ServicePack: 1.0 19:10:30.0938 4396 Product type: Workstation 19:10:30.0938 4396 ComputerName: BATMAN-PC 19:10:30.0938 4396 UserName: Batman 19:10:30.0938 4396 Windows directory: C:\Windows 19:10:30.0938 4396 System windows directory: C:\Windows 19:10:30.0938 4396 Running under WOW64 19:10:30.0938 4396 Processor architecture: Intel x64 19:10:30.0938 4396 Number of processors: 4 19:10:30.0938 4396 Page size: 0x1000 19:10:30.0938 4396 Boot type: Normal boot 19:10:30.0938 4396 ============================================================ 19:10:35.0274 4396 Drive \Device\Harddisk0\DR0 - Size: 0xE8E1300000 (931.52 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:10:35.0274 4396 Drive \Device\Harddisk1\DR1 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:10:35.0306 4396 ============================================================ 19:10:35.0306 4396 \Device\Harddisk0\DR0: 19:10:35.0306 4396 MBR partitions: 19:10:35.0306 4396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:10:35.0306 4396 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866D800 19:10:35.0306 4396 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0000, BlocksNum 0x5C068800 19:10:35.0306 4396 \Device\Harddisk1\DR1: 19:10:35.0306 4396 MBR partitions: 19:10:35.0306 4396 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x45, BlocksNum 0x2542D67C 19:10:35.0306 4396 ============================================================ 19:10:35.0337 4396 C: <-> \Device\Harddisk0\DR0\Partition2 19:10:35.0337 4396 D: <-> \Device\Harddisk1\DR1\Partition1 19:10:35.0384 4396 G: <-> \Device\Harddisk0\DR0\Partition3 19:10:35.0384 4396 ============================================================ 19:10:35.0384 4396 Initialize success 19:10:35.0384 4396 ============================================================ 19:10:43.0542 4416 ============================================================ 19:10:43.0542 4416 Scan started 19:10:43.0542 4416 Mode: Manual; 19:10:43.0542 4416 ============================================================ 19:10:43.0854 4416 ================ Scan system memory ======================== 19:10:43.0854 4416 System memory - ok 19:10:43.0854 4416 ================ Scan services ============================= 19:10:43.0964 4416 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 19:10:43.0964 4416 1394ohci - ok 19:10:43.0995 4416 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:10:43.0995 4416 ACPI - ok 19:10:43.0995 4416 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 19:10:43.0995 4416 AcpiPmi - ok 19:10:44.0104 4416 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:10:44.0104 4416 AdobeARMservice - ok 19:10:44.0229 4416 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:10:44.0229 4416 AdobeFlashPlayerUpdateSvc - ok 19:10:44.0244 4416 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 19:10:44.0244 4416 adp94xx - ok 19:10:44.0276 4416 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 19:10:44.0276 4416 adpahci - ok 19:10:44.0276 4416 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 19:10:44.0276 4416 adpu320 - ok 19:10:44.0307 4416 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:10:44.0307 4416 AeLookupSvc - ok 19:10:44.0354 4416 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 19:10:44.0354 4416 AFD - ok 19:10:44.0369 4416 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 19:10:44.0369 4416 agp440 - ok 19:10:44.0385 4416 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 19:10:44.0385 4416 ALG - ok 19:10:44.0400 4416 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 19:10:44.0400 4416 aliide - ok 19:10:44.0416 4416 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 19:10:44.0416 4416 amdide - ok 19:10:44.0447 4416 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 19:10:44.0447 4416 AmdK8 - ok 19:10:44.0447 4416 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 19:10:44.0447 4416 AmdPPM - ok 19:10:44.0478 4416 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:10:44.0478 4416 amdsata - ok 19:10:44.0510 4416 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 19:10:44.0525 4416 amdsbs - ok 19:10:44.0541 4416 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:10:44.0541 4416 amdxata - ok 19:10:44.0572 4416 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 19:10:44.0572 4416 AppID - ok 19:10:44.0588 4416 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:10:44.0588 4416 AppIDSvc - ok 19:10:44.0603 4416 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 19:10:44.0603 4416 Appinfo - ok 19:10:44.0681 4416 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:10:44.0681 4416 Apple Mobile Device - ok 19:10:44.0712 4416 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 19:10:44.0712 4416 AppMgmt - ok 19:10:44.0728 4416 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 19:10:44.0728 4416 arc - ok 19:10:44.0728 4416 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 19:10:44.0728 4416 arcsas - ok 19:10:44.0759 4416 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:10:44.0759 4416 AsyncMac - ok 19:10:44.0790 4416 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 19:10:44.0790 4416 atapi - ok 19:10:44.0822 4416 Atheros Traffic Shaping - ok 19:10:44.0853 4416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:10:44.0868 4416 AudioEndpointBuilder - ok 19:10:44.0868 4416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 19:10:44.0868 4416 AudioSrv - ok 19:10:44.0884 4416 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:10:44.0884 4416 AxInstSV - ok 19:10:44.0900 4416 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 19:10:44.0900 4416 b06bdrv - ok 19:10:44.0915 4416 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 19:10:44.0931 4416 b57nd60a - ok 19:10:44.0931 4416 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 19:10:44.0931 4416 BDESVC - ok 19:10:44.0931 4416 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 19:10:44.0931 4416 Beep - ok 19:10:45.0040 4416 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 19:10:45.0056 4416 BFE - ok 19:10:45.0102 4416 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 19:10:45.0102 4416 BITS - ok 19:10:45.0118 4416 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:10:45.0118 4416 blbdrive - ok 19:10:45.0196 4416 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:10:45.0196 4416 Bonjour Service - ok 19:10:45.0212 4416 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:10:45.0212 4416 bowser - ok 19:10:45.0227 4416 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 19:10:45.0227 4416 BrFiltLo - ok 19:10:45.0243 4416 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 19:10:45.0243 4416 BrFiltUp - ok 19:10:45.0274 4416 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 19:10:45.0274 4416 Browser - ok 19:10:45.0290 4416 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:10:45.0290 4416 Brserid - ok 19:10:45.0305 4416 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:10:45.0305 4416 BrSerWdm - ok 19:10:45.0321 4416 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:10:45.0321 4416 BrUsbMdm - ok 19:10:45.0352 4416 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:10:45.0352 4416 BrUsbSer - ok 19:10:45.0368 4416 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 19:10:45.0368 4416 BTHMODEM - ok 19:10:45.0430 4416 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 19:10:45.0446 4416 bthserv - ok 19:10:45.0446 4416 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:10:45.0446 4416 cdfs - ok 19:10:45.0461 4416 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:10:45.0461 4416 cdrom - ok 19:10:45.0492 4416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 19:10:45.0508 4416 CertPropSvc - ok 19:10:45.0508 4416 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 19:10:45.0508 4416 circlass - ok 19:10:45.0524 4416 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 19:10:45.0539 4416 CLFS - ok 19:10:45.0602 4416 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:10:45.0602 4416 clr_optimization_v2.0.50727_32 - ok 19:10:45.0633 4416 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:10:45.0633 4416 clr_optimization_v2.0.50727_64 - ok 19:10:45.0742 4416 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:10:45.0742 4416 clr_optimization_v4.0.30319_32 - ok 19:10:45.0773 4416 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:10:45.0773 4416 clr_optimization_v4.0.30319_64 - ok 19:10:45.0789 4416 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 19:10:45.0789 4416 CmBatt - ok 19:10:45.0789 4416 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:10:45.0789 4416 cmdide - ok 19:10:45.0836 4416 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 19:10:45.0836 4416 CNG - ok 19:10:45.0867 4416 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 19:10:45.0867 4416 Compbatt - ok 19:10:45.0898 4416 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 19:10:45.0898 4416 CompositeBus - ok 19:10:45.0898 4416 COMSysApp - ok 19:10:45.0945 4416 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 19:10:45.0945 4416 cphs - ok 19:10:45.0992 4416 cpuz135 - ok 19:10:45.0992 4416 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 19:10:45.0992 4416 crcdisk - ok 19:10:46.0023 4416 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:10:46.0038 4416 CryptSvc - ok 19:10:46.0070 4416 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 19:10:46.0085 4416 CSC - ok 19:10:46.0101 4416 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 19:10:46.0101 4416 CscService - ok 19:10:46.0148 4416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 19:10:46.0148 4416 DcomLaunch - ok 19:10:46.0163 4416 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 19:10:46.0179 4416 defragsvc - ok 19:10:46.0194 4416 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:10:46.0194 4416 DfsC - ok 19:10:46.0226 4416 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 19:10:46.0241 4416 Dhcp - ok 19:10:46.0241 4416 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 19:10:46.0241 4416 discache - ok 19:10:46.0288 4416 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 19:10:46.0288 4416 Disk - ok 19:10:46.0319 4416 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 19:10:46.0319 4416 dmvsc - ok 19:10:46.0350 4416 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:10:46.0350 4416 Dnscache - ok 19:10:46.0382 4416 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 19:10:46.0382 4416 dot3svc - ok 19:10:46.0413 4416 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 19:10:46.0413 4416 DPS - ok 19:10:46.0428 4416 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:10:46.0428 4416 drmkaud - ok 19:10:46.0460 4416 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:10:46.0460 4416 DXGKrnl - ok 19:10:46.0475 4416 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 19:10:46.0475 4416 EapHost - ok 19:10:46.0538 4416 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 19:10:46.0569 4416 ebdrv - ok 19:10:46.0600 4416 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 19:10:46.0600 4416 EFS - ok 19:10:46.0647 4416 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:10:46.0662 4416 ehRecvr - ok 19:10:46.0678 4416 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 19:10:46.0678 4416 ehSched - ok 19:10:46.0694 4416 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 19:10:46.0694 4416 elxstor - ok 19:10:46.0709 4416 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:10:46.0709 4416 ErrDev - ok 19:10:46.0772 4416 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys 19:10:46.0772 4416 etdrv - ok 19:10:46.0818 4416 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 19:10:46.0818 4416 EventSystem - ok 19:10:46.0850 4416 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 19:10:46.0850 4416 exfat - ok 19:10:46.0881 4416 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:10:46.0881 4416 fastfat - ok 19:10:46.0928 4416 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 19:10:46.0928 4416 Fax - ok 19:10:46.0943 4416 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 19:10:46.0959 4416 fdc - ok 19:10:47.0006 4416 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 19:10:47.0006 4416 fdPHost - ok 19:10:47.0021 4416 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 19:10:47.0021 4416 FDResPub - ok 19:10:47.0037 4416 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:10:47.0037 4416 FileInfo - ok 19:10:47.0068 4416 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:10:47.0068 4416 Filetrace - ok 19:10:47.0084 4416 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 19:10:47.0084 4416 flpydisk - ok 19:10:47.0099 4416 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:10:47.0099 4416 FltMgr - ok 19:10:47.0130 4416 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 19:10:47.0130 4416 FontCache - ok 19:10:47.0208 4416 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:10:47.0208 4416 FontCache3.0.0.0 - ok 19:10:47.0224 4416 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:10:47.0224 4416 FsDepends - ok 19:10:47.0240 4416 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:10:47.0240 4416 Fs_Rec - ok 19:10:47.0271 4416 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:10:47.0271 4416 fvevol - ok 19:10:47.0286 4416 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 19:10:47.0286 4416 gagp30kx - ok 19:10:47.0302 4416 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys 19:10:47.0302 4416 gdrv - ok 19:10:47.0349 4416 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:10:47.0349 4416 GEARAspiWDM - ok 19:10:47.0411 4416 [ 5D4DF0BAC74E9AC62AF6BC99440B050B ] GPCIDrv C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys 19:10:47.0427 4416 GPCIDrv - ok 19:10:47.0489 4416 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 19:10:47.0489 4416 gpsvc - ok 19:10:47.0520 4416 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys 19:10:47.0520 4416 GVTDrv64 - ok 19:10:47.0536 4416 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:10:47.0536 4416 hcw85cir - ok 19:10:47.0583 4416 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:10:47.0583 4416 HdAudAddService - ok 19:10:47.0630 4416 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 19:10:47.0630 4416 HDAudBus - ok 19:10:47.0645 4416 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 19:10:47.0645 4416 HidBatt - ok 19:10:47.0645 4416 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 19:10:47.0645 4416 HidBth - ok 19:10:47.0676 4416 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 19:10:47.0676 4416 HidIr - ok 19:10:47.0708 4416 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 19:10:47.0723 4416 hidserv - ok 19:10:47.0739 4416 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:10:47.0739 4416 HidUsb - ok 19:10:47.0770 4416 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:10:47.0770 4416 hkmsvc - ok 19:10:47.0801 4416 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:10:47.0801 4416 HomeGroupListener - ok 19:10:47.0817 4416 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:10:47.0817 4416 HomeGroupProvider - ok 19:10:47.0832 4416 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:10:47.0832 4416 HpSAMD - ok 19:10:47.0864 4416 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:10:47.0864 4416 HTTP - ok 19:10:47.0879 4416 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:10:47.0879 4416 hwpolicy - ok 19:10:47.0895 4416 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 19:10:47.0910 4416 i8042prt - ok 19:10:48.0004 4416 [ 6C91E425ACE29594BD574DE38AC9B76D ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys 19:10:48.0004 4416 iaStorA - ok 19:10:48.0098 4416 [ 0AB254994A460550258446950BB58311 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 19:10:48.0098 4416 IAStorDataMgrSvc - ok 19:10:48.0144 4416 [ 2B38F13E18E272459CD2CE83E6722C12 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys 19:10:48.0144 4416 iaStorF - ok 19:10:48.0176 4416 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:10:48.0191 4416 iaStorV - ok 19:10:48.0207 4416 [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 19:10:48.0207 4416 ICCS - ok 19:10:48.0269 4416 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 19:10:48.0269 4416 IDriverT - ok 19:10:48.0316 4416 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:10:48.0316 4416 idsvc - ok 19:10:48.0456 4416 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 19:10:48.0519 4416 igfx - ok 19:10:48.0566 4416 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 19:10:48.0566 4416 iirsp - ok 19:10:48.0659 4416 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 19:10:48.0675 4416 IKEEXT - ok 19:10:48.0690 4416 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 19:10:48.0690 4416 intelide - ok 19:10:48.0706 4416 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:10:48.0706 4416 intelppm - ok 19:10:48.0768 4416 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:10:48.0768 4416 IPBusEnum - ok 19:10:48.0784 4416 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:10:48.0784 4416 IpFilterDriver - ok 19:10:48.0831 4416 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:10:48.0831 4416 iphlpsvc - ok 19:10:48.0846 4416 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 19:10:48.0846 4416 IPMIDRV - ok 19:10:48.0862 4416 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:10:48.0862 4416 IPNAT - ok 19:10:48.0940 4416 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:10:48.0940 4416 iPod Service - ok 19:10:48.0956 4416 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:10:48.0956 4416 IRENUM - ok 19:10:48.0956 4416 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:10:48.0956 4416 isapnp - ok 19:10:48.0971 4416 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 19:10:48.0971 4416 iScsiPrt - ok 19:10:49.0018 4416 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 19:10:49.0018 4416 iusb3hcs - ok 19:10:49.0034 4416 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 19:10:49.0034 4416 iusb3hub - ok 19:10:49.0065 4416 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 19:10:49.0065 4416 iusb3xhc - ok 19:10:49.0080 4416 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 19:10:49.0080 4416 kbdclass - ok 19:10:49.0080 4416 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 19:10:49.0096 4416 kbdhid - ok 19:10:49.0112 4416 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 19:10:49.0112 4416 KeyIso - ok 19:10:49.0143 4416 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:10:49.0143 4416 KSecDD - ok 19:10:49.0158 4416 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:10:49.0158 4416 KSecPkg - ok 19:10:49.0174 4416 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 19:10:49.0174 4416 ksthunk - ok 19:10:49.0205 4416 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 19:10:49.0205 4416 KtmRm - ok 19:10:49.0221 4416 [ B8040D3B97B16B89701E31A17353856C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 19:10:49.0221 4416 L1C - ok 19:10:49.0252 4416 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 19:10:49.0252 4416 LanmanServer - ok 19:10:49.0268 4416 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:10:49.0283 4416 LanmanWorkstation - ok 19:10:49.0346 4416 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 19:10:49.0346 4416 LBTServ - ok 19:10:49.0392 4416 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 19:10:49.0392 4416 LHidFilt - ok 19:10:49.0424 4416 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:10:49.0424 4416 lltdio - ok 19:10:49.0455 4416 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:10:49.0455 4416 lltdsvc - ok 19:10:49.0470 4416 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 19:10:49.0470 4416 lmhosts - ok 19:10:49.0486 4416 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 19:10:49.0486 4416 LMouFilt - ok 19:10:49.0502 4416 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 19:10:49.0502 4416 LSI_FC - ok 19:10:49.0517 4416 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 19:10:49.0517 4416 LSI_SAS - ok 19:10:49.0533 4416 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 19:10:49.0533 4416 LSI_SAS2 - ok 19:10:49.0548 4416 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 19:10:49.0548 4416 LSI_SCSI - ok 19:10:49.0564 4416 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 19:10:49.0564 4416 luafv - ok 19:10:49.0626 4416 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 19:10:49.0626 4416 MBAMProtector - ok 19:10:49.0704 4416 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 19:10:49.0704 4416 MBAMScheduler - ok 19:10:49.0720 4416 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:10:49.0736 4416 MBAMService - ok 19:10:49.0751 4416 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:10:49.0751 4416 Mcx2Svc - ok 19:10:49.0767 4416 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 19:10:49.0767 4416 megasas - ok 19:10:49.0782 4416 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 19:10:49.0782 4416 MegaSR - ok 19:10:49.0814 4416 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 19:10:49.0814 4416 MEIx64 - ok 19:10:49.0860 4416 Microsoft SharePoint Workspace Audit Service - ok 19:10:49.0876 4416 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 19:10:49.0876 4416 MMCSS - ok 19:10:49.0892 4416 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 19:10:49.0892 4416 Modem - ok 19:10:49.0907 4416 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:10:49.0907 4416 monitor - ok 19:10:49.0923 4416 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:10:49.0923 4416 mouclass - ok 19:10:49.0923 4416 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:10:49.0923 4416 mouhid - ok 19:10:49.0954 4416 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:10:49.0954 4416 mountmgr - ok 19:10:49.0985 4416 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 19:10:49.0985 4416 MpFilter - ok 19:10:50.0016 4416 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 19:10:50.0016 4416 mpio - ok 19:10:50.0032 4416 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:10:50.0032 4416 mpsdrv - ok 19:10:50.0048 4416 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 19:10:50.0048 4416 MpsSvc - ok 19:10:50.0063 4416 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:10:50.0063 4416 MRxDAV - ok 19:10:50.0079 4416 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:10:50.0079 4416 mrxsmb - ok 19:10:50.0110 4416 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:10:50.0110 4416 mrxsmb10 - ok 19:10:50.0126 4416 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:10:50.0126 4416 mrxsmb20 - ok 19:10:50.0141 4416 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 19:10:50.0141 4416 msahci - ok 19:10:50.0141 4416 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:10:50.0157 4416 msdsm - ok 19:10:50.0172 4416 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 19:10:50.0172 4416 MSDTC - ok 19:10:50.0204 4416 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:10:50.0204 4416 Msfs - ok 19:10:50.0204 4416 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:10:50.0219 4416 mshidkmdf - ok 19:10:50.0219 4416 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:10:50.0219 4416 msisadrv - ok 19:10:50.0250 4416 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:10:50.0250 4416 MSiSCSI - ok 19:10:50.0250 4416 msiserver - ok 19:10:50.0266 4416 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:10:50.0266 4416 MSKSSRV - ok 19:10:50.0313 4416 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe 19:10:50.0313 4416 MsMpSvc - ok 19:10:50.0328 4416 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:10:50.0328 4416 MSPCLOCK - ok 19:10:50.0328 4416 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:10:50.0344 4416 MSPQM - ok 19:10:50.0360 4416 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:10:50.0360 4416 MsRPC - ok 19:10:50.0375 4416 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 19:10:50.0375 4416 mssmbios - ok 19:10:50.0391 4416 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:10:50.0391 4416 MSTEE - ok 19:10:50.0391 4416 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 19:10:50.0391 4416 MTConfig - ok 19:10:50.0406 4416 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 19:10:50.0406 4416 Mup - ok 19:10:50.0422 4416 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 19:10:50.0422 4416 napagent - ok 19:10:50.0453 4416 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:10:50.0453 4416 NativeWifiP - ok 19:10:50.0516 4416 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:10:50.0516 4416 NDIS - ok 19:10:50.0531 4416 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:10:50.0531 4416 NdisCap - ok 19:10:50.0562 4416 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:10:50.0562 4416 NdisTapi - ok 19:10:50.0578 4416 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:10:50.0578 4416 Ndisuio - ok 19:10:50.0594 4416 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:10:50.0594 4416 NdisWan - ok 19:10:50.0609 4416 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:10:50.0609 4416 NDProxy - ok 19:10:50.0609 4416 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:10:50.0609 4416 NetBIOS - ok 19:10:50.0625 4416 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:10:50.0640 4416 NetBT - ok 19:10:50.0656 4416 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 19:10:50.0656 4416 Netlogon - ok 19:10:50.0672 4416 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 19:10:50.0672 4416 Netman - ok 19:10:50.0703 4416 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 19:10:50.0703 4416 netprofm - ok 19:10:50.0734 4416 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:10:50.0750 4416 NetTcpPortSharing - ok 19:10:50.0765 4416 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 19:10:50.0765 4416 nfrd960 - ok 19:10:50.0781 4416 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 19:10:50.0781 4416 NisDrv - ok 19:10:50.0828 4416 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe 19:10:50.0828 4416 NisSrv - ok 19:10:50.0859 4416 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 19:10:50.0874 4416 NlaSvc - ok 19:10:50.0874 4416 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:10:50.0874 4416 Npfs - ok 19:10:50.0906 4416 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 19:10:50.0906 4416 nsi - ok 19:10:50.0906 4416 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:10:50.0906 4416 nsiproxy - ok 19:10:50.0952 4416 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:10:50.0968 4416 Ntfs - ok 19:10:50.0984 4416 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 19:10:50.0999 4416 Null - ok 19:10:51.0030 4416 [ B4F53BCA4C688FF47F04FA90098F896E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 19:10:51.0030 4416 NVHDA - ok 19:10:51.0186 4416 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:10:51.0233 4416 nvlddmkm - ok 19:10:51.0264 4416 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:10:51.0264 4416 nvraid - ok 19:10:51.0296 4416 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:10:51.0296 4416 nvstor - ok 19:10:51.0342 4416 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe 19:10:51.0358 4416 nvsvc - ok 19:10:51.0452 4416 [ CB2A68104E6E21EB30155F081768065A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 19:10:51.0467 4416 nvUpdatusService - ok 19:10:51.0483 4416 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:10:51.0483 4416 nv_agp - ok 19:10:51.0498 4416 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 19:10:51.0498 4416 ohci1394 - ok 19:10:51.0561 4416 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:10:51.0561 4416 ose - ok 19:10:51.0639 4416 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:10:51.0654 4416 osppsvc - ok 19:10:51.0686 4416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:10:51.0686 4416 p2pimsvc - ok 19:10:51.0717 4416 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 19:10:51.0717 4416 p2psvc - ok 19:10:51.0732 4416 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 19:10:51.0732 4416 Parport - ok 19:10:51.0764 4416 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:10:51.0764 4416 partmgr - ok 19:10:51.0764 4416 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:10:51.0779 4416 PcaSvc - ok 19:10:51.0779 4416 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 19:10:51.0779 4416 pci - ok 19:10:51.0795 4416 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 19:10:51.0795 4416 pciide - ok 19:10:51.0810 4416 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 19:10:51.0810 4416 pcmcia - ok 19:10:51.0842 4416 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 19:10:51.0842 4416 pcw - ok 19:10:51.0857 4416 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:10:51.0857 4416 PEAUTH - ok 19:10:51.0888 4416 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 19:10:51.0904 4416 PeerDistSvc - ok 19:10:51.0998 4416 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 19:10:51.0998 4416 PerfHost - ok 19:10:52.0029 4416 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 19:10:52.0044 4416 pla - ok 19:10:52.0076 4416 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:10:52.0091 4416 PlugPlay - ok 19:10:52.0107 4416 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:10:52.0122 4416 PNRPAutoReg - ok 19:10:52.0122 4416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:10:52.0122 4416 PNRPsvc - ok 19:10:52.0169 4416 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:10:52.0169 4416 PolicyAgent - ok 19:10:52.0200 4416 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 19:10:52.0200 4416 Power - ok 19:10:52.0216 4416 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:10:52.0216 4416 PptpMiniport - ok 19:10:52.0232 4416 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 19:10:52.0232 4416 Processor - ok 19:10:52.0263 4416 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 19:10:52.0263 4416 ProfSvc - ok 19:10:52.0278 4416 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:10:52.0278 4416 ProtectedStorage - ok 19:10:52.0278 4416 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:10:52.0294 4416 Psched - ok 19:10:52.0325 4416 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 19:10:52.0341 4416 ql2300 - ok 19:10:52.0356 4416 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 19:10:52.0356 4416 ql40xx - ok 19:10:52.0356 4416 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 19:10:52.0372 4416 QWAVE - ok 19:10:52.0372 4416 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:10:52.0388 4416 QWAVEdrv - ok 19:10:52.0388 4416 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:10:52.0388 4416 RasAcd - ok 19:10:52.0388 4416 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:10:52.0403 4416 RasAgileVpn - ok 19:10:52.0419 4416 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 19:10:52.0419 4416 RasAuto - ok 19:10:52.0419 4416 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:10:52.0434 4416 Rasl2tp - ok 19:10:52.0450 4416 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 19:10:52.0450 4416 RasMan - ok 19:10:52.0466 4416 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:10:52.0466 4416 RasPppoe - ok 19:10:52.0481 4416 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:10:52.0481 4416 RasSstp - ok 19:10:52.0497 4416 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:10:52.0512 4416 rdbss - ok 19:10:52.0512 4416 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 19:10:52.0512 4416 rdpbus - ok 19:10:52.0528 4416 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:10:52.0544 4416 RDPCDD - ok 19:10:52.0575 4416 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 19:10:52.0575 4416 RDPDR - ok 19:10:52.0575 4416 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:10:52.0575 4416 RDPENCDD - ok 19:10:52.0590 4416 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:10:52.0590 4416 RDPREFMP - ok 19:10:52.0653 4416 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 19:10:52.0653 4416 RdpVideoMiniport - ok 19:10:52.0684 4416 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:10:52.0684 4416 RDPWD - ok 19:10:52.0700 4416 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:10:52.0700 4416 rdyboost - ok 19:10:52.0715 4416 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 19:10:52.0715 4416 RemoteAccess - ok 19:10:52.0715 4416 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:10:52.0731 4416 RemoteRegistry - ok 19:10:52.0731 4416 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:10:52.0731 4416 RpcEptMapper - ok 19:10:52.0746 4416 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 19:10:52.0746 4416 RpcLocator - ok 19:10:52.0778 4416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 19:10:52.0778 4416 RpcSs - ok 19:10:52.0793 4416 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:10:52.0793 4416 rspndr - ok 19:10:52.0793 4416 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 19:10:52.0793 4416 s3cap - ok 19:10:52.0809 4416 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 19:10:52.0809 4416 SamSs - ok 19:10:52.0824 4416 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:10:52.0824 4416 sbp2port - ok 19:10:52.0840 4416 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:10:52.0840 4416 SCardSvr - ok 19:10:52.0840 4416 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:10:52.0840 4416 scfilter - ok 19:10:52.0856 4416 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 19:10:52.0871 4416 Schedule - ok 19:10:52.0887 4416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 19:10:52.0887 4416 SCPolicySvc - ok 19:10:52.0902 4416 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:10:52.0902 4416 SDRSVC - ok 19:10:52.0918 4416 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:10:52.0918 4416 secdrv - ok 19:10:52.0934 4416 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 19:10:52.0934 4416 seclogon - ok 19:10:52.0949 4416 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 19:10:52.0949 4416 SENS - ok 19:10:52.0965 4416 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:10:52.0965 4416 SensrSvc - ok 19:10:52.0965 4416 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:10:52.0980 4416 Serenum - ok 19:10:52.0996 4416 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:10:52.0996 4416 Serial - ok 19:10:52.0996 4416 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 19:10:52.0996 4416 sermouse - ok 19:10:53.0074 4416 [ 91E844F7E8AAAF72FFEAD7C13452EDE3 ] Serviio C:\Program Files\Serviio\bin\ServiioService.exe 19:10:53.0074 4416 Serviio - ok 19:10:53.0090 4416 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 19:10:53.0090 4416 SessionEnv - ok 19:10:53.0105 4416 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:10:53.0105 4416 sffdisk - ok 19:10:53.0121 4416 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:10:53.0121 4416 sffp_mmc - ok 19:10:53.0121 4416 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:10:53.0121 4416 sffp_sd - ok 19:10:53.0136 4416 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 19:10:53.0136 4416 sfloppy - ok 19:10:53.0183 4416 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:10:53.0199 4416 SharedAccess - ok 19:10:53.0214 4416 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:10:53.0214 4416 ShellHWDetection - ok 19:10:53.0230 4416 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 19:10:53.0230 4416 SiSRaid2 - ok 19:10:53.0246 4416 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 19:10:53.0261 4416 SiSRaid4 - ok 19:10:53.0277 4416 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:10:53.0277 4416 Smb - ok 19:10:53.0292 4416 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:10:53.0292 4416 SNMPTRAP - ok 19:10:53.0308 4416 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 19:10:53.0308 4416 spldr - ok 19:10:53.0324 4416 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 19:10:53.0339 4416 Spooler - ok 19:10:53.0370 4416 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 19:10:53.0402 4416 sppsvc - ok 19:10:53.0417 4416 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:10:53.0417 4416 sppuinotify - ok 19:10:53.0433 4416 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 19:10:53.0448 4416 srv - ok 19:10:53.0464 4416 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:10:53.0464 4416 srv2 - ok 19:10:53.0480 4416 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:10:53.0480 4416 srvnet - ok 19:10:53.0511 4416 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:10:53.0511 4416 SSDPSRV - ok 19:10:53.0511 4416 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:10:53.0511 4416 SstpSvc - ok 19:10:53.0589 4416 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 19:10:53.0604 4416 Stereo Service - ok 19:10:53.0604 4416 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 19:10:53.0620 4416 stexstor - ok 19:10:53.0651 4416 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 19:10:53.0651 4416 stisvc - ok 19:10:53.0682 4416 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 19:10:53.0682 4416 storflt - ok 19:10:53.0698 4416 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 19:10:53.0698 4416 StorSvc - ok 19:10:53.0714 4416 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 19:10:53.0714 4416 storvsc - ok 19:10:53.0729 4416 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 19:10:53.0729 4416 swenum - ok 19:10:53.0745 4416 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 19:10:53.0745 4416 swprv - ok 19:10:53.0776 4416 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 19:10:53.0792 4416 SysMain - ok 19:10:53.0807 4416 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:10:53.0807 4416 TabletInputService - ok 19:10:53.0838 4416 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 19:10:53.0838 4416 TapiSrv - ok 19:10:53.0838 4416 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 19:10:53.0838 4416 TBS - ok 19:10:53.0885 4416 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:10:53.0901 4416 Tcpip - ok 19:10:53.0948 4416 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:10:53.0963 4416 TCPIP6 - ok 19:10:53.0979 4416 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:10:53.0979 4416 tcpipreg - ok 19:10:53.0994 4416 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:10:53.0994 4416 TDPIPE - ok 19:10:54.0010 4416 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:10:54.0010 4416 TDTCP - ok 19:10:54.0041 4416 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:10:54.0041 4416 tdx - ok 19:10:54.0057 4416 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 19:10:54.0057 4416 TermDD - ok 19:10:54.0072 4416 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 19:10:54.0072 4416 TermService - ok 19:10:54.0088 4416 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 19:10:54.0088 4416 Themes - ok 19:10:54.0104 4416 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 19:10:54.0104 4416 THREADORDER - ok 19:10:54.0119 4416 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 19:10:54.0119 4416 TrkWks - ok 19:10:54.0166 4416 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:10:54.0166 4416 TrustedInstaller - ok 19:10:54.0182 4416 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:10:54.0182 4416 tssecsrv - ok 19:10:54.0213 4416 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:10:54.0213 4416 TsUsbFlt - ok 19:10:54.0213 4416 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 19:10:54.0213 4416 TsUsbGD - ok 19:10:54.0275 4416 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:10:54.0275 4416 tunnel - ok 19:10:54.0291 4416 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 19:10:54.0291 4416 uagp35 - ok 19:10:54.0306 4416 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:10:54.0306 4416 udfs - ok 19:10:54.0322 4416 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:10:54.0322 4416 UI0Detect - ok 19:10:54.0338 4416 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:10:54.0338 4416 uliagpkx - ok 19:10:54.0369 4416 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 19:10:54.0369 4416 umbus - ok 19:10:54.0384 4416 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 19:10:54.0384 4416 UmPass - ok 19:10:54.0416 4416 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 19:10:54.0416 4416 UmRdpService - ok 19:10:54.0447 4416 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 19:10:54.0447 4416 upnphost - ok 19:10:54.0478 4416 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 19:10:54.0478 4416 USBAAPL64 - ok 19:10:54.0494 4416 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:10:54.0494 4416 usbaudio - ok 19:10:54.0525 4416 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:10:54.0525 4416 usbccgp - ok 19:10:54.0540 4416 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 19:10:54.0540 4416 usbcir - ok 19:10:54.0556 4416 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:10:54.0556 4416 usbehci - ok 19:10:54.0572 4416 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:10:54.0572 4416 usbhub - ok 19:10:54.0587 4416 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 19:10:54.0587 4416 usbohci - ok 19:10:54.0603 4416 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 19:10:54.0603 4416 usbprint - ok 19:10:54.0603 4416 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 19:10:54.0603 4416 usbscan - ok 19:10:54.0618 4416 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:10:54.0618 4416 USBSTOR - ok 19:10:54.0634 4416 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 19:10:54.0634 4416 usbuhci - ok 19:10:54.0650 4416 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 19:10:54.0650 4416 usbvideo - ok 19:10:54.0650 4416 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 19:10:54.0650 4416 UxSms - ok 19:10:54.0681 4416 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 19:10:54.0681 4416 VaultSvc - ok 19:10:54.0681 4416 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:10:54.0681 4416 vdrvroot - ok 19:10:54.0696 4416 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 19:10:54.0696 4416 vds - ok 19:10:54.0696 4416 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:10:54.0696 4416 vga - ok 19:10:54.0696 4416 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 19:10:54.0696 4416 VgaSave - ok 19:10:54.0728 4416 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 19:10:54.0728 4416 vhdmp - ok 19:10:54.0743 4416 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 19:10:54.0743 4416 viaide - ok 19:10:54.0759 4416 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 19:10:54.0774 4416 vmbus - ok 19:10:54.0774 4416 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 19:10:54.0774 4416 VMBusHID - ok 19:10:54.0790 4416 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:10:54.0790 4416 volmgr - ok 19:10:54.0806 4416 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:10:54.0806 4416 volmgrx - ok 19:10:54.0821 4416 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:10:54.0821 4416 volsnap - ok 19:10:54.0837 4416 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 19:10:54.0837 4416 vsmraid - ok 19:10:54.0868 4416 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 19:10:54.0884 4416 VSS - ok 19:10:54.0899 4416 [ 316A1762BD41C3DB06EB484527838E2D ] VUSB3HUB C:\Windows\system32\DRIVERS\ViaHub3.sys 19:10:54.0899 4416 VUSB3HUB - ok 19:10:54.0899 4416 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 19:10:54.0899 4416 vwifibus - ok 19:10:54.0930 4416 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 19:10:54.0946 4416 W32Time - ok 19:10:54.0946 4416 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 19:10:54.0946 4416 WacomPen - ok 19:10:54.0977 4416 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:10:54.0977 4416 WANARP - ok 19:10:54.0977 4416 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:10:54.0977 4416 Wanarpv6 - ok 19:10:55.0008 4416 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 19:10:55.0024 4416 wbengine - ok 19:10:55.0040 4416 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:10:55.0040 4416 WbioSrvc - ok 19:10:55.0055 4416 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:10:55.0055 4416 wcncsvc - ok 19:10:55.0071 4416 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:10:55.0071 4416 WcsPlugInService - ok 19:10:55.0086 4416 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 19:10:55.0086 4416 Wd - ok 19:10:55.0118 4416 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys 19:10:55.0118 4416 WDC_SAM - ok 19:10:55.0164 4416 [ 7DEDECC376B29A973A0F3384D135F2DA ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe 19:10:55.0164 4416 WDDMService - ok 19:10:55.0227 4416 [ B5B84712111414DD1B14C2346E9868BE ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe 19:10:55.0227 4416 WDDriveService - ok 19:10:55.0258 4416 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:10:55.0274 4416 Wdf01000 - ok 19:10:55.0320 4416 [ 8E798F577A684A5F1E464D954C6C7F1E ] WDFMEService C:\Program Files\Western Digital\WD SmartWare\WDFME.exe 19:10:55.0320 4416 WDFMEService - ok 19:10:55.0352 4416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:10:55.0352 4416 WdiServiceHost - ok 19:10:55.0352 4416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:10:55.0352 4416 WdiSystemHost - ok 19:10:55.0383 4416 [ 65D571576E366067C22F22B3E919EF8C ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe 19:10:55.0383 4416 WDRulesService - ok 19:10:55.0398 4416 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 19:10:55.0414 4416 WebClient - ok 19:10:55.0430 4416 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:10:55.0430 4416 Wecsvc - ok 19:10:55.0445 4416 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:10:55.0461 4416 wercplsupport - ok 19:10:55.0476 4416 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 19:10:55.0476 4416 WerSvc - ok 19:10:55.0508 4416 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:10:55.0508 4416 WfpLwf - ok 19:10:55.0539 4416 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:10:55.0539 4416 WIMMount - ok 19:10:55.0539 4416 WinDefend - ok 19:10:55.0539 4416 WinHttpAutoProxySvc - ok 19:10:55.0586 4416 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:10:55.0601 4416 Winmgmt - ok 19:10:55.0632 4416 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 19:10:55.0648 4416 WinRM - ok 19:10:55.0664 4416 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:10:55.0664 4416 WinUsb - ok 19:10:55.0757 4416 WISOVD - ok 19:10:55.0773 4416 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 19:10:55.0788 4416 Wlansvc - ok 19:10:55.0820 4416 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 19:10:55.0820 4416 WmiAcpi - ok 19:10:55.0835 4416 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:10:55.0835 4416 wmiApSrv - ok 19:10:55.0851 4416 WMPNetworkSvc - ok 19:10:55.0866 4416 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:10:55.0866 4416 WPCSvc - ok 19:10:55.0866 4416 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:10:55.0882 4416 WPDBusEnum - ok 19:10:55.0882 4416 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:10:55.0882 4416 ws2ifsl - ok 19:10:55.0898 4416 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 19:10:55.0898 4416 wscsvc - ok 19:10:55.0898 4416 WSearch - ok 19:10:55.0960 4416 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 19:10:55.0976 4416 wuauserv - ok 19:10:56.0022 4416 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:10:56.0022 4416 WudfPf - ok 19:10:56.0054 4416 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:10:56.0054 4416 WUDFRd - ok 19:10:56.0085 4416 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:10:56.0116 4416 wudfsvc - ok 19:10:56.0163 4416 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 19:10:56.0163 4416 WwanSvc - ok 19:10:56.0194 4416 [ FFDB0ED9D1D453F7F19DE55FE0706195 ] xhcdrv C:\Windows\system32\DRIVERS\xhcdrv.sys 19:10:56.0194 4416 xhcdrv - ok 19:10:56.0210 4416 ================ Scan global =============================== 19:10:56.0225 4416 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 19:10:56.0272 4416 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:10:56.0272 4416 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:10:56.0288 4416 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 19:10:56.0303 4416 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 19:10:56.0303 4416 [Global] - ok 19:10:56.0303 4416 ================ Scan MBR ================================== 19:10:56.0319 4416 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 19:10:56.0584 4416 \Device\Harddisk0\DR0 - ok 19:10:56.0584 4416 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 19:10:56.0615 4416 \Device\Harddisk1\DR1 - ok 19:10:56.0615 4416 ================ Scan VBR ================================== 19:10:56.0615 4416 [ A2A706A372A375EB43E8A5537648B686 ] \Device\Harddisk0\DR0\Partition1 19:10:56.0615 4416 \Device\Harddisk0\DR0\Partition1 - ok 19:10:56.0631 4416 [ E3B60A817FD40179241B26BF6F248C0F ] \Device\Harddisk0\DR0\Partition2 19:10:56.0646 4416 \Device\Harddisk0\DR0\Partition2 - ok 19:10:56.0662 4416 [ CAC83C362246A886742628AE52BA6B81 ] \Device\Harddisk0\DR0\Partition3 19:10:56.0662 4416 \Device\Harddisk0\DR0\Partition3 - ok 19:10:56.0662 4416 [ CA0C577FA45082F93D4EB542735BC53D ] \Device\Harddisk1\DR1\Partition1 19:10:56.0662 4416 \Device\Harddisk1\DR1\Partition1 - ok 19:10:56.0662 4416 ============================================================ 19:10:56.0662 4416 Scan finished 19:10:56.0662 4416 ============================================================ 19:10:56.0662 2988 Detected object count: 0 19:10:56.0662 2988 Actual detected object count: 0 19:12:40.0017 2416 ============================================================ 19:12:40.0017 2416 Scan started 19:12:40.0017 2416 Mode: Manual; 19:12:40.0017 2416 ============================================================ 19:12:40.0173 2416 ================ Scan system memory ======================== 19:12:40.0173 2416 System memory - ok 19:12:40.0173 2416 ================ Scan services ============================= 19:12:40.0297 2416 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 19:12:40.0297 2416 1394ohci - ok 19:12:40.0313 2416 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:12:40.0313 2416 ACPI - ok 19:12:40.0329 2416 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 19:12:40.0329 2416 AcpiPmi - ok 19:12:40.0391 2416 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:12:40.0391 2416 AdobeARMservice - ok 19:12:40.0453 2416 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:12:40.0469 2416 AdobeFlashPlayerUpdateSvc - ok 19:12:40.0485 2416 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 19:12:40.0485 2416 adp94xx - ok 19:12:40.0500 2416 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 19:12:40.0500 2416 adpahci - ok 19:12:40.0516 2416 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 19:12:40.0516 2416 adpu320 - ok 19:12:40.0531 2416 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:12:40.0531 2416 AeLookupSvc - ok 19:12:40.0563 2416 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 19:12:40.0563 2416 AFD - ok 19:12:40.0594 2416 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 19:12:40.0594 2416 agp440 - ok 19:12:40.0609 2416 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 19:12:40.0609 2416 ALG - ok 19:12:40.0609 2416 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 19:12:40.0609 2416 aliide - ok 19:12:40.0625 2416 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 19:12:40.0625 2416 amdide - ok 19:12:40.0641 2416 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 19:12:40.0641 2416 AmdK8 - ok 19:12:40.0641 2416 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 19:12:40.0641 2416 AmdPPM - ok 19:12:40.0672 2416 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:12:40.0672 2416 amdsata - ok 19:12:40.0687 2416 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 19:12:40.0687 2416 amdsbs - ok 19:12:40.0703 2416 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:12:40.0703 2416 amdxata - ok 19:12:40.0703 2416 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 19:12:40.0703 2416 AppID - ok 19:12:40.0719 2416 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:12:40.0719 2416 AppIDSvc - ok 19:12:40.0734 2416 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 19:12:40.0734 2416 Appinfo - ok 19:12:40.0781 2416 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:12:40.0781 2416 Apple Mobile Device - ok 19:12:40.0812 2416 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 19:12:40.0812 2416 AppMgmt - ok 19:12:40.0828 2416 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 19:12:40.0828 2416 arc - ok 19:12:40.0828 2416 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 19:12:40.0843 2416 arcsas - ok 19:12:40.0843 2416 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:12:40.0843 2416 AsyncMac - ok 19:12:40.0843 2416 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 19:12:40.0843 2416 atapi - ok 19:12:40.0859 2416 Atheros Traffic Shaping - ok 19:12:40.0890 2416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:12:40.0890 2416 AudioEndpointBuilder - ok 19:12:40.0890 2416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 19:12:40.0890 2416 AudioSrv - ok 19:12:40.0906 2416 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:12:40.0906 2416 AxInstSV - ok 19:12:40.0937 2416 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 19:12:40.0937 2416 b06bdrv - ok 19:12:40.0953 2416 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 19:12:40.0953 2416 b57nd60a - ok 19:12:40.0953 2416 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 19:12:40.0953 2416 BDESVC - ok 19:12:40.0953 2416 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 19:12:40.0953 2416 Beep - ok 19:12:40.0984 2416 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 19:12:40.0984 2416 BFE - ok 19:12:41.0015 2416 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 19:12:41.0015 2416 BITS - ok 19:12:41.0031 2416 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:12:41.0031 2416 blbdrive - ok 19:12:41.0046 2416 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:12:41.0062 2416 Bonjour Service - ok 19:12:41.0077 2416 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:12:41.0077 2416 bowser - ok 19:12:41.0093 2416 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 19:12:41.0093 2416 BrFiltLo - ok 19:12:41.0093 2416 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 19:12:41.0093 2416 BrFiltUp - ok 19:12:41.0124 2416 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 19:12:41.0124 2416 Browser - ok 19:12:41.0140 2416 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:12:41.0140 2416 Brserid - ok 19:12:41.0155 2416 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:12:41.0155 2416 BrSerWdm - ok 19:12:41.0155 2416 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:12:41.0155 2416 BrUsbMdm - ok 19:12:41.0171 2416 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:12:41.0171 2416 BrUsbSer - ok 19:12:41.0171 2416 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 19:12:41.0171 2416 BTHMODEM - ok 19:12:41.0187 2416 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 19:12:41.0187 2416 bthserv - ok 19:12:41.0187 2416 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:12:41.0187 2416 cdfs - ok 19:12:41.0202 2416 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:12:41.0202 2416 cdrom - ok 19:12:41.0233 2416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 19:12:41.0233 2416 CertPropSvc - ok 19:12:41.0249 2416 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 19:12:41.0249 2416 circlass - ok 19:12:41.0265 2416 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 19:12:41.0265 2416 CLFS - ok 19:12:41.0358 2416 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:12:41.0358 2416 clr_optimization_v2.0.50727_32 - ok 19:12:41.0374 2416 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:12:41.0374 2416 clr_optimization_v2.0.50727_64 - ok 19:12:41.0436 2416 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:12:41.0436 2416 clr_optimization_v4.0.30319_32 - ok 19:12:41.0452 2416 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:12:41.0452 2416 clr_optimization_v4.0.30319_64 - ok 19:12:41.0467 2416 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 19:12:41.0467 2416 CmBatt - ok 19:12:41.0467 2416 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:12:41.0467 2416 cmdide - ok 19:12:41.0499 2416 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 19:12:41.0499 2416 CNG - ok 19:12:41.0514 2416 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 19:12:41.0514 2416 Compbatt - ok 19:12:41.0514 2416 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 19:12:41.0514 2416 CompositeBus - ok 19:12:41.0514 2416 COMSysApp - ok 19:12:41.0545 2416 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 19:12:41.0545 2416 cphs - ok 19:12:41.0577 2416 cpuz135 - ok 19:12:41.0577 2416 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 19:12:41.0577 2416 crcdisk - ok 19:12:41.0608 2416 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:12:41.0623 2416 CryptSvc - ok 19:12:41.0639 2416 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 19:12:41.0655 2416 CSC - ok 19:12:41.0686 2416 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 19:12:41.0686 2416 CscService - ok 19:12:41.0717 2416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 19:12:41.0733 2416 DcomLaunch - ok 19:12:41.0748 2416 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 19:12:41.0748 2416 defragsvc - ok 19:12:41.0764 2416 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:12:41.0764 2416 DfsC - ok 19:12:41.0779 2416 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 19:12:41.0779 2416 Dhcp - ok 19:12:41.0795 2416 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 19:12:41.0795 2416 discache - ok 19:12:41.0811 2416 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 19:12:41.0811 2416 Disk - ok 19:12:41.0826 2416 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 19:12:41.0826 2416 dmvsc - ok 19:12:41.0842 2416 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:12:41.0857 2416 Dnscache - ok 19:12:41.0889 2416 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 19:12:41.0889 2416 dot3svc - ok 19:12:41.0904 2416 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 19:12:41.0904 2416 DPS - ok 19:12:41.0920 2416 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:12:41.0920 2416 drmkaud - ok 19:12:41.0951 2416 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:12:41.0951 2416 DXGKrnl - ok 19:12:41.0967 2416 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 19:12:41.0967 2416 EapHost - ok 19:12:42.0029 2416 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 19:12:42.0045 2416 ebdrv - ok 19:12:42.0045 2416 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 19:12:42.0045 2416 EFS - ok 19:12:42.0107 2416 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:12:42.0107 2416 ehRecvr - ok 19:12:42.0123 2416 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 19:12:42.0123 2416 ehSched - ok 19:12:42.0138 2416 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 19:12:42.0138 2416 elxstor - ok 19:12:42.0154 2416 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:12:42.0154 2416 ErrDev - ok 19:12:42.0185 2416 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys 19:12:42.0185 2416 etdrv - ok 19:12:42.0201 2416 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 19:12:42.0201 2416 EventSystem - ok 19:12:42.0216 2416 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 19:12:42.0216 2416 exfat - ok 19:12:42.0232 2416 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:12:42.0232 2416 fastfat - ok 19:12:42.0247 2416 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 19:12:42.0263 2416 Fax - ok 19:12:42.0263 2416 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 19:12:42.0263 2416 fdc - ok 19:12:42.0279 2416 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 19:12:42.0279 2416 fdPHost - ok 19:12:42.0294 2416 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 19:12:42.0294 2416 FDResPub - ok |
21.02.2013, 19:49 | #10 |
| Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar 19:12:42.0310 2416 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:12:42.0310 2416 FileInfo - ok 19:12:42.0310 2416 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:12:42.0325 2416 Filetrace - ok 19:12:42.0325 2416 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 19:12:42.0325 2416 flpydisk - ok 19:12:42.0341 2416 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:12:42.0341 2416 FltMgr - ok 19:12:42.0372 2416 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 19:12:42.0372 2416 FontCache - ok 19:12:42.0435 2416 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:12:42.0435 2416 FontCache3.0.0.0 - ok 19:12:42.0450 2416 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:12:42.0450 2416 FsDepends - ok 19:12:42.0481 2416 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:12:42.0481 2416 Fs_Rec - ok 19:12:42.0497 2416 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:12:42.0497 2416 fvevol - ok 19:12:42.0513 2416 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 19:12:42.0513 2416 gagp30kx - ok 19:12:42.0513 2416 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys 19:12:42.0513 2416 gdrv - ok 19:12:42.0544 2416 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:12:42.0544 2416 GEARAspiWDM - ok 19:12:42.0591 2416 [ 5D4DF0BAC74E9AC62AF6BC99440B050B ] GPCIDrv C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys 19:12:42.0591 2416 GPCIDrv - ok 19:12:42.0622 2416 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 19:12:42.0622 2416 gpsvc - ok 19:12:42.0653 2416 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys 19:12:42.0653 2416 GVTDrv64 - ok 19:12:42.0653 2416 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:12:42.0653 2416 hcw85cir - ok 19:12:42.0669 2416 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:12:42.0684 2416 HdAudAddService - ok 19:12:42.0684 2416 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 19:12:42.0684 2416 HDAudBus - ok 19:12:42.0700 2416 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 19:12:42.0700 2416 HidBatt - ok 19:12:42.0700 2416 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 19:12:42.0700 2416 HidBth - ok 19:12:42.0715 2416 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 19:12:42.0715 2416 HidIr - ok 19:12:42.0731 2416 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 19:12:42.0731 2416 hidserv - ok 19:12:42.0747 2416 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:12:42.0747 2416 HidUsb - ok 19:12:42.0778 2416 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:12:42.0778 2416 hkmsvc - ok 19:12:42.0793 2416 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:12:42.0793 2416 HomeGroupListener - ok 19:12:42.0809 2416 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:12:42.0809 2416 HomeGroupProvider - ok 19:12:42.0825 2416 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:12:42.0825 2416 HpSAMD - ok 19:12:42.0840 2416 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:12:42.0840 2416 HTTP - ok 19:12:42.0856 2416 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:12:42.0856 2416 hwpolicy - ok 19:12:42.0871 2416 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 19:12:42.0871 2416 i8042prt - ok 19:12:42.0903 2416 [ 6C91E425ACE29594BD574DE38AC9B76D ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys 19:12:42.0903 2416 iaStorA - ok 19:12:42.0965 2416 [ 0AB254994A460550258446950BB58311 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 19:12:42.0965 2416 IAStorDataMgrSvc - ok 19:12:42.0981 2416 [ 2B38F13E18E272459CD2CE83E6722C12 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys 19:12:42.0981 2416 iaStorF - ok 19:12:43.0012 2416 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:12:43.0012 2416 iaStorV - ok 19:12:43.0027 2416 [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 19:12:43.0027 2416 ICCS - ok 19:12:43.0074 2416 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 19:12:43.0074 2416 IDriverT - ok 19:12:43.0137 2416 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:12:43.0137 2416 idsvc - ok 19:12:43.0215 2416 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 19:12:43.0230 2416 igfx - ok 19:12:43.0261 2416 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 19:12:43.0261 2416 iirsp - ok 19:12:43.0277 2416 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 19:12:43.0277 2416 IKEEXT - ok 19:12:43.0293 2416 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 19:12:43.0293 2416 intelide - ok 19:12:43.0308 2416 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:12:43.0308 2416 intelppm - ok 19:12:43.0339 2416 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:12:43.0339 2416 IPBusEnum - ok 19:12:43.0355 2416 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:12:43.0355 2416 IpFilterDriver - ok 19:12:43.0386 2416 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:12:43.0386 2416 iphlpsvc - ok 19:12:43.0402 2416 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 19:12:43.0402 2416 IPMIDRV - ok 19:12:43.0417 2416 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:12:43.0417 2416 IPNAT - ok 19:12:43.0449 2416 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:12:43.0449 2416 iPod Service - ok 19:12:43.0464 2416 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:12:43.0464 2416 IRENUM - ok 19:12:43.0480 2416 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:12:43.0480 2416 isapnp - ok 19:12:43.0480 2416 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 19:12:43.0480 2416 iScsiPrt - ok 19:12:43.0511 2416 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 19:12:43.0511 2416 iusb3hcs - ok 19:12:43.0542 2416 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 19:12:43.0542 2416 iusb3hub - ok 19:12:43.0558 2416 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 19:12:43.0558 2416 iusb3xhc - ok 19:12:43.0573 2416 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 19:12:43.0573 2416 kbdclass - ok 19:12:43.0573 2416 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 19:12:43.0573 2416 kbdhid - ok 19:12:43.0589 2416 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 19:12:43.0589 2416 KeyIso - ok 19:12:43.0620 2416 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:12:43.0620 2416 KSecDD - ok 19:12:43.0636 2416 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:12:43.0636 2416 KSecPkg - ok 19:12:43.0651 2416 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 19:12:43.0651 2416 ksthunk - ok 19:12:43.0667 2416 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 19:12:43.0683 2416 KtmRm - ok 19:12:43.0683 2416 [ B8040D3B97B16B89701E31A17353856C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 19:12:43.0683 2416 L1C - ok 19:12:43.0714 2416 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 19:12:43.0714 2416 LanmanServer - ok 19:12:43.0729 2416 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:12:43.0729 2416 LanmanWorkstation - ok 19:12:43.0792 2416 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 19:12:43.0807 2416 LBTServ - ok 19:12:43.0839 2416 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 19:12:43.0839 2416 LHidFilt - ok 19:12:43.0839 2416 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:12:43.0839 2416 lltdio - ok 19:12:43.0870 2416 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:12:43.0870 2416 lltdsvc - ok 19:12:43.0885 2416 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 19:12:43.0885 2416 lmhosts - ok 19:12:43.0901 2416 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 19:12:43.0901 2416 LMouFilt - ok 19:12:43.0917 2416 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 19:12:43.0917 2416 LSI_FC - ok 19:12:43.0917 2416 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 19:12:43.0917 2416 LSI_SAS - ok 19:12:43.0932 2416 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 19:12:43.0932 2416 LSI_SAS2 - ok 19:12:43.0932 2416 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 19:12:43.0932 2416 LSI_SCSI - ok 19:12:43.0948 2416 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 19:12:43.0948 2416 luafv - ok 19:12:43.0979 2416 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 19:12:43.0979 2416 MBAMProtector - ok 19:12:44.0026 2416 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 19:12:44.0026 2416 MBAMScheduler - ok 19:12:44.0057 2416 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:12:44.0057 2416 MBAMService - ok 19:12:44.0073 2416 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:12:44.0073 2416 Mcx2Svc - ok 19:12:44.0073 2416 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 19:12:44.0073 2416 megasas - ok 19:12:44.0104 2416 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 19:12:44.0104 2416 MegaSR - ok 19:12:44.0119 2416 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 19:12:44.0119 2416 MEIx64 - ok 19:12:44.0166 2416 Microsoft SharePoint Workspace Audit Service - ok 19:12:44.0182 2416 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 19:12:44.0182 2416 MMCSS - ok 19:12:44.0213 2416 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 19:12:44.0213 2416 Modem - ok 19:12:44.0229 2416 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:12:44.0229 2416 monitor - ok 19:12:44.0244 2416 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:12:44.0244 2416 mouclass - ok 19:12:44.0260 2416 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:12:44.0260 2416 mouhid - ok 19:12:44.0260 2416 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:12:44.0260 2416 mountmgr - ok 19:12:44.0291 2416 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 19:12:44.0291 2416 MpFilter - ok 19:12:44.0307 2416 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 19:12:44.0307 2416 mpio - ok 19:12:44.0322 2416 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:12:44.0322 2416 mpsdrv - ok 19:12:44.0338 2416 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 19:12:44.0338 2416 MpsSvc - ok 19:12:44.0353 2416 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:12:44.0353 2416 MRxDAV - ok 19:12:44.0353 2416 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:12:44.0369 2416 mrxsmb - ok 19:12:44.0385 2416 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:12:44.0385 2416 mrxsmb10 - ok 19:12:44.0416 2416 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:12:44.0416 2416 mrxsmb20 - ok 19:12:44.0416 2416 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 19:12:44.0416 2416 msahci - ok 19:12:44.0431 2416 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:12:44.0431 2416 msdsm - ok 19:12:44.0447 2416 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 19:12:44.0447 2416 MSDTC - ok 19:12:44.0463 2416 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:12:44.0463 2416 Msfs - ok 19:12:44.0478 2416 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:12:44.0478 2416 mshidkmdf - ok 19:12:44.0478 2416 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:12:44.0478 2416 msisadrv - ok 19:12:44.0494 2416 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:12:44.0494 2416 MSiSCSI - ok 19:12:44.0509 2416 msiserver - ok 19:12:44.0509 2416 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:12:44.0509 2416 MSKSSRV - ok 19:12:44.0541 2416 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe 19:12:44.0541 2416 MsMpSvc - ok 19:12:44.0556 2416 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:12:44.0556 2416 MSPCLOCK - ok 19:12:44.0556 2416 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:12:44.0556 2416 MSPQM - ok 19:12:44.0572 2416 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:12:44.0587 2416 MsRPC - ok 19:12:44.0587 2416 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 19:12:44.0587 2416 mssmbios - ok 19:12:44.0603 2416 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:12:44.0603 2416 MSTEE - ok 19:12:44.0603 2416 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 19:12:44.0603 2416 MTConfig - ok 19:12:44.0619 2416 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 19:12:44.0619 2416 Mup - ok 19:12:44.0634 2416 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 19:12:44.0634 2416 napagent - ok 19:12:44.0650 2416 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:12:44.0650 2416 NativeWifiP - ok 19:12:44.0681 2416 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:12:44.0697 2416 NDIS - ok 19:12:44.0697 2416 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:12:44.0697 2416 NdisCap - ok 19:12:44.0697 2416 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:12:44.0697 2416 NdisTapi - ok 19:12:44.0712 2416 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:12:44.0712 2416 Ndisuio - ok 19:12:44.0728 2416 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:12:44.0728 2416 NdisWan - ok 19:12:44.0743 2416 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:12:44.0743 2416 NDProxy - ok 19:12:44.0743 2416 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:12:44.0743 2416 NetBIOS - ok 19:12:44.0759 2416 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:12:44.0759 2416 NetBT - ok 19:12:44.0759 2416 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 19:12:44.0759 2416 Netlogon - ok 19:12:44.0775 2416 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 19:12:44.0775 2416 Netman - ok 19:12:44.0790 2416 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 19:12:44.0806 2416 netprofm - ok 19:12:44.0821 2416 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:12:44.0821 2416 NetTcpPortSharing - ok 19:12:44.0853 2416 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 19:12:44.0853 2416 nfrd960 - ok 19:12:44.0868 2416 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 19:12:44.0868 2416 NisDrv - ok 19:12:44.0899 2416 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe 19:12:44.0899 2416 NisSrv - ok 19:12:44.0915 2416 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 19:12:44.0931 2416 NlaSvc - ok 19:12:44.0946 2416 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:12:44.0946 2416 Npfs - ok 19:12:44.0962 2416 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 19:12:44.0962 2416 nsi - ok 19:12:44.0962 2416 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:12:44.0962 2416 nsiproxy - ok 19:12:45.0009 2416 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:12:45.0009 2416 Ntfs - ok 19:12:45.0040 2416 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 19:12:45.0040 2416 Null - ok 19:12:45.0071 2416 [ B4F53BCA4C688FF47F04FA90098F896E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 19:12:45.0071 2416 NVHDA - ok 19:12:45.0196 2416 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:12:45.0243 2416 nvlddmkm - ok 19:12:45.0258 2416 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:12:45.0258 2416 nvraid - ok 19:12:45.0289 2416 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:12:45.0289 2416 nvstor - ok 19:12:45.0321 2416 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe 19:12:45.0336 2416 nvsvc - ok 19:12:45.0414 2416 [ CB2A68104E6E21EB30155F081768065A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 19:12:45.0430 2416 nvUpdatusService - ok 19:12:45.0445 2416 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:12:45.0445 2416 nv_agp - ok 19:12:45.0461 2416 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 19:12:45.0461 2416 ohci1394 - ok 19:12:45.0523 2416 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:12:45.0523 2416 ose - ok 19:12:45.0601 2416 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:12:45.0617 2416 osppsvc - ok 19:12:45.0648 2416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:12:45.0648 2416 p2pimsvc - ok 19:12:45.0679 2416 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 19:12:45.0695 2416 p2psvc - ok 19:12:45.0711 2416 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 19:12:45.0711 2416 Parport - ok 19:12:45.0726 2416 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:12:45.0726 2416 partmgr - ok 19:12:45.0742 2416 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:12:45.0742 2416 PcaSvc - ok 19:12:45.0757 2416 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 19:12:45.0757 2416 pci - ok 19:12:45.0757 2416 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 19:12:45.0757 2416 pciide - ok 19:12:45.0773 2416 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 19:12:45.0773 2416 pcmcia - ok 19:12:45.0789 2416 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 19:12:45.0789 2416 pcw - ok 19:12:45.0804 2416 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:12:45.0804 2416 PEAUTH - ok 19:12:45.0835 2416 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 19:12:45.0835 2416 PeerDistSvc - ok 19:12:45.0913 2416 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 19:12:45.0913 2416 PerfHost - ok 19:12:45.0945 2416 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 19:12:45.0945 2416 pla - ok 19:12:45.0976 2416 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:12:45.0976 2416 PlugPlay - ok 19:12:45.0976 2416 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:12:45.0976 2416 PNRPAutoReg - ok 19:12:45.0991 2416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:12:45.0991 2416 PNRPsvc - ok 19:12:46.0023 2416 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:12:46.0023 2416 PolicyAgent - ok 19:12:46.0038 2416 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 19:12:46.0038 2416 Power - ok 19:12:46.0054 2416 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:12:46.0054 2416 PptpMiniport - ok 19:12:46.0069 2416 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 19:12:46.0069 2416 Processor - ok 19:12:46.0085 2416 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 19:12:46.0085 2416 ProfSvc - ok 19:12:46.0101 2416 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:12:46.0101 2416 ProtectedStorage - ok 19:12:46.0101 2416 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:12:46.0101 2416 Psched - ok 19:12:46.0132 2416 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 19:12:46.0147 2416 ql2300 - ok 19:12:46.0163 2416 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 19:12:46.0163 2416 ql40xx - ok 19:12:46.0179 2416 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 19:12:46.0179 2416 QWAVE - ok 19:12:46.0194 2416 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:12:46.0194 2416 QWAVEdrv - ok 19:12:46.0194 2416 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:12:46.0194 2416 RasAcd - ok 19:12:46.0194 2416 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:12:46.0210 2416 RasAgileVpn - ok 19:12:46.0225 2416 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 19:12:46.0225 2416 RasAuto - ok 19:12:46.0225 2416 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:12:46.0241 2416 Rasl2tp - ok 19:12:46.0257 2416 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 19:12:46.0257 2416 RasMan - ok 19:12:46.0272 2416 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:12:46.0272 2416 RasPppoe - ok 19:12:46.0272 2416 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:12:46.0288 2416 RasSstp - ok 19:12:46.0288 2416 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:12:46.0303 2416 rdbss - ok 19:12:46.0303 2416 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 19:12:46.0303 2416 rdpbus - ok 19:12:46.0319 2416 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:12:46.0319 2416 RDPCDD - ok 19:12:46.0366 2416 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 19:12:46.0366 2416 RDPDR - ok 19:12:46.0366 2416 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:12:46.0366 2416 RDPENCDD - ok 19:12:46.0397 2416 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:12:46.0397 2416 RDPREFMP - ok 19:12:46.0413 2416 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 19:12:46.0413 2416 RdpVideoMiniport - ok 19:12:46.0444 2416 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:12:46.0444 2416 RDPWD - ok 19:12:46.0459 2416 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:12:46.0459 2416 rdyboost - ok 19:12:46.0491 2416 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 19:12:46.0491 2416 RemoteAccess - ok 19:12:46.0491 2416 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:12:46.0491 2416 RemoteRegistry - ok 19:12:46.0491 2416 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:12:46.0491 2416 RpcEptMapper - ok 19:12:46.0522 2416 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 19:12:46.0522 2416 RpcLocator - ok 19:12:46.0553 2416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 19:12:46.0553 2416 RpcSs - ok 19:12:46.0569 2416 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:12:46.0569 2416 rspndr - ok 19:12:46.0569 2416 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 19:12:46.0569 2416 s3cap - ok 19:12:46.0569 2416 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 19:12:46.0569 2416 SamSs - ok 19:12:46.0584 2416 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:12:46.0584 2416 sbp2port - ok 19:12:46.0615 2416 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:12:46.0615 2416 SCardSvr - ok 19:12:46.0631 2416 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:12:46.0631 2416 scfilter - ok 19:12:46.0647 2416 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 19:12:46.0647 2416 Schedule - ok 19:12:46.0678 2416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 19:12:46.0678 2416 SCPolicySvc - ok 19:12:46.0678 2416 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:12:46.0693 2416 SDRSVC - ok 19:12:46.0693 2416 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:12:46.0693 2416 secdrv - ok 19:12:46.0709 2416 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 19:12:46.0709 2416 seclogon - ok 19:12:46.0709 2416 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 19:12:46.0709 2416 SENS - ok 19:12:46.0725 2416 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:12:46.0725 2416 SensrSvc - ok 19:12:46.0725 2416 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:12:46.0725 2416 Serenum - ok 19:12:46.0740 2416 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:12:46.0740 2416 Serial - ok 19:12:46.0740 2416 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 19:12:46.0740 2416 sermouse - ok 19:12:46.0787 2416 [ 91E844F7E8AAAF72FFEAD7C13452EDE3 ] Serviio C:\Program Files\Serviio\bin\ServiioService.exe 19:12:46.0787 2416 Serviio - ok 19:12:46.0849 2416 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 19:12:46.0849 2416 SessionEnv - ok 19:12:46.0865 2416 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:12:46.0865 2416 sffdisk - ok 19:12:46.0865 2416 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:12:46.0865 2416 sffp_mmc - ok 19:12:46.0865 2416 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:12:46.0865 2416 sffp_sd - ok 19:12:46.0881 2416 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 19:12:46.0881 2416 sfloppy - ok 19:12:46.0912 2416 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:12:46.0912 2416 SharedAccess - ok 19:12:46.0927 2416 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:12:46.0927 2416 ShellHWDetection - ok 19:12:46.0943 2416 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 19:12:46.0943 2416 SiSRaid2 - ok 19:12:46.0959 2416 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 19:12:46.0959 2416 SiSRaid4 - ok 19:12:46.0974 2416 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:12:46.0974 2416 Smb - ok 19:12:46.0974 2416 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:12:46.0974 2416 SNMPTRAP - ok 19:12:46.0974 2416 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 19:12:46.0974 2416 spldr - ok 19:12:47.0005 2416 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 19:12:47.0005 2416 Spooler - ok 19:12:47.0052 2416 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 19:12:47.0068 2416 sppsvc - ok 19:12:47.0068 2416 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:12:47.0083 2416 sppuinotify - ok 19:12:47.0099 2416 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 19:12:47.0099 2416 srv - ok 19:12:47.0115 2416 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:12:47.0130 2416 srv2 - ok 19:12:47.0146 2416 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:12:47.0146 2416 srvnet - ok 19:12:47.0161 2416 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:12:47.0161 2416 SSDPSRV - ok 19:12:47.0177 2416 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:12:47.0177 2416 SstpSvc - ok 19:12:47.0224 2416 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 19:12:47.0224 2416 Stereo Service - ok 19:12:47.0239 2416 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 19:12:47.0239 2416 stexstor - ok 19:12:47.0317 2416 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 19:12:47.0317 2416 stisvc - ok 19:12:47.0349 2416 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 19:12:47.0349 2416 storflt - ok 19:12:47.0380 2416 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 19:12:47.0380 2416 StorSvc - ok 19:12:47.0380 2416 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 19:12:47.0380 2416 storvsc - ok 19:12:47.0395 2416 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 19:12:47.0395 2416 swenum - ok 19:12:47.0411 2416 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 19:12:47.0411 2416 swprv - ok 19:12:47.0442 2416 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 19:12:47.0458 2416 SysMain - ok 19:12:47.0458 2416 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:12:47.0458 2416 TabletInputService - ok 19:12:47.0473 2416 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 19:12:47.0473 2416 TapiSrv - ok 19:12:47.0473 2416 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 19:12:47.0473 2416 TBS - ok 19:12:47.0536 2416 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:12:47.0536 2416 Tcpip - ok 19:12:47.0583 2416 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:12:47.0598 2416 TCPIP6 - ok 19:12:47.0614 2416 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:12:47.0614 2416 tcpipreg - ok 19:12:47.0629 2416 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:12:47.0629 2416 TDPIPE - ok 19:12:47.0661 2416 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:12:47.0661 2416 TDTCP - ok 19:12:47.0661 2416 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:12:47.0661 2416 tdx - ok 19:12:47.0676 2416 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 19:12:47.0676 2416 TermDD - ok 19:12:47.0692 2416 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 19:12:47.0707 2416 TermService - ok 19:12:47.0707 2416 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 19:12:47.0707 2416 Themes - ok 19:12:47.0723 2416 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 19:12:47.0723 2416 THREADORDER - ok 19:12:47.0739 2416 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 19:12:47.0739 2416 TrkWks - ok 19:12:47.0817 2416 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:12:47.0817 2416 TrustedInstaller - ok 19:12:47.0817 2416 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:12:47.0817 2416 tssecsrv - ok 19:12:47.0832 2416 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:12:47.0832 2416 TsUsbFlt - ok 19:12:47.0848 2416 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 19:12:47.0848 2416 TsUsbGD - ok 19:12:47.0848 2416 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:12:47.0863 2416 tunnel - ok 19:12:47.0863 2416 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 19:12:47.0863 2416 uagp35 - ok 19:12:47.0895 2416 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:12:47.0895 2416 udfs - ok 19:12:47.0895 2416 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:12:47.0895 2416 UI0Detect - ok 19:12:47.0910 2416 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:12:47.0910 2416 uliagpkx - ok 19:12:47.0926 2416 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 19:12:47.0926 2416 umbus - ok 19:12:47.0926 2416 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 19:12:47.0926 2416 UmPass - ok 19:12:47.0957 2416 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 19:12:47.0957 2416 UmRdpService - ok 19:12:47.0988 2416 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 19:12:47.0988 2416 upnphost - ok 19:12:48.0004 2416 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 19:12:48.0004 2416 USBAAPL64 - ok 19:12:48.0019 2416 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:12:48.0019 2416 usbaudio - ok 19:12:48.0035 2416 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:12:48.0035 2416 usbccgp - ok 19:12:48.0051 2416 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 19:12:48.0051 2416 usbcir - ok 19:12:48.0066 2416 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:12:48.0066 2416 usbehci - ok 19:12:48.0082 2416 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:12:48.0082 2416 usbhub - ok 19:12:48.0097 2416 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 19:12:48.0097 2416 usbohci - ok 19:12:48.0113 2416 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 19:12:48.0113 2416 usbprint - ok 19:12:48.0113 2416 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 19:12:48.0113 2416 usbscan - ok 19:12:48.0144 2416 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:12:48.0144 2416 USBSTOR - ok 19:12:48.0144 2416 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 19:12:48.0144 2416 usbuhci - ok 19:12:48.0160 2416 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 19:12:48.0160 2416 usbvideo - ok 19:12:48.0175 2416 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 19:12:48.0175 2416 UxSms - ok 19:12:48.0175 2416 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 19:12:48.0175 2416 VaultSvc - ok 19:12:48.0175 2416 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:12:48.0175 2416 vdrvroot - ok 19:12:48.0191 2416 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 19:12:48.0207 2416 vds - ok 19:12:48.0207 2416 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:12:48.0207 2416 vga - ok 19:12:48.0207 2416 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 19:12:48.0207 2416 VgaSave - ok 19:12:48.0222 2416 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 19:12:48.0222 2416 vhdmp - ok 19:12:48.0238 2416 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 19:12:48.0238 2416 viaide - ok 19:12:48.0269 2416 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 19:12:48.0269 2416 vmbus - ok 19:12:48.0285 2416 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 19:12:48.0285 2416 VMBusHID - ok 19:12:48.0300 2416 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:12:48.0300 2416 volmgr - ok 19:12:48.0316 2416 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:12:48.0316 2416 volmgrx - ok 19:12:48.0331 2416 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:12:48.0331 2416 volsnap - ok 19:12:48.0331 2416 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 19:12:48.0331 2416 vsmraid - ok 19:12:48.0363 2416 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 19:12:48.0378 2416 VSS - ok 19:12:48.0378 2416 [ 316A1762BD41C3DB06EB484527838E2D ] VUSB3HUB C:\Windows\system32\DRIVERS\ViaHub3.sys 19:12:48.0378 2416 VUSB3HUB - ok 19:12:48.0409 2416 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 19:12:48.0409 2416 vwifibus - ok 19:12:48.0425 2416 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 19:12:48.0425 2416 W32Time - ok 19:12:48.0441 2416 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 19:12:48.0441 2416 WacomPen - ok 19:12:48.0456 2416 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:12:48.0456 2416 WANARP - ok 19:12:48.0456 2416 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:12:48.0456 2416 Wanarpv6 - ok 19:12:48.0472 2416 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 19:12:48.0472 2416 wbengine - ok 19:12:48.0503 2416 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:12:48.0503 2416 WbioSrvc - ok 19:12:48.0519 2416 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:12:48.0519 2416 wcncsvc - ok 19:12:48.0534 2416 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:12:48.0534 2416 WcsPlugInService - ok 19:12:48.0534 2416 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 19:12:48.0534 2416 Wd - ok 19:12:48.0550 2416 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys 19:12:48.0550 2416 WDC_SAM - ok 19:12:48.0612 2416 [ 7DEDECC376B29A973A0F3384D135F2DA ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe 19:12:48.0612 2416 WDDMService - ok 19:12:48.0659 2416 [ B5B84712111414DD1B14C2346E9868BE ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe 19:12:48.0659 2416 WDDriveService - ok 19:12:48.0706 2416 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:12:48.0706 2416 Wdf01000 - ok 19:12:48.0753 2416 [ 8E798F577A684A5F1E464D954C6C7F1E ] WDFMEService C:\Program Files\Western Digital\WD SmartWare\WDFME.exe 19:12:48.0753 2416 WDFMEService - ok 19:12:48.0768 2416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:12:48.0768 2416 WdiServiceHost - ok 19:12:48.0768 2416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:12:48.0768 2416 WdiSystemHost - ok 19:12:48.0799 2416 [ 65D571576E366067C22F22B3E919EF8C ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe 19:12:48.0799 2416 WDRulesService - ok 19:12:48.0831 2416 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 19:12:48.0831 2416 WebClient - ok 19:12:48.0846 2416 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:12:48.0846 2416 Wecsvc - ok 19:12:48.0862 2416 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:12:48.0862 2416 wercplsupport - ok 19:12:48.0877 2416 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 19:12:48.0877 2416 WerSvc - ok 19:12:48.0893 2416 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:12:48.0893 2416 WfpLwf - ok 19:12:48.0893 2416 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:12:48.0893 2416 WIMMount - ok 19:12:48.0909 2416 WinDefend - ok 19:12:48.0909 2416 WinHttpAutoProxySvc - ok 19:12:48.0955 2416 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:12:48.0955 2416 Winmgmt - ok 19:12:48.0987 2416 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 19:12:49.0002 2416 WinRM - ok 19:12:49.0018 2416 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:12:49.0018 2416 WinUsb - ok 19:12:49.0065 2416 WISOVD - ok 19:12:49.0080 2416 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 19:12:49.0080 2416 Wlansvc - ok 19:12:49.0158 2416 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 19:12:49.0158 2416 WmiAcpi - ok 19:12:49.0189 2416 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:12:49.0189 2416 wmiApSrv - ok 19:12:49.0205 2416 WMPNetworkSvc - ok 19:12:49.0205 2416 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:12:49.0205 2416 WPCSvc - ok 19:12:49.0221 2416 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:12:49.0221 2416 WPDBusEnum - ok 19:12:49.0236 2416 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:12:49.0236 2416 ws2ifsl - ok 19:12:49.0252 2416 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 19:12:49.0252 2416 wscsvc - ok 19:12:49.0252 2416 WSearch - ok 19:12:49.0314 2416 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 19:12:49.0314 2416 wuauserv - ok 19:12:49.0361 2416 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:12:49.0361 2416 WudfPf - ok 19:12:49.0377 2416 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:12:49.0377 2416 WUDFRd - ok 19:12:49.0423 2416 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:12:49.0423 2416 wudfsvc - ok 19:12:49.0455 2416 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 19:12:49.0455 2416 WwanSvc - ok 19:12:49.0486 2416 [ FFDB0ED9D1D453F7F19DE55FE0706195 ] xhcdrv C:\Windows\system32\DRIVERS\xhcdrv.sys 19:12:49.0486 2416 xhcdrv - ok 19:12:49.0501 2416 ================ Scan global =============================== 19:12:49.0517 2416 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 19:12:49.0564 2416 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:12:49.0564 2416 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:12:49.0579 2416 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 19:12:49.0595 2416 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 19:12:49.0595 2416 [Global] - ok 19:12:49.0595 2416 ================ Scan MBR ================================== 19:12:49.0611 2416 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 19:12:49.0829 2416 \Device\Harddisk0\DR0 - ok 19:12:49.0845 2416 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 19:12:49.0907 2416 \Device\Harddisk1\DR1 - ok 19:12:49.0907 2416 ================ Scan VBR ================================== 19:12:49.0907 2416 [ A2A706A372A375EB43E8A5537648B686 ] \Device\Harddisk0\DR0\Partition1 19:12:49.0907 2416 \Device\Harddisk0\DR0\Partition1 - ok 19:12:49.0923 2416 [ E3B60A817FD40179241B26BF6F248C0F ] \Device\Harddisk0\DR0\Partition2 19:12:49.0923 2416 \Device\Harddisk0\DR0\Partition2 - ok 19:12:49.0954 2416 [ CAC83C362246A886742628AE52BA6B81 ] \Device\Harddisk0\DR0\Partition3 19:12:49.0954 2416 \Device\Harddisk0\DR0\Partition3 - ok 19:12:49.0954 2416 [ CA0C577FA45082F93D4EB542735BC53D ] \Device\Harddisk1\DR1\Partition1 19:12:49.0954 2416 \Device\Harddisk1\DR1\Partition1 - ok 19:12:49.0954 2416 ============================================================ 19:12:49.0954 2416 Scan finished 19:12:49.0954 2416 ============================================================ 19:12:49.0954 2624 Detected object count: 0 19:12:49.0954 2624 Actual detected object count: 0 Sorry, auf die Idee mit Teilen bin ich nicht gekommen |
21.02.2013, 19:52 | #11 |
/// Malware-holic | Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar du hast es leider auch nicht konfiguriert wie auf den Bildern in der anleitung. bitte noch mal
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
21.02.2013, 19:59 | #12 |
| Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar 19:55:08.0474 5096 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 19:55:08.0957 5096 ============================================================ 19:55:08.0957 5096 Current date / time: 2013/02/21 19:55:08.0957 19:55:08.0957 5096 SystemInfo: 19:55:08.0957 5096 19:55:08.0957 5096 OS Version: 6.1.7601 ServicePack: 1.0 19:55:08.0957 5096 Product type: Workstation 19:55:08.0957 5096 ComputerName: BATMAN-PC 19:55:08.0957 5096 UserName: Batman 19:55:08.0957 5096 Windows directory: C:\Windows 19:55:08.0957 5096 System windows directory: C:\Windows 19:55:08.0957 5096 Running under WOW64 19:55:08.0957 5096 Processor architecture: Intel x64 19:55:08.0957 5096 Number of processors: 4 19:55:08.0957 5096 Page size: 0x1000 19:55:08.0957 5096 Boot type: Normal boot 19:55:08.0957 5096 ============================================================ 19:55:13.0232 5096 Drive \Device\Harddisk0\DR0 - Size: 0xE8E1300000 (931.52 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:55:13.0232 5096 Drive \Device\Harddisk1\DR1 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:55:13.0232 5096 ============================================================ 19:55:13.0232 5096 \Device\Harddisk0\DR0: 19:55:13.0232 5096 MBR partitions: 19:55:13.0232 5096 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:55:13.0232 5096 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866D800 19:55:13.0232 5096 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0000, BlocksNum 0x5C068800 19:55:13.0232 5096 \Device\Harddisk1\DR1: 19:55:13.0232 5096 MBR partitions: 19:55:13.0232 5096 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x45, BlocksNum 0x2542D67C 19:55:13.0232 5096 ============================================================ 19:55:13.0278 5096 C: <-> \Device\Harddisk0\DR0\Partition2 19:55:13.0278 5096 D: <-> \Device\Harddisk1\DR1\Partition1 19:55:13.0325 5096 G: <-> \Device\Harddisk0\DR0\Partition3 19:55:13.0325 5096 ============================================================ 19:55:13.0325 5096 Initialize success 19:55:13.0325 5096 ============================================================ 19:56:49.0234 3352 ============================================================ 19:56:49.0234 3352 Scan started 19:56:49.0234 3352 Mode: Manual; SigCheck; TDLFS; 19:56:49.0234 3352 ============================================================ 19:56:49.0577 3352 ================ Scan system memory ======================== 19:56:49.0577 3352 System memory - ok 19:56:49.0577 3352 ================ Scan services ============================= 19:56:49.0733 3352 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 19:56:49.0811 3352 1394ohci - ok 19:56:49.0858 3352 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:56:49.0858 3352 ACPI - ok 19:56:49.0874 3352 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 19:56:49.0967 3352 AcpiPmi - ok 19:56:50.0170 3352 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:56:50.0170 3352 AdobeARMservice - ok 19:56:50.0311 3352 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:56:50.0326 3352 AdobeFlashPlayerUpdateSvc - ok 19:56:50.0373 3352 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 19:56:50.0373 3352 adp94xx - ok 19:56:50.0451 3352 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 19:56:50.0451 3352 adpahci - ok 19:56:50.0467 3352 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 19:56:50.0482 3352 adpu320 - ok 19:56:50.0498 3352 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:56:50.0638 3352 AeLookupSvc - ok 19:56:50.0716 3352 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 19:56:50.0763 3352 AFD - ok 19:56:50.0779 3352 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 19:56:50.0779 3352 agp440 - ok 19:56:50.0810 3352 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 19:56:50.0857 3352 ALG - ok 19:56:50.0872 3352 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 19:56:50.0872 3352 aliide - ok 19:56:50.0872 3352 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 19:56:50.0888 3352 amdide - ok 19:56:50.0903 3352 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 19:56:50.0935 3352 AmdK8 - ok 19:56:50.0935 3352 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 19:56:50.0966 3352 AmdPPM - ok 19:56:50.0997 3352 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:56:51.0013 3352 amdsata - ok 19:56:51.0044 3352 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 19:56:51.0059 3352 amdsbs - ok 19:56:51.0059 3352 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:56:51.0059 3352 amdxata - ok 19:56:51.0091 3352 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 19:56:51.0231 3352 AppID - ok 19:56:51.0278 3352 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:56:51.0293 3352 AppIDSvc - ok 19:56:51.0325 3352 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 19:56:51.0340 3352 Appinfo - ok 19:56:51.0449 3352 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:56:51.0465 3352 Apple Mobile Device - ok 19:56:51.0496 3352 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 19:56:51.0527 3352 AppMgmt - ok 19:56:51.0559 3352 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 19:56:51.0559 3352 arc - ok 19:56:51.0574 3352 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 19:56:51.0574 3352 arcsas - ok 19:56:51.0590 3352 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:56:51.0637 3352 AsyncMac - ok 19:56:51.0668 3352 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 19:56:51.0683 3352 atapi - ok 19:56:51.0699 3352 Atheros Traffic Shaping - ok 19:56:51.0730 3352 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:56:51.0777 3352 AudioEndpointBuilder - ok 19:56:51.0793 3352 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 19:56:51.0824 3352 AudioSrv - ok 19:56:51.0855 3352 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:56:51.0933 3352 AxInstSV - ok 19:56:51.0964 3352 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 19:56:51.0995 3352 b06bdrv - ok 19:56:52.0011 3352 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 19:56:52.0027 3352 b57nd60a - ok 19:56:52.0058 3352 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 19:56:52.0089 3352 BDESVC - ok 19:56:52.0105 3352 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 19:56:52.0136 3352 Beep - ok 19:56:52.0214 3352 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 19:56:52.0229 3352 BFE - ok 19:56:52.0276 3352 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 19:56:52.0307 3352 BITS - ok 19:56:52.0307 3352 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:56:52.0339 3352 blbdrive - ok 19:56:52.0448 3352 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:56:52.0463 3352 Bonjour Service - ok 19:56:52.0495 3352 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:56:52.0510 3352 bowser - ok 19:56:52.0526 3352 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 19:56:52.0541 3352 BrFiltLo - ok 19:56:52.0573 3352 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 19:56:52.0604 3352 BrFiltUp - ok 19:56:52.0635 3352 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 19:56:52.0666 3352 Browser - ok 19:56:52.0682 3352 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:56:52.0729 3352 Brserid - ok 19:56:52.0744 3352 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:56:52.0775 3352 BrSerWdm - ok 19:56:52.0775 3352 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:56:52.0791 3352 BrUsbMdm - ok 19:56:52.0807 3352 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:56:52.0807 3352 BrUsbSer - ok 19:56:52.0838 3352 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 19:56:52.0869 3352 BTHMODEM - ok 19:56:52.0885 3352 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 19:56:52.0916 3352 bthserv - ok 19:56:52.0947 3352 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:56:52.0978 3352 cdfs - ok 19:56:53.0041 3352 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:56:53.0072 3352 cdrom - ok 19:56:53.0150 3352 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 19:56:53.0165 3352 CertPropSvc - ok 19:56:53.0181 3352 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 19:56:53.0212 3352 circlass - ok 19:56:53.0259 3352 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 19:56:53.0259 3352 CLFS - ok 19:56:53.0337 3352 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:56:53.0337 3352 clr_optimization_v2.0.50727_32 - ok 19:56:53.0368 3352 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:56:53.0368 3352 clr_optimization_v2.0.50727_64 - ok 19:56:53.0446 3352 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:56:53.0462 3352 clr_optimization_v4.0.30319_32 - ok 19:56:53.0477 3352 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:56:53.0493 3352 clr_optimization_v4.0.30319_64 - ok 19:56:53.0509 3352 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 19:56:53.0524 3352 CmBatt - ok 19:56:53.0524 3352 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:56:53.0524 3352 cmdide - ok 19:56:53.0602 3352 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 19:56:53.0602 3352 CNG - ok 19:56:53.0633 3352 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 19:56:53.0633 3352 Compbatt - ok 19:56:53.0665 3352 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 19:56:53.0680 3352 CompositeBus - ok 19:56:53.0680 3352 COMSysApp - ok 19:56:53.0711 3352 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 19:56:53.0727 3352 cphs - ok 19:56:53.0758 3352 cpuz135 - ok 19:56:53.0758 3352 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 19:56:53.0774 3352 crcdisk - ok 19:56:53.0789 3352 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:56:53.0821 3352 CryptSvc - ok 19:56:53.0852 3352 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 19:56:53.0867 3352 CSC - ok 19:56:53.0899 3352 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 19:56:53.0914 3352 CscService - ok 19:56:53.0977 3352 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 19:56:54.0008 3352 DcomLaunch - ok 19:56:54.0070 3352 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 19:56:54.0101 3352 defragsvc - ok 19:56:54.0133 3352 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:56:54.0164 3352 DfsC - ok 19:56:54.0195 3352 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 19:56:54.0226 3352 Dhcp - ok 19:56:54.0242 3352 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 19:56:54.0273 3352 discache - ok 19:56:54.0304 3352 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 19:56:54.0320 3352 Disk - ok 19:56:54.0335 3352 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 19:56:54.0351 3352 dmvsc - ok 19:56:54.0382 3352 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:56:54.0398 3352 Dnscache - ok 19:56:54.0429 3352 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 19:56:54.0445 3352 dot3svc - ok 19:56:54.0460 3352 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 19:56:54.0476 3352 DPS - ok 19:56:54.0491 3352 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:56:54.0523 3352 drmkaud - ok 19:56:54.0538 3352 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:56:54.0554 3352 DXGKrnl - ok 19:56:54.0569 3352 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 19:56:54.0585 3352 EapHost - ok 19:56:54.0632 3352 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 19:56:54.0694 3352 ebdrv - ok 19:56:54.0710 3352 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 19:56:54.0757 3352 EFS - ok 19:56:54.0835 3352 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:56:54.0866 3352 ehRecvr - ok 19:56:54.0881 3352 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 19:56:54.0897 3352 ehSched - ok 19:56:54.0928 3352 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 19:56:54.0928 3352 elxstor - ok 19:56:54.0944 3352 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:56:54.0959 3352 ErrDev - ok 19:56:55.0006 3352 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys 19:56:55.0006 3352 etdrv - ok 19:56:55.0037 3352 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 19:56:55.0069 3352 EventSystem - ok 19:56:55.0084 3352 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 19:56:55.0115 3352 exfat - ok 19:56:55.0147 3352 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:56:55.0162 3352 fastfat - ok 19:56:55.0240 3352 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 19:56:55.0256 3352 Fax - ok 19:56:55.0271 3352 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 19:56:55.0287 3352 fdc - ok 19:56:55.0303 3352 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 19:56:55.0334 3352 fdPHost - ok 19:56:55.0334 3352 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 19:56:55.0381 3352 FDResPub - ok 19:56:55.0396 3352 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:56:55.0396 3352 FileInfo - ok 19:56:55.0412 3352 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:56:55.0427 3352 Filetrace - ok 19:56:55.0459 3352 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 19:56:55.0474 3352 flpydisk - ok 19:56:55.0490 3352 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:56:55.0505 3352 FltMgr - ok 19:56:55.0521 3352 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 19:56:55.0552 3352 FontCache - ok 19:56:55.0583 3352 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:56:55.0599 3352 FontCache3.0.0.0 - ok 19:56:55.0615 3352 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:56:55.0615 3352 FsDepends - ok 19:56:55.0646 3352 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:56:55.0646 3352 Fs_Rec - ok 19:56:55.0661 3352 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:56:55.0661 3352 fvevol - ok 19:56:55.0677 3352 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 19:56:55.0693 3352 gagp30kx - ok 19:56:55.0724 3352 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys 19:56:55.0724 3352 gdrv - ok 19:56:55.0771 3352 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:56:55.0771 3352 GEARAspiWDM - ok 19:56:55.0817 3352 [ 5D4DF0BAC74E9AC62AF6BC99440B050B ] GPCIDrv C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys 19:56:55.0833 3352 GPCIDrv - ok 19:56:55.0864 3352 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 19:56:55.0911 3352 gpsvc - ok 19:56:55.0942 3352 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys 19:56:55.0942 3352 GVTDrv64 - ok 19:56:55.0958 3352 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:56:55.0989 3352 hcw85cir - ok 19:56:56.0036 3352 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:56:56.0051 3352 HdAudAddService - ok 19:56:56.0083 3352 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 19:56:56.0098 3352 HDAudBus - ok 19:56:56.0114 3352 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 19:56:56.0129 3352 HidBatt - ok 19:56:56.0145 3352 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 19:56:56.0176 3352 HidBth - ok 19:56:56.0207 3352 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 19:56:56.0239 3352 HidIr - ok 19:56:56.0239 3352 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 19:56:56.0270 3352 hidserv - ok 19:56:56.0285 3352 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:56:56.0285 3352 HidUsb - ok 19:56:56.0332 3352 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:56:56.0363 3352 hkmsvc - ok 19:56:56.0379 3352 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:56:56.0410 3352 HomeGroupListener - ok 19:56:56.0426 3352 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:56:56.0457 3352 HomeGroupProvider - ok 19:56:56.0473 3352 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:56:56.0488 3352 HpSAMD - ok 19:56:56.0519 3352 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:56:56.0551 3352 HTTP - ok 19:56:56.0566 3352 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:56:56.0566 3352 hwpolicy - ok 19:56:56.0597 3352 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 19:56:56.0597 3352 i8042prt - ok 19:56:56.0644 3352 [ 6C91E425ACE29594BD574DE38AC9B76D ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys 19:56:56.0660 3352 iaStorA - ok 19:56:56.0753 3352 [ 0AB254994A460550258446950BB58311 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 19:56:56.0753 3352 IAStorDataMgrSvc - ok 19:56:56.0769 3352 [ 2B38F13E18E272459CD2CE83E6722C12 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys 19:56:56.0769 3352 iaStorF - ok 19:56:56.0800 3352 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:56:56.0816 3352 iaStorV - ok 19:56:56.0847 3352 [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 19:56:56.0847 3352 ICCS ( UnsignedFile.Multi.Generic ) - warning 19:56:56.0847 3352 ICCS - detected UnsignedFile.Multi.Generic (1) 19:56:56.0894 3352 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 19:56:56.0909 3352 IDriverT ( UnsignedFile.Multi.Generic ) - warning 19:56:56.0909 3352 IDriverT - detected UnsignedFile.Multi.Generic (1) 19:56:56.0987 3352 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:56:56.0987 3352 idsvc - ok 19:56:57.0065 3352 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 19:56:57.0159 3352 igfx - ok 19:56:57.0190 3352 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 19:56:57.0190 3352 iirsp - ok 19:56:57.0221 3352 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 19:56:57.0268 3352 IKEEXT - ok 19:56:57.0299 3352 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 19:56:57.0299 3352 intelide - ok 19:56:57.0315 3352 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:56:57.0331 3352 intelppm - ok 19:56:57.0362 3352 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:56:57.0377 3352 IPBusEnum - ok 19:56:57.0393 3352 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:56:57.0409 3352 IpFilterDriver - ok 19:56:57.0471 3352 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:56:57.0502 3352 iphlpsvc - ok 19:56:57.0518 3352 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 19:56:57.0533 3352 IPMIDRV - ok 19:56:57.0549 3352 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:56:57.0580 3352 IPNAT - ok 19:56:57.0658 3352 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:56:57.0674 3352 iPod Service - ok 19:56:57.0674 3352 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:56:57.0689 3352 IRENUM - ok 19:56:57.0721 3352 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:56:57.0721 3352 isapnp - ok 19:56:57.0736 3352 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 19:56:57.0752 3352 iScsiPrt - ok 19:56:57.0799 3352 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 19:56:57.0799 3352 iusb3hcs - ok 19:56:57.0830 3352 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 19:56:57.0830 3352 iusb3hub - ok 19:56:57.0845 3352 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 19:56:57.0861 3352 iusb3xhc - ok 19:56:57.0877 3352 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 19:56:57.0892 3352 kbdclass - ok 19:56:57.0892 3352 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 19:56:57.0892 3352 kbdhid - ok 19:56:57.0908 3352 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 19:56:57.0923 3352 KeyIso - ok 19:56:57.0939 3352 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:56:57.0939 3352 KSecDD - ok 19:56:57.0955 3352 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:56:57.0970 3352 KSecPkg - ok 19:56:57.0986 3352 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 19:56:58.0017 3352 ksthunk - ok 19:56:58.0048 3352 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 19:56:58.0079 3352 KtmRm - ok 19:56:58.0095 3352 [ B8040D3B97B16B89701E31A17353856C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 19:56:58.0095 3352 L1C - ok 19:56:58.0126 3352 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 19:56:58.0157 3352 LanmanServer - ok 19:56:58.0173 3352 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:56:58.0204 3352 LanmanWorkstation - ok 19:56:58.0298 3352 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 19:56:58.0298 3352 LBTServ - ok 19:56:58.0345 3352 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 19:56:58.0360 3352 LHidFilt - ok 19:56:58.0376 3352 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:56:58.0391 3352 lltdio - ok 19:56:58.0423 3352 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:56:58.0438 3352 lltdsvc - ok 19:56:58.0454 3352 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 19:56:58.0485 3352 lmhosts - ok 19:56:58.0516 3352 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 19:56:58.0516 3352 LMouFilt - ok 19:56:58.0532 3352 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 19:56:58.0547 3352 LSI_FC - ok 19:56:58.0547 3352 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 19:56:58.0563 3352 LSI_SAS - ok 19:56:58.0579 3352 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 19:56:58.0594 3352 LSI_SAS2 - ok 19:56:58.0594 3352 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 19:56:58.0610 3352 LSI_SCSI - ok 19:56:58.0625 3352 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 19:56:58.0657 3352 luafv - ok 19:56:58.0719 3352 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 19:56:58.0735 3352 MBAMProtector - ok 19:56:58.0781 3352 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 19:56:58.0797 3352 MBAMScheduler - ok 19:56:58.0813 3352 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:56:58.0813 3352 MBAMService - ok 19:56:58.0844 3352 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:56:58.0859 3352 Mcx2Svc - ok 19:56:58.0859 3352 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 19:56:58.0859 3352 megasas - ok 19:56:58.0875 3352 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 19:56:58.0891 3352 MegaSR - ok 19:56:58.0922 3352 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 19:56:58.0922 3352 MEIx64 - ok 19:56:58.0984 3352 Microsoft SharePoint Workspace Audit Service - ok 19:56:58.0984 3352 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 19:56:59.0015 3352 MMCSS - ok 19:56:59.0031 3352 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 19:56:59.0047 3352 Modem - ok 19:56:59.0078 3352 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:56:59.0093 3352 monitor - ok 19:56:59.0140 3352 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:56:59.0140 3352 mouclass - ok 19:56:59.0156 3352 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:56:59.0171 3352 mouhid - ok 19:56:59.0171 3352 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:56:59.0187 3352 mountmgr - ok 19:56:59.0218 3352 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 19:56:59.0234 3352 MpFilter - ok 19:56:59.0249 3352 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 19:56:59.0249 3352 mpio - ok 19:56:59.0265 3352 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:56:59.0312 3352 mpsdrv - ok 19:56:59.0343 3352 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 19:56:59.0374 3352 MpsSvc - ok 19:56:59.0390 3352 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:56:59.0421 3352 MRxDAV - ok 19:56:59.0437 3352 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:56:59.0468 3352 mrxsmb - ok 19:56:59.0515 3352 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:56:59.0530 3352 mrxsmb10 - ok 19:56:59.0530 3352 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:56:59.0546 3352 mrxsmb20 - ok 19:56:59.0561 3352 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 19:56:59.0577 3352 msahci - ok 19:56:59.0577 3352 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:56:59.0593 3352 msdsm - ok 19:56:59.0608 3352 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 19:56:59.0639 3352 MSDTC - ok 19:56:59.0671 3352 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:56:59.0702 3352 Msfs - ok 19:56:59.0717 3352 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:56:59.0749 3352 mshidkmdf - ok 19:56:59.0749 3352 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:56:59.0749 3352 msisadrv - ok 19:56:59.0780 3352 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:56:59.0811 3352 MSiSCSI - ok 19:56:59.0811 3352 msiserver - ok 19:56:59.0842 3352 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:56:59.0858 3352 MSKSSRV - ok 19:56:59.0920 3352 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe 19:56:59.0920 3352 MsMpSvc - ok 19:56:59.0936 3352 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:56:59.0967 3352 MSPCLOCK - ok 19:56:59.0967 3352 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:56:59.0998 3352 MSPQM - ok 19:57:00.0014 3352 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:57:00.0029 3352 MsRPC - ok 19:57:00.0045 3352 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 19:57:00.0045 3352 mssmbios - ok 19:57:00.0061 3352 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:57:00.0092 3352 MSTEE - ok 19:57:00.0092 3352 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 19:57:00.0123 3352 MTConfig - ok 19:57:00.0139 3352 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 19:57:00.0139 3352 Mup - ok 19:57:00.0170 3352 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 19:57:00.0185 3352 napagent - ok 19:57:00.0217 3352 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:57:00.0217 3352 NativeWifiP - ok 19:57:00.0263 3352 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:57:00.0279 3352 NDIS - ok 19:57:00.0279 3352 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:57:00.0326 3352 NdisCap - ok 19:57:00.0357 3352 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:57:00.0388 3352 NdisTapi - ok 19:57:00.0404 3352 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:57:00.0419 3352 Ndisuio - ok 19:57:00.0435 3352 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:57:00.0466 3352 NdisWan - ok 19:57:00.0482 3352 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:57:00.0513 3352 NDProxy - ok 19:57:00.0529 3352 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:57:00.0560 3352 NetBIOS - ok 19:57:00.0575 3352 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:57:00.0607 3352 NetBT - ok 19:57:00.0622 3352 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 19:57:00.0622 3352 Netlogon - ok 19:57:00.0685 3352 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 19:57:00.0716 3352 Netman - ok 19:57:00.0747 3352 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 19:57:00.0763 3352 netprofm - ok 19:57:00.0778 3352 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:57:00.0794 3352 NetTcpPortSharing - ok 19:57:00.0809 3352 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 19:57:00.0809 3352 nfrd960 - ok 19:57:00.0825 3352 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 19:57:00.0841 3352 NisDrv - ok 19:57:00.0856 3352 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe 19:57:00.0872 3352 NisSrv - ok 19:57:00.0919 3352 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 19:57:00.0919 3352 NlaSvc - ok 19:57:00.0934 3352 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:57:00.0950 3352 Npfs - ok 19:57:00.0981 3352 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 19:57:01.0012 3352 nsi - ok 19:57:01.0012 3352 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:57:01.0043 3352 nsiproxy - ok 19:57:01.0090 3352 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:57:01.0106 3352 Ntfs - ok 19:57:01.0153 3352 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 19:57:01.0184 3352 Null - ok 19:57:01.0231 3352 [ B4F53BCA4C688FF47F04FA90098F896E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 19:57:01.0231 3352 NVHDA - ok 19:57:01.0402 3352 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:57:01.0496 3352 nvlddmkm - ok 19:57:01.0543 3352 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:57:01.0543 3352 nvraid - ok 19:57:01.0574 3352 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:57:01.0589 3352 nvstor - ok 19:57:01.0636 3352 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe 19:57:01.0652 3352 nvsvc - ok 19:57:01.0745 3352 [ CB2A68104E6E21EB30155F081768065A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 19:57:01.0777 3352 nvUpdatusService - ok 19:57:01.0777 3352 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:57:01.0792 3352 nv_agp - ok 19:57:01.0808 3352 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 19:57:01.0823 3352 ohci1394 - ok 19:57:01.0886 3352 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:57:01.0886 3352 ose - ok 19:57:01.0964 3352 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:57:02.0011 3352 osppsvc - ok 19:57:02.0026 3352 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:57:02.0073 3352 p2pimsvc - ok 19:57:02.0104 3352 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 19:57:02.0104 3352 p2psvc - ok 19:57:02.0135 3352 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 19:57:02.0151 3352 Parport - ok 19:57:02.0167 3352 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:57:02.0167 3352 partmgr - ok 19:57:02.0182 3352 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:57:02.0213 3352 PcaSvc - ok 19:57:02.0229 3352 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 19:57:02.0245 3352 pci - ok 19:57:02.0260 3352 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 19:57:02.0276 3352 pciide - ok 19:57:02.0276 3352 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 19:57:02.0276 3352 pcmcia - ok 19:57:02.0291 3352 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 19:57:02.0307 3352 pcw - ok 19:57:02.0323 3352 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:57:02.0354 3352 PEAUTH - ok 19:57:02.0416 3352 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 19:57:02.0447 3352 PeerDistSvc - ok 19:57:02.0510 3352 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 19:57:02.0510 3352 PerfHost - ok 19:57:02.0557 3352 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 19:57:02.0572 3352 pla - ok 19:57:02.0603 3352 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:57:02.0635 3352 PlugPlay - ok 19:57:02.0635 3352 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:57:02.0635 3352 PNRPAutoReg - ok 19:57:02.0650 3352 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:57:02.0666 3352 PNRPsvc - ok 19:57:02.0697 3352 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:57:02.0728 3352 PolicyAgent - ok 19:57:02.0775 3352 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 19:57:02.0806 3352 Power - ok 19:57:02.0837 3352 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:57:02.0884 3352 PptpMiniport - ok 19:57:02.0900 3352 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 19:57:02.0915 3352 Processor - ok 19:57:02.0931 3352 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 19:57:02.0962 3352 ProfSvc - ok 19:57:02.0962 3352 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:57:02.0978 3352 ProtectedStorage - ok 19:57:02.0993 3352 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:57:03.0025 3352 Psched - ok 19:57:03.0071 3352 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 19:57:03.0087 3352 ql2300 - ok 19:57:03.0103 3352 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 19:57:03.0103 3352 ql40xx - ok 19:57:03.0118 3352 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 19:57:03.0134 3352 QWAVE - ok 19:57:03.0149 3352 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:57:03.0149 3352 QWAVEdrv - ok 19:57:03.0149 3352 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:57:03.0181 3352 RasAcd - ok 19:57:03.0212 3352 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:57:03.0259 3352 RasAgileVpn - ok 19:57:03.0290 3352 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 19:57:03.0305 3352 RasAuto - ok 19:57:03.0305 3352 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:57:03.0337 3352 Rasl2tp - ok 19:57:03.0352 3352 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 19:57:03.0383 3352 RasMan - ok 19:57:03.0399 3352 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:57:03.0430 3352 RasPppoe - ok 19:57:03.0446 3352 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:57:03.0477 3352 RasSstp - ok 19:57:03.0493 3352 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:57:03.0539 3352 rdbss - ok 19:57:03.0539 3352 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 19:57:03.0539 3352 rdpbus - ok 19:57:03.0571 3352 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:57:03.0602 3352 RDPCDD - ok 19:57:03.0633 3352 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 19:57:03.0664 3352 RDPDR - ok 19:57:03.0664 3352 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:57:03.0695 3352 RDPENCDD - ok 19:57:03.0695 3352 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:57:03.0727 3352 RDPREFMP - ok 19:57:03.0773 3352 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 19:57:03.0773 3352 RdpVideoMiniport - ok 19:57:03.0805 3352 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:57:03.0851 3352 RDPWD - ok 19:57:03.0867 3352 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:57:03.0883 3352 rdyboost - ok 19:57:03.0898 3352 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 19:57:03.0929 3352 RemoteAccess - ok 19:57:03.0961 3352 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:57:03.0976 3352 RemoteRegistry - ok 19:57:03.0992 3352 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:57:04.0023 3352 RpcEptMapper - ok 19:57:04.0023 3352 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 19:57:04.0023 3352 RpcLocator - ok 19:57:04.0054 3352 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 19:57:04.0070 3352 RpcSs - ok 19:57:04.0085 3352 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:57:04.0101 3352 rspndr - ok 19:57:04.0117 3352 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 19:57:04.0132 3352 s3cap - ok 19:57:04.0132 3352 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 19:57:04.0132 3352 SamSs - ok 19:57:04.0148 3352 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:57:04.0163 3352 sbp2port - ok 19:57:04.0179 3352 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:57:04.0210 3352 SCardSvr - ok 19:57:04.0241 3352 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:57:04.0273 3352 scfilter - ok 19:57:04.0304 3352 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 19:57:04.0335 3352 Schedule - ok 19:57:04.0351 3352 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 19:57:04.0366 3352 SCPolicySvc - ok 19:57:04.0382 3352 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:57:04.0413 3352 SDRSVC - ok 19:57:04.0429 3352 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:57:04.0460 3352 secdrv - ok 19:57:04.0475 3352 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 19:57:04.0491 3352 seclogon - ok 19:57:04.0507 3352 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 19:57:04.0522 3352 SENS - ok 19:57:04.0538 3352 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:57:04.0538 3352 SensrSvc - ok 19:57:04.0569 3352 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:57:04.0585 3352 Serenum - ok 19:57:04.0585 3352 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:57:04.0616 3352 Serial - ok 19:57:04.0631 3352 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 19:57:04.0663 3352 sermouse - ok 19:57:04.0725 3352 [ 91E844F7E8AAAF72FFEAD7C13452EDE3 ] Serviio C:\Program Files\Serviio\bin\ServiioService.exe 19:57:04.0756 3352 Serviio ( UnsignedFile.Multi.Generic ) - warning 19:57:04.0756 3352 Serviio - detected UnsignedFile.Multi.Generic (1) 19:57:04.0772 3352 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 19:57:04.0787 3352 SessionEnv - ok 19:57:04.0803 3352 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:57:04.0819 3352 sffdisk - ok 19:57:04.0834 3352 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:57:04.0850 3352 sffp_mmc - ok 19:57:04.0850 3352 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:57:04.0865 3352 sffp_sd - ok 19:57:04.0865 3352 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 19:57:04.0881 3352 sfloppy - ok 19:57:04.0912 3352 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:57:04.0928 3352 SharedAccess - ok 19:57:04.0943 3352 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:57:04.0975 3352 ShellHWDetection - ok 19:57:04.0990 3352 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 19:57:04.0990 3352 SiSRaid2 - ok 19:57:05.0006 3352 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 19:57:05.0006 3352 SiSRaid4 - ok 19:57:05.0021 3352 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:57:05.0053 3352 Smb - ok 19:57:05.0068 3352 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:57:05.0068 3352 SNMPTRAP - ok 19:57:05.0084 3352 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 19:57:05.0084 3352 spldr - ok 19:57:05.0131 3352 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 19:57:05.0177 3352 Spooler - ok 19:57:05.0224 3352 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 19:57:05.0287 3352 sppsvc - ok 19:57:05.0318 3352 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:57:05.0333 3352 sppuinotify - ok 19:57:05.0365 3352 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 19:57:05.0380 3352 srv - ok 19:57:05.0411 3352 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:57:05.0427 3352 srv2 - ok 19:57:05.0443 3352 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:57:05.0443 3352 srvnet - ok 19:57:05.0458 3352 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:57:05.0505 3352 SSDPSRV - ok 19:57:05.0521 3352 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:57:05.0536 3352 SstpSvc - ok 19:57:05.0599 3352 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 19:57:05.0614 3352 Stereo Service - ok 19:57:05.0645 3352 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 19:57:05.0645 3352 stexstor - ok 19:57:05.0692 3352 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 19:57:05.0692 3352 stisvc - ok 19:57:05.0723 3352 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 19:57:05.0739 3352 storflt - ok 19:57:05.0755 3352 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 19:57:05.0770 3352 StorSvc - ok 19:57:05.0786 3352 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 19:57:05.0801 3352 storvsc - ok 19:57:05.0801 3352 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 19:57:05.0817 3352 swenum - ok 19:57:05.0833 3352 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 19:57:05.0848 3352 swprv - ok 19:57:05.0895 3352 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 19:57:05.0911 3352 SysMain - ok 19:57:05.0942 3352 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:57:05.0957 3352 TabletInputService - ok 19:57:05.0973 3352 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 19:57:06.0004 3352 TapiSrv - ok 19:57:06.0004 3352 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 19:57:06.0035 3352 TBS - ok 19:57:06.0082 3352 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:57:06.0098 3352 Tcpip - ok 19:57:06.0145 3352 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:57:06.0160 3352 TCPIP6 - ok 19:57:06.0191 3352 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:57:06.0207 3352 tcpipreg - ok 19:57:06.0223 3352 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:57:06.0254 3352 TDPIPE - ok 19:57:06.0269 3352 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:57:06.0301 3352 TDTCP - ok 19:57:06.0316 3352 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:57:06.0363 3352 tdx - ok 19:57:06.0379 3352 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 19:57:06.0379 3352 TermDD - ok 19:57:06.0410 3352 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 19:57:06.0425 3352 TermService - ok 19:57:06.0425 3352 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 19:57:06.0457 3352 Themes - ok 19:57:06.0457 3352 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 19:57:06.0472 3352 THREADORDER - ok 19:57:06.0503 3352 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 19:57:06.0535 3352 TrkWks - ok 19:57:06.0597 3352 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:57:06.0613 3352 TrustedInstaller - ok 19:57:06.0628 3352 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:57:06.0659 3352 tssecsrv - ok 19:57:06.0691 3352 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:57:06.0722 3352 TsUsbFlt - ok 19:57:06.0753 3352 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 19:57:06.0769 3352 TsUsbGD - ok 19:57:06.0800 3352 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:57:06.0847 3352 tunnel - ok 19:57:06.0862 3352 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 19:57:06.0878 3352 uagp35 - ok 19:57:06.0878 3352 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:57:06.0909 3352 udfs - ok 19:57:06.0925 3352 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:57:06.0925 3352 UI0Detect - ok 19:57:06.0940 3352 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:57:06.0940 3352 uliagpkx - ok 19:57:06.0971 3352 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 19:57:06.0987 3352 umbus - ok 19:57:07.0018 3352 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 19:57:07.0034 3352 UmPass - ok 19:57:07.0049 3352 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 19:57:07.0065 3352 UmRdpService - ok 19:57:07.0096 3352 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 19:57:07.0112 3352 upnphost - ok 19:57:07.0159 3352 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 19:57:07.0174 3352 USBAAPL64 - ok 19:57:07.0190 3352 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:57:07.0190 3352 usbaudio - ok 19:57:07.0221 3352 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:57:07.0237 3352 usbccgp - ok 19:57:07.0252 3352 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 19:57:07.0268 3352 usbcir - ok 19:57:07.0283 3352 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:57:07.0299 3352 usbehci - ok 19:57:07.0377 3352 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:57:07.0393 3352 usbhub - ok 19:57:07.0408 3352 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 19:57:07.0408 3352 usbohci - ok 19:57:07.0424 3352 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 19:57:07.0439 3352 usbprint - ok 19:57:07.0455 3352 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 19:57:07.0471 3352 usbscan - ok 19:57:07.0486 3352 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:57:07.0486 3352 USBSTOR - ok 19:57:07.0502 3352 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 19:57:07.0517 3352 usbuhci - ok 19:57:07.0517 3352 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 19:57:07.0533 3352 usbvideo - ok 19:57:07.0533 3352 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 19:57:07.0564 3352 UxSms - ok 19:57:07.0564 3352 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 19:57:07.0564 3352 VaultSvc - ok 19:57:07.0595 3352 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:57:07.0595 3352 vdrvroot - ok 19:57:07.0611 3352 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 19:57:07.0627 3352 vds - ok 19:57:07.0642 3352 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:57:07.0673 3352 vga - ok 19:57:07.0673 3352 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 19:57:07.0689 3352 VgaSave - ok 19:57:07.0705 3352 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 19:57:07.0705 3352 vhdmp - ok 19:57:07.0720 3352 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 19:57:07.0720 3352 viaide - ok 19:57:07.0736 3352 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 19:57:07.0751 3352 vmbus - ok 19:57:07.0767 3352 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 19:57:07.0767 3352 VMBusHID - ok 19:57:07.0783 3352 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:57:07.0783 3352 volmgr - ok 19:57:07.0798 3352 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:57:07.0814 3352 volmgrx - ok 19:57:07.0829 3352 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:57:07.0829 3352 volsnap - ok 19:57:07.0845 3352 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 19:57:07.0861 3352 vsmraid - ok 19:57:07.0876 3352 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 19:57:07.0907 3352 VSS - ok 19:57:07.0939 3352 [ 316A1762BD41C3DB06EB484527838E2D ] VUSB3HUB C:\Windows\system32\DRIVERS\ViaHub3.sys 19:57:07.0954 3352 VUSB3HUB - ok 19:57:07.0954 3352 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 19:57:07.0970 3352 vwifibus - ok 19:57:08.0001 3352 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 19:57:08.0017 3352 W32Time - ok 19:57:08.0032 3352 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 19:57:08.0063 3352 WacomPen - ok 19:57:08.0095 3352 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:57:08.0126 3352 WANARP - ok 19:57:08.0126 3352 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:57:08.0141 3352 Wanarpv6 - ok 19:57:08.0157 3352 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 19:57:08.0204 3352 wbengine - ok 19:57:08.0219 3352 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:57:08.0251 3352 WbioSrvc - ok 19:57:08.0266 3352 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:57:08.0297 3352 wcncsvc - ok 19:57:08.0313 3352 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:57:08.0329 3352 WcsPlugInService - ok 19:57:08.0329 3352 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 19:57:08.0329 3352 Wd - ok 19:57:08.0360 3352 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys 19:57:08.0391 3352 WDC_SAM - ok 19:57:08.0453 3352 [ 7DEDECC376B29A973A0F3384D135F2DA ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe 19:57:08.0453 3352 WDDMService - ok 19:57:08.0516 3352 [ B5B84712111414DD1B14C2346E9868BE ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe 19:57:08.0531 3352 WDDriveService - ok 19:57:08.0563 3352 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:57:08.0578 3352 Wdf01000 - ok 19:57:08.0609 3352 [ 8E798F577A684A5F1E464D954C6C7F1E ] WDFMEService C:\Program Files\Western Digital\WD SmartWare\WDFME.exe 19:57:08.0641 3352 WDFMEService - ok 19:57:08.0656 3352 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:57:08.0703 3352 WdiServiceHost - ok 19:57:08.0703 3352 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:57:08.0719 3352 WdiSystemHost - ok 19:57:08.0750 3352 [ 65D571576E366067C22F22B3E919EF8C ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe 19:57:08.0765 3352 WDRulesService - ok 19:57:08.0765 3352 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 19:57:08.0812 3352 WebClient - ok 19:57:08.0828 3352 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:57:08.0859 3352 Wecsvc - ok 19:57:08.0890 3352 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:57:08.0906 3352 wercplsupport - ok 19:57:08.0937 3352 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 19:57:08.0968 3352 WerSvc - ok 19:57:09.0015 3352 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:57:09.0031 3352 WfpLwf - ok 19:57:09.0046 3352 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:57:09.0046 3352 WIMMount - ok 19:57:09.0062 3352 WinDefend - ok 19:57:09.0062 3352 WinHttpAutoProxySvc - ok 19:57:09.0109 3352 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:57:09.0140 3352 Winmgmt - ok 19:57:09.0171 3352 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 19:57:09.0202 3352 WinRM - ok 19:57:09.0233 3352 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:57:09.0249 3352 WinUsb - ok 19:57:09.0296 3352 WISOVD - ok 19:57:09.0327 3352 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 19:57:09.0343 3352 Wlansvc - ok 19:57:09.0374 3352 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 19:57:09.0374 3352 WmiAcpi - ok 19:57:09.0389 3352 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:57:09.0405 3352 wmiApSrv - ok 19:57:09.0421 3352 WMPNetworkSvc - ok 19:57:09.0436 3352 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:57:09.0452 3352 WPCSvc - ok 19:57:09.0467 3352 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:57:09.0467 3352 WPDBusEnum - ok 19:57:09.0483 3352 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:57:09.0499 3352 ws2ifsl - ok 19:57:09.0514 3352 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 19:57:09.0530 3352 wscsvc - ok 19:57:09.0545 3352 WSearch - ok 19:57:09.0592 3352 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 19:57:09.0623 3352 wuauserv - ok 19:57:09.0655 3352 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:57:09.0686 3352 WudfPf - ok 19:57:09.0717 3352 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:57:09.0733 3352 WUDFRd - ok 19:57:09.0764 3352 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:57:09.0779 3352 wudfsvc - ok 19:57:09.0826 3352 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 19:57:09.0826 3352 WwanSvc - ok 19:57:09.0873 3352 [ FFDB0ED9D1D453F7F19DE55FE0706195 ] xhcdrv C:\Windows\system32\DRIVERS\xhcdrv.sys 19:57:09.0889 3352 xhcdrv - ok 19:57:09.0904 3352 ================ Scan global =============================== 19:57:09.0935 3352 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 19:57:09.0951 3352 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:57:09.0967 3352 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:57:09.0982 3352 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 19:57:09.0998 3352 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 19:57:09.0998 3352 [Global] - ok 19:57:09.0998 3352 ================ Scan MBR ================================== 19:57:10.0013 3352 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 19:57:10.0310 3352 \Device\Harddisk0\DR0 - ok 19:57:10.0310 3352 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 19:57:10.0388 3352 \Device\Harddisk1\DR1 - ok 19:57:10.0388 3352 ================ Scan VBR ================================== 19:57:10.0388 3352 [ A2A706A372A375EB43E8A5537648B686 ] \Device\Harddisk0\DR0\Partition1 19:57:10.0388 3352 \Device\Harddisk0\DR0\Partition1 - ok 19:57:10.0403 3352 [ E3B60A817FD40179241B26BF6F248C0F ] \Device\Harddisk0\DR0\Partition2 19:57:10.0403 3352 \Device\Harddisk0\DR0\Partition2 - ok 19:57:10.0419 3352 [ CAC83C362246A886742628AE52BA6B81 ] \Device\Harddisk0\DR0\Partition3 19:57:10.0419 3352 \Device\Harddisk0\DR0\Partition3 - ok 19:57:10.0419 3352 [ CA0C577FA45082F93D4EB542735BC53D ] \Device\Harddisk1\DR1\Partition1 19:57:10.0419 3352 \Device\Harddisk1\DR1\Partition1 - ok 19:57:10.0419 3352 ============================================================ 19:57:10.0419 3352 Scan finished 19:57:10.0419 3352 ============================================================ 19:57:10.0419 3152 Detected object count: 3 19:57:10.0419 3152 Actual detected object count: 3 19:57:38.0764 3152 ICCS ( UnsignedFile.Multi.Generic ) - skipped by user 19:57:38.0764 3152 ICCS ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:57:38.0764 3152 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 19:57:38.0764 3152 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:57:38.0764 3152 Serviio ( UnsignedFile.Multi.Generic ) - skipped by user 19:57:38.0764 3152 Serviio ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:57:46.0439 1196 Deinitialize success |
21.02.2013, 20:00 | #13 |
/// Malware-holic | Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
21.02.2013, 20:22 | #14 |
| Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbarCode:
ATTFilter ComboFix 13-02-21.02 - Batman 21.02.2013 20:18:08.1.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8082.6033 [GMT 1:00] ausgeführt von:: g:\grusch\Software gegen Trojaner\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\dsgsdgdsgdsgw.pad c:\users\Batman\AppData\Roaming\Buofy\wazu.exe . . ((((((((((((((((((((((( Dateien erstellt von 2013-01-21 bis 2013-02-21 )))))))))))))))))))))))))))))) . . 2013-02-21 19:20 . 2013-02-21 19:20 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-02-21 19:20 . 2013-02-21 19:20 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-02-21 19:15 . 2013-02-21 19:15 -------- d-----w- c:\users\Administrator 2013-02-21 12:39 . 2013-02-21 12:39 -------- d-----w- c:\users\Batman\AppData\Roaming\Malwarebytes 2013-02-21 12:39 . 2013-02-21 12:39 -------- d-----w- c:\programdata\Malwarebytes 2013-02-21 12:39 . 2013-02-21 12:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-02-21 12:39 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-02-20 16:56 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2013-02-20 16:56 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2013-02-20 16:56 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2013-02-20 16:56 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2013-02-20 16:56 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2013-02-20 16:56 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2013-02-20 16:56 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2013-02-20 16:40 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui 2013-02-20 16:40 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2013-02-20 16:40 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2013-02-20 16:40 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2013-02-19 19:53 . 2013-02-19 19:53 -------- d-----w- c:\program files (x86)\SopCast 2013-02-19 10:11 . 2013-02-19 10:11 -------- d-----w- c:\users\Batman\AppData\Roaming\elsterformular 2013-02-19 10:08 . 2013-02-19 10:10 -------- d-----w- c:\programdata\elsterformular 2013-02-19 10:08 . 2013-02-19 10:08 -------- d-----w- c:\program files (x86)\ElsterFormular 2013-02-13 15:07 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 15:07 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 13:30 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 13:30 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-02-13 13:30 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-02-13 13:30 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-02-13 13:30 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 13:30 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-02-13 13:30 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-02-13 13:30 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-02-13 13:30 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-02-13 13:30 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-02-13 13:30 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 13:30 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-02-12 06:40 . 2013-02-19 17:33 -------- d-----w- c:\windows\SysWow64\NV 2013-02-12 06:40 . 2013-02-19 17:33 -------- d-----w- c:\windows\system32\NV 2013-02-09 17:43 . 2013-02-09 17:43 555808 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2013-01-28 17:51 . 2013-01-28 17:51 -------- d-----w- c:\users\Batman\AppData\Local\NVIDIA 2013-01-28 17:30 . 2013-01-28 17:30 -------- d-----w- c:\program files (x86)\AMD 2013-01-28 17:28 . 2012-03-27 00:12 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll 2013-01-28 17:28 . 2012-03-27 00:13 789272 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys 2013-01-28 17:28 . 2012-03-27 00:13 356632 ----a-w- c:\windows\system32\drivers\iusb3hub.sys 2013-01-28 17:28 . 2012-03-27 00:13 19224 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-19 17:40 . 2012-09-07 16:38 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-19 17:40 . 2012-09-07 16:38 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-02-19 17:18 . 2012-09-07 19:21 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-02-10 03:25 . 2012-10-10 20:23 17987192 ----a-w- c:\windows\system32\nvd3dumx.dll 2013-02-10 03:25 . 2012-10-10 20:23 2854344 ----a-w- c:\windows\system32\nvapi64.dll 2013-02-10 03:25 . 2012-10-10 20:23 1114144 ----a-w- c:\windows\system32\nvumdshimx.dll 2013-02-10 03:25 . 2012-10-10 20:23 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll 2013-02-10 03:25 . 2012-10-10 20:22 2528840 ----a-w- c:\windows\SysWow64\nvapi.dll 2013-02-10 03:25 . 2012-10-10 20:22 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2013-02-10 01:04 . 2010-07-09 15:17 6393120 ----a-w- c:\windows\system32\nvcpl.dll 2013-02-10 01:04 . 2010-07-09 15:17 3472672 ----a-w- c:\windows\system32\nvsvc64.dll 2013-02-10 01:04 . 2012-09-07 16:00 63776 ----a-w- c:\windows\system32\nvshext.dll 2013-02-10 01:04 . 2010-07-09 15:17 877856 ----a-w- c:\windows\system32\nvvsvc.exe 2013-02-10 01:04 . 2010-07-09 15:17 2555680 ----a-w- c:\windows\system32\nvsvcr.dll 2013-02-10 01:04 . 2010-07-09 15:17 237856 ----a-w- c:\windows\system32\nvmctray.dll 2013-02-09 13:25 . 2012-09-07 16:00 3035306 ----a-w- c:\windows\system32\nvcoproc.bin 2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-28 17:57 . 2012-09-15 10:50 30528 ----a-w- c:\windows\GVTDrv64.sys 2013-01-28 17:56 . 2012-09-15 04:37 25640 ----a-w- c:\windows\gdrv.sys 2013-01-21 16:22 . 2013-01-21 16:22 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-01-21 16:22 . 2013-01-21 16:22 308640 ----a-w- c:\windows\system32\javaws.exe 2013-01-21 16:22 . 2013-01-21 16:22 188832 ----a-w- c:\windows\system32\javaw.exe 2013-01-21 16:22 . 2013-01-21 16:22 188832 ----a-w- c:\windows\system32\java.exe 2013-01-21 16:22 . 2012-09-15 18:27 960416 ----a-w- c:\windows\system32\deployJava1.dll 2013-01-21 16:22 . 2012-09-15 18:27 1081760 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-01-04 04:43 . 2013-02-13 13:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-18 08:31 . 2012-09-07 16:00 1510328 ----a-w- c:\windows\system32\nvhdagenco6420103.dll 2012-12-16 17:11 . 2012-12-21 09:10 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-21 09:10 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-21 09:10 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-21 09:10 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-14 01:42 . 2012-12-14 01:42 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-12-14 01:42 . 2012-12-14 01:42 437760 ----a-w- c:\windows\system32\igfxrnor.lrc 2012-12-14 01:42 . 2012-12-14 01:42 21850112 ----a-w- c:\windows\SysWow64\igdfcl32.dll 2012-12-14 01:42 . 2012-12-14 01:42 196096 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll 2012-12-14 01:42 . 2012-12-14 01:42 384512 ----a-w- c:\windows\system32\igfxpph.dll 2012-12-14 01:42 . 2012-12-14 01:42 12615680 ----a-w- c:\windows\system32\igdumd64.dll 2012-12-14 01:42 . 2012-12-14 01:42 64512 ----a-w- c:\windows\SysWow64\igdde32.dll 2012-12-14 01:42 . 2012-12-14 01:42 64000 ----a-w- c:\windows\system32\igfxsrvc.dll 2012-12-14 01:42 . 2012-12-14 01:42 440320 ----a-w- c:\windows\system32\igfxrell.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437760 ----a-w- c:\windows\system32\igfxrptb.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437248 ----a-w- c:\windows\system32\igfxrtha.lrc 2012-12-14 01:42 . 2012-12-14 01:42 435712 ----a-w- c:\windows\system32\igfxrheb.lrc 2012-12-14 01:42 . 2012-12-14 01:42 435712 ----a-w- c:\windows\system32\igfxrara.lrc 2012-12-14 01:42 . 2012-12-14 01:42 431104 ----a-w- c:\windows\system32\igfxrkor.lrc 2012-12-14 01:42 . 2012-12-14 01:42 429056 ----a-w- c:\windows\system32\igfxrcht.lrc 2012-12-14 01:42 . 2012-12-14 01:42 330752 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2012-12-14 01:42 . 2012-12-14 01:42 28672 ----a-w- c:\windows\system32\igfxexps.dll 2012-12-14 01:42 . 2012-12-14 01:42 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll 2012-12-14 01:42 . 2012-12-14 01:42 11174912 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2012-12-14 01:42 . 2012-12-14 01:42 110592 ----a-w- c:\windows\system32\hccutils.dll 2012-12-14 01:42 . 2012-12-14 01:42 640512 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2012-12-14 01:42 . 2012-12-14 01:42 512112 ----a-w- c:\windows\system32\igfxsrvc.exe 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrnld.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc 2012-12-14 01:42 . 2012-12-14 01:42 3121152 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll 2012-12-14 01:42 . 2012-12-14 01:42 255088 ----a-w- c:\windows\system32\igfxext.exe 2012-12-14 01:42 . 2012-12-14 01:42 9007616 ----a-w- c:\windows\system32\igfxress.dll 2012-12-14 01:42 . 2012-12-14 01:42 483840 ----a-w- c:\windows\system32\igfx11cmrt64.dll 2012-12-14 01:42 . 2012-12-14 01:42 439808 ----a-w- c:\windows\system32\igfxresn.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc 2012-12-14 01:42 . 2012-12-14 01:42 428544 ----a-w- c:\windows\system32\igfxrchs.lrc 2012-12-14 01:42 . 2012-12-14 01:42 241664 ----a-w- c:\windows\system32\IntelOpenCL64.dll 2012-12-14 01:42 . 2012-12-14 01:42 12858368 ----a-w- c:\windows\system32\igd10umd64.dll 2012-12-14 01:42 . 2012-12-14 01:42 80384 ----a-w- c:\windows\system32\igdde64.dll 2012-12-14 01:42 . 2012-12-14 01:42 754652 ----a-w- c:\windows\system32\igcodeckrng700.bin 2012-12-14 01:42 . 2012-12-14 01:42 598384 ----a-w- c:\windows\system32\igvpkrng700.bin 2012-12-14 01:42 . 2012-12-14 01:42 524800 ----a-w- c:\windows\system32\iglhsip64.dll 2012-12-14 01:42 . 2012-12-14 01:42 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll 2012-12-14 01:42 . 2012-12-14 01:42 459264 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll 2012-12-14 01:42 . 2012-12-14 01:42 439296 ----a-w- c:\windows\system32\igfxrrus.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrptg.lrc 2012-12-14 01:42 . 2012-12-14 01:42 286208 ----a-w- c:\windows\system32\igfxrenu.lrc 2012-12-14 01:42 . 2012-12-14 01:42 142336 ----a-w- c:\windows\system32\igfxdo.dll 2012-12-14 01:42 . 2012-12-14 01:42 11049472 ----a-w- c:\windows\SysWow64\igdumd32.dll 2012-12-14 01:42 . 2012-12-14 01:42 56832 ----a-w- c:\windows\system32\Intel_OpenCL_ICD64.dll 2012-12-14 01:42 . 2012-12-14 01:42 5353888 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2012-12-14 01:42 . 2012-12-14 01:42 439296 ----a-w- c:\windows\system32\igfxrrom.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc 2012-12-14 01:42 . 2012-12-14 01:42 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2012-12-14 01:42 . 2012-12-14 01:42 185968 ----a-w- c:\windows\system32\difx64.exe 2012-12-14 01:42 . 2012-12-14 01:42 11633152 ----a-w- c:\windows\system32\ig7icd64.dll 2012-12-14 01:42 . 2012-12-14 01:42 8621056 ----a-w- c:\windows\SysWow64\ig7icd32.dll 2012-12-14 01:42 . 2012-12-14 01:42 518656 ----a-w- c:\windows\system32\igfxcmrt64.dll 2012-12-14 01:42 . 2012-12-14 01:42 438272 ----a-w- c:\windows\system32\igfxrfin.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437760 ----a-w- c:\windows\system32\igfxrsve.lrc 2012-12-14 01:42 . 2012-12-14 01:42 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc 2012-12-14 01:42 . 2012-12-14 01:42 27457536 ----a-w- c:\windows\system32\igdfcl64.dll 2012-12-14 01:42 . 2012-12-14 01:42 116224 ----a-w- c:\windows\system32\igfxCoIn_v2932.dll 2012-12-14 01:42 . 2012-12-14 01:42 442880 ----a-w- c:\windows\system32\igfxdev.dll 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrita.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438272 ----a-w- c:\windows\system32\igfxrhun.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437248 ----a-w- c:\windows\system32\igfxrdan.lrc 2012-12-14 01:42 . 2012-12-14 01:42 27643904 ----a-w- c:\windows\SysWow64\igdrcl32.dll 2012-12-14 01:42 . 2012-12-14 01:42 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2012-12-14 01:42 . 2012-12-14 01:42 441968 ----a-w- c:\windows\system32\igfxpers.exe 2012-12-14 01:42 . 2012-12-14 01:42 439808 ----a-w- c:\windows\system32\igfxrfra.lrc 2012-12-14 01:42 . 2012-12-14 01:42 410112 ----a-w- c:\windows\system32\igfxTMM.dll 2012-12-14 01:42 . 2012-12-14 01:42 3581440 ----a-w- c:\windows\system32\igdbcl64.dll 2012-12-14 01:42 . 2012-12-14 01:42 172144 ----a-w- c:\windows\system32\igfxtray.exe . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-11-28 59280] "com.apple.dav.bookmarks.daemon"="c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [2012-11-28 59280] "ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-11-28 59280] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] . c:\users\Batman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Serviio.lnk - c:\program files\Serviio\bin\ServiioConsole.exe [2012-8-9 493056] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] R2 Serviio;Serviio;c:\program files\Serviio\bin\ServiioService.exe [2012-08-09 207872] R3 Atheros Traffic Shaping;Atheros Traffic Shaping;c:\program files (x86)\Atheros ASAV\AthrTS6_x64.sys [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-10-30 25640] R3 GPCIDrv;GPCIDrv;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2010-02-04 14376] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2013-01-28 30528] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-12-16 14464] R3 WISOVD;WISOVD;c:\program files (x86)\WinISO Computing\WinISO\bin\driver\WISOVD_win7_x64.sys [x] R4 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-01 14904] R4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256] R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-02-09 383264] R4 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WDDMService.exe [2011-12-15 319384] R4 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-09-06 248248] R4 WDFMEService;WDFME;c:\program files\Western Digital\WD SmartWare\WDFME.exe [2011-12-15 1977224] R4 WDRulesService;WDRules;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-12-15 1338264] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-09-01 647736] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-09-01 28216] S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224] S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632] S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-08-11 104560] S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys [2012-01-20 205312] S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys [2012-01-20 254464] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - 07889658 *NewlyCreated* - 14996041 *Deregistered* - 07889658 *Deregistered* - 14996041 *Deregistered* - NisDrv . Inhalt des "geplante Tasks" Ordners . 2013-02-21 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-07 17:40] . 2013-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525669722-3757799730-524398789-1000Core.job - c:\users\Batman\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-07 19:41] . 2013-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525669722-3757799730-524398789-1000UA.job - c:\users\Batman\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-07 19:41] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://de.yahoo.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Wow6432Node-HKCU-Run-{A40125CC-3BBD-5CE4-5FBD-93EE0B0FAD45} - c:\users\Batman\AppData\Roaming\Buofy\wazu.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2013-02-21 20:21:34 ComboFix-quarantined-files.txt 2013-02-21 19:21 . Vor Suchlauf: 12 Verzeichnis(se), 135.057.379.328 Bytes frei Nach Suchlauf: 16 Verzeichnis(se), 134.713.688.064 Bytes frei . - - End Of File - - 07C3070FBC51E51EF45D21B4A36CE059 |
21.02.2013, 20:32 | #15 |
/// Malware-holic | Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar |
auslastung, beseitigung, bonjour, browser, computer, crystaldiskinfo, drossel, entfernen, error, firefox, flash player, genesis, google, homepage, install.exe, logfile, maus, nvidia update, plug-in, problem, programm, scan, security, server, software, svchost.exe, taskmanager, teamspeak, trojaner, viren, windows |