| |
| |||||||
Log-Analyse und Auswertung: Verdacht auf Schädlinge - OTL-LogfilesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.04.2013, 12:30
| #1 |
 |  Verdacht auf Schädlinge - OTL-Logfiles Guten Tag! Ich habe aufgrund von Meldungen der Programme "Spybot Search & Destroy" und meines Virenscanners AVG 2013 den begründeten Verdacht, dass sich Schadsoftware auf meinem PC tummelt. Ich habe als OS Win 7 64bit Ultimate mit allen Updates. Konkrete (andere) Störungen treten bisher nicht auf. Ich bin froh um Eure Hilfe. Ich gehe gemäss Eurer Anleitung vor und habe otl.exe ausgeführt. Die beiden verlangten Logfiles sind wie verlangt als .zip-Anhänge anbei hochgeladen. Ich hoffe, dass das Posting formell richtig ist, sonst korrigiert mich bitte. Ich werde dann gemäss Anleitung weiterfahren, solange ich keine anderen Anweisungen bekomme. Herzlichen Dank! Lg Michael72 |
|
10.04.2013, 13:10
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Verdacht auf Schädlinge - OTL-Logfiles Hallo und
__________________ Zitat:
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner? Hast du noch weitere Logs (mit Funden)? Ist dein Virenscanner jemals fündig geworden? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
10.04.2013, 15:35
| #3 | |||||
| | Verdacht auf Schädlinge - OTL-Logfiles Lieber cosinus
__________________Herzlichen Dank für Deine sehr rasche Reaktion. Da der Scan mit GMER sehr lange gedauert hat, konnte ich Dir nicht sofort antworten. Bevor ich das Logfile von GMER poste, beantworte ich gerne Deine Fragen: Zitat:
Zitat:
Zitat:
Zitat:
Zitat:
Im nächsten Posting kommt das Logfile von Gmer, im übernächsten die Logfiles von Spybot und von AVG. Herzlichen Dank! Lg Michael72 Hier nun das Logfile von Gmer: GMER Logfile: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-10 16:04:25
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 SAMSUNG_HE103UJ rev.1AA01113 931.51GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\MICHAE~1\AppData\Local\Temp\kwldipod.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff80002bf7000 78 bytes [4C, 8B, 5C, 24, 50, 8B, CB, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 639 fffff80002bf704f 67 bytes {ADD [RAX], AL; JMP 0x81b1c}
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2160] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076f81465 2 bytes [F8, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2160] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076f814bb 2 bytes [F8, 76]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[1160] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076f81465 2 bytes [F8, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[1160] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076f814bb 2 bytes [F8, 76]
.text ... * 2
.text C:\Program Files (x86)\AVG Secure Search\vprot.exe[3340] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000076f81465 2 bytes [F8, 76]
.text C:\Program Files (x86)\AVG Secure Search\vprot.exe[3340] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000076f814bb 2 bytes [F8, 76]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076f81465 2 bytes [F8, 76]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076f814bb 2 bytes [F8, 76]
.text ... * 2
---- Files - GMER 2.1 ----
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00F35.log 1048576 bytes
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00F36.log 1048576 bytes
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00F37.log 1048576 bytes
---- EOF - GMER 2.1 ----
Ich hoffe, das sei so erwünscht. Als Nächstes folgen die Logfiles von Spybot und AVG. Lg Michael72 |
|
10.04.2013, 15:42
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verdacht auf Schädlinge - OTL-Logfiles Ok, wenn dein Arbeitgeber meint, dass es so i.O. geht mit der Volumenlizenz....er muss ja dafür geradestehen wenn MS eine Plausibilitätsprüfung fordert  Bitte poste alle Logs mit FUnden die du hast, also AVG und so 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.04.2013, 15:44
| #5 | ||
| | Verdacht auf Schädlinge - OTL-Logfiles Hier nun die Logfiles von Spybot und AVG. Der Spybot-Scan war übrigens gestern (spät), nicht heute. 1) Spybot: Code:
ATTFilter Search results from Spybot - Search & Destroy
09.04.2013 16:40:53
Scan took 00:25:06.
25 items found.
Log: [SBI $8E73A7FB] Install: setupact.log (File, nothing done)
C:\Windows\setupact.log
Properties.size=23735
Properties.md5=817393C4ECAB3C06ED880B02A2CEDB67
Properties.filedate=1365501202
Properties.filedatetext=2013-04-09 11:53:21
Log: [SBI $8E73A7FB] Install: setuperr.log (File, nothing done)
C:\Windows\setuperr.log
Properties.size=268
Properties.md5=2967459541DFB29CAD8050C55A5E4C6F
Properties.filedate=1365253563
Properties.filedatetext=2013-04-06 15:06:02
Log: [SBI $8E73A7FB] Install: DtcInstall.log (File, nothing done)
C:\Windows\DtcInstall.log
Properties.size=2790
Properties.md5=A8F3BB2551D4C129A265A564700EAC74
Properties.filedate=1365252896
Properties.filedatetext=2013-04-06 14:54:55
Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Microsoft Management Console\Recent File List
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1294632941-2143051937-658171205-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Cookie: [SBI $49804B54] Browser: Cookie (7) (Browser: Cookie, nothing done)
Michael72 Hallo cosinus Ich finde das AVG-Logfile leider nicht mehr  Zwar zeigt mir das Programm durchaus an, dass ein Scan stattgefunden hat, und auch die Ergebnisse, aber ich habe kein en Zugriff aufs Logfile und finde nicht heraus, wo das Ding abgespeichert ist. Ich müsste schlimmstenfalls wohl den Scan wiederholen, aber das dauert dann wieder Stunden. Wie wichtig ist dieses Logfile?Lg Michael72 Hallo cosinus Zitat:
Zitat:
Lg Michael72 |
|
10.04.2013, 21:00
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verdacht auf Schädlinge - OTL-Logfiles Wie gesagt wenn dein AG meint das sei i.O. dann kann ich da nichts gegen einwenden  Weißt du noch in etwa was AVG gefunden hat, wurde es denn überhaupt mal fündig?
__________________ --> Verdacht auf Schädlinge - OTL-Logfiles |
|
11.04.2013, 10:56
| #7 |
| | Verdacht auf Schädlinge - OTL-Logfiles Ja, AVG hatte 7 "Dinge" gefunden. Das Problem ist, dass ich das Logfile nicht mehr finde. Ich habe inzwischen herausgefunden, wo AVG die Logfiles speichert, aber dort ist als einzige aktuelle Datei "history.xml" zu finden. Ich weiss nicht, ob Du daraus was siehst (dass mal 7 Infektionen gefunden wurden. kann man darin aber sehen). Hier dieses File (umkopiert in einen Editor): Code:
ATTFilter <?xml version="1.0"?>
-<history>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-08 12:36:18,152"><value>@WD_History_logger_starting</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-08 12:36:19,203"><value>@WD_History_logger_running</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-08 12:37:42,279"><value>@Update_History_logger_started</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-08 12:38:20,889"><value>@Update_History_logger_finished_ok</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-08 16:25:58,659"><value>@Update_History_logger_started</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-08 16:26:00,500"><value>@Update_History_logger_finished_ok</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-08 21:52:05,755"><value>@WD_History_logger_stopping</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-08 21:52:07,003"><value>@WD_History_logger_stopped</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 08:58:17,251"><value>@WD_History_logger_starting</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 08:58:27,508"><value>@WD_History_logger_running</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 09:03:34,296"><value>@Update_History_logger_started</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 09:04:18,881"><value>@Update_History_logger_finished_ok</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 09:52:02,327"><value>@WD_History_logger_stopping</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 09:52:03,465"><value>@WD_History_logger_stopped</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 09:53:31,924"><value>@WD_History_logger_starting</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 09:53:34,139"><value>@WD_History_logger_running</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 15:03:28,200"><value>@WD_History_logger_stopping</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 15:03:29,401"><value>@WD_History_logger_stopped</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 15:04:57,809"><value>@WD_History_logger_starting</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 15:04:59,353"><value>@WD_History_logger_running</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 17:20:07,793"><value>@Update_History_logger_started</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 17:20:31,731"><value>@Update_History_logger_finished_ok</value></rec>-<rec source="Scan" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 21:26:55,084"><value>@WD_Scan_started</value><attr name="testname">$(@WD_User_scan)</attr></rec>-<rec source="Scan" user="NT-AUTORITÄT\SYSTEM" time="2013-04-09 23:24:02,746"><value>@WD_Scan_ended</value><attr name="testname">$(@WD_User_scan)</attr><attr name="infectedfiles">7</attr></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 09:10:50,778"><value>@Update_History_logger_started</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 09:11:25,223"><value>@Update_History_logger_finished_ok</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 10:28:15,807"><value>@WD_History_logger_stopping</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 10:28:17,960"><value>@WD_History_logger_stopped</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 10:31:22,826"><value>@WD_History_logger_starting</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 10:31:26,913"><value>@WD_History_logger_running</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 14:04:47,506"><value>@WD_History_logger_stopping</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 14:04:49,066"><value>@WD_History_logger_stopped</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 14:06:24,655"><value>@WD_History_logger_starting</value></rec>-<rec source="General" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 14:06:31,410"><value>@WD_History_logger_running</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 16:55:58,702"><value>@Update_History_logger_started</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-10 16:56:42,413"><value>@Update_History_logger_finished_ok</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-11 09:48:44,165"><value>@Update_History_logger_started</value></rec>-<rec source="Update" user="NT-AUTORITÄT\SYSTEM" time="2013-04-11 09:49:19,446"><value>@Update_History_logger_finished_ok</value></rec></history>
Ich könnte natürlich den Scan mit AVG wiederholen und dann versuchen das Logfile vernünftiger abzuspeichern. Das würde aber relativ lange dauern. Soll ich das tun? Danke für Deine Unterstützung! Lg Michael72 |
|
11.04.2013, 12:34
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verdacht auf Schädlinge - OTL-Logfiles Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2013, 13:27
| #9 |
| | Verdacht auf Schädlinge - OTL-Logfiles Lieber cosinus Herzlichen Dank für Deine Arbeit. Ich werde mich bemühen alles so zu machen wie verlangt. Ich habe Malwarebytes wie verlangt installiert und benutzt. Das Programm hat nichts gefunden ("Scan Finished: No malware found!"). Dadurch war es gar nicht möglich den Knopf "Cleanup" zu betätigen (und laut Ansage im Programm auch nicht "required"). Ist das somit in Ordnung? Falls ja, fahre ich gemäss Anleitung weiter. Zur Sicherheit hier aber auf jeden Fall das Logfile von Malwarevytes: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org
Database version: v2013.04.11.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
XXX :: XXX [administrator]
11.04.2013 14:12:02
mbar-log-2013-04-11 (14-12-02).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29186
Time elapsed: 6 minute(s), 27 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Lg Michael 72 |
|
11.04.2013, 13:28
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verdacht auf Schädlinge - OTL-Logfiles Ok, mach bitte mit den anderen Tools weiter
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2013, 13:54
| #11 |
| | Verdacht auf Schädlinge - OTL-Logfiles Lieber cosinus Ich teile Dir, ziemlich beunruhigt, mit, dass aswMBR während dem Scan abgestürzt ist. Ich wiederhole jetzt den Scan wie von Dir für diesen Fall empfohlen mit der Einstellung "none". Lg Michael72 Mit der neuen Einstellung hat der Scan mit aswMBR geklappt. Hier das Logfile: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-11 14:58:02
-----------------------------
14:58:02.032 OS Version: Windows x64 6.1.7601 Service Pack 1
14:58:02.032 Number of processors: 4 586 0x1707
14:58:02.032 ComputerName: XXX UserName:
14:58:02.734 Initialize success
14:58:11.704 AVAST engine defs: 13041100
14:58:18.084 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
14:58:18.084 Disk 0 Vendor: SAMSUNG_HE103UJ 1AA01113 Size: 953869MB BusType: 3
14:58:18.224 Disk 0 MBR read successfully
14:58:18.224 Disk 0 MBR scan
14:58:18.224 Disk 0 Windows 7 default MBR code
14:58:18.240 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:58:18.256 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 300001 MB offset 206848
14:58:18.256 Disk 0 Partition - 00 0F Extended LBA 248772 MB offset 614609112
14:58:18.271 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 99999 MB offset 614609114
14:58:18.287 Disk 0 Partition - 00 05 Extended 143051 MB offset 819407610
14:58:18.318 Disk 0 Partition 4 00 83 Linux 143051 MB offset 819408896
14:58:18.318 Disk 0 Partition - 00 05 Extended 5722 MB offset 1317175842
14:58:18.349 Disk 0 Partition 5 00 82 Linux swap 5721 MB offset 1112379392
14:58:18.396 Disk 0 scanning C:\Windows\system32\drivers
14:58:42.950 Service scanning
14:59:11.233 Modules scanning
14:59:11.233 Disk 0 trace - called modules:
14:59:11.249 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:59:11.264 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80062aa060]
14:59:11.264 3 CLASSPNP.SYS[fffff8800190843f] -> nt!IofCallDriver -> [0xfffffa800601b520]
14:59:11.264 5 ACPI.sys[fffff88000d707a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8006017680]
14:59:11.280 Scan finished successfully
14:59:27.411 Disk 0 MBR has been saved successfully to "C:\Users\XXX\Documents\COMPUTER\aswMBR\MBR.dat"
14:59:27.411 The log file has been saved successfully to "C:\Users\XXX\Documents\COMPUTER\aswMBR\aswMBR130411.txt"
Lg Michael72 |
|
11.04.2013, 14:05
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verdacht auf Schädlinge - OTL-Logfiles jupp, mach mit tdsskiller weiter
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2013, 14:11
| #13 |
| | Verdacht auf Schädlinge - OTL-Logfiles Hier ist das LOgfile von TDSSKiller: Code:
ATTFilter 15:07:19.0214 3696 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:07:19.0370 3696 ============================================================
15:07:19.0370 3696 Current date / time: 2013/04/11 15:07:19.0370
15:07:19.0370 3696 SystemInfo:
15:07:19.0370 3696
15:07:19.0370 3696 OS Version: 6.1.7601 ServicePack: 1.0
15:07:19.0370 3696 Product type: Workstation
15:07:19.0370 3696 ComputerName: XXX
15:07:19.0370 3696 UserName: XXX
15:07:19.0370 3696 Windows directory: C:\Windows
15:07:19.0370 3696 System windows directory: C:\Windows
15:07:19.0370 3696 Running under WOW64
15:07:19.0370 3696 Processor architecture: Intel x64
15:07:19.0370 3696 Number of processors: 4
15:07:19.0370 3696 Page size: 0x1000
15:07:19.0370 3696 Boot type: Normal boot
15:07:19.0370 3696 ============================================================
15:07:20.0572 3696 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x19E0186, SectorsPerTrack: 0x4, TracksPerCylinder: 0x12, Type 'K0', Flags 0x00000040
15:07:20.0572 3696 ============================================================
15:07:20.0572 3696 \Device\Harddisk0\DR0:
15:07:20.0572 3696 MBR partitions:
15:07:20.0572 3696 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:07:20.0572 3696 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x249F0840
15:07:20.0587 3696 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x24A230DA, BlocksNum 0xC34FA20
15:07:20.0618 3696 ============================================================
15:07:20.0650 3696 C: <-> \Device\Harddisk0\DR0\Partition2
15:07:20.0681 3696 D: <-> \Device\Harddisk0\DR0\Partition3
15:07:20.0681 3696 ============================================================
15:07:20.0681 3696 Initialize success
15:07:20.0681 3696 ============================================================
15:07:29.0510 1092 ============================================================
15:07:29.0510 1092 Scan started
15:07:29.0510 1092 Mode: Manual; SigCheck; TDLFS;
15:07:29.0510 1092 ============================================================
15:07:30.0228 1092 ================ Scan system memory ========================
15:07:30.0228 1092 System memory - ok
15:07:30.0228 1092 ================ Scan services =============================
15:07:30.0353 1092 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:07:30.0462 1092 1394ohci - ok
15:07:30.0478 1092 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:07:30.0509 1092 ACPI - ok
15:07:30.0524 1092 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:07:30.0556 1092 AcpiPmi - ok
15:07:30.0649 1092 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:07:30.0680 1092 AdobeARMservice - ok
15:07:30.0712 1092 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:07:30.0727 1092 adp94xx - ok
15:07:30.0743 1092 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:07:30.0758 1092 adpahci - ok
15:07:30.0774 1092 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:07:30.0790 1092 adpu320 - ok
15:07:30.0821 1092 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:07:30.0930 1092 AeLookupSvc - ok
15:07:30.0961 1092 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:07:31.0008 1092 AFD - ok
15:07:31.0024 1092 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:07:31.0039 1092 agp440 - ok
15:07:31.0055 1092 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:07:31.0086 1092 ALG - ok
15:07:31.0102 1092 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:07:31.0117 1092 aliide - ok
15:07:31.0117 1092 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:07:31.0133 1092 amdide - ok
15:07:31.0133 1092 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:07:31.0164 1092 AmdK8 - ok
15:07:31.0164 1092 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:07:31.0195 1092 AmdPPM - ok
15:07:31.0226 1092 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:07:31.0242 1092 amdsata - ok
15:07:31.0258 1092 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:07:31.0273 1092 amdsbs - ok
15:07:31.0289 1092 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:07:31.0304 1092 amdxata - ok
15:07:31.0320 1092 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:07:31.0429 1092 AppID - ok
15:07:31.0445 1092 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:07:31.0492 1092 AppIDSvc - ok
15:07:31.0492 1092 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:07:31.0554 1092 Appinfo - ok
15:07:31.0585 1092 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:07:31.0601 1092 AppMgmt - ok
15:07:31.0616 1092 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:07:31.0632 1092 arc - ok
15:07:31.0648 1092 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:07:31.0663 1092 arcsas - ok
15:07:31.0694 1092 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:07:31.0772 1092 AsyncMac - ok
15:07:31.0788 1092 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:07:31.0804 1092 atapi - ok
15:07:31.0866 1092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:07:31.0913 1092 AudioEndpointBuilder - ok
15:07:31.0928 1092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:07:31.0960 1092 AudioSrv - ok
15:07:32.0084 1092 [ 0D8244A9DB70BC6C36E2FB56F6039AB6 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
15:07:32.0178 1092 AVGIDSAgent - ok
15:07:32.0194 1092 [ AC6CB348F67B6B1B75C0EFB8927A8B03 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
15:07:32.0225 1092 AVGIDSDriver - ok
15:07:32.0240 1092 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
15:07:32.0256 1092 AVGIDSHA - ok
15:07:32.0272 1092 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
15:07:32.0287 1092 Avgldx64 - ok
15:07:32.0303 1092 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
15:07:32.0318 1092 Avgloga - ok
15:07:32.0334 1092 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
15:07:32.0350 1092 Avgmfx64 - ok
15:07:32.0365 1092 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
15:07:32.0381 1092 Avgrkx64 - ok
15:07:32.0396 1092 [ 71309F30D4F4565EC611FE3FC33A3A0F ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
15:07:32.0412 1092 Avgtdia - ok
15:07:32.0443 1092 [ 76DCA54A83A34CCBBBDCE7ADA01E0068 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
15:07:32.0459 1092 avgtp - ok
15:07:32.0474 1092 [ DC98337F0D2A9F6C0B6FB682297ECE3B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
15:07:32.0490 1092 avgwd - ok
15:07:32.0537 1092 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:07:32.0584 1092 AxInstSV - ok
15:07:32.0615 1092 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:07:32.0677 1092 b06bdrv - ok
15:07:32.0708 1092 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:07:32.0740 1092 b57nd60a - ok
15:07:32.0818 1092 [ 3C404C55DE548B09F3BA9F136C1B7100 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
15:07:32.0833 1092 BcmSqlStartupSvc - ok
15:07:32.0849 1092 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:07:32.0880 1092 BDESVC - ok
15:07:32.0911 1092 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:07:32.0958 1092 Beep - ok
15:07:32.0974 1092 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:07:33.0036 1092 BFE - ok
15:07:33.0067 1092 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:07:33.0145 1092 BITS - ok
15:07:33.0176 1092 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:07:33.0223 1092 blbdrive - ok
15:07:33.0301 1092 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:07:33.0332 1092 bowser - ok
15:07:33.0348 1092 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:07:33.0395 1092 BrFiltLo - ok
15:07:33.0410 1092 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:07:33.0442 1092 BrFiltUp - ok
15:07:33.0473 1092 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:07:33.0504 1092 Browser - ok
15:07:33.0535 1092 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:07:33.0582 1092 Brserid - ok
15:07:33.0582 1092 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:07:33.0629 1092 BrSerWdm - ok
15:07:33.0629 1092 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:07:33.0676 1092 BrUsbMdm - ok
15:07:33.0691 1092 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:07:33.0722 1092 BrUsbSer - ok
15:07:33.0754 1092 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:07:33.0769 1092 BTHMODEM - ok
15:07:33.0800 1092 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:07:33.0847 1092 bthserv - ok
15:07:33.0863 1092 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:07:33.0910 1092 cdfs - ok
15:07:33.0941 1092 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:07:33.0972 1092 cdrom - ok
15:07:33.0988 1092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:07:34.0034 1092 CertPropSvc - ok
15:07:34.0050 1092 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:07:34.0097 1092 circlass - ok
15:07:34.0112 1092 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:07:34.0128 1092 CLFS - ok
15:07:34.0190 1092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:07:34.0206 1092 clr_optimization_v2.0.50727_32 - ok
15:07:34.0253 1092 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:07:34.0268 1092 clr_optimization_v2.0.50727_64 - ok
15:07:34.0331 1092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:07:34.0346 1092 clr_optimization_v4.0.30319_32 - ok
15:07:34.0362 1092 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:07:34.0378 1092 clr_optimization_v4.0.30319_64 - ok
15:07:34.0393 1092 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:07:34.0409 1092 CmBatt - ok
15:07:34.0409 1092 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:07:34.0424 1092 cmdide - ok
15:07:34.0456 1092 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:07:34.0518 1092 CNG - ok
15:07:34.0518 1092 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:07:34.0534 1092 Compbatt - ok
15:07:34.0534 1092 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:07:34.0580 1092 CompositeBus - ok
15:07:34.0580 1092 COMSysApp - ok
15:07:34.0596 1092 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:07:34.0612 1092 crcdisk - ok
15:07:34.0658 1092 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:07:34.0705 1092 CryptSvc - ok
15:07:34.0721 1092 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:07:34.0768 1092 CSC - ok
15:07:34.0783 1092 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:07:34.0814 1092 CscService - ok
15:07:34.0861 1092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:07:34.0908 1092 DcomLaunch - ok
15:07:34.0924 1092 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:07:34.0986 1092 defragsvc - ok
15:07:35.0002 1092 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:07:35.0064 1092 DfsC - ok
15:07:35.0095 1092 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:07:35.0126 1092 Dhcp - ok
15:07:35.0142 1092 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:07:35.0204 1092 discache - ok
15:07:35.0220 1092 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:07:35.0236 1092 Disk - ok
15:07:35.0267 1092 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:07:35.0314 1092 dmvsc - ok
15:07:35.0345 1092 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:07:35.0376 1092 Dnscache - ok
15:07:35.0407 1092 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:07:35.0470 1092 dot3svc - ok
15:07:35.0516 1092 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:07:35.0563 1092 dot4 - ok
15:07:35.0579 1092 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:07:35.0594 1092 Dot4Print - ok
15:07:35.0610 1092 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:07:35.0641 1092 dot4usb - ok
15:07:35.0657 1092 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:07:35.0704 1092 DPS - ok
15:07:35.0719 1092 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:07:35.0750 1092 drmkaud - ok
15:07:35.0766 1092 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:07:35.0797 1092 DXGKrnl - ok
15:07:35.0813 1092 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:07:35.0860 1092 EapHost - ok
15:07:35.0906 1092 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:07:35.0984 1092 ebdrv - ok
15:07:36.0016 1092 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:07:36.0062 1092 EFS - ok
15:07:36.0109 1092 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:07:36.0187 1092 ehRecvr - ok
15:07:36.0203 1092 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:07:36.0234 1092 ehSched - ok
15:07:36.0265 1092 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:07:36.0281 1092 elxstor - ok
15:07:36.0296 1092 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:07:36.0343 1092 ErrDev - ok
15:07:36.0390 1092 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:07:36.0437 1092 EventSystem - ok
15:07:36.0468 1092 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:07:36.0499 1092 exfat - ok
15:07:36.0530 1092 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:07:36.0577 1092 fastfat - ok
15:07:36.0608 1092 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:07:36.0640 1092 Fax - ok
15:07:36.0640 1092 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:07:36.0671 1092 fdc - ok
15:07:36.0702 1092 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:07:36.0749 1092 fdPHost - ok
15:07:36.0749 1092 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:07:36.0796 1092 FDResPub - ok
15:07:36.0796 1092 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:07:36.0811 1092 FileInfo - ok
15:07:36.0811 1092 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:07:36.0858 1092 Filetrace - ok
15:07:36.0874 1092 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:07:36.0905 1092 flpydisk - ok
15:07:36.0905 1092 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:07:36.0920 1092 FltMgr - ok
15:07:36.0967 1092 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
15:07:37.0045 1092 FontCache - ok
15:07:37.0076 1092 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:07:37.0092 1092 FontCache3.0.0.0 - ok
15:07:37.0092 1092 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:07:37.0108 1092 FsDepends - ok
15:07:37.0139 1092 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:07:37.0154 1092 Fs_Rec - ok
15:07:37.0170 1092 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:07:37.0201 1092 fvevol - ok
15:07:37.0232 1092 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:07:37.0248 1092 gagp30kx - ok
15:07:37.0279 1092 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:07:37.0342 1092 gpsvc - ok
15:07:37.0404 1092 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:07:37.0420 1092 gupdate - ok
15:07:37.0420 1092 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:07:37.0435 1092 gupdatem - ok
15:07:37.0435 1092 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:07:37.0466 1092 hcw85cir - ok
15:07:37.0513 1092 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:07:37.0529 1092 HdAudAddService - ok
15:07:37.0544 1092 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:07:37.0591 1092 HDAudBus - ok
15:07:37.0607 1092 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:07:37.0654 1092 HidBatt - ok
15:07:37.0654 1092 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:07:37.0685 1092 HidBth - ok
15:07:37.0700 1092 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:07:37.0732 1092 HidIr - ok
15:07:37.0747 1092 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:07:37.0794 1092 hidserv - ok
15:07:37.0810 1092 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:07:37.0825 1092 HidUsb - ok
15:07:37.0856 1092 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:07:37.0903 1092 hkmsvc - ok
15:07:37.0903 1092 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:07:37.0950 1092 HomeGroupListener - ok
15:07:37.0981 1092 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:07:38.0012 1092 HomeGroupProvider - ok
15:07:38.0012 1092 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:07:38.0028 1092 HpSAMD - ok
15:07:38.0059 1092 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:07:38.0106 1092 HTTP - ok
15:07:38.0106 1092 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:07:38.0122 1092 hwpolicy - ok
15:07:38.0137 1092 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:07:38.0153 1092 i8042prt - ok
15:07:38.0184 1092 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:07:38.0200 1092 iaStorV - ok
15:07:38.0262 1092 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:07:38.0278 1092 idsvc - ok
15:07:38.0293 1092 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:07:38.0293 1092 iirsp - ok
15:07:38.0324 1092 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:07:38.0371 1092 IKEEXT - ok
15:07:38.0387 1092 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:07:38.0402 1092 intelide - ok
15:07:38.0434 1092 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:07:38.0480 1092 intelppm - ok
15:07:38.0496 1092 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:07:38.0543 1092 IPBusEnum - ok
15:07:38.0558 1092 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:07:38.0590 1092 IpFilterDriver - ok
15:07:38.0621 1092 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:07:38.0652 1092 iphlpsvc - ok
15:07:38.0652 1092 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:07:38.0699 1092 IPMIDRV - ok
15:07:38.0699 1092 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:07:38.0761 1092 IPNAT - ok
15:07:38.0761 1092 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:07:38.0792 1092 IRENUM - ok
15:07:38.0792 1092 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:07:38.0808 1092 isapnp - ok
15:07:38.0839 1092 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:07:38.0855 1092 iScsiPrt - ok
15:07:38.0855 1092 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:07:38.0870 1092 kbdclass - ok
15:07:38.0886 1092 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:07:38.0902 1092 kbdhid - ok
15:07:38.0917 1092 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:07:38.0933 1092 KeyIso - ok
15:07:38.0964 1092 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:07:38.0980 1092 KSecDD - ok
15:07:38.0995 1092 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:07:39.0011 1092 KSecPkg - ok
15:07:39.0026 1092 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:07:39.0058 1092 ksthunk - ok
15:07:39.0089 1092 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:07:39.0136 1092 KtmRm - ok
15:07:39.0167 1092 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:07:39.0214 1092 LanmanServer - ok
15:07:39.0245 1092 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:07:39.0292 1092 LanmanWorkstation - ok
15:07:39.0307 1092 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:07:39.0338 1092 lltdio - ok
15:07:39.0385 1092 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:07:39.0432 1092 lltdsvc - ok
15:07:39.0448 1092 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:07:39.0494 1092 lmhosts - ok
15:07:39.0510 1092 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:07:39.0526 1092 LSI_FC - ok
15:07:39.0541 1092 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:07:39.0557 1092 LSI_SAS - ok
15:07:39.0557 1092 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:07:39.0572 1092 LSI_SAS2 - ok
15:07:39.0588 1092 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:07:39.0588 1092 LSI_SCSI - ok
15:07:39.0619 1092 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:07:39.0650 1092 luafv - ok
15:07:39.0682 1092 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:07:39.0713 1092 Mcx2Svc - ok
15:07:39.0713 1092 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:07:39.0728 1092 megasas - ok
15:07:39.0744 1092 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:07:39.0760 1092 MegaSR - ok
15:07:39.0822 1092 Microsoft SharePoint Workspace Audit Service - ok
15:07:39.0853 1092 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:07:39.0900 1092 MMCSS - ok
15:07:39.0916 1092 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:07:39.0962 1092 Modem - ok
15:07:39.0994 1092 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:07:40.0009 1092 monitor - ok
15:07:40.0025 1092 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
15:07:40.0025 1092 mouclass - ok
15:07:40.0040 1092 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:07:40.0072 1092 mouhid - ok
15:07:40.0072 1092 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:07:40.0087 1092 mountmgr - ok
15:07:40.0134 1092 [ 1C9B83F6A2D1F414F0ACD28D75605607 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:07:40.0150 1092 MozillaMaintenance - ok
15:07:40.0196 1092 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:07:40.0212 1092 MpFilter - ok
15:07:40.0228 1092 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:07:40.0243 1092 mpio - ok
15:07:40.0243 1092 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:07:40.0274 1092 mpsdrv - ok
15:07:40.0306 1092 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:07:40.0352 1092 MpsSvc - ok
15:07:40.0384 1092 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:07:40.0415 1092 MRxDAV - ok
15:07:40.0446 1092 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:07:40.0493 1092 mrxsmb - ok
15:07:40.0508 1092 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:07:40.0540 1092 mrxsmb10 - ok
15:07:40.0555 1092 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:07:40.0586 1092 mrxsmb20 - ok
15:07:40.0602 1092 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:07:40.0602 1092 msahci - ok
15:07:40.0618 1092 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:07:40.0633 1092 msdsm - ok
15:07:40.0649 1092 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:07:40.0680 1092 MSDTC - ok
15:07:40.0696 1092 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:07:40.0742 1092 Msfs - ok
15:07:40.0742 1092 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:07:40.0820 1092 mshidkmdf - ok
15:07:40.0820 1092 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:07:40.0836 1092 msisadrv - ok
15:07:40.0867 1092 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:07:40.0914 1092 MSiSCSI - ok
15:07:40.0914 1092 msiserver - ok
15:07:40.0930 1092 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:07:40.0976 1092 MSKSSRV - ok
15:07:41.0039 1092 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:07:41.0054 1092 MsMpSvc - ok
15:07:41.0070 1092 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:07:41.0101 1092 MSPCLOCK - ok
15:07:41.0132 1092 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:07:41.0164 1092 MSPQM - ok
15:07:41.0179 1092 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:07:41.0195 1092 MsRPC - ok
15:07:41.0195 1092 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:07:41.0210 1092 mssmbios - ok
15:07:41.0288 1092 MSSQL$MSSMLBIZ - ok
15:07:41.0335 1092 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:07:41.0351 1092 MSSQLServerADHelper100 - ok
15:07:41.0366 1092 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:07:41.0413 1092 MSTEE - ok
15:07:41.0429 1092 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:07:41.0460 1092 MTConfig - ok
15:07:41.0507 1092 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
15:07:41.0538 1092 MTsensor - ok
15:07:41.0538 1092 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:07:41.0554 1092 Mup - ok
15:07:41.0585 1092 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:07:41.0632 1092 napagent - ok
15:07:41.0678 1092 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:07:41.0710 1092 NativeWifiP - ok
15:07:41.0756 1092 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:07:41.0788 1092 NDIS - ok
15:07:41.0803 1092 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:07:41.0850 1092 NdisCap - ok
15:07:41.0881 1092 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:07:41.0928 1092 NdisTapi - ok
15:07:41.0944 1092 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:07:41.0990 1092 Ndisuio - ok
15:07:41.0990 1092 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:07:42.0037 1092 NdisWan - ok
15:07:42.0053 1092 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:07:42.0100 1092 NDProxy - ok
15:07:42.0100 1092 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:07:42.0146 1092 NetBIOS - ok
15:07:42.0146 1092 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:07:42.0193 1092 NetBT - ok
15:07:42.0209 1092 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:07:42.0224 1092 Netlogon - ok
15:07:42.0256 1092 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:07:42.0287 1092 Netman - ok
15:07:42.0302 1092 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:07:42.0349 1092 netprofm - ok
15:07:42.0365 1092 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:07:42.0380 1092 NetTcpPortSharing - ok
15:07:42.0396 1092 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:07:42.0412 1092 nfrd960 - ok
15:07:42.0427 1092 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:07:42.0443 1092 NisDrv - ok
15:07:42.0474 1092 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:07:42.0505 1092 NisSrv - ok
15:07:42.0521 1092 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:07:42.0536 1092 NlaSvc - ok
15:07:42.0568 1092 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:07:42.0599 1092 Npfs - ok
15:07:42.0614 1092 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:07:42.0677 1092 nsi - ok
15:07:42.0677 1092 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:07:42.0708 1092 nsiproxy - ok
15:07:42.0755 1092 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:07:42.0786 1092 Ntfs - ok
15:07:42.0802 1092 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:07:42.0848 1092 Null - ok
15:07:43.0036 1092 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:07:43.0238 1092 nvlddmkm - ok
15:07:43.0254 1092 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:07:43.0270 1092 nvraid - ok
15:07:43.0316 1092 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:07:43.0348 1092 nvstor - ok
15:07:43.0426 1092 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:07:43.0519 1092 nvsvc - ok
15:07:43.0582 1092 [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:07:43.0613 1092 nvUpdatusService - ok
15:07:43.0628 1092 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:07:43.0644 1092 nv_agp - ok
15:07:43.0660 1092 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:07:43.0691 1092 ohci1394 - ok
15:07:43.0753 1092 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:07:43.0769 1092 ose64 - ok
15:07:43.0878 1092 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:07:43.0972 1092 osppsvc - ok
15:07:44.0003 1092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:07:44.0050 1092 p2pimsvc - ok
15:07:44.0081 1092 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:07:44.0112 1092 p2psvc - ok
15:07:44.0143 1092 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:07:44.0174 1092 Parport - ok
15:07:44.0190 1092 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:07:44.0206 1092 partmgr - ok
15:07:44.0206 1092 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:07:44.0252 1092 PcaSvc - ok
15:07:44.0252 1092 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:07:44.0268 1092 pci - ok
15:07:44.0284 1092 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:07:44.0299 1092 pciide - ok
15:07:44.0299 1092 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:07:44.0315 1092 pcmcia - ok
15:07:44.0330 1092 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:07:44.0346 1092 pcw - ok
15:07:44.0346 1092 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:07:44.0408 1092 PEAUTH - ok
15:07:44.0440 1092 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:07:44.0486 1092 PeerDistSvc - ok
15:07:44.0564 1092 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:07:44.0596 1092 PerfHost - ok
15:07:44.0627 1092 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:07:44.0705 1092 pla - ok
15:07:44.0736 1092 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:07:44.0783 1092 PlugPlay - ok
15:07:44.0830 1092 [ 64CA1485214340CACC315FFDFDED73EF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:07:44.0861 1092 Pml Driver HPZ12 - ok
15:07:44.0876 1092 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:07:44.0908 1092 PNRPAutoReg - ok
15:07:44.0908 1092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:07:44.0939 1092 PNRPsvc - ok
15:07:44.0970 1092 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:07:45.0017 1092 PolicyAgent - ok
15:07:45.0048 1092 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:07:45.0095 1092 Power - ok
15:07:45.0110 1092 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:07:45.0157 1092 PptpMiniport - ok
15:07:45.0173 1092 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:07:45.0204 1092 Processor - ok
15:07:45.0235 1092 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:07:45.0266 1092 ProfSvc - ok
15:07:45.0282 1092 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:07:45.0298 1092 ProtectedStorage - ok
15:07:45.0313 1092 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:07:45.0360 1092 Psched - ok
15:07:45.0407 1092 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:07:45.0454 1092 ql2300 - ok
15:07:45.0469 1092 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:07:45.0485 1092 ql40xx - ok
15:07:45.0500 1092 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:07:45.0516 1092 QWAVE - ok
15:07:45.0532 1092 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:07:45.0563 1092 QWAVEdrv - ok
15:07:45.0578 1092 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:07:45.0610 1092 RasAcd - ok
15:07:45.0625 1092 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:07:45.0672 1092 RasAgileVpn - ok
15:07:45.0688 1092 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:07:45.0750 1092 RasAuto - ok
15:07:45.0750 1092 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:07:45.0797 1092 Rasl2tp - ok
15:07:45.0812 1092 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:07:45.0875 1092 RasMan - ok
15:07:45.0875 1092 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:07:45.0937 1092 RasPppoe - ok
15:07:45.0937 1092 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:07:46.0000 1092 RasSstp - ok
15:07:46.0015 1092 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:07:46.0062 1092 rdbss - ok
15:07:46.0062 1092 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:07:46.0078 1092 rdpbus - ok
15:07:46.0093 1092 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:07:46.0140 1092 RDPCDD - ok
15:07:46.0171 1092 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:07:46.0202 1092 RDPDR - ok
15:07:46.0234 1092 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:07:46.0265 1092 RDPENCDD - ok
15:07:46.0296 1092 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:07:46.0343 1092 RDPREFMP - ok
15:07:46.0358 1092 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:07:46.0390 1092 RdpVideoMiniport - ok
15:07:46.0405 1092 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:07:46.0452 1092 RDPWD - ok
15:07:46.0468 1092 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:07:46.0483 1092 rdyboost - ok
15:07:46.0499 1092 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:07:46.0546 1092 RemoteAccess - ok
15:07:46.0561 1092 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:07:46.0608 1092 RemoteRegistry - ok
15:07:46.0624 1092 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:07:46.0655 1092 RpcEptMapper - ok
15:07:46.0670 1092 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:07:46.0702 1092 RpcLocator - ok
15:07:46.0717 1092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:07:46.0748 1092 RpcSs - ok
15:07:46.0764 1092 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:07:46.0795 1092 rspndr - ok
15:07:46.0842 1092 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:07:46.0873 1092 RTL8167 - ok
15:07:46.0889 1092 [ 9269EF78A780A3161087DF1BEC117DC8 ] RTL85n64 C:\Windows\system32\DRIVERS\RTL85n64.sys
15:07:46.0920 1092 RTL85n64 - ok
15:07:46.0951 1092 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:07:46.0967 1092 s3cap - ok
15:07:46.0982 1092 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:07:46.0998 1092 SamSs - ok
15:07:47.0014 1092 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:07:47.0029 1092 sbp2port - ok
15:07:47.0045 1092 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:07:47.0092 1092 SCardSvr - ok
15:07:47.0092 1092 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:07:47.0138 1092 scfilter - ok
15:07:47.0170 1092 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:07:47.0232 1092 Schedule - ok
15:07:47.0248 1092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:07:47.0279 1092 SCPolicySvc - ok
15:07:47.0294 1092 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:07:47.0341 1092 SDRSVC - ok
15:07:47.0372 1092 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
15:07:47.0404 1092 SDScannerService - ok
15:07:47.0466 1092 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:07:47.0497 1092 SDUpdateService - ok
15:07:47.0513 1092 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:07:47.0528 1092 SDWSCService - ok
15:07:47.0544 1092 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:07:47.0575 1092 secdrv - ok
15:07:47.0591 1092 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:07:47.0622 1092 seclogon - ok
15:07:47.0622 1092 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:07:47.0669 1092 SENS - ok
15:07:47.0684 1092 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:07:47.0716 1092 SensrSvc - ok
15:07:47.0716 1092 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:07:47.0747 1092 Serenum - ok
15:07:47.0747 1092 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:07:47.0762 1092 Serial - ok
15:07:47.0778 1092 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:07:47.0809 1092 sermouse - ok
15:07:47.0809 1092 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:07:47.0856 1092 SessionEnv - ok
15:07:47.0872 1092 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:07:47.0887 1092 sffdisk - ok
15:07:47.0887 1092 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:07:47.0918 1092 sffp_mmc - ok
15:07:47.0918 1092 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:07:47.0950 1092 sffp_sd - ok
15:07:47.0950 1092 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:07:47.0981 1092 sfloppy - ok
15:07:48.0012 1092 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:07:48.0059 1092 SharedAccess - ok
15:07:48.0090 1092 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:07:48.0137 1092 ShellHWDetection - ok
15:07:48.0152 1092 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:07:48.0168 1092 SiSRaid2 - ok
15:07:48.0168 1092 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:07:48.0184 1092 SiSRaid4 - ok
15:07:48.0199 1092 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:07:48.0230 1092 Smb - ok
15:07:48.0246 1092 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:07:48.0277 1092 SNMPTRAP - ok
15:07:48.0293 1092 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:07:48.0293 1092 spldr - ok
15:07:48.0324 1092 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:07:48.0386 1092 Spooler - ok
15:07:48.0433 1092 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:07:48.0527 1092 sppsvc - ok
15:07:48.0589 1092 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:07:48.0667 1092 sppuinotify - ok
15:07:48.0745 1092 [ A892134C28777978ECDE8283DC57AC0F ] SQLAgent$MSSMLBIZ C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
15:07:48.0776 1092 SQLAgent$MSSMLBIZ - ok
15:07:48.0823 1092 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:07:48.0839 1092 SQLBrowser - ok
15:07:48.0901 1092 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:07:48.0917 1092 SQLWriter - ok
15:07:48.0948 1092 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:07:48.0995 1092 srv - ok
15:07:49.0026 1092 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:07:49.0042 1092 srv2 - ok
15:07:49.0073 1092 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:07:49.0088 1092 srvnet - ok
15:07:49.0104 1092 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:07:49.0151 1092 SSDPSRV - ok
15:07:49.0151 1092 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:07:49.0182 1092 SstpSvc - ok
15:07:49.0244 1092 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:07:49.0260 1092 Stereo Service - ok
15:07:49.0307 1092 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:07:49.0322 1092 stexstor - ok
15:07:49.0354 1092 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:07:49.0400 1092 stisvc - ok
15:07:49.0416 1092 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:07:49.0432 1092 storflt - ok
15:07:49.0447 1092 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:07:49.0447 1092 storvsc - ok
15:07:49.0478 1092 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:07:49.0478 1092 swenum - ok
15:07:49.0510 1092 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:07:49.0556 1092 swprv - ok
15:07:49.0572 1092 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
15:07:49.0588 1092 Synth3dVsc - ok
15:07:49.0619 1092 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:07:49.0666 1092 SysMain - ok
15:07:49.0681 1092 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:07:49.0712 1092 TabletInputService - ok
15:07:49.0712 1092 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:07:49.0759 1092 TapiSrv - ok
15:07:49.0775 1092 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:07:49.0822 1092 TBS - ok
15:07:49.0868 1092 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:07:49.0915 1092 Tcpip - ok
15:07:49.0946 1092 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:07:49.0978 1092 TCPIP6 - ok
15:07:50.0009 1092 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:07:50.0040 1092 tcpipreg - ok
15:07:50.0056 1092 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:07:50.0087 1092 TDPIPE - ok
15:07:50.0102 1092 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:07:50.0134 1092 TDTCP - ok
15:07:50.0149 1092 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:07:50.0196 1092 tdx - ok
15:07:50.0196 1092 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:07:50.0212 1092 TermDD - ok
15:07:50.0227 1092 [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt C:\Windows\system32\drivers\terminpt.sys
15:07:50.0243 1092 terminpt - ok
15:07:50.0274 1092 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:07:50.0336 1092 TermService - ok
15:07:50.0336 1092 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:07:50.0352 1092 Themes - ok
15:07:50.0383 1092 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:07:50.0414 1092 THREADORDER - ok
15:07:50.0430 1092 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:07:50.0477 1092 TrkWks - ok
15:07:50.0524 1092 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:07:50.0555 1092 TrustedInstaller - ok
15:07:50.0570 1092 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:07:50.0617 1092 tssecsrv - ok
15:07:50.0648 1092 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:07:50.0680 1092 TsUsbFlt - ok
15:07:50.0680 1092 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:07:50.0711 1092 TsUsbGD - ok
15:07:50.0742 1092 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
15:07:50.0789 1092 tsusbhub - ok
15:07:50.0804 1092 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:07:50.0851 1092 tunnel - ok
15:07:50.0867 1092 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:07:50.0882 1092 uagp35 - ok
15:07:50.0882 1092 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:07:50.0945 1092 udfs - ok
15:07:50.0960 1092 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:07:50.0976 1092 UI0Detect - ok
15:07:51.0007 1092 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:07:51.0023 1092 uliagpkx - ok
15:07:51.0023 1092 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:07:51.0054 1092 umbus - ok
15:07:51.0070 1092 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:07:51.0101 1092 UmPass - ok
15:07:51.0116 1092 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:07:51.0148 1092 UmRdpService - ok
15:07:51.0163 1092 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:07:51.0226 1092 upnphost - ok
15:07:51.0241 1092 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:07:51.0288 1092 usbccgp - ok
15:07:51.0288 1092 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:07:51.0319 1092 usbcir - ok
15:07:51.0335 1092 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:07:51.0366 1092 usbehci - ok
15:07:51.0382 1092 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:07:51.0413 1092 usbhub - ok
15:07:51.0428 1092 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:07:51.0444 1092 usbohci - ok
15:07:51.0475 1092 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:07:51.0491 1092 usbprint - ok
15:07:51.0506 1092 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:07:51.0538 1092 usbscan - ok
15:07:51.0553 1092 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
15:07:51.0584 1092 USBSTOR - ok
15:07:51.0600 1092 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:07:51.0616 1092 usbuhci - ok
15:07:51.0647 1092 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:07:51.0678 1092 UxSms - ok
15:07:51.0694 1092 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:07:51.0709 1092 VaultSvc - ok
15:07:51.0725 1092 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:07:51.0725 1092 vdrvroot - ok
15:07:51.0756 1092 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:07:51.0803 1092 vds - ok
15:07:51.0818 1092 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:07:51.0834 1092 vga - ok
15:07:51.0834 1092 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:07:51.0881 1092 VgaSave - ok
15:07:51.0881 1092 VGPU - ok
15:07:51.0896 1092 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:07:51.0912 1092 vhdmp - ok
15:07:51.0928 1092 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:07:51.0943 1092 viaide - ok
15:07:51.0974 1092 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:07:51.0990 1092 vmbus - ok
15:07:51.0990 1092 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:07:52.0021 1092 VMBusHID - ok
15:07:52.0037 1092 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:07:52.0052 1092 volmgr - ok
15:07:52.0052 1092 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:07:52.0084 1092 volmgrx - ok
15:07:52.0084 1092 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:07:52.0099 1092 volsnap - ok
15:07:52.0130 1092 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:07:52.0146 1092 vsmraid - ok
15:07:52.0177 1092 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:07:52.0255 1092 VSS - ok
15:07:52.0318 1092 [ E2CA898E105C3F2B62DB130F28C73322 ] vToolbarUpdater15.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
15:07:52.0349 1092 vToolbarUpdater15.0.0 - ok
15:07:52.0364 1092 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:07:52.0380 1092 vwifibus - ok
15:07:52.0396 1092 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:07:52.0442 1092 W32Time - ok
15:07:52.0442 1092 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:07:52.0474 1092 WacomPen - ok
15:07:52.0505 1092 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:07:52.0536 1092 WANARP - ok
15:07:52.0552 1092 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:07:52.0583 1092 Wanarpv6 - ok
15:07:52.0630 1092 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:07:52.0661 1092 WatAdminSvc - ok
15:07:52.0708 1092 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:07:52.0770 1092 wbengine - ok
15:07:52.0770 1092 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:07:52.0801 1092 WbioSrvc - ok
15:07:52.0817 1092 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:07:52.0848 1092 wcncsvc - ok
15:07:52.0848 1092 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:07:52.0879 1092 WcsPlugInService - ok
15:07:52.0879 1092 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:07:52.0895 1092 Wd - ok
15:07:52.0926 1092 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:07:52.0957 1092 Wdf01000 - ok
15:07:52.0957 1092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:07:53.0020 1092 WdiServiceHost - ok
15:07:53.0035 1092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:07:53.0051 1092 WdiSystemHost - ok
15:07:53.0066 1092 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:07:53.0098 1092 WebClient - ok
15:07:53.0129 1092 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:07:53.0176 1092 Wecsvc - ok
15:07:53.0191 1092 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:07:53.0222 1092 wercplsupport - ok
15:07:53.0254 1092 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:07:53.0300 1092 WerSvc - ok
15:07:53.0332 1092 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:07:53.0378 1092 WfpLwf - ok
15:07:53.0378 1092 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:07:53.0394 1092 WIMMount - ok
15:07:53.0410 1092 WinDefend - ok
15:07:53.0410 1092 WinHttpAutoProxySvc - ok
15:07:53.0456 1092 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:07:53.0519 1092 Winmgmt - ok
15:07:53.0566 1092 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:07:53.0644 1092 WinRM - ok
15:07:53.0675 1092 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:07:53.0737 1092 Wlansvc - ok
15:07:53.0753 1092 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:07:53.0753 1092 WmiAcpi - ok
15:07:53.0800 1092 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:07:53.0831 1092 wmiApSrv - ok
15:07:53.0846 1092 WMPNetworkSvc - ok
15:07:53.0862 1092 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:07:53.0909 1092 WPCSvc - ok
15:07:53.0924 1092 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:07:53.0940 1092 WPDBusEnum - ok
15:07:53.0956 1092 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:07:54.0002 1092 ws2ifsl - ok
15:07:54.0018 1092 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:07:54.0049 1092 wscsvc - ok
15:07:54.0049 1092 WSearch - ok
15:07:54.0112 1092 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:07:54.0143 1092 wuauserv - ok
15:07:54.0174 1092 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:07:54.0205 1092 WudfPf - ok
15:07:54.0221 1092 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:07:54.0252 1092 wudfsvc - ok
15:07:54.0268 1092 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:07:54.0299 1092 WwanSvc - ok
15:07:54.0314 1092 ================ Scan global ===============================
15:07:54.0346 1092 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:07:54.0377 1092 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:07:54.0392 1092 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:07:54.0408 1092 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:07:54.0439 1092 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:07:54.0439 1092 [Global] - ok
15:07:54.0439 1092 ================ Scan MBR ==================================
15:07:54.0455 1092 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:07:54.0689 1092 \Device\Harddisk0\DR0 - ok
15:07:54.0689 1092 ================ Scan VBR ==================================
15:07:54.0689 1092 [ 90B0B591FAC91F05B23C18CF98F137C8 ] \Device\Harddisk0\DR0\Partition1
15:07:54.0689 1092 \Device\Harddisk0\DR0\Partition1 - ok
15:07:54.0720 1092 [ 0456C8FA46CA6E6F0E71942CBD33B504 ] \Device\Harddisk0\DR0\Partition2
15:07:54.0720 1092 \Device\Harddisk0\DR0\Partition2 - ok
15:07:54.0720 1092 [ A8C47DD70C23F75390CD1EA80AB8A319 ] \Device\Harddisk0\DR0\Partition3
15:07:54.0720 1092 \Device\Harddisk0\DR0\Partition3 - ok
15:07:54.0720 1092 ============================================================
15:07:54.0720 1092 Scan finished
15:07:54.0720 1092 ============================================================
15:07:54.0736 2672 Detected object count: 0
15:07:54.0736 2672 Actual detected object count: 0
|
|
11.04.2013, 14:47
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verdacht auf Schädlinge - OTL-Logfiles JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2013, 16:04
| #15 |
| | Verdacht auf Schädlinge - OTL-Logfiles JRT hat folgendes Logfile erzeugt: JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by XXX on 11.04.2013 at 16:42:09.30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{95b7759c-8c7f-4bf1-b163-73684a933233}
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\scripthelper.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\viprotocol.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{95b7759c-8c7f-4bf1-b163-73684a933233}
~~~ Files
Successfully deleted: [File] "C:\end"
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Users\XXX\AppData\Roaming\mozilla\firefox\profiles\t4kzlgc5.default\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi"
Successfully deleted: [Folder] C:\Users\XXX\AppData\Roaming\mozilla\firefox\profiles\t4kzlgc5.default\jetpack
Successfully deleted the following from C:\Users\XXX\AppData\Roaming\mozilla\firefox\profiles\t4kzlgc5.default\prefs.js
user_pref("extensions.jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.install-event-fired", true);
Emptied folder: C:\Users\XXX\AppData\Roaming\mozilla\firefox\profiles\t4kzlgc5.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.04.2013 at 16:49:54.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Das Tool scheint recht viel gefunden zu haben! Ich fahre nun mit dem adwCleaner fort. Lg Michael72 Das Logfile von adwCleaner lautet: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.200 - Datei am 11/04/2013 um 17:13:02 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : XXX - XXX
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\XXX\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Gelöscht mit Neustart : C:\Program Files (x86)\Common Files\AVG Secure Search
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0 (de)
Datei : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\t4kzlgc5.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v26.0.1410.43
Datei : C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v12.15.1748.0
Datei : C:\Users\XXX\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R2].txt - [4626 octets] - [11/04/2013 17:07:23]
AdwCleaner[S2].txt - [1184 octets] - [11/04/2013 17:13:02]
########## EOF - C:\AdwCleaner[S2].txt - [1244 octets] ##########
Ich fahre nun fort mit OTL. Lg Michael72 |
|
| Themen zu Verdacht auf Schädlinge - OTL-Logfiles |
| 64bit, anbei, andere, anderen, anleitung, avg, destroy, gen, guten, hoffe, hänge, leitung, logfiles, meldungen, posting, programme, richtig, scan, schädlinge, search, spybot, störungen, ultimate, verdacht, virenscan, win, win 7 64bit |
Linear-Darstellung
