System Care Antivir infiziert

Bobo88 · 06.06.2013, 10:46

Hey Leute,

Ich hoffe ihr könnt mir helfen. Meine Freundin hat sich den Virus "System Care Antivirus" eingefangen. Ich habe daraufhin im abgesicherten Modus gestartet und OTL scan gemacht (siehe unten). Hab nichts manuell gelöscht. Was muss ich jetzt tun?
Vielen Dank schon mal für die Hilfe!

LG
Bodo

PS: Hab die OTL in zwei Dateien getrennt, weils sonst zu groß war.

markusg · 06.06.2013, 10:49

Hi,
bitte das nächste mal log packen wenn zu groß

otl fix

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:OTL
O4 - HKU\S-1-5-21-2379488702-3686208569-3012219444-1000..\RunOnce: [906732711E8345AA00009066A20D4876] C:\ProgramData\906732711E8345AA00009066A20D4876\906732711E8345AA00009066A20D4876.exe ()
[2013.06.05 10:32:17 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Care Antivirus
[2013.06.05 10:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\906732711E8345AA00009066A20D4876

:files
:Commands
[emptytemp]

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!

Drücke bitte die

+ E Taste.

Öffne dein Systemlaufwerk ( meistens C: )
Suche nun
folgenden Ordner: _OTL und öffne diesen.
Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner
Dies wird eine Movedfiles.zip Datei in _OTL erstellen
Lade diese bitte in unseren Uploadchannel
hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )

Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

Bobo88 · 06.06.2013, 11:53

Hey,
Danke für die schnelle Antwort!

Habe die Sachen wie angegeben ausgeführt. Hab beim Upload den Link des Themas im Forum (also diese Seite mit meiner Frage und so) angegeben. Hoffe das passt:

"Datei: MovedFiles.zip_1 empfangen
Datei: 06062013_123136.log empfangen

Vorgang erfolgreich abgeschlossen."

Die zweite Datei ist die, die beim Neustart aufgetaucht ist (von OTL). Ich kopiers trotzdem nochmal hier rein (siehe unten).

Was muss ich nun tun? Oder wars das etwa schon?

LG

Hier der Inhalt der log Datei
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2379488702-3686208569-3012219444-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\906732711E8345AA00009066A20D4876 deleted successfully.
C:\ProgramData\906732711E8345AA00009066A20D4876\906732711E8345AA00009066A20D4876.exe moved successfully.
C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Care Antivirus folder moved successfully.
Folder C:\ProgramData\906732711E8345AA00009066A20D4876\ not found.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: Default User

User: hp
->Temp folder emptied: 37330450 bytes
->Temporary Internet Files folder emptied: 20306869 bytes
->Java cache emptied: 142193 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 506 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 235016 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 96836 bytes
RecycleBin emptied: 1386 bytes

Total Files Cleaned = 56,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06062013_123136

Files\Folders moved on Reboot...
C:\Users\hp\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

markusg · 06.06.2013, 11:55

danke fürs hochladen.
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bobo88 · 06.06.2013, 12:03

Schon wieder so schnell, danke

Hier log.file Inhalt nach der Durchführung wie angegeben:

13:00:08.0914 1644 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:00:09.0242 1644 ============================================================
13:00:09.0242 1644 Current date / time: 2013/06/06 13:00:09.0242
13:00:09.0242 1644 SystemInfo:
13:00:09.0242 1644
13:00:09.0242 1644 OS Version: 6.1.7601 ServicePack: 1.0
13:00:09.0242 1644 Product type: Workstation
13:00:09.0242 1644 ComputerName: HP-PC
13:00:09.0242 1644 UserName: hp
13:00:09.0242 1644 Windows directory: C:\Windows
13:00:09.0242 1644 System windows directory: C:\Windows
13:00:09.0242 1644 Running under WOW64
13:00:09.0242 1644 Processor architecture: Intel x64
13:00:09.0242 1644 Number of processors: 4
13:00:09.0242 1644 Page size: 0x1000
13:00:09.0242 1644 Boot type: Normal boot
13:00:09.0242 1644 ============================================================
13:00:10.0724 1644 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:00:10.0740 1644 Drive \Device\Harddisk1\DR1 - Size: 0x3C3FFE00 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:00:10.0740 1644 ============================================================
13:00:10.0740 1644 \Device\Harddisk0\DR0:
13:00:10.0740 1644 MBR partitions:
13:00:10.0740 1644 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:00:10.0740 1644 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23A6D000
13:00:10.0740 1644 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23AD1000, BlocksNum 0x1929800
13:00:10.0740 1644 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
13:00:10.0740 1644 \Device\Harddisk1\DR1:
13:00:10.0740 1644 MBR partitions:
13:00:10.0740 1644 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x1E1FC0
13:00:10.0740 1644 ============================================================
13:00:10.0755 1644 C: <-> \Device\Harddisk0\DR0\Partition2
13:00:10.0802 1644 D: <-> \Device\Harddisk0\DR0\Partition3
13:00:10.0818 1644 E: <-> \Device\Harddisk0\DR0\Partition4
13:00:10.0818 1644 ============================================================
13:00:10.0818 1644 Initialize success
13:00:10.0818 1644 ============================================================
13:00:56.0323 4632 ============================================================
13:00:56.0323 4632 Scan started
13:00:56.0323 4632 Mode: Manual; SigCheck; TDLFS;
13:00:56.0323 4632 ============================================================
13:00:56.0526 4632 ================ Scan system memory ========================
13:00:56.0526 4632 System memory - ok
13:00:56.0526 4632 ================ Scan services =============================
13:00:56.0697 4632 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:00:56.0822 4632 1394ohci - ok
13:00:56.0838 4632 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:00:56.0884 4632 ACPI - ok
13:00:56.0916 4632 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:00:56.0994 4632 AcpiPmi - ok
13:00:57.0072 4632 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:00:57.0087 4632 AdobeARMservice - ok
13:00:57.0196 4632 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:00:57.0228 4632 AdobeFlashPlayerUpdateSvc - ok
13:00:57.0274 4632 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:00:57.0321 4632 adp94xx - ok
13:00:57.0337 4632 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:00:57.0384 4632 adpahci - ok
13:00:57.0399 4632 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:00:57.0430 4632 adpu320 - ok
13:00:57.0446 4632 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:00:57.0540 4632 AeLookupSvc - ok
13:00:57.0602 4632 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:00:57.0618 4632 AERTFilters - ok
13:00:57.0680 4632 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:00:57.0742 4632 AFD - ok
13:00:57.0789 4632 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
13:00:57.0883 4632 AgereSoftModem - ok
13:00:57.0930 4632 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:00:57.0961 4632 agp440 - ok
13:00:57.0992 4632 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:00:58.0023 4632 ALG - ok
13:00:58.0055 4632 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:00:58.0086 4632 aliide - ok
13:00:58.0117 4632 [ 1D317EA326423FF7630CF1DA3BD46A1C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:00:58.0179 4632 AMD External Events Utility - ok
13:00:58.0195 4632 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:00:58.0226 4632 amdide - ok
13:00:58.0242 4632 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:00:58.0289 4632 AmdK8 - ok
13:00:58.0304 4632 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:00:58.0335 4632 AmdPPM - ok
13:00:58.0367 4632 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:00:58.0398 4632 amdsata - ok
13:00:58.0429 4632 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:00:58.0460 4632 amdsbs - ok
13:00:58.0476 4632 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:00:58.0491 4632 amdxata - ok
13:00:58.0538 4632 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:00:58.0647 4632 AppID - ok
13:00:58.0679 4632 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:00:58.0788 4632 AppIDSvc - ok
13:00:58.0819 4632 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
13:00:58.0866 4632 Appinfo - ok
13:00:58.0897 4632 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:00:58.0928 4632 arc - ok
13:00:58.0944 4632 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:00:58.0975 4632 arcsas - ok
13:00:58.0991 4632 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:00:59.0115 4632 AsyncMac - ok
13:00:59.0147 4632 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:00:59.0178 4632 atapi - ok
13:00:59.0287 4632 [ 96ABF88241F90FF647E55C934C55C2F1 ] athr C:\Windows\system32\DRIVERS\athrx.sys
13:00:59.0396 4632 athr - ok
13:00:59.0474 4632 [ D481083348138B4933ACFE95812DB71C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
13:00:59.0505 4632 AtiHdmiService - ok
13:00:59.0677 4632 [ 19B5C61CB09BFF2BD69E063EE54B56C3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:00:59.0895 4632 atikmdag - ok
13:00:59.0958 4632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:01:00.0083 4632 AudioEndpointBuilder - ok
13:01:00.0098 4632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:01:00.0207 4632 AudioSrv - ok
13:01:00.0239 4632 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:01:00.0317 4632 AxInstSV - ok
13:01:00.0363 4632 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:01:00.0426 4632 b06bdrv - ok
13:01:00.0457 4632 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:01:00.0504 4632 b57nd60a - ok
13:01:00.0629 4632 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:01:00.0660 4632 BBSvc - ok
13:01:00.0691 4632 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:01:00.0738 4632 BBUpdate - ok
13:01:00.0769 4632 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:01:00.0800 4632 BDESVC - ok
13:01:00.0831 4632 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:01:00.0941 4632 Beep - ok
13:01:01.0003 4632 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:01:01.0128 4632 BFE - ok
13:01:01.0206 4632 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:01:01.0346 4632 BITS - ok
13:01:01.0393 4632 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:01:01.0424 4632 blbdrive - ok
13:01:01.0471 4632 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:01:01.0518 4632 bowser - ok
13:01:01.0549 4632 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:01:01.0611 4632 BrFiltLo - ok
13:01:01.0611 4632 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:01:01.0674 4632 BrFiltUp - ok
13:01:01.0736 4632 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:01:01.0767 4632 Browser - ok
13:01:01.0830 4632 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:01:01.0877 4632 Brserid - ok
13:01:01.0892 4632 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:01:01.0939 4632 BrSerWdm - ok
13:01:01.0955 4632 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:01:02.0001 4632 BrUsbMdm - ok
13:01:02.0017 4632 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:01:02.0048 4632 BrUsbSer - ok
13:01:02.0111 4632 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:01:02.0173 4632 BthEnum - ok
13:01:02.0220 4632 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:01:02.0282 4632 BTHMODEM - ok
13:01:02.0313 4632 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:01:02.0376 4632 BthPan - ok
13:01:02.0454 4632 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:01:02.0516 4632 BTHPORT - ok
13:01:02.0563 4632 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:01:02.0672 4632 bthserv - ok
13:01:02.0719 4632 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:01:02.0766 4632 BTHUSB - ok
13:01:02.0797 4632 [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
13:01:02.0828 4632 btwaudio - ok
13:01:02.0844 4632 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
13:01:02.0875 4632 btwavdt - ok
13:01:02.0953 4632 [ 31DA517946FFE416442E864592548F8A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:01:03.0000 4632 btwdins - ok
13:01:03.0015 4632 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
13:01:03.0031 4632 btwl2cap - ok
13:01:03.0047 4632 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
13:01:03.0062 4632 btwrchid - ok
13:01:03.0093 4632 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:01:03.0203 4632 cdfs - ok
13:01:03.0265 4632 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:01:03.0312 4632 cdrom - ok
13:01:03.0343 4632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:01:03.0452 4632 CertPropSvc - ok
13:01:03.0483 4632 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:01:03.0530 4632 circlass - ok
13:01:03.0561 4632 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:01:03.0608 4632 CLFS - ok
13:01:03.0671 4632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:01:03.0702 4632 clr_optimization_v2.0.50727_32 - ok
13:01:03.0749 4632 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:01:03.0780 4632 clr_optimization_v2.0.50727_64 - ok
13:01:03.0842 4632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:01:03.0873 4632 clr_optimization_v4.0.30319_32 - ok
13:01:03.0889 4632 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:01:03.0920 4632 clr_optimization_v4.0.30319_64 - ok
13:01:03.0951 4632 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:01:03.0967 4632 CmBatt - ok
13:01:03.0998 4632 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:01:04.0014 4632 cmdide - ok
13:01:04.0076 4632 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:01:04.0139 4632 CNG - ok
13:01:04.0185 4632 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
13:01:04.0217 4632 Com4QLBEx - ok
13:01:04.0248 4632 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:01:04.0279 4632 Compbatt - ok
13:01:04.0310 4632 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:01:04.0357 4632 CompositeBus - ok
13:01:04.0373 4632 COMSysApp - ok
13:01:04.0404 4632 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:01:04.0419 4632 crcdisk - ok
13:01:04.0466 4632 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:01:04.0513 4632 CryptSvc - ok
13:01:04.0591 4632 [ 88123E5A5572405DF6FE56E4A2A95BD4 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
13:01:04.0622 4632 dc3d - ok
13:01:04.0653 4632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:01:04.0778 4632 DcomLaunch - ok
13:01:04.0809 4632 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:01:04.0919 4632 defragsvc - ok
13:01:04.0950 4632 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:01:05.0059 4632 DfsC - ok
13:01:05.0090 4632 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:01:05.0153 4632 Dhcp - ok
13:01:05.0199 4632 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:01:05.0293 4632 discache - ok
13:01:05.0340 4632 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:01:05.0371 4632 Disk - ok
13:01:05.0402 4632 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:01:05.0433 4632 Dnscache - ok
13:01:05.0449 4632 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:01:05.0558 4632 dot3svc - ok
13:01:05.0589 4632 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:01:05.0714 4632 DPS - ok
13:01:05.0745 4632 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:01:05.0792 4632 drmkaud - ok
13:01:05.0839 4632 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:01:05.0870 4632 dtsoftbus01 - ok
13:01:05.0917 4632 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:01:05.0979 4632 DXGKrnl - ok
13:01:06.0042 4632 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:01:06.0151 4632 EapHost - ok
13:01:06.0245 4632 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:01:06.0401 4632 ebdrv - ok
13:01:06.0432 4632 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:01:06.0479 4632 EFS - ok
13:01:06.0525 4632 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:01:06.0572 4632 elxstor - ok
13:01:06.0588 4632 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:01:06.0635 4632 ErrDev - ok
13:01:06.0681 4632 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:01:06.0806 4632 EventSystem - ok
13:01:06.0853 4632 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:01:06.0962 4632 exfat - ok
13:01:06.0993 4632 ezSharedSvc - ok
13:01:07.0009 4632 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:01:07.0118 4632 fastfat - ok
13:01:07.0165 4632 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:01:07.0243 4632 Fax - ok
13:01:07.0274 4632 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:01:07.0321 4632 fdc - ok
13:01:07.0368 4632 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:01:07.0493 4632 fdPHost - ok
13:01:07.0508 4632 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:01:07.0617 4632 FDResPub - ok
13:01:07.0649 4632 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:01:07.0680 4632 FileInfo - ok
13:01:07.0695 4632 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:01:07.0805 4632 Filetrace - ok
13:01:07.0851 4632 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:01:07.0898 4632 FLEXnet Licensing Service - ok
13:01:07.0929 4632 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:01:07.0945 4632 flpydisk - ok
13:01:07.0976 4632 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:01:08.0007 4632 FltMgr - ok
13:01:08.0085 4632 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
13:01:08.0148 4632 FontCache - ok
13:01:08.0195 4632 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:01:08.0210 4632 FontCache3.0.0.0 - ok
13:01:08.0241 4632 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:01:08.0273 4632 FsDepends - ok
13:01:08.0319 4632 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:01:08.0335 4632 Fs_Rec - ok
13:01:08.0397 4632 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:01:08.0429 4632 fvevol - ok
13:01:08.0444 4632 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:01:08.0475 4632 gagp30kx - ok
13:01:08.0538 4632 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
13:01:08.0569 4632 GameConsoleService - ok
13:01:08.0600 4632 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:01:08.0741 4632 gpsvc - ok
13:01:08.0850 4632 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:01:08.0865 4632 gupdate - ok
13:01:08.0881 4632 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:01:08.0897 4632 gupdatem - ok
13:01:08.0943 4632 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:01:08.0959 4632 gusvc - ok
13:01:08.0990 4632 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:01:09.0037 4632 hcw85cir - ok
13:01:09.0084 4632 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:01:09.0131 4632 HdAudAddService - ok
13:01:09.0162 4632 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:01:09.0209 4632 HDAudBus - ok
13:01:09.0255 4632 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:01:09.0271 4632 HECIx64 - ok
13:01:09.0287 4632 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:01:09.0333 4632 HidBatt - ok
13:01:09.0349 4632 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:01:09.0380 4632 HidBth - ok
13:01:09.0411 4632 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:01:09.0458 4632 HidIr - ok
13:01:09.0489 4632 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:01:09.0599 4632 hidserv - ok
13:01:09.0645 4632 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:01:09.0661 4632 HidUsb - ok
13:01:09.0692 4632 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:01:09.0786 4632 hkmsvc - ok
13:01:09.0817 4632 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:01:09.0864 4632 HomeGroupListener - ok
13:01:09.0911 4632 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:01:09.0942 4632 HomeGroupProvider - ok
13:01:10.0020 4632 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:01:10.0035 4632 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
13:01:10.0035 4632 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
13:01:10.0082 4632 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
13:01:10.0113 4632 HpqKbFiltr - ok
13:01:10.0207 4632 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:01:10.0269 4632 hpqwmiex - ok
13:01:10.0301 4632 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:01:10.0332 4632 HpSAMD - ok
13:01:10.0363 4632 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:01:10.0503 4632 HTTP - ok
13:01:10.0519 4632 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:01:10.0550 4632 hwpolicy - ok
13:01:10.0581 4632 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:01:10.0613 4632 i8042prt - ok
13:01:10.0644 4632 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:01:10.0675 4632 iaStor - ok
13:01:10.0706 4632 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:01:10.0753 4632 iaStorV - ok
13:01:10.0800 4632 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:01:10.0862 4632 idsvc - ok
13:01:11.0034 4632 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:01:11.0268 4632 igfx - ok
13:01:11.0315 4632 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:01:11.0346 4632 iirsp - ok
13:01:11.0393 4632 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:01:11.0517 4632 IKEEXT - ok
13:01:11.0642 4632 [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:01:11.0751 4632 IntcAzAudAddService - ok
13:01:11.0767 4632 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:01:11.0798 4632 intelide - ok
13:01:11.0829 4632 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:01:11.0892 4632 intelppm - ok
13:01:11.0923 4632 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:01:12.0017 4632 IPBusEnum - ok
13:01:12.0032 4632 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:01:12.0141 4632 IpFilterDriver - ok
13:01:12.0204 4632 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:01:12.0266 4632 iphlpsvc - ok
13:01:12.0297 4632 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:01:12.0344 4632 IPMIDRV - ok
13:01:12.0391 4632 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:01:12.0500 4632 IPNAT - ok
13:01:12.0531 4632 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:01:12.0578 4632 IRENUM - ok
13:01:12.0609 4632 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:01:12.0641 4632 isapnp - ok
13:01:12.0656 4632 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:01:12.0687 4632 iScsiPrt - ok
13:01:12.0719 4632 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:01:12.0750 4632 kbdclass - ok
13:01:12.0781 4632 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:01:12.0812 4632 kbdhid - ok
13:01:12.0828 4632 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:01:12.0859 4632 KeyIso - ok
13:01:12.0906 4632 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:01:12.0921 4632 KSecDD - ok
13:01:12.0984 4632 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:01:12.0999 4632 KSecPkg - ok
13:01:13.0031 4632 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:01:13.0140 4632 ksthunk - ok
13:01:13.0171 4632 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:01:13.0296 4632 KtmRm - ok
13:01:13.0327 4632 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:01:13.0452 4632 LanmanServer - ok
13:01:13.0499 4632 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:01:13.0608 4632 LanmanWorkstation - ok
13:01:13.0655 4632 [ 0EE66BDF485C6828AA65C0EF5D591133 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:01:13.0686 4632 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
13:01:13.0686 4632 LightScribeService - detected UnsignedFile.Multi.Generic (1)
13:01:13.0733 4632 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:01:13.0842 4632 lltdio - ok
13:01:13.0873 4632 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:01:13.0998 4632 lltdsvc - ok
13:01:14.0029 4632 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:01:14.0123 4632 lmhosts - ok
13:01:14.0201 4632 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:01:14.0232 4632 LMS - ok
13:01:14.0263 4632 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:01:14.0294 4632 LSI_FC - ok
13:01:14.0310 4632 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:01:14.0341 4632 LSI_SAS - ok
13:01:14.0357 4632 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:01:14.0388 4632 LSI_SAS2 - ok
13:01:14.0403 4632 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:01:14.0419 4632 LSI_SCSI - ok
13:01:14.0435 4632 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:01:14.0544 4632 luafv - ok
13:01:14.0575 4632 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:01:14.0591 4632 megasas - ok
13:01:14.0606 4632 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:01:14.0637 4632 MegaSR - ok
13:01:14.0669 4632 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:01:14.0778 4632 MMCSS - ok
13:01:14.0809 4632 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:01:14.0918 4632 Modem - ok
13:01:14.0934 4632 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:01:14.0996 4632 monitor - ok
13:01:15.0043 4632 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:01:15.0074 4632 mouclass - ok
13:01:15.0105 4632 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:01:15.0152 4632 mouhid - ok
13:01:15.0183 4632 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:01:15.0215 4632 mountmgr - ok
13:01:15.0277 4632 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
13:01:15.0308 4632 MpFilter - ok
13:01:15.0339 4632 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:01:15.0371 4632 mpio - ok
13:01:15.0386 4632 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:01:15.0480 4632 mpsdrv - ok
13:01:15.0511 4632 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:01:15.0651 4632 MpsSvc - ok
13:01:15.0667 4632 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:01:15.0729 4632 MRxDAV - ok
13:01:15.0761 4632 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:01:15.0792 4632 mrxsmb - ok
13:01:15.0839 4632 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:01:15.0885 4632 mrxsmb10 - ok
13:01:15.0901 4632 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:01:15.0932 4632 mrxsmb20 - ok
13:01:15.0948 4632 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:01:15.0979 4632 msahci - ok
13:01:15.0995 4632 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:01:16.0026 4632 msdsm - ok
13:01:16.0057 4632 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:01:16.0088 4632 MSDTC - ok
13:01:16.0135 4632 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:01:16.0213 4632 Msfs - ok
13:01:16.0244 4632 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:01:16.0353 4632 mshidkmdf - ok
13:01:16.0385 4632 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:01:16.0400 4632 msisadrv - ok
13:01:16.0431 4632 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:01:16.0541 4632 MSiSCSI - ok
13:01:16.0556 4632 msiserver - ok
13:01:16.0587 4632 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:01:16.0681 4632 MSKSSRV - ok
13:01:16.0743 4632 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:01:16.0775 4632 MsMpSvc - ok
13:01:16.0775 4632 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:01:16.0884 4632 MSPCLOCK - ok
13:01:16.0915 4632 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:01:17.0024 4632 MSPQM - ok
13:01:17.0055 4632 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:01:17.0102 4632 MsRPC - ok
13:01:17.0118 4632 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:01:17.0149 4632 mssmbios - ok
13:01:17.0165 4632 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:01:17.0274 4632 MSTEE - ok
13:01:17.0274 4632 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:01:17.0305 4632 MTConfig - ok
13:01:17.0336 4632 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:01:17.0367 4632 Mup - ok
13:01:17.0399 4632 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:01:17.0508 4632 napagent - ok
13:01:17.0570 4632 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:01:17.0633 4632 NativeWifiP - ok
13:01:17.0726 4632 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:01:17.0789 4632 NDIS - ok
13:01:17.0804 4632 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:01:17.0898 4632 NdisCap - ok
13:01:17.0929 4632 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:01:18.0038 4632 NdisTapi - ok
13:01:18.0069 4632 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:01:18.0163 4632 Ndisuio - ok
13:01:18.0179 4632 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:01:18.0288 4632 NdisWan - ok
13:01:18.0319 4632 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:01:18.0428 4632 NDProxy - ok
13:01:18.0459 4632 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:01:18.0569 4632 NetBIOS - ok
13:01:18.0600 4632 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:01:18.0709 4632 NetBT - ok
13:01:18.0756 4632 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:01:18.0771 4632 Netlogon - ok
13:01:18.0803 4632 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:01:18.0927 4632 Netman - ok
13:01:18.0959 4632 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:01:19.0083 4632 netprofm - ok
13:01:19.0115 4632 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:01:19.0146 4632 NetTcpPortSharing - ok
13:01:19.0302 4632 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
13:01:19.0505 4632 netw5v64 - ok
13:01:19.0551 4632 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:01:19.0567 4632 nfrd960 - ok
13:01:19.0614 4632 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:01:19.0645 4632 NisDrv - ok
13:01:19.0692 4632 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
13:01:19.0739 4632 NisSrv - ok
13:01:19.0785 4632 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:01:19.0832 4632 NlaSvc - ok
13:01:19.0863 4632 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:01:19.0957 4632 Npfs - ok
13:01:19.0973 4632 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:01:20.0082 4632 nsi - ok
13:01:20.0113 4632 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:01:20.0222 4632 nsiproxy - ok
13:01:20.0300 4632 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:01:20.0409 4632 Ntfs - ok
13:01:20.0472 4632 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
13:01:20.0487 4632 NuidFltr - ok
13:01:20.0519 4632 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:01:20.0628 4632 Null - ok
13:01:20.0675 4632 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:01:20.0706 4632 nvraid - ok
13:01:20.0721 4632 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:01:20.0753 4632 nvstor - ok
13:01:20.0784 4632 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:01:20.0815 4632 nv_agp - ok
13:01:20.0831 4632 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:01:20.0846 4632 ohci1394 - ok
13:01:20.0924 4632 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:01:20.0940 4632 ose - ok
13:01:21.0111 4632 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:01:21.0361 4632 osppsvc - ok
13:01:21.0408 4632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:01:21.0455 4632 p2pimsvc - ok
13:01:21.0501 4632 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:01:21.0564 4632 p2psvc - ok
13:01:21.0595 4632 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:01:21.0626 4632 Parport - ok
13:01:21.0673 4632 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:01:21.0689 4632 partmgr - ok
13:01:21.0720 4632 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:01:21.0782 4632 PcaSvc - ok
13:01:21.0813 4632 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:01:21.0845 4632 pci - ok
13:01:21.0860 4632 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:01:21.0876 4632 pciide - ok
13:01:21.0891 4632 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:01:21.0923 4632 pcmcia - ok
13:01:21.0938 4632 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:01:21.0969 4632 pcw - ok
13:01:21.0985 4632 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:01:22.0094 4632 PEAUTH - ok
13:01:22.0172 4632 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:01:22.0219 4632 PerfHost - ok
13:01:22.0281 4632 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:01:22.0437 4632 pla - ok
13:01:22.0484 4632 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:01:22.0547 4632 PlugPlay - ok
13:01:22.0578 4632 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:01:22.0625 4632 PNRPAutoReg - ok
13:01:22.0656 4632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:01:22.0687 4632 PNRPsvc - ok
13:01:22.0734 4632 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
13:01:22.0749 4632 Point64 - ok
13:01:22.0796 4632 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:01:22.0921 4632 PolicyAgent - ok
13:01:22.0952 4632 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:01:23.0077 4632 Power - ok
13:01:23.0124 4632 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:01:23.0233 4632 PptpMiniport - ok
13:01:23.0264 4632 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:01:23.0311 4632 Processor - ok
13:01:23.0342 4632 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:01:23.0389 4632 ProfSvc - ok
13:01:23.0420 4632 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:01:23.0436 4632 ProtectedStorage - ok
13:01:23.0467 4632 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:01:23.0576 4632 Psched - ok
13:01:23.0639 4632 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:01:23.0732 4632 ql2300 - ok
13:01:23.0763 4632 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:01:23.0795 4632 ql40xx - ok
13:01:23.0826 4632 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:01:23.0873 4632 QWAVE - ok
13:01:23.0888 4632 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:01:23.0935 4632 QWAVEdrv - ok
13:01:23.0966 4632 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:01:24.0044 4632 RasAcd - ok
13:01:24.0075 4632 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:01:24.0169 4632 RasAgileVpn - ok
13:01:24.0185 4632 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:01:24.0294 4632 RasAuto - ok
13:01:24.0325 4632 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:01:24.0434 4632 Rasl2tp - ok
13:01:24.0465 4632 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:01:24.0575 4632 RasMan - ok
13:01:24.0590 4632 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:01:24.0699 4632 RasPppoe - ok
13:01:24.0731 4632 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:01:24.0840 4632 RasSstp - ok
13:01:24.0871 4632 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:01:24.0980 4632 rdbss - ok
13:01:24.0996 4632 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:01:25.0058 4632 rdpbus - ok
13:01:25.0074 4632 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:01:25.0183 4632 RDPCDD - ok
13:01:25.0230 4632 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:01:25.0323 4632 RDPENCDD - ok
13:01:25.0339 4632 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:01:25.0433 4632 RDPREFMP - ok
13:01:25.0464 4632 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:01:25.0495 4632 RDPWD - ok
13:01:25.0526 4632 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:01:25.0573 4632 rdyboost - ok
13:01:25.0589 4632 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:01:25.0713 4632 RemoteAccess - ok
13:01:25.0745 4632 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:01:25.0854 4632 RemoteRegistry - ok
13:01:25.0901 4632 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:01:25.0963 4632 RFCOMM - ok
13:01:26.0041 4632 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
13:01:26.0072 4632 RichVideo - ok
13:01:26.0072 4632 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:01:26.0181 4632 RpcEptMapper - ok
13:01:26.0228 4632 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:01:26.0259 4632 RpcLocator - ok
13:01:26.0306 4632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:01:26.0400 4632 RpcSs - ok
13:01:26.0431 4632 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:01:26.0540 4632 rspndr - ok
13:01:26.0603 4632 [ 483DF0B58CA532E5240E59DC41F30AA2 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
13:01:26.0618 4632 RSUSBSTOR - ok
13:01:26.0649 4632 [ FE61B0B4AA58C3BD3DFA6279131F7F53 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:01:26.0696 4632 RTL8167 - ok
13:01:26.0774 4632 [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
13:01:26.0790 4632 RtVOsdService ( UnsignedFile.Multi.Generic ) - warning
13:01:26.0790 4632 RtVOsdService - detected UnsignedFile.Multi.Generic (1)
13:01:26.0805 4632 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:01:26.0821 4632 SamSs - ok
13:01:26.0852 4632 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:01:26.0883 4632 sbp2port - ok
13:01:26.0915 4632 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:01:27.0024 4632 SCardSvr - ok
13:01:27.0055 4632 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:01:27.0164 4632 scfilter - ok
13:01:27.0211 4632 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:01:27.0351 4632 Schedule - ok
13:01:27.0383 4632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:01:27.0476 4632 SCPolicySvc - ok
13:01:27.0523 4632 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
13:01:27.0554 4632 sdbus - ok
13:01:27.0585 4632 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:01:27.0617 4632 SDRSVC - ok
13:01:27.0663 4632 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:01:27.0773 4632 secdrv - ok
13:01:27.0788 4632 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:01:27.0897 4632 seclogon - ok
13:01:27.0944 4632 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:01:28.0053 4632 SENS - ok
13:01:28.0085 4632 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:01:28.0116 4632 SensrSvc - ok
13:01:28.0131 4632 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:01:28.0147 4632 Serenum - ok
13:01:28.0163 4632 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:01:28.0194 4632 Serial - ok
13:01:28.0209 4632 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:01:28.0256 4632 sermouse - ok
13:01:28.0303 4632 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:01:28.0412 4632 SessionEnv - ok
13:01:28.0443 4632 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:01:28.0490 4632 sffdisk - ok
13:01:28.0521 4632 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:01:28.0568 4632 sffp_mmc - ok
13:01:28.0599 4632 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:01:28.0646 4632 sffp_sd - ok
13:01:28.0677 4632 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:01:28.0709 4632 sfloppy - ok
13:01:28.0740 4632 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:01:28.0865 4632 SharedAccess - ok
13:01:28.0896 4632 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:01:29.0021 4632 ShellHWDetection - ok
13:01:29.0052 4632 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:01:29.0067 4632 SiSRaid2 - ok
13:01:29.0083 4632 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:01:29.0114 4632 SiSRaid4 - ok
13:01:29.0161 4632 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:01:29.0192 4632 SkypeUpdate - ok
13:01:29.0208 4632 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:01:29.0317 4632 Smb - ok
13:01:29.0364 4632 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:01:29.0411 4632 SNMPTRAP - ok
13:01:29.0426 4632 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:01:29.0457 4632 spldr - ok
13:01:29.0504 4632 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:01:29.0551 4632 Spooler - ok
13:01:29.0645 4632 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:01:29.0863 4632 sppsvc - ok
13:01:29.0894 4632 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:01:30.0003 4632 sppuinotify - ok
13:01:30.0050 4632 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:01:30.0097 4632 srv - ok
13:01:30.0128 4632 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:01:30.0175 4632 srv2 - ok
13:01:30.0222 4632 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:01:30.0253 4632 SrvHsfHDA - ok
13:01:30.0300 4632 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:01:30.0393 4632 SrvHsfV92 - ok
13:01:30.0425 4632 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:01:30.0471 4632 SrvHsfWinac - ok
13:01:30.0503 4632 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:01:30.0534 4632 srvnet - ok
13:01:30.0565 4632 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:01:30.0674 4632 SSDPSRV - ok
13:01:30.0690 4632 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:01:30.0783 4632 SstpSvc - ok
13:01:30.0815 4632 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:01:30.0846 4632 stexstor - ok
13:01:30.0877 4632 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:01:30.0955 4632 stisvc - ok
13:01:30.0986 4632 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:01:31.0002 4632 swenum - ok
13:01:31.0049 4632 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:01:31.0173 4632 swprv - ok
13:01:31.0283 4632 [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:01:31.0361 4632 SynTP - ok
13:01:31.0423 4632 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:01:31.0532 4632 SysMain - ok
13:01:31.0563 4632 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:01:31.0610 4632 TabletInputService - ok
13:01:31.0641 4632 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:01:31.0751 4632 TapiSrv - ok
13:01:31.0782 4632 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:01:31.0875 4632 TBS - ok
13:01:31.0953 4632 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:01:32.0063 4632 Tcpip - ok
13:01:32.0109 4632 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:01:32.0203 4632 TCPIP6 - ok
13:01:32.0265 4632 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:01:32.0281 4632 tcpipreg - ok
13:01:32.0312 4632 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:01:32.0343 4632 TDPIPE - ok
13:01:32.0375 4632 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:01:32.0421 4632 TDTCP - ok
13:01:32.0453 4632 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:01:32.0546 4632 tdx - ok
13:01:32.0562 4632 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:01:32.0593 4632 TermDD - ok
13:01:32.0624 4632 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:01:32.0749 4632 TermService - ok
13:01:32.0780 4632 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:01:32.0827 4632 Themes - ok
13:01:32.0843 4632 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:01:32.0936 4632 THREADORDER - ok
13:01:32.0952 4632 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:01:33.0061 4632 TrkWks - ok
13:01:33.0108 4632 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:01:33.0233 4632 TrustedInstaller - ok
13:01:33.0248 4632 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:01:33.0357 4632 tssecsrv - ok
13:01:33.0389 4632 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:01:33.0435 4632 TsUsbFlt - ok
13:01:33.0482 4632 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:01:33.0576 4632 tunnel - ok
13:01:33.0591 4632 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:01:33.0623 4632 uagp35 - ok
13:01:33.0654 4632 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:01:33.0747 4632 udfs - ok
13:01:33.0794 4632 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:01:33.0825 4632 UI0Detect - ok
13:01:33.0841 4632 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:01:33.0872 4632 uliagpkx - ok
13:01:33.0903 4632 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:01:33.0935 4632 umbus - ok
13:01:33.0950 4632 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:01:33.0997 4632 UmPass - ok
13:01:34.0091 4632 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:01:34.0215 4632 UNS - ok
13:01:34.0262 4632 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:01:34.0371 4632 upnphost - ok
13:01:34.0403 4632 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:01:34.0434 4632 usbccgp - ok
13:01:34.0465 4632 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:01:34.0512 4632 usbcir - ok
13:01:34.0543 4632 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:01:34.0590 4632 usbehci - ok
13:01:34.0621 4632 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:01:34.0668 4632 usbhub - ok
13:01:34.0699 4632 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:01:34.0746 4632 usbohci - ok
13:01:34.0777 4632 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:01:34.0808 4632 usbprint - ok
13:01:34.0839 4632 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:01:34.0886 4632 USBSTOR - ok
13:01:34.0902 4632 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:01:34.0949 4632 usbuhci - ok
13:01:34.0964 4632 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:01:35.0011 4632 usbvideo - ok
13:01:35.0027 4632 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:01:35.0136 4632 UxSms - ok
13:01:35.0167 4632 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:01:35.0198 4632 VaultSvc - ok
13:01:35.0229 4632 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:01:35.0245 4632 vdrvroot - ok
13:01:35.0292 4632 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:01:35.0417 4632 vds - ok
13:01:35.0432 4632 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:01:35.0479 4632 vga - ok
13:01:35.0495 4632 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:01:35.0604 4632 VgaSave - ok
13:01:35.0635 4632 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:01:35.0666 4632 vhdmp - ok
13:01:35.0682 4632 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:01:35.0697 4632 viaide - ok
13:01:35.0729 4632 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:01:35.0760 4632 volmgr - ok
13:01:35.0791 4632 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:01:35.0838 4632 volmgrx - ok
13:01:35.0853 4632 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:01:35.0885 4632 volsnap - ok
13:01:35.0900 4632 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:01:35.0931 4632 vsmraid - ok
13:01:35.0994 4632 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:01:36.0134 4632 VSS - ok
13:01:36.0165 4632 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:01:36.0212 4632 vwifibus - ok
13:01:36.0228 4632 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:01:36.0290 4632 vwififlt - ok
13:01:36.0337 4632 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:01:36.0431 4632 W32Time - ok
13:01:36.0462 4632 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:01:36.0509 4632 WacomPen - ok
13:01:36.0540 4632 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:01:36.0649 4632 WANARP - ok
13:01:36.0649 4632 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:01:36.0743 4632 Wanarpv6 - ok
13:01:36.0821 4632 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:01:36.0914 4632 wbengine - ok
13:01:36.0945 4632 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:01:36.0992 4632 WbioSrvc - ok
13:01:37.0008 4632 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:01:37.0070 4632 wcncsvc - ok
13:01:37.0086 4632 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:01:37.0133 4632 WcsPlugInService - ok
13:01:37.0164 4632 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:01:37.0179 4632 Wd - ok
13:01:37.0226 4632 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:01:37.0289 4632 Wdf01000 - ok
13:01:37.0304 4632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:01:37.0367 4632 WdiServiceHost - ok
13:01:37.0382 4632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:01:37.0429 4632 WdiSystemHost - ok
13:01:37.0445 4632 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:01:37.0507 4632 WebClient - ok
13:01:37.0538 4632 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:01:37.0632 4632 Wecsvc - ok
13:01:37.0647 4632 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:01:37.0757 4632 wercplsupport - ok
13:01:37.0788 4632 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:01:37.0897 4632 WerSvc - ok
13:01:37.0913 4632 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:01:38.0006 4632 WfpLwf - ok
13:01:38.0037 4632 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:01:38.0069 4632 WIMMount - ok
13:01:38.0084 4632 WinDefend - ok
13:01:38.0100 4632 WinHttpAutoProxySvc - ok
13:01:38.0147 4632 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:01:38.0271 4632 Winmgmt - ok
13:01:38.0334 4632 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:01:38.0505 4632 WinRM - ok
13:01:38.0599 4632 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:01:38.0646 4632 WinUsb - ok
13:01:38.0708 4632 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:01:38.0786 4632 Wlansvc - ok
13:01:38.0942 4632 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:01:39.0051 4632 wlidsvc - ok
13:01:39.0083 4632 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:01:39.0129 4632 WmiAcpi - ok
13:01:39.0176 4632 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:01:39.0223 4632 wmiApSrv - ok
13:01:39.0254 4632 WMPNetworkSvc - ok
13:01:39.0270 4632 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:01:39.0301 4632 WPCSvc - ok
13:01:39.0332 4632 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:01:39.0363 4632 WPDBusEnum - ok
13:01:39.0395 4632 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:01:39.0488 4632 ws2ifsl - ok
13:01:39.0519 4632 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:01:39.0566 4632 wscsvc - ok
13:01:39.0566 4632 WSearch - ok
13:01:39.0660 4632 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:01:39.0800 4632 wuauserv - ok
13:01:39.0831 4632 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:01:39.0878 4632 WudfPf - ok
13:01:39.0941 4632 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:01:39.0987 4632 WUDFRd - ok
13:01:40.0019 4632 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:01:40.0065 4632 wudfsvc - ok
13:01:40.0097 4632 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:01:40.0143 4632 WwanSvc - ok
13:01:40.0190 4632 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
13:01:40.0237 4632 yukonw7 - ok
13:01:40.0268 4632 ================ Scan global ===============================
13:01:40.0284 4632 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:01:40.0331 4632 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:01:40.0346 4632 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:01:40.0362 4632 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:01:40.0393 4632 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:01:40.0393 4632 [Global] - ok
13:01:40.0393 4632 ================ Scan MBR ==================================
13:01:40.0409 4632 [ 8BECF317634D68B739C5F8191DE134C7 ] \Device\Harddisk0\DR0
13:01:40.0689 4632 \Device\Harddisk0\DR0 - ok
13:01:40.0689 4632 [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR1
13:01:45.0385 4632 \Device\Harddisk1\DR1 - ok
13:01:45.0385 4632 ================ Scan VBR ==================================
13:01:45.0385 4632 [ 4D100EC0C1E4ADA94A8FE399D3E46814 ] \Device\Harddisk0\DR0\Partition1
13:01:45.0385 4632 \Device\Harddisk0\DR0\Partition1 - ok
13:01:45.0416 4632 [ 6A568F3CE46E2B175A663BCC75F64BEF ] \Device\Harddisk0\DR0\Partition2
13:01:45.0416 4632 \Device\Harddisk0\DR0\Partition2 - ok
13:01:45.0447 4632 [ 2A9B4C42B967ADACF0B533825B45CDF5 ] \Device\Harddisk0\DR0\Partition3
13:01:45.0447 4632 \Device\Harddisk0\DR0\Partition3 - ok
13:01:45.0463 4632 [ A4932939C9156AC699F637CB195B1CCC ] \Device\Harddisk0\DR0\Partition4
13:01:45.0463 4632 \Device\Harddisk0\DR0\Partition4 - ok
13:01:45.0463 4632 [ 064B27EFE542252EB03C9175E1034F75 ] \Device\Harddisk1\DR1\Partition1
13:01:45.0479 4632 \Device\Harddisk1\DR1\Partition1 - ok
13:01:45.0479 4632 ============================================================
13:01:45.0479 4632 Scan finished
13:01:45.0479 4632 ============================================================
13:01:45.0494 2812 Detected object count: 3
13:01:45.0494 2812 Actual detected object count: 3
13:02:00.0969 2812 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:02:00.0969 2812 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:02:00.0969 2812 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
13:02:00.0969 2812 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:02:00.0985 2812 RtVOsdService ( UnsignedFile.Multi.Generic ) - skipped by user
13:02:00.0985 2812 RtVOsdService ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 06.06.2013, 12:07

bin bald offline, bis heute abend, und dann ab morgen bis sonnabend. das nur als Info.
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Bobo88 · 06.06.2013, 12:50

Habs wieder wie angegeben durchgeführt. nach einem neustart war der ordner combofix aber leer und die txt datei verschwunden :S ausserdem funktioniert der internet explorer nicht mehr. bin jetzt mit chrome drin.

was nun? nochmal machen?

markusg · 08.06.2013, 16:26

ja machs noch mal und schau, wie weits läuft.

Bobo88 · 09.06.2013, 07:45

Okay, ich setz mich dann heut aben wieder dran

markusg · 09.06.2013, 17:32

lass bitte solche zwischenposts weg, danke

Bobo88 · 10.06.2013, 07:57

Danke für deine andauernde Hilfe!

So, habs jetzt nochmal gemacht - hier der Inhalt:

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-06-05.05 - hp 10.06.2013   8:35.2.4 - x64
Microsoft Windows 7 Home Basic   6.1.7601.1.1254.90.1033.18.2998.1868 [GMT 2:00]
Running from: c:\users\hp\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-10 to 2013-06-10  )))))))))))))))))))))))))))))))
.
.
2013-06-10 06:45 . 2013-06-10 06:45	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-06 10:31 . 2013-06-06 10:40	--------	d-----w-	C:\_OTL
2013-05-21 21:52 . 2013-05-21 21:52	964552	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2819299B-B279-4E1E-945B-F1772B18D41B}\gapaengine.dll
2013-05-15 06:39 . 2013-04-10 06:01	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 06:39 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 06:39 . 2011-02-03 11:25	144384	----a-w-	c:\windows\system32\cdd.dll
2013-05-15 06:38 . 2013-02-27 05:52	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-05-15 06:38 . 2013-02-27 05:52	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-05-15 06:38 . 2013-02-27 05:48	1930752	----a-w-	c:\windows\system32\authui.dll
2013-05-15 06:38 . 2013-02-27 06:02	111448	----a-w-	c:\windows\system32\consent.exe
2013-05-15 06:38 . 2013-02-27 04:49	1796096	----a-w-	c:\windows\SysWow64\authui.dll
2013-05-15 06:38 . 2013-02-27 05:47	70144	----a-w-	c:\windows\system32\appinfo.dll
2013-05-15 06:38 . 2013-03-19 05:53	48640	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-05-15 06:38 . 2013-03-19 05:53	230400	----a-w-	c:\windows\system32\wwansvc.dll
2013-05-15 06:38 . 2013-04-10 03:30	3153920	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 18:55 . 2012-05-15 18:02	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 18:55 . 2012-05-15 18:02	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 07:04 . 2013-04-15 09:42	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-09 15:59 . 2011-03-28 16:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:29 . 2011-12-27 14:06	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-24 20:17 . 2012-03-31 13:50	905296	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-04-13 05:49 . 2013-05-15 06:38	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 06:38	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 06:38	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 06:38	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 06:38	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 06:38	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 20:11	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-05 12:36 . 2013-04-05 12:36	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-05 12:36 . 2013-04-05 12:36	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-05 12:36 . 2013-04-05 12:36	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-05 12:36 . 2013-04-05 12:36	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-05 12:36 . 2013-04-05 12:36	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-05 12:36 . 2013-04-05 12:36	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-05 12:36 . 2013-04-05 12:36	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-05 12:36 . 2013-04-05 12:36	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-05 12:36 . 2013-04-05 12:36	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-05 12:36 . 2013-04-05 12:36	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-05 12:36 . 2013-04-05 12:36	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-05 12:36 . 2013-04-05 12:36	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-05 12:36 . 2013-04-05 12:36	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-05 12:36 . 2013-04-05 12:36	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-05 12:36 . 2013-04-05 12:36	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-05 12:36 . 2013-04-05 12:36	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-05 12:36 . 2013-04-05 12:36	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-05 12:36 . 2013-04-05 12:36	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-05 12:36 . 2013-04-05 12:36	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-05 12:36 . 2013-04-05 12:36	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-05 12:36 . 2013-04-05 12:36	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-05 12:36 . 2013-04-05 12:36	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-05 12:36 . 2013-04-05 12:36	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-05 12:36 . 2013-04-05 12:36	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-05 12:36 . 2013-04-05 12:36	441856	----a-w-	c:\windows\system32\html.iec
2013-04-05 12:36 . 2013-04-05 12:36	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-05 12:36 . 2013-04-05 12:36	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-05 12:36 . 2013-04-05 12:36	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-05 12:36 . 2013-04-05 12:36	235008	----a-w-	c:\windows\system32\url.dll
2013-04-05 12:36 . 2013-04-05 12:36	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-05 12:36 . 2013-04-05 12:36	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-05 12:36 . 2013-04-05 12:36	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-05 12:36 . 2013-04-05 12:36	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-05 12:36 . 2013-04-05 12:36	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-05 12:36 . 2013-04-05 12:36	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-05 12:36 . 2013-04-05 12:36	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-05 12:36 . 2013-04-05 12:36	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-05 12:36 . 2013-04-05 12:36	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-05 12:36 . 2013-04-05 12:36	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-05 12:36 . 2013-04-05 12:36	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-05 12:36 . 2013-04-05 12:36	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-05 12:36 . 2013-04-05 12:36	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-05 12:36 . 2013-04-05 12:36	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-05 12:36 . 2013-04-05 12:36	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-05 12:36 . 2013-04-05 12:36	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-05 12:36 . 2013-04-05 12:36	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-05 12:36 . 2013-04-05 12:36	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-05 12:36 . 2013-04-05 12:36	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-05 12:36 . 2013-04-05 12:36	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-05 12:32 . 2013-04-05 12:32	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-04-05 12:32 . 2013-04-05 12:32	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-05 12:32 . 2013-04-05 12:32	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-04-05 12:32 . 2013-04-05 12:32	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-04-05 12:32 . 2013-04-05 12:32	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-04-05 12:32 . 2013-04-05 12:32	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-04-05 12:32 . 2013-04-05 12:32	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-04-05 12:32 . 2013-04-05 12:32	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-04-05 12:32 . 2013-04-05 12:32	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-04-05 12:32 . 2013-04-05 12:32	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-04-05 12:32 . 2013-04-05 12:32	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-04-05 12:32 . 2013-04-05 12:32	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-04-05 12:32 . 2013-04-05 12:32	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-04-05 12:32 . 2013-04-05 12:32	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-04-05 12:32 . 2013-04-05 12:32	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-04-05 12:32 . 2013-04-05 12:32	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-04-05 12:32 . 2013-04-05 12:32	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-04-05 12:32 . 2013-04-05 12:32	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-04-05 12:32 . 2013-04-05 12:32	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-04-05 12:32 . 2013-04-05 12:32	1504768	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-04-05 12:32 . 2013-04-05 12:32	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	130736	----a-w-	c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	130736	----a-w-	c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	130736	----a-w-	c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-24 98304]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464]
.
c:\users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 10:49	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 10:35	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-15 18:55]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09 16:07]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09 16:07]
.
2013-06-04 c:\windows\Tasks\HPCeeScheduleForhp.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 19:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	164016	----a-w-	c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	164016	----a-w-	c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	164016	----a-w-	c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	164016	----a-w-	c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-19 6489704]
"RtkOSD"="c:\program files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" [2009-10-13 995840]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com.tr/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Microsoft Excel'e &Ver - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 212.186.211.21 195.34.133.21
TCP: Interfaces\{058457B4-4B9B-45FF-85B0-B4EE7DE2B9D0}: NameServer = 4.2.2.2,4.2.2.1
TCP: Interfaces\{058457B4-4B9B-45FF-85B0-B4EE7DE2B9D0}\550534031333836333: NameServer = 4.2.2.2,4.2.2.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-10  08:49:06
ComboFix-quarantined-files.txt  2013-06-10 06:49
ComboFix2.txt  2013-06-06 11:39
.
Pre-Run: 162.562.183.168 bytes free
Post-Run: 162.493.198.336 bytes free
.
- - End Of File - - 8197A721A3B29AE2FE911C5794C500AE

--- --- ---

markusg · 10.06.2013, 09:37

Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Bobo88 · 10.06.2013, 16:03

Bei den zu entfernenden Dateien war nur eine Datei im OTL-Ordner (movedfiles.zip).

Hier das was im bericht stand:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
hp :: HP-PC [Administrator]

10.06.2013 15:30:18
mbam-log-2013-06-10 (15-30-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 441174
Laufzeit: 1 Stunde(n), 24 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\_OTL\MovedFiles.zip (Malware.Packer.RRE) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

markusg · 10.06.2013, 17:49

Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Bobo88 · 11.06.2013, 07:23

Hier die Liste von CCleaner:

Adobe AIR Adobe Systems Incorporated 31.12.2011 3.1.0.4880
NOTWENDIG

Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 15.05.2013 6,00 MB 11.7.700.202
NOTWENDIG

Adobe Reader X (10.1.1) Adobe Systems Incorporated 31.12.2011 114 MB 10.1.1
NOTWENDIG

Atheros Driver Installation Program Atheros 19.06.2012 9.0
UNBEKANNT

ATI Catalyst Install Manager ATI Technologies, Inc. 11.02.2010 22,1 MB 3.0.754.0
NOTWENDIG

Auslogics Disk Defrag Auslogics Software Pty Ltd 15.01.2013 18,7 MB 3.6
NOTWENDIG

Bing Bar Microsoft Corporation 31.12.2011 26,8 MB 7.0.850.0
UNNÖTIG

CCleaner Piriform 19.12.2012 3.26
NOTWENDIG

Coniuno (2.0.3) 09.10.2012
UNNÖTIG

CyberLink DVD Suite CyberLink Corp. 11.02.2010 37,3 MB 7.0.2216
NOTWENDIG

CyberLink MediaShow CyberLink Corp. 11.02.2010 352 MB 4.1.3419
UNNÖTIG

CyberLink PowerDVD 8 CyberLink Corp. 11.02.2010 111 MB 8.0.1.1110
NOTWENDIG

CyberLink YouCam CyberLink Corp. 11.02.2010 136 MB 3.0.2201
NOTWENDIG

DAEMON Tools Lite DT Soft Ltd 31.12.2011 4.45.1.0236
UNNÖTIG

Dropbox Dropbox, Inc. 29.05.2013 2.0.22
NOTWENDIG

Google Chrome Google Inc. 23.05.2013 27.0.1453.110
NOTWENDIG (INTERNET EXPLORER FUNKTIONIERT NICHT MEHR)

Google Toolbar for Internet Explorer Google Inc. 09.05.2013 7.4.3607.2246
NOTWENDIG

HP Advisor Hewlett-Packard 11.02.2010 50,0 MB 3.3.9512.3162
UNBEKANNT

HP Games WildTangent 11.02.2010 1.0.0.71
UNNÖTIG

HP Integrated Module with Bluetooth wireless technology Broadcom Corporation 11.02.2010 144 MB 6.2.1.500
NOTWENDIG

HP Quick Launch Buttons Hewlett-Packard Company 12.12.2012 6.50.13.1
NOTWENDIG

HP Setup Hewlett-Packard 11.02.2010 1.2.3560.3170
UNBEKANNT

HP Support Assistant Hewlett-Packard Company 05.12.2012 91,5 MB 7.0.39.15
UNBEKANNT

HP Update Hewlett-Packard 11.02.2010 2,96 MB 5.001.000.014
UNBEKANNT

HP User Guides Hewlett-Packard 11.02.2010 143 MB 1.01.0000
UNBEKANNT

HP Wireless Assistant Hewlett-Packard 11.02.2010 3,87 MB 3.50.9.1
NOTWENDIG

Intel(R) Management Engine Components Intel Corporation 28.12.2011 6.0.0.1179
UNBEKANNT

Intel® Matrix Storage Manager Intel Corporation 11.02.2010
UNBEKANNT

Java 7 Update 17 Oracle 18.03.2013 129 MB 7.0.170
UNBEKANNT

Java(TM) 6 Update 17 (64-bit) Sun Microsystems, Inc. 11.02.2010 90,8 MB 6.0.170
UNBEKANNT

Java(TM) 6 Update 22 Oracle 12.01.2013 97,0 MB 6.0.220
UNBEKANNT

LabelPrint CyberLink Corp. 11.02.2010 280 MB 2.5.2215
UNBEKANNT

LightScribe System Software LightScribe 11.02.2010 23,9 MB 1.18.9.1
UNBEKANNT

Magic Desktop EasyBits Software AS 11.02.2010
UNBEKANNT

Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 10.06.2013 19,2 MB 1.75.0.1300
UNNÖTIG

Microsoft .NET Framework 4 Client Profile Microsoft Corporation 01.01.2012 38,8 MB 4.0.30319
UNBEKANNT

Microsoft IntelliPoint 8.2 Microsoft Corporation 21.06.2012 8.20.468.0
UNBEKANNT

Microsoft Office Professional 2010 Microsoft Corporation 16.01.2013 14.0.6029.1000
NOTWENDIG

Microsoft Office Suite Activation Assistant Microsoft Corporation 11.02.2010 8,36 MB 2.9
UNBEKANNT

Microsoft Security Essentials Microsoft Corporation 01.03.2013 4.2.223.1
NOTWENDIG

Microsoft Silverlight Microsoft Corporation 13.03.2013 50,6 MB 5.1.20125.0
UNBEKANNT

Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 27.12.2011 1,72 MB 3.1.0000
UNBEKANNT

Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 31.12.2011 300 KB 8.0.61001
UNBEKANNT

Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 19.06.2012 700 KB 8.0.61000
UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 16.06.2012 252 KB 9.0.30729
UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 11.02.2010 788 KB 9.0.30729.4148
UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 31.12.2011 788 KB 9.0.30729.6161
UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 11.02.2010 596 KB 9.0.30729.4148
UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 31.12.2011 600 KB 9.0.30729.6161
UNBEKANNT

Microsoft Works Microsoft Corporation 31.12.2011 262 MB 08.05.0818
UNBEKANNT

MSXML 4.0 SP2 (KB954430) Microsoft Corporation 31.12.2011 1,27 MB 4.20.9870.0
UNBEKANNT

MSXML 4.0 SP2 (KB973688) Microsoft Corporation 31.12.2011 1,33 MB 4.20.9876.0
UNBEKANNT

muvee Reveal muvee Technologies Pte Ltd 11.02.2010 157 MB 7.0.43.11502
UNBEKANNT

Power2Go CyberLink Corp. 11.02.2010 199 MB 6.0.3415
UNBEKANNT

PowerDirector CyberLink Corp. 11.02.2010 547 MB 7.0.3420
UNBEKANNT

Realtek Ethernet Controller Driver For Windows Vista and Later Realtek 11.02.2010 1.00.0011
NOTWENDIG

Realtek High Definition Audio Driver Realtek Semiconductor Corp. 19.06.2012 6.0.1.6206
NOTWENDIG

Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 11.02.2010 6.1.7600.30105
NOTWENDIG

RtVOsd Realtek Semiconductor Corp. 19.06.2012 1,53 MB 1.0.6
NOTWENDIG

Skype™ 6.1 Skype Technologies S.A. 05.03.2013 21,1 MB 6.1.129
NOTWENDIG

Synaptics Pointing Device Driver Synaptics Incorporated 19.06.2012 46,4 MB 15.1.6.64
UNBEKANNT

UPC Install Master UPC Telekabel GmbH 07.02.2013 20,6 MB 1.1.0.22
UNNÖTIG

VLC media player 2.0.4 VideoLAN 22.11.2012 2.0.4
NÖTIG

Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) Broadcom 11.02.2010 06/15/2009 6.2.0.9000
UNBEKANNT

Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) Broadcom 11.02.2010 07/30/2009 6.2.0.9405
UNBEKANNT

Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) Broadcom 11.02.2010 07/28/2009 6.2.0.9800
UNBEKANNT

Windows Live Essentials Microsoft Corporation 28.06.2012 15.4.3555.0308
NOTWENDIG

Windows Live Sync Microsoft Corporation 27.12.2011 2,78 MB 14.0.8089.726
NOTWENDIG

08.06.2013, 16:26	#8
markusg /// Malware-holic	System Care Antivir infiziert ja machs noch mal und schau, wie weits läuft. __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

09.06.2013, 17:32	#10
markusg /// Malware-holic	System Care Antivir infiziert lass bitte solche zwischenposts weg, danke __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

System Care Antivir infiziert

Log-Analyse und Auswertung: System Care Antivir infiziert