| |
| |||||||
Log-Analyse und Auswertung: AVAST Prüfergebnisse..416 Bedrohungen..was nun?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.06.2013, 23:38
| #1 |
 |  AVAST Prüfergebnisse..416 Bedrohungen..was nun? Hi zusammen, soll ich die infizierten Dateien in den Container verschieben oder löschen? Kann leider keine Protokoll erstellen, damit man es im einzelnen sieht.. Lg Marc |
|
10.06.2013, 23:42
| #2 |
| /// Malware-holic   | AVAST Prüfergebnisse..416 Bedrohungen..was nun? ist das der selbe pc den ich bearbeite? wenn ja, warum läuft gleichzeitig avast und warum wird noch ein Thema eröffnet?
__________________wenn nein, poste einige der Fundmeldungen hier.
__________________ |
|
10.06.2013, 23:47
| #3 |
| | AVAST Prüfergebnisse..416 Bedrohungen..was nun? nein, natürlich der zweit-pc mit dem ich den ersten "frei" machen konnte...auf dem ersten versucht Combofix nach wie vor eindlich zu einem Ende zu kommen...hier also einige Bedrohungen:
__________________HTML:RedirME-inf JS:ScriptPE-inf Win32:Malware-gen Win32:Sirefef-AO HTML:lframe-inf sind einige von denen die mit HOCH angesetzt wurden Lg Marc |
|
10.06.2013, 23:48
| #4 |
| /// Malware-holic | AVAST Prüfergebnisse..416 Bedrohungen..was nun? mit Pfadangabe bitte. dann erst mal: Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
10.06.2013, 23:51
| #5 |
| | AVAST Prüfergebnisse..416 Bedrohungen..was nun? mach ich..aber was mach ich in der zwischenzeit mit avast..wenn ich alle programme schliesse dann muss ich avast sagen, was er mit den Prüfergebnissen machen soll..ignorieren? Lg Marc |
|
10.06.2013, 23:52
| #6 |
| /// Malware-holic | AVAST Prüfergebnisse..416 Bedrohungen..was nun? erst mal ignorieren.
__________________ --> AVAST Prüfergebnisse..416 Bedrohungen..was nun? |
|
11.06.2013, 00:29
| #7 |
| | AVAST Prüfergebnisse..416 Bedrohungen..was nun? Teil 1: Code:
ATTFilter OTL logfile created on: 11.06.2013 00:56:33 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marc\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,57% Memory free 4,22 Gb Paging File | 3,22 Gb Available in Paging File | 76,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 327,83 Gb Total Space | 152,35 Gb Free Space | 46,47% Space Free | Partition Type: NTFS Drive D: | 7,52 Gb Total Space | 1,00 Gb Free Space | 13,28% Space Free | Partition Type: NTFS Computer Name: MARC-PC | User Name: Marc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.11 00:53:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013.01.31 16:10:00 | 000,201,808 | ---- | M] (Somoto) -- C:\Program Files\FilesFrog Update Checker\update_checker.exe PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2011.01.13 13:27:06 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.10.22 02:00:00 | 002,105,344 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanGUI.exe PRC - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanNetService.exe PRC - [2010.09.30 15:00:28 | 000,253,264 | ---- | M] () -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe PRC - [2010.09.30 15:00:28 | 000,139,088 | ---- | M] () -- C:\Program Files\1&1 Surf-Stick\UIExec.exe PRC - [2007.06.14 20:31:36 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.06.14 20:31:32 | 000,178,968 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007.04.18 17:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe PRC - [2007.02.15 13:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe PRC - [2006.11.02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2006.09.03 10:32:28 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ========== Modules (No Company Name) ========== MOD - [2012.01.08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll MOD - [2011.09.15 00:19:58 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll MOD - [2011.08.16 17:30:58 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll MOD - [2011.08.16 17:30:42 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll MOD - [2011.08.16 17:30:32 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll MOD - [2011.08.16 17:29:05 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll MOD - [2011.08.16 17:28:57 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll MOD - [2011.01.23 16:18:16 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2011.01.23 16:07:52 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2011.01.23 16:07:44 | 005,242,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2011.01.23 16:06:39 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2011.01.23 16:06:38 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2011.01.23 16:06:38 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010.09.30 15:00:28 | 000,139,088 | ---- | M] () -- C:\Program Files\1&1 Surf-Stick\UIExec.exe MOD - [2007.09.10 12:01:49 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2746.40828__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2007.09.10 12:01:49 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2746.41085__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2007.09.10 12:01:49 | 000,233,472 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2746.40782__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2007.09.10 12:01:49 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2746.40844__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2007.09.10 12:01:49 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2746.41075__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2007.09.10 12:01:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2746.40819__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2007.09.10 12:01:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2746.40843__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll MOD - [2007.09.10 12:01:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2746.40804__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2007.09.10 12:01:48 | 000,684,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2746.41052__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2007.09.10 12:01:48 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2746.41119__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2007.09.10 12:01:48 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2746.41028__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2007.09.10 12:01:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2746.40954__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2007.09.10 12:01:28 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2746.41127__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:28 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2746.40797__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:27 | 000,790,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2746.40965__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:27 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2746.40806__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:27 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2746.41059__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2007.09.10 12:01:27 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2746.41038__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:27 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2746.40852__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:27 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2746.40990__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:27 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2746.41044__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2007.09.10 12:01:27 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2746.41036__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2007.09.10 12:01:27 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2746.40963__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2007.09.10 12:01:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2746.41111__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2007.09.10 12:01:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2746.40989__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2007.09.10 12:01:26 | 000,897,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2746.41078__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:26 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2746.41030__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:26 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2746.40858__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:26 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2746.40956__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:26 | 000,327,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2746.40947__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2007.09.10 12:01:26 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2746.40955__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2007.09.10 12:01:26 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2007.09.10 12:01:26 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2746.40864__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2007.09.10 12:01:26 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2746.40962__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2007.09.10 12:01:26 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2700.34671__90ba9c70f846762e\LOG.Foundation.dll MOD - [2007.09.10 12:01:26 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2746.41013__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2007.09.10 12:01:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2700.34680__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2007.09.10 12:01:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2700.34751__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2007.09.10 12:01:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2700.34701__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2007.09.10 12:01:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2700.34689__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2007.09.10 12:01:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2700.34703__90ba9c70f846762e\MOM.Foundation.dll MOD - [2007.09.10 12:01:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2700.34718__90ba9c70f846762e\DEM.OS.dll MOD - [2007.09.10 12:01:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2700.34754__90ba9c70f846762e\DEM.Graphics.dll MOD - [2007.09.10 12:01:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2007.09.10 12:01:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2700.34750__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2007.09.10 12:01:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2700.34706__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2007.09.10 12:01:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2700.34739__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2007.09.10 12:01:26 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2007.09.10 12:01:25 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2700.34728__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2700.34714__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2700.34722__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2700.34674__90ba9c70f846762e\CLI.Foundation.dll MOD - [2007.09.10 12:01:25 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2700.34697__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2700.34727__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2705.19134__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2700.34759__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2700.34721__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2700.34726__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2700.34709__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2700.34808__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2007.09.10 12:01:25 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2700.34716__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2700.34721__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2700.34758__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2700.34724__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2700.34708__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2700.34705__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2007.09.10 12:01:25 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2700.34694__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2007.09.10 12:01:25 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2700.34686__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2007.09.10 12:01:25 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2700.34717__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2007.09.10 12:01:25 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2700.34702__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2007.09.10 12:01:25 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2700.34713__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2007.09.10 12:01:25 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2700.34729__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2007.09.10 12:01:24 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2700.34672__90ba9c70f846762e\AEM.Foundation.dll MOD - [2007.09.10 12:01:24 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2007.09.10 12:01:24 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2700.34704__90ba9c70f846762e\APM.Foundation.dll MOD - [2007.09.10 12:01:24 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2700.34697__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2007.09.10 12:01:19 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2746.41157__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2007.09.10 12:01:19 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2746.40770__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2007.09.10 12:01:18 | 001,503,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2746.40791__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2007.09.10 12:01:18 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2746.40813__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2007.09.10 12:01:18 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2746.41101__90ba9c70f846762e\MOM.Implementation.dll MOD - [2007.09.10 12:01:18 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2746.40773__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2007.09.10 12:01:18 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2746.40774__90ba9c70f846762e\ATIDEMOS.dll MOD - [2007.09.10 12:01:18 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2746.41098__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2007.09.10 12:01:18 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2746.40772__90ba9c70f846762e\APM.Server.dll MOD - [2007.09.10 12:01:18 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2746.40771__90ba9c70f846762e\AEM.Server.dll MOD - [2007.09.10 12:01:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2700.34690__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2007.09.10 12:01:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2700.34706__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2007.09.10 12:01:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2700.34698__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2007.09.10 12:01:18 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2700.34681__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2007.09.10 12:01:18 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2746.41100__90ba9c70f846762e\CCC.Implementation.dll MOD - [2007.09.10 12:01:18 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2007.09.10 12:01:18 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2700.34752__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2007.09.10 12:01:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2700.34708__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2007.09.10 12:01:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2700.34711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2007.09.10 12:01:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2700.34740__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2007.07.10 02:24:44 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2006.12.10 22:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll MOD - [2006.12.10 22:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- %systemroot%\system32\diskeeper.dll -- (veteboot) SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AR5523.dll -- (mgisvr) SRV - [2013.05.29 15:51:59 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.05.20 12:23:33 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service) SRV - [2010.09.30 15:00:28 | 000,253,264 | ---- | M] () [Auto | Running] -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service) SRV - [2007.09.10 21:35:54 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.06.14 20:31:36 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2006.09.11 16:02:44 | 000,544,256 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) SRV - [2006.09.11 16:01:04 | 000,167,936 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) SRV - [2006.09.11 15:56:32 | 000,075,264 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM) SRV - [2006.09.11 15:56:20 | 000,188,416 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) SRV - [2006.09.03 10:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService) SRV - [2006.08.31 23:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) SRV - [2006.05.10 09:13:52 | 000,029,696 | R--- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2013.05.09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013.05.09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013.05.09 10:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013.05.09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013.05.09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010.10.22 02:00:00 | 000,586,752 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fwlanusbn.sys -- (fwlanusbn) DRV - [2010.10.22 02:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject) DRV - [2009.10.29 20:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009.10.29 20:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009.10.29 20:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009.10.29 20:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2009.10.09 11:36:40 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.10.09 11:36:40 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.01.08 23:47:23 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV07.sys -- (ACEDRV07) DRV - [2008.07.30 07:51:30 | 000,277,736 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11) DRV - [2007.07.10 02:35:38 | 002,769,408 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2005.12.12 19:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=Pavilion&pf=desktop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=Pavilion&pf=desktop IE - HKLM\..\SearchScopes,DefaultScope = {B5719E69-3067-4694-B05B-13687A8B9D40} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{2495F679-868B-4542-845F-2BADFDAADCA8}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 IE - HKLM\..\SearchScopes\{B5719E69-3067-4694-B05B-13687A8B9D40}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie7chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startzentrale.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {B5719E69-3067-4694-B05B-13687A8B9D40} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{2495F679-868B-4542-845F-2BADFDAADCA8}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 IE - HKCU\..\SearchScopes\{B5719E69-3067-4694-B05B-13687A8B9D40}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie7chrome IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.ixquick.de" FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.7 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.06.10 21:29:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.23 15:23:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Extensions [2012.12.15 17:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\tfe7389y.default\extensions [2012.09.02 23:28:02 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\tfe7389y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012.12.15 17:00:58 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\tfe7389y.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2013.06.10 21:56:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013.05.29 15:51:49 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2013.05.29 15:51:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.06.10 21:56:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2013.05.29 15:52:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013.05.29 15:52:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.06.10 21:29:43 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF O1 HOSTS File: ([2012.03.27 15:41:47 | 000,000,761 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Germany GmbH) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Germany GmbH) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Germany GmbH) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [CCUTRAYICON] FactoryMode File not found O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe () O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro) O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [UIExec] C:\Program Files\1&1 Surf-Stick\UIExec.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" File not found O4 - HKCU..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun File not found O4 - HKCU..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe (Somoto) O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks) O4 - Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O8 - Extra context menu item: Free YouTube Download - C:\Users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45) O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.7.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{652F5BCA-6159-4E8A-A1E7-EE95D0B5CD28}: NameServer = 192.168.178.1,217.237.151.115 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (C:\Users\Marc\AppData\Local\e4f44f4f\X) - File not found O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\horizon.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\horizon.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.09.10 12:14:11 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{16e827a7-0ce1-11de-bb57-001d6072183f}\Shell - "" = AutoRun O33 - MountPoints2\{16e827a7-0ce1-11de-bb57-001d6072183f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {403E9171-3021-50CE-F1CE-D07B006EAE23} - Internet Explorer ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: mgisvr - %systemroot%\system32\AR5523.dll File not found NetSvcs: veteboot - %systemroot%\system32\diskeeper.dll File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013.06.11 00:53:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe [2013.06.10 21:30:05 | 000,368,944 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2013.06.10 21:30:05 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2013.06.10 21:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.06.10 21:30:04 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2013.06.10 21:30:04 | 000,056,080 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2013.06.10 21:30:04 | 000,049,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2013.06.10 21:30:03 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2013.06.10 21:29:30 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.06.10 21:01:02 | 000,229,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2013.06.10 20:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.06.10 20:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013.06.10 13:34:55 | 000,000,000 | ---D | C] -- C:\Users\Marc\Local Settings [2013.06.10 13:34:21 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker [2013.06.10 13:34:20 | 000,000,000 | ---D | C] -- C:\Program Files\FilesFrog Update Checker [2013.06.02 21:23:37 | 000,000,000 | ---D | C] -- C:\Users\Marc\MediathekView [2013.06.02 21:18:22 | 000,000,000 | ---D | C] -- C:\Users\Marc\.mediathek3 [2013.05.29 15:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox ========== Files - Modified Within 30 Days ========== [2013.06.11 01:00:00 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8FF0CDE9-A183-482B-A8CB-7957D06F595F}.job [2013.06.11 00:53:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe [2013.06.11 00:34:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.11 00:11:34 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.11 00:11:34 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.10 21:34:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.10 21:30:05 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013.06.10 21:30:03 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2013.06.10 21:18:23 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.06.10 21:18:23 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.06.10 21:18:23 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.06.10 21:18:23 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.06.10 21:11:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.10 21:11:27 | 2145,869,824 | -HS- | M] () -- C:\hiberfil.sys [2013.06.10 13:34:21 | 000,000,928 | ---- | M] () -- C:\Users\Marc\Desktop\Check for Updates.lnk [2013.06.10 10:46:30 | 000,218,112 | ---- | M] () -- C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.05.29 16:39:51 | 000,000,680 | ---- | M] () -- C:\Users\Marc\AppData\Local\d3d9caps.dat ========== Files Created - No Company Name ========== [2013.06.10 21:30:05 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013.06.10 21:30:04 | 000,174,664 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys [2013.06.10 21:30:03 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys [2013.06.10 13:34:21 | 000,000,928 | ---- | C] () -- C:\Users\Marc\Desktop\Check for Updates.lnk [2013.05.09 23:15:53 | 000,010,455 | ---- | C] () -- C:\Users\Marc\Marc_elster_2048.pfx [2013.05.09 22:58:08 | 000,020,771 | ---- | C] () -- C:\Users\Marc\UStVA2013_I._Quartal_Moschettini_Marc.elfo [2013.03.12 11:48:07 | 000,000,206 | ---- | C] () -- C:\Windows\System32\MRT.INI [2012.03.28 11:34:19 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011.12.11 13:42:51 | 000,024,263 | ---- | C] () -- C:\Users\Marc\ENDVERSION EDI Dezember 2011.odt [2011.12.11 01:12:22 | 000,399,256 | ---- | C] () -- C:\Users\Marc\100_3291 Ändern 2.jpg [2011.12.11 00:46:00 | 000,420,875 | ---- | C] () -- C:\Users\Marc\100_3291 Ändern.jpg [2011.11.18 22:19:50 | 000,146,249 | ---- | C] () -- C:\Windows\hpoins18.dat [2011.11.18 22:19:24 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat [2011.11.10 15:50:59 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL [2011.11.10 15:50:59 | 000,042,483 | ---- | C] () -- C:\Windows\ICCCODES.DAT [2011.11.10 15:50:59 | 000,037,714 | ---- | C] () -- C:\Windows\Iccsigs.dat [2011.11.10 15:50:44 | 000,000,123 | ---- | C] () -- C:\Windows\KPCMS.INI [2011.11.10 15:33:38 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe [2011.06.02 15:04:23 | 000,000,680 | ---- | C] () -- C:\Users\Marc\AppData\Local\d3d9caps.dat [2011.02.07 23:40:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.01.08 00:00:49 | 000,218,112 | ---- | C] () -- C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2011.01.13 13:27:59 | 011,315,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2011.01.18 12:10:28 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2006.11.02 11:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.02.27 21:31:13 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\AnvSoft [2013.02.07 18:27:11 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Ashampoo [2012.11.19 23:18:14 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DVDVideoSoft [2012.11.20 22:34:43 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers [2013.05.09 22:53:27 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\elsterformular [2008.02.19 21:36:10 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\everlight [2013.06.10 16:29:32 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\FileZilla [2009.10.09 13:18:16 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Games [2013.06.10 13:33:43 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\HaoZip [2011.11.20 12:02:59 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Image Zone Express [2011.08.11 23:09:30 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Merscom [2011.09.17 00:36:41 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\OpenOffice.org [2011.11.20 12:02:59 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Printer Info Cache [2009.08.31 20:14:45 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ProtectDisc ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.01.23 16:57:49 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2007.09.10 21:27:41 | 000,000,000 | -HSD | M] -- C:\Boot [2008.12.08 20:42:23 | 000,000,000 | ---D | M] -- C:\Csoft [2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2007.12.06 00:20:51 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2013.02.07 15:04:32 | 000,000,000 | ---D | M] -- C:\e2246b75b7ed6b9c329813 [2013.02.25 19:00:31 | 000,000,000 | ---D | M] -- C:\Fragmente [2008.01.07 22:54:35 | 000,000,000 | -H-D | M] -- C:\hp [2010.12.27 18:49:49 | 000,000,000 | ---D | M] -- C:\Hörspielverwaltung [2008.01.13 03:59:03 | 000,000,000 | ---D | M] -- C:\John Sinclair [2011.11.10 15:51:37 | 000,000,000 | ---D | M] -- C:\KPCMS [2012.07.02 11:19:06 | 000,000,000 | ---D | M] -- C:\PerfLogs [2013.06.10 20:59:10 | 000,000,000 | ---D | M] -- C:\Program Files [2013.06.10 20:56:16 | 000,000,000 | -H-D | M] -- C:\ProgramData [2007.12.06 00:20:51 | 000,000,000 | -HSD | M] -- C:\Programme [2013.06.11 00:59:02 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.06.05 23:47:28 | 000,000,000 | ---D | M] -- C:\test [2010.12.27 13:43:41 | 000,000,000 | ---D | M] -- C:\UserData [2013.02.25 18:58:48 | 000,000,000 | R--D | M] -- C:\Users [2013.06.10 21:29:30 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2006.11.02 11:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2006.11.02 11:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2006.11.02 11:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2006.11.02 11:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2006.11.02 11:44:49 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2006.11.02 15:01:49 | 000,032,620 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.01.26 17:46:57 | 000,000,426 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{8FF0CDE9-A183-482B-A8CB-7957D06F595F}.job [2011.12.19 00:00:14 | 000,001,090 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2011.12.19 00:00:15 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job < MD5 for: AGP440.SYS > [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\drivers\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.01.13 13:27:06 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe [2011.01.13 13:27:06 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2011.01.13 13:27:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2011.01.13 13:27:05 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2011.01.13 13:27:05 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe < MD5 for: IASTOR.SYS > [2007.06.14 22:30:28 | 000,304,920 | ---- | M] (Intel Corporation) MD5=2D8143C90F246D0F1735AF7D05D515F3 -- C:\hp\DRIVERS\Intel_RAID\iastor.sys [2007.06.14 20:30:28 | 000,304,920 | ---- | M] (Intel Corporation) MD5=2D8143C90F246D0F1735AF7D05D515F3 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys [2007.06.14 22:30:28 | 000,304,920 | ---- | M] (Intel Corporation) MD5=2D8143C90F246D0F1735AF7D05D515F3 -- C:\Windows\System32\drivers\iaStor.sys [2007.06.14 22:30:28 | 000,304,920 | ---- | M] (Intel Corporation) MD5=2D8143C90F246D0F1735AF7D05D515F3 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_b06897a2\iaStor.sys [2007.06.14 22:30:28 | 000,304,920 | ---- | M] (Intel Corporation) MD5=2D8143C90F246D0F1735AF7D05D515F3 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_637ce689\iaStor.sys [2007.06.14 20:31:02 | 000,381,720 | ---- | M] (Intel Corporation) MD5=A808773807CEA68EB7A0BD0D28C845CB -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys < MD5 for: IASTORV.SYS > [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll [2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys < MD5 for: SCECLI.DLL > [2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll [2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll < MD5 for: USER32.DLL > [2007.09.10 21:36:38 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll [2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll [2007.09.10 21:36:38 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2007.09.10 21:36:38 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll < MD5 for: USERINIT.EXE > [2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe [2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: WINLOGON.EXE > [2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe [2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe < MD5 for: WS2IFSL.SYS > [2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\System32\drivers\ws2ifsl.sys [2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\*.dll /lockedfiles > [2007.07.10 02:24:58 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll [2011.01.18 12:18:08 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll [2011.01.18 12:18:08 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll [2006.11.02 11:46:05 | 000,192,512 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll < %USERPROFILE%\*.* > [2011.12.11 01:12:25 | 000,399,256 | ---- | M] () -- C:\Users\Marc\100_3291 Ändern 2.jpg [2011.12.11 00:46:02 | 000,420,875 | ---- | M] () -- C:\Users\Marc\100_3291 Ändern.jpg [2011.12.11 14:14:46 | 000,024,263 | ---- | M] () -- C:\Users\Marc\ENDVERSION EDI Dezember 2011.odt [2011.12.11 00:59:39 | 001,181,336 | ---- | M] () -- C:\Users\Marc\iserror.log [2013.02.23 13:59:30 | 000,010,455 | ---- | M] () -- C:\Users\Marc\Marc_elster_2048.pfx [2013.06.11 01:06:44 | 002,359,296 | -HS- | M] () -- C:\Users\Marc\ntuser.dat [2013.06.11 01:06:44 | 000,262,144 | -H-- | M] () -- C:\Users\Marc\ntuser.dat.LOG1 [2007.12.06 00:24:56 | 000,000,000 | -H-- | M] () -- C:\Users\Marc\ntuser.dat.LOG2 [2007.12.06 00:38:57 | 000,065,536 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2007.12.06 00:38:57 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2007.12.06 00:38:57 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2012.07.02 23:59:34 | 000,065,536 | -HS- | M] () -- C:\Users\Marc\ntuser.dat{3ca5ef8e-c488-11e1-a5de-bc0543024f91}.TM.blf [2012.07.02 23:59:34 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\ntuser.dat{3ca5ef8e-c488-11e1-a5de-bc0543024f91}.TMContainer00000000000000000001.regtrans-ms [2012.07.02 23:59:34 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\ntuser.dat{3ca5ef8e-c488-11e1-a5de-bc0543024f91}.TMContainer00000000000000000002.regtrans-ms [2007.12.06 00:24:56 | 000,000,020 | -HS- | M] () -- C:\Users\Marc\ntuser.ini [2013.05.09 23:01:08 | 000,020,771 | ---- | M] () -- C:\Users\Marc\UStVA2013_I._Quartal_Moschettini_Marc.elfo [2013.01.09 00:54:30 | 000,527,872 | ---- | M] () -- C:\Users\Marc\Verl.Elternzeit.doc [2013.01.09 00:54:30 | 000,000,162 | -H-- | M] () -- C:\Users\Marc\~$rl.Elternzeit.doc < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ========== Files - Unicode (All) ========== [2012.04.15 18:18:46 | 000,000,000 | ---D | M](C:\Users\Marc\AppData\Roaming\???????sAppData) -- C:\Users\Marc\AppData\Roaming\敎潲䍄敔灭慬整sAppData [2012.04.15 18:18:46 | 000,000,000 | ---D | M](C:\Users\Marc\AppData\Roaming\???????sAppData) -- C:\Users\Marc\AppData\Roaming\敎潲䍄敔灭慬整sAppData (C:\Users\Marc\AppData\Roaming\???????sAppData) -- C:\Users\Marc\AppData\Roaming\敎潲䍄敔灭慬整sAppData ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\Windows\$NtUninstallKB21572$] -> Error: Cannot create file handle -> Unknown point type < End of report > Code:
ATTFilter OTL Extras logfile created on: 11.06.2013 00:56:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marc\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,57% Memory free
4,22 Gb Paging File | 3,22 Gb Available in Paging File | 76,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 327,83 Gb Total Space | 152,35 Gb Free Space | 46,47% Space Free | Partition Type: NTFS
Drive D: | 7,52 Gb Total Space | 1,00 Gb Free Space | 13,28% Space Free | Partition Type: NTFS
Computer Name: MARC-PC | User Name: Marc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7376B29A-05A8-4E1E-B4B7-6709A43893DB}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{C4BF8DE7-2306-4DEE-88CD-818521CB9F25}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19315C27-841E-4EEA-8B6C-C4BFD591AACF}" = protocol=6 | dir=in | app=c:\program files\adobe\adobe version cue cs2\bin\versioncuecs2.exe |
"{2C5F3D62-309A-4087-BEC0-212D9D86D55E}" = protocol=17 | dir=in | app=c:\program files\adobe\adobe version cue cs2\bin\versioncuecs2.exe |
"{31A04AE9-53A8-4D64-A9F9-229F8915B88B}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{7F6D8312-78DA-4BD7-8403-1C7F58262ED4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91C74DAD-C3D2-4CFE-853C-D379ED84A14C}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{93FB2B32-CBD5-46E6-9E53-E4EBA0559690}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{B65DB5B4-D028-4FCA-88B8-D1BFF3A05601}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{D3D4F9C7-07B7-480A-A8E9-64BBDF96F165}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{D4E68E34-A7F6-47DB-9D9E-2E42C27E96C9}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"TCP Query User{CE91F2D6-ADF6-4999-A671-695371CCFD4E}C:\program files\activision value\wsop 2008\wsopbftb.exe" = protocol=6 | dir=in | app=c:\program files\activision value\wsop 2008\wsopbftb.exe |
"UDP Query User{FBFD5808-BE56-49FA-A1B7-59667A75382C}C:\program files\activision value\wsop 2008\wsopbftb.exe" = protocol=17 | dir=in | app=c:\program files\activision value\wsop 2008\wsopbftb.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FE2007-E645-1BB3-33CB-75204F47B1B8}" = ccc-utility
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07E4651B-B10D-B079-6A2D-A328E7F97DF8}" = CCC Help Hungarian
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}" = HP Active Support Library
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E3FD8AB-3DBA-E2B5-F207-51D4F2F03381}" = CCC Help English
"{0FAEE4E9-81DF-3B79-0B2B-D9E8D830E16D}" = CCC Help Thai
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{13771F48-69A8-714D-FDB0-EBBA0635A9D4}" = Catalyst Control Center Localization Russian
"{14AF024E-2E3B-49D0-A175-D1C1A06B155A}" = muvee autoProducer 6.0
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1A736043-F483-D644-613B-C84D74B5F63A}" = CCC Help Spanish
"{1C36BADC-83D2-7EF2-0F05-513C87FDA1FA}" = Catalyst Control Center Localization Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2161DD18-607D-83B5-2DC7-600EFDA46063}" = CCC Help German
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 45
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BD8C31B-F368-99CE-5F5C-A53B0BDD19B0}" = CCC Help Norwegian
"{2BDF9A0B-01C6-4BC3-4288-0BC0160E3ABD}" = CCC Help Czech
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{343F1CC7-F8BF-F564-AA4C-D34B77EEAA95}" = Catalyst Control Center Localization Portuguese
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{36486D0E-2DBB-ADD3-1504-4772FA6B285A}" = CCC Help Japanese
"{3F9B2FD2-1C83-4401-9967-C3636638E958}" = Adobe SING CS3
"{4037C0EF-7196-F7A2-7BE4-D4D3ECDCE7D2}" = Catalyst Control Center Graphics Full Existing
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{49496543-1C10-BB99-A88D-54460649968D}" = Catalyst Control Center Graphics Light
"{496A8622-E4BF-D9E4-8507-28C86F0DFB37}" = Catalyst Control Center Core Implementation
"{49E7D0F0-BD9F-FAEC-11C4-9B4C22B6E828}" = Catalyst Control Center Localization Italian
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E94AC9F-F8D4-47E1-AF6E-6DB64B931412}" = Catalyst Control Center Localization Czech
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F027497-15AE-4DE5-B3BC-8E721C6127DE}" = ccc-Branding
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{51AD07A2-F7D5-E76E-3B8B-2CF123D82597}" = CCC Help French
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56B8B892-317E-4FDE-9E4D-44B189848A27}" = Adobe Setup
"{5A65BC34-5BDA-1455-4E05-AC41990527DE}" = ccc-core-static
"{5DC2E459-D485-ADB7-4FFC-F2A41D9BE686}" = Catalyst Control Center Localization Turkish
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{651AAC88-4728-E17A-9823-F630A315F9F9}" = Catalyst Control Center Graphics Previews Vista
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{66FA1F4C-A83B-6759-068D-DF511CC00E28}" = CCC Help Danish
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = Intel® Viiv™ Software
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7032E73F-68A0-48F9-8100-E70E79169BAE}" = AGEIA PhysX v6.12.02
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A36DE-DB17-6B4A-59DF-279DEE32ED15}" = CCC Help Finnish
"{74220C01-E5D6-63BD-1AC1-A58AB9721024}" = Skins
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7A80850F-0D2B-2BD8-E083-BAACCB93630B}" = Catalyst Control Center Localization Korean
"{7E600536-DD6D-4556-025B-2DE2D52781C4}" = Catalyst Control Center Graphics Full New
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{806C85BF-25A8-CDC1-76CB-12365D7818C6}" = Catalyst Control Center Localization Spanish
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{82841374-147F-DBBC-962C-C931119F9046}" = Catalyst Control Center Localization Japanese
"{8305D1B0-EA11-7E6E-D3CD-E20E85F92EC8}" = CCC Help Chinese Traditional
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{84DEF790-8E3E-FCFF-D0C9-FD4782561AE4}" = CCC Help Dutch
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8B7AAD00-5A06-F0F3-23C8-A2D220AE3903}" = CCC Help Swedish
"{8C31BF2A-AFB3-6018-F91B-66339FF8F37F}" = Catalyst Control Center Localization Thai
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8D3785C1-E967-12DF-CF94-1913D920C466}" = CCC Help Turkish
"{8E60E890-5CA7-49C6-B95D-0CC99F368916}" = bhv Vokabeltrainer Spanisch
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{9257E10D-54A7-D942-DBC0-DAB30E8ED34A}" = Catalyst Control Center Localization Greek
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{973C52C6-533B-1EC1-9738-0553446DFA7E}" = Catalyst Control Center Localization Polish
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{99E3CD2E-22C5-77F6-61F2-D14D6BCB7A23}" = CCC Help Chinese Standard
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CDE63FA-D807-2B59-748B-40C5CB523CD0}" = Catalyst Control Center Localization Chinese Standard
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A27D8FDB-6912-E419-A0B0-3C92D137CFDA}" = Catalyst Control Center Localization Finnish
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A44ED15C-4398-7353-D4B2-9F7E9921FC91}" = Catalyst Control Center Graphics Previews Common
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help
"{A92C9CFB-E16F-2387-00E3-63F67E3631AC}" = Catalyst Control Center Localization French
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = 1&1 Surf-Stick
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{ADC7FA12-E165-428a-AF13-4CE686E030AA}" = C5100
"{AECEFE78-F109-0D11-AC80-116A0E36CC19}" = Catalyst Control Center Localization German
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BEE02DB1-ED44-BCF3-F560-E79861C30EE0}" = Catalyst Control Center Localization Norwegian
"{BFC3E1CF-D886-BFA5-AF9A-AB3E8D3B84B0}" = CCC Help Italian
"{C0D3D93F-C200-4F45-A7B0-4B7753E18590}" = MySQL Connector/ODBC 3.51
"{C16F1E5A-96E8-160D-93FA-8962346108C2}" = Catalyst Control Center Localization Dutch
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3DE93B9-BF12-DFB3-1320-49C2A1D50F71}" = CCC Help Portuguese
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{CF840AAD-CDE5-4E18-378B-32B0280D154B}" = CCC Help Russian
"{D0CF92F2-5F1A-4D60-BF58-16F515C57CEE}" = Hsp-Verwaltung 2.0
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D67B3404-93AC-C8CC-EF85-11AD62C9BAEA}" = CCC Help Polish
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6FB43A3-28EC-C6ED-D071-B62F547188A3}" = CCC Help Greek
"{E8DE1122-09F3-7A50-4813-6895B62F0B03}" = Catalyst Control Center Localization Hungarian
"{E91A5A51-4BFB-2B85-8BB8-1110625DDD91}" = CCC Help Korean
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F8766327-4B94-6613-5CE6-F841AF2C7693}" = Catalyst Control Center Localization Chinese Traditional
"{F9A35214-6A0E-EE01-C17E-86EE33C53869}" = Catalyst Control Center Localization Swedish
"{FB64CD10-54E6-4116-A35A-7DD631C9E079}" = Hsp-Verwaltung 2.0
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"7-Zip" = 7-Zip 9.20
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe PageMaker 6.5" = Adobe PageMaker 6.5
"Adobe_05ba3a63f36684fe0c5dde2ebe6f8f5" = Adobe InDesign CS3
"Any Video Converter 5_is1" = Any Video Converter 5 5.0.3
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.83
"avast" = avast! Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"bi_uninstaller" = Bundled software uninstaller
"ElsterFormular" = ElsterFormular
"FilesFrog Update Checker" = FilesFrog Update Checker
"Free YouTube Download_is1" = Free YouTube Download version 3.1.40.1031
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"HaoZip" = HaoZip
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Intel(R) Configuration Center" = Intel® Viiv™ Software
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5b
"PC-Doctor 5 for Windows" = Hardware Diagnose Tools
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"QuickTime" = QuickTime
"VLC media player" = VLC media player 2.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.5.3
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.06.2012 03:04:34 | Computer Name = Marc-PC | Source = EventSystem | ID = 4621
Description =
Error - 12.06.2012 08:14:27 | Computer Name = Marc-PC | Source = WerSvc | ID = 5007
Description =
Error - 12.06.2012 18:25:10 | Computer Name = Marc-PC | Source = WerSvc | ID = 5007
Description =
Error - 13.06.2012 04:36:16 | Computer Name = Marc-PC | Source = WerSvc | ID = 5007
Description =
Error - 13.06.2012 04:57:59 | Computer Name = Marc-PC | Source = EventSystem | ID = 4621
Description =
Error - 13.06.2012 07:13:38 | Computer Name = Marc-PC | Source = WerSvc | ID = 5007
Description =
Error - 18.06.2012 03:16:23 | Computer Name = Marc-PC | Source = WerSvc | ID = 5007
Description =
Error - 21.06.2012 17:03:21 | Computer Name = Marc-PC | Source = WerSvc | ID = 5007
Description =
Error - 22.06.2012 06:49:03 | Computer Name = Marc-PC | Source = WerSvc | ID = 5007
Description =
Error - 22.06.2012 17:52:30 | Computer Name = Marc-PC | Source = EventSystem | ID = 4621
Description =
[ System Events ]
Error - 10.06.2013 04:25:45 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 10.06.2013 10:32:04 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.06.2013 10:32:04 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 10.06.2013 10:32:04 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 10.06.2013 14:41:00 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.06.2013 14:41:00 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 10.06.2013 14:41:00 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 10.06.2013 15:13:13 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.06.2013 15:13:13 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 10.06.2013 15:13:13 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7023
Description =
< End of report >
|
|
11.06.2013, 12:11
| #8 |
| /// Malware-holic | AVAST Prüfergebnisse..416 Bedrohungen..was nun? Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 12:15
| #9 |
| | AVAST Prüfergebnisse..416 Bedrohungen..was nun? muss ich avast deaktivieren und wo geht das? Danke Code:
ATTFilter 13:17:04.0488 0992 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:17:04.0707 0992 ============================================================
13:17:04.0707 0992 Current date / time: 2013/06/11 13:17:04.0707
13:17:04.0707 0992 SystemInfo:
13:17:04.0707 0992
13:17:04.0707 0992 OS Version: 6.0.6000 ServicePack: 0.0
13:17:04.0707 0992 Product type: Workstation
13:17:04.0707 0992 ComputerName: MARC-PC
13:17:04.0707 0992 UserName: Marc
13:17:04.0707 0992 Windows directory: C:\Windows
13:17:04.0707 0992 System windows directory: C:\Windows
13:17:04.0707 0992 Processor architecture: Intel x86
13:17:04.0707 0992 Number of processors: 2
13:17:04.0707 0992 Page size: 0x1000
13:17:04.0707 0992 Boot type: Normal boot
13:17:04.0707 0992 ============================================================
13:17:05.0144 0992 Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 (335.35 Gb), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:17:05.0159 0992 ============================================================
13:17:05.0159 0992 \Device\Harddisk0\DR0:
13:17:05.0159 0992 MBR partitions:
13:17:05.0159 0992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x28FA712C
13:17:05.0159 0992 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x28FA716B, BlocksNum 0xF0B856
13:17:05.0159 0992 ============================================================
13:17:05.0190 0992 C: <-> \Device\Harddisk0\DR0\Partition1
13:17:05.0222 0992 D: <-> \Device\Harddisk0\DR0\Partition2
13:17:05.0222 0992 ============================================================
13:17:05.0222 0992 Initialize success
13:17:05.0222 0992 ============================================================
13:17:14.0004 1360 ============================================================
13:17:14.0004 1360 Scan started
13:17:14.0004 1360 Mode: Manual; SigCheck; TDLFS;
13:17:14.0004 1360 ============================================================
13:17:14.0238 1360 ================ Scan system memory ========================
13:17:14.0238 1360 System memory - ok
13:17:14.0238 1360 ================ Scan services =============================
13:17:14.0472 1360 [ 4E5451DD0AEC8504D7F8030DD2D4C416 ] ACEDRV07 C:\Windows\system32\drivers\ACEDRV07.sys
13:17:14.0660 1360 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning
13:17:14.0660 1360 ACEDRV07 - detected UnsignedFile.Multi.Generic (1)
13:17:14.0722 1360 [ 27F954120BABB8A00F8745D8F5BC9B82 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
13:17:14.0847 1360 acedrv11 - ok
13:17:14.0909 1360 [ 192BDBD1540645C4A2AA69F24CCE197F ] ACPI C:\Windows\system32\drivers\acpi.sys
13:17:14.0940 1360 ACPI - ok
13:17:15.0003 1360 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:17:15.0050 1360 adp94xx - ok
13:17:15.0096 1360 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:17:15.0112 1360 adpahci - ok
13:17:15.0143 1360 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:17:15.0159 1360 adpu160m - ok
13:17:15.0190 1360 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:17:15.0206 1360 adpu320 - ok
13:17:15.0252 1360 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:17:15.0424 1360 AeLookupSvc - ok
13:17:15.0455 1360 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
13:17:15.0564 1360 AFD - ok
13:17:15.0611 1360 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:17:15.0627 1360 agp440 - ok
13:17:15.0674 1360 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:17:15.0689 1360 aic78xx - ok
13:17:15.0783 1360 [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
13:17:15.0814 1360 AlertService ( UnsignedFile.Multi.Generic ) - warning
13:17:15.0814 1360 AlertService - detected UnsignedFile.Multi.Generic (1)
13:17:15.0845 1360 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
13:17:15.0908 1360 ALG - ok
13:17:15.0939 1360 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
13:17:15.0954 1360 aliide - ok
13:17:15.0986 1360 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:17:16.0001 1360 amdagp - ok
13:17:16.0017 1360 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
13:17:16.0032 1360 amdide - ok
13:17:16.0079 1360 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
13:17:16.0173 1360 AmdK7 - ok
13:17:16.0188 1360 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:17:16.0266 1360 AmdK8 - ok
13:17:16.0313 1360 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
13:17:16.0376 1360 Appinfo - ok
13:17:16.0438 1360 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
13:17:16.0454 1360 arc - ok
13:17:16.0485 1360 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:17:16.0500 1360 arcsas - ok
13:17:16.0547 1360 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
13:17:16.0547 1360 aswFsBlk - ok
13:17:16.0578 1360 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:17:16.0594 1360 aswMonFlt - ok
13:17:16.0625 1360 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
13:17:16.0625 1360 AswRdr - ok
13:17:16.0641 1360 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
13:17:16.0641 1360 aswRvrt - ok
13:17:16.0672 1360 [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:17:16.0734 1360 aswSnx - ok
13:17:16.0750 1360 [ 99102F60F344BEBAF4F6114514FD28D3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:17:16.0781 1360 aswSP - ok
13:17:16.0828 1360 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
13:17:16.0844 1360 aswTdi - ok
13:17:16.0875 1360 [ 16B8E3CD50A460EC32CA680C8210A0A9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
13:17:16.0890 1360 aswVmm - ok
13:17:16.0937 1360 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:17:17.0000 1360 AsyncMac - ok
13:17:17.0031 1360 [ 4F4FCB8B6EA06784FB6D475B7EC7300F ] atapi C:\Windows\system32\drivers\atapi.sys
13:17:17.0046 1360 atapi - ok
13:17:17.0078 1360 [ 00B317C5E88AA439C92A91C34F88E8DC ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:17:17.0156 1360 Ati External Event Utility - ok
13:17:17.0280 1360 [ 0BC49A61E33053A8FF80E0D0469E055B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:17:17.0468 1360 atikmdag - ok
13:17:17.0530 1360 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
13:17:17.0546 1360 atksgt - ok
13:17:17.0592 1360 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:17:17.0702 1360 AudioEndpointBuilder - ok
13:17:17.0811 1360 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:17:17.0889 1360 Audiosrv - ok
13:17:17.0998 1360 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:17:18.0014 1360 avast! Antivirus - ok
13:17:18.0123 1360 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
13:17:18.0170 1360 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
13:17:18.0170 1360 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
13:17:18.0232 1360 [ 263CF9D248FD5E020A1333ED4F7EAA88 ] avmeject C:\Windows\system32\drivers\avmeject.sys
13:17:18.0248 1360 avmeject ( UnsignedFile.Multi.Generic ) - warning
13:17:18.0248 1360 avmeject - detected UnsignedFile.Multi.Generic (1)
13:17:18.0310 1360 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
13:17:18.0388 1360 Beep - ok
13:17:18.0466 1360 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
13:17:18.0560 1360 BFE - ok
13:17:18.0638 1360 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
13:17:18.0731 1360 BITS - ok
13:17:18.0731 1360 blbdrive - ok
13:17:18.0794 1360 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:17:18.0840 1360 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
13:17:18.0840 1360 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
13:17:18.0872 1360 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:17:18.0965 1360 bowser - ok
13:17:19.0028 1360 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:17:19.0074 1360 BrFiltLo - ok
13:17:19.0090 1360 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:17:19.0137 1360 BrFiltUp - ok
13:17:19.0184 1360 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
13:17:19.0277 1360 Browser - ok
13:17:19.0324 1360 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
13:17:19.0418 1360 Brserid - ok
13:17:19.0433 1360 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:17:19.0511 1360 BrSerWdm - ok
13:17:19.0558 1360 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:17:19.0636 1360 BrUsbMdm - ok
13:17:19.0652 1360 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:17:19.0745 1360 BrUsbSer - ok
13:17:19.0792 1360 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:17:19.0870 1360 BTHMODEM - ok
13:17:19.0932 1360 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:17:19.0995 1360 cdfs - ok
13:17:20.0042 1360 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:17:20.0104 1360 cdrom - ok
13:17:20.0151 1360 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
13:17:20.0229 1360 CertPropSvc - ok
13:17:20.0276 1360 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
13:17:20.0369 1360 circlass - ok
13:17:20.0416 1360 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
13:17:20.0432 1360 CLFS - ok
13:17:20.0478 1360 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:17:20.0494 1360 clr_optimization_v2.0.50727_32 - ok
13:17:20.0556 1360 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:17:20.0572 1360 cmdide - ok
13:17:20.0572 1360 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:17:20.0588 1360 Compbatt - ok
13:17:20.0603 1360 COMSysApp - ok
13:17:20.0634 1360 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:17:20.0650 1360 crcdisk - ok
13:17:20.0666 1360 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
13:17:20.0759 1360 Crusoe - ok
13:17:20.0806 1360 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:17:20.0900 1360 CryptSvc - ok
13:17:20.0962 1360 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
13:17:21.0024 1360 DcomLaunch - ok
13:17:21.0056 1360 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:17:21.0149 1360 DfsC - ok
13:17:21.0258 1360 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
13:17:21.0414 1360 DFSR - ok
13:17:21.0461 1360 [ 17210D8064EC116A3FC6B5E45E577D43 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:17:21.0508 1360 Dhcp - ok
13:17:21.0524 1360 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
13:17:21.0539 1360 disk - ok
13:17:21.0555 1360 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:17:21.0602 1360 Dnscache - ok
13:17:21.0633 1360 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
13:17:21.0726 1360 dot3svc - ok
13:17:21.0804 1360 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:17:21.0867 1360 Dot4 - ok
13:17:21.0898 1360 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:17:21.0992 1360 Dot4Print - ok
13:17:22.0007 1360 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:17:22.0085 1360 dot4usb - ok
13:17:22.0132 1360 [ 8EF243E3BAF1AB4F6202EDEB8890319B ] DPS C:\Windows\system32\dps.dll
13:17:22.0226 1360 DPS - ok
13:17:22.0304 1360 [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
13:17:22.0335 1360 DQLWinService ( UnsignedFile.Multi.Generic ) - warning
13:17:22.0335 1360 DQLWinService - detected UnsignedFile.Multi.Generic (1)
13:17:22.0382 1360 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:17:22.0491 1360 drmkaud - ok
13:17:22.0538 1360 [ F032A2F91287A0B800891C7BEF9CA7A8 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:17:22.0647 1360 DXGKrnl - ok
13:17:22.0694 1360 [ C0B00E55CF82D122D25983C7A6A53DEA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
13:17:22.0787 1360 E100B - ok
13:17:22.0834 1360 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
13:17:22.0912 1360 E1G60 - ok
13:17:22.0943 1360 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
13:17:23.0037 1360 EapHost - ok
13:17:23.0084 1360 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
13:17:23.0099 1360 Ecache - ok
13:17:23.0146 1360 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:17:23.0224 1360 ehRecvr - ok
13:17:23.0255 1360 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
13:17:23.0302 1360 ehSched - ok
13:17:23.0333 1360 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
13:17:23.0364 1360 ehstart - ok
13:17:23.0411 1360 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:17:23.0427 1360 elxstor - ok
13:17:23.0474 1360 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:17:23.0552 1360 EMDMgmt - ok
13:17:23.0614 1360 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
13:17:23.0661 1360 EventSystem - ok
13:17:23.0708 1360 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:17:23.0801 1360 fastfat - ok
13:17:23.0848 1360 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:17:23.0926 1360 fdc - ok
13:17:23.0973 1360 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
13:17:24.0051 1360 fdPHost - ok
13:17:24.0098 1360 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
13:17:24.0191 1360 FDResPub - ok
13:17:24.0254 1360 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:17:24.0269 1360 FileInfo - ok
13:17:24.0300 1360 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:17:24.0363 1360 Filetrace - ok
13:17:24.0441 1360 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:17:24.0503 1360 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
13:17:24.0503 1360 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
13:17:24.0519 1360 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:17:24.0597 1360 flpydisk - ok
13:17:24.0644 1360 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:17:24.0659 1360 FltMgr - ok
13:17:24.0722 1360 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:17:24.0737 1360 FontCache3.0.0.0 - ok
13:17:24.0768 1360 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:17:24.0815 1360 Fs_Rec - ok
13:17:24.0878 1360 [ 34403847D2E224A96B94A123B9AE55A0 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
13:17:24.0940 1360 fwlanusbn - ok
13:17:24.0987 1360 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:17:25.0002 1360 gagp30kx - ok
13:17:25.0049 1360 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
13:17:25.0127 1360 gpsvc - ok
13:17:25.0236 1360 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:17:25.0252 1360 gupdate - ok
13:17:25.0268 1360 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:17:25.0283 1360 gupdatem - ok
13:17:25.0299 1360 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:17:25.0408 1360 HdAudAddService - ok
13:17:25.0439 1360 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:17:25.0455 1360 HDAudBus - ok
13:17:25.0486 1360 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:17:25.0564 1360 HidBth - ok
13:17:25.0580 1360 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
13:17:25.0658 1360 HidIr - ok
13:17:25.0704 1360 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
13:17:25.0782 1360 hidserv - ok
13:17:25.0814 1360 [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:17:25.0829 1360 HidUsb - ok
13:17:25.0860 1360 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
13:17:25.0954 1360 hkmsvc - ok
13:17:26.0032 1360 [ E48B80F6614D4BEFA7768B960FFEF514 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
13:17:26.0063 1360 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
13:17:26.0063 1360 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
13:17:26.0110 1360 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:17:26.0126 1360 HpCISSs - ok
13:17:26.0219 1360 [ 682358F730B84B63E09C6B4EDC1DE7AE ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:17:26.0235 1360 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
13:17:26.0235 1360 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
13:17:26.0250 1360 [ 2E7BEE4AA776CF1C37836B26D1D29403 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:17:26.0282 1360 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
13:17:26.0282 1360 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
13:17:26.0313 1360 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:17:26.0391 1360 HTTP - ok
13:17:26.0453 1360 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:17:26.0469 1360 i2omp - ok
13:17:26.0516 1360 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:17:26.0547 1360 i8042prt - ok
13:17:26.0625 1360 [ 9A4DC97E912C5EA375E2C69917946265 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
13:17:26.0656 1360 IAANTMON - ok
13:17:26.0703 1360 [ 2D8143C90F246D0F1735AF7D05D515F3 ] iaStor C:\Windows\system32\drivers\iastor.sys
13:17:26.0718 1360 iaStor - ok
13:17:26.0796 1360 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:17:26.0812 1360 iaStorV - ok
13:17:26.0890 1360 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:17:26.0906 1360 IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:17:26.0906 1360 IDriverT - detected UnsignedFile.Multi.Generic (1)
13:17:26.0999 1360 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:17:27.0046 1360 idsvc - ok
13:17:27.0093 1360 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:17:27.0108 1360 iirsp - ok
13:17:27.0155 1360 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
13:17:27.0264 1360 IKEEXT - ok
13:17:27.0311 1360 IntcAzAudAddService - ok
13:17:27.0358 1360 [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
13:17:27.0389 1360 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - warning
13:17:27.0389 1360 IntelDHSvcConf - detected UnsignedFile.Multi.Generic (1)
13:17:27.0420 1360 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
13:17:27.0436 1360 intelide - ok
13:17:27.0498 1360 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:17:27.0592 1360 intelppm - ok
13:17:27.0623 1360 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:17:27.0717 1360 IPBusEnum - ok
13:17:27.0764 1360 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:17:27.0842 1360 IpFilterDriver - ok
13:17:27.0873 1360 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
13:17:27.0904 1360 IpHlpSvc - ok
13:17:27.0904 1360 IpInIp - ok
13:17:27.0951 1360 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:17:28.0029 1360 IPMIDRV - ok
13:17:28.0060 1360 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:17:28.0169 1360 IPNAT - ok
13:17:28.0200 1360 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:17:28.0278 1360 IRENUM - ok
13:17:28.0310 1360 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:17:28.0325 1360 isapnp - ok
13:17:28.0388 1360 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:17:28.0403 1360 iScsiPrt - ok
13:17:28.0450 1360 [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
13:17:28.0481 1360 ISSM ( UnsignedFile.Multi.Generic ) - warning
13:17:28.0481 1360 ISSM - detected UnsignedFile.Multi.Generic (1)
13:17:28.0528 1360 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:17:28.0544 1360 iteatapi - ok
13:17:28.0575 1360 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:17:28.0590 1360 iteraid - ok
13:17:28.0622 1360 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:17:28.0637 1360 kbdclass - ok
13:17:28.0684 1360 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:17:28.0731 1360 kbdhid - ok
13:17:28.0762 1360 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
13:17:28.0824 1360 KeyIso - ok
13:17:28.0856 1360 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:17:28.0887 1360 KSecDD - ok
13:17:28.0918 1360 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
13:17:29.0012 1360 KtmRm - ok
13:17:29.0027 1360 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
13:17:29.0105 1360 LanmanServer - ok
13:17:29.0152 1360 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:17:29.0214 1360 LanmanWorkstation - ok
13:17:29.0277 1360 [ 98D884ADC0B8C0FEBCC9D7BEE6D86F90 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
13:17:29.0308 1360 LightScribeService - ok
13:17:29.0339 1360 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
13:17:29.0355 1360 lirsgt - ok
13:17:29.0370 1360 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:17:29.0433 1360 lltdio - ok
13:17:29.0464 1360 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:17:29.0573 1360 lltdsvc - ok
13:17:29.0604 1360 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:17:29.0667 1360 lmhosts - ok
13:17:29.0698 1360 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:17:29.0714 1360 LSI_FC - ok
13:17:29.0760 1360 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:17:29.0776 1360 LSI_SAS - ok
13:17:29.0807 1360 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:17:29.0823 1360 LSI_SCSI - ok
13:17:29.0870 1360 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
13:17:29.0963 1360 luafv - ok
13:17:29.0994 1360 [ 7B073FD0133346D0E555353F164057D7 ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
13:17:30.0010 1360 M1 Server ( UnsignedFile.Multi.Generic ) - warning
13:17:30.0010 1360 M1 Server - detected UnsignedFile.Multi.Generic (1)
13:17:30.0057 1360 [ 59A2783ABA6019BED0C843C706E10A6A ] massfilter C:\Windows\system32\drivers\massfilter.sys
13:17:30.0104 1360 massfilter - ok
13:17:30.0166 1360 [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
13:17:30.0182 1360 MCLServiceATL ( UnsignedFile.Multi.Generic ) - warning
13:17:30.0182 1360 MCLServiceATL - detected UnsignedFile.Multi.Generic (1)
13:17:30.0228 1360 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:17:30.0260 1360 Mcx2Svc - ok
13:17:30.0322 1360 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
13:17:30.0338 1360 megasas - ok
13:17:30.0338 1360 mgisvr - ok
13:17:30.0369 1360 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
13:17:30.0447 1360 MMCSS - ok
13:17:30.0462 1360 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
13:17:30.0540 1360 Modem - ok
13:17:30.0587 1360 [ EC839BA91E45CCE6EADAFC418FFF8206 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:17:30.0681 1360 monitor - ok
13:17:30.0728 1360 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:17:30.0743 1360 mouclass - ok
13:17:30.0774 1360 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:17:30.0806 1360 mouhid - ok
13:17:30.0837 1360 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:17:30.0852 1360 MountMgr - ok
13:17:30.0930 1360 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:17:30.0946 1360 MozillaMaintenance - ok
13:17:30.0977 1360 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
13:17:31.0008 1360 mpio - ok
13:17:31.0040 1360 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:17:31.0086 1360 mpsdrv - ok
13:17:31.0118 1360 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
13:17:31.0180 1360 MpsSvc - ok
13:17:31.0242 1360 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:17:31.0242 1360 Mraid35x - ok
13:17:31.0289 1360 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:17:31.0336 1360 MRxDAV - ok
13:17:31.0367 1360 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:17:31.0414 1360 mrxsmb - ok
13:17:31.0445 1360 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:17:31.0476 1360 mrxsmb10 - ok
13:17:31.0508 1360 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:17:31.0554 1360 mrxsmb20 - ok
13:17:31.0601 1360 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
13:17:31.0617 1360 msahci - ok
13:17:31.0632 1360 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:17:31.0664 1360 msdsm - ok
13:17:31.0679 1360 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
13:17:31.0710 1360 MSDTC - ok
13:17:31.0773 1360 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:17:31.0866 1360 Msfs - ok
13:17:31.0898 1360 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:17:31.0913 1360 msisadrv - ok
13:17:31.0944 1360 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:17:32.0038 1360 MSiSCSI - ok
13:17:32.0054 1360 msiserver - ok
13:17:32.0100 1360 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:17:32.0163 1360 MSKSSRV - ok
13:17:32.0210 1360 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:17:32.0303 1360 MSPCLOCK - ok
13:17:32.0350 1360 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:17:32.0412 1360 MSPQM - ok
13:17:32.0459 1360 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:17:32.0475 1360 MsRPC - ok
13:17:32.0537 1360 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:17:32.0553 1360 mssmbios - ok
13:17:32.0600 1360 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:17:32.0678 1360 MSTEE - ok
13:17:32.0724 1360 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
13:17:32.0740 1360 Mup - ok
13:17:32.0756 1360 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
13:17:32.0849 1360 napagent - ok
13:17:32.0880 1360 [ 497DE786240303EE67AB01F5690C24C2 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:17:32.0927 1360 NativeWifiP - ok
13:17:32.0974 1360 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:17:33.0021 1360 NDIS - ok
13:17:33.0036 1360 [ 7584F1794B23B83D63CC124A8C56D103 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:17:33.0130 1360 NdisTapi - ok
13:17:33.0161 1360 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:17:33.0239 1360 Ndisuio - ok
13:17:33.0270 1360 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:17:33.0348 1360 NdisWan - ok
13:17:33.0380 1360 [ 874C12E3AD1431CABC854697D302C563 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:17:33.0458 1360 NDProxy - ok
13:17:33.0520 1360 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:17:33.0551 1360 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:17:33.0551 1360 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:17:33.0598 1360 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:17:33.0692 1360 NetBIOS - ok
13:17:33.0723 1360 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:17:33.0785 1360 netbt - ok
13:17:33.0801 1360 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
13:17:33.0832 1360 Netlogon - ok
13:17:33.0848 1360 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
13:17:33.0926 1360 Netman - ok
13:17:33.0957 1360 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
13:17:34.0035 1360 netprofm - ok
13:17:34.0066 1360 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:17:34.0082 1360 NetTcpPortSharing - ok
13:17:34.0128 1360 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:17:34.0144 1360 nfrd960 - ok
13:17:34.0175 1360 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
13:17:34.0238 1360 NlaSvc - ok
13:17:34.0269 1360 NMIndexingService - ok
13:17:34.0316 1360 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:17:34.0409 1360 Npfs - ok
13:17:34.0440 1360 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
13:17:34.0534 1360 nsi - ok
13:17:34.0565 1360 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:17:34.0628 1360 nsiproxy - ok
13:17:34.0690 1360 [ 3F379380A4A2637F559444E338CF1B51 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:17:34.0768 1360 Ntfs - ok
13:17:34.0815 1360 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
13:17:34.0877 1360 ntrigdigi - ok
13:17:34.0908 1360 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
13:17:34.0971 1360 Null - ok
13:17:35.0002 1360 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:17:35.0018 1360 nvraid - ok
13:17:35.0033 1360 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:17:35.0049 1360 nvstor - ok
13:17:35.0064 1360 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:17:35.0080 1360 nv_agp - ok
13:17:35.0096 1360 NwlnkFlt - ok
13:17:35.0111 1360 NwlnkFwd - ok
13:17:35.0158 1360 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:17:35.0220 1360 ohci1394 - ok
13:17:35.0267 1360 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:17:35.0330 1360 p2pimsvc - ok
13:17:35.0361 1360 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
13:17:35.0423 1360 p2psvc - ok
13:17:35.0454 1360 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
13:17:35.0548 1360 Parport - ok
13:17:35.0579 1360 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:17:35.0595 1360 partmgr - ok
13:17:35.0610 1360 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
13:17:35.0688 1360 Parvdm - ok
13:17:35.0720 1360 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:17:35.0766 1360 PcaSvc - ok
13:17:35.0813 1360 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
13:17:35.0829 1360 pci - ok
13:17:35.0860 1360 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
13:17:35.0876 1360 pciide - ok
13:17:35.0891 1360 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:17:35.0907 1360 pcmcia - ok
13:17:35.0969 1360 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:17:36.0110 1360 PEAUTH - ok
13:17:36.0203 1360 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
13:17:36.0359 1360 pla - ok
13:17:36.0390 1360 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:17:36.0453 1360 PlugPlay - ok
13:17:36.0484 1360 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:17:36.0500 1360 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:17:36.0500 1360 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:17:36.0531 1360 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:17:36.0609 1360 PNRPAutoReg - ok
13:17:36.0656 1360 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:17:36.0718 1360 PNRPsvc - ok
13:17:36.0765 1360 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:17:36.0843 1360 PolicyAgent - ok
13:17:36.0874 1360 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:17:36.0921 1360 PptpMiniport - ok
13:17:36.0968 1360 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
13:17:37.0061 1360 Processor - ok
13:17:37.0108 1360 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
13:17:37.0186 1360 ProfSvc - ok
13:17:37.0217 1360 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:17:37.0264 1360 ProtectedStorage - ok
13:17:37.0311 1360 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
13:17:37.0342 1360 Ps2 - ok
13:17:37.0389 1360 [ B74EDF14453C9987E99E66535047EBEE ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:17:37.0451 1360 PSched - ok
13:17:37.0482 1360 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
13:17:37.0498 1360 PxHelp20 - ok
13:17:37.0560 1360 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:17:37.0623 1360 ql2300 - ok
13:17:37.0670 1360 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:17:37.0701 1360 ql40xx - ok
13:17:37.0716 1360 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
13:17:37.0763 1360 QWAVE - ok
13:17:37.0779 1360 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:17:37.0810 1360 QWAVEdrv - ok
13:17:37.0841 1360 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:17:37.0935 1360 RasAcd - ok
13:17:37.0966 1360 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
13:17:38.0044 1360 RasAuto - ok
13:17:38.0075 1360 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:17:38.0091 1360 Rasl2tp - ok
13:17:38.0122 1360 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
13:17:38.0200 1360 RasMan - ok
13:17:38.0231 1360 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:17:38.0325 1360 RasPppoe - ok
13:17:38.0356 1360 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:17:38.0434 1360 rdbss - ok
13:17:38.0465 1360 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:17:38.0543 1360 RDPCDD - ok
13:17:38.0574 1360 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:17:38.0637 1360 rdpdr - ok
13:17:38.0668 1360 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:17:38.0730 1360 RDPENCDD - ok
13:17:38.0762 1360 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:17:38.0840 1360 RDPWD - ok
13:17:38.0886 1360 [ 752402F6BD5FA012805813C329F88DD3 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
13:17:38.0918 1360 Remote UI Service ( UnsignedFile.Multi.Generic ) - warning
13:17:38.0918 1360 Remote UI Service - detected UnsignedFile.Multi.Generic (1)
13:17:38.0949 1360 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
13:17:39.0011 1360 RemoteAccess - ok
13:17:39.0042 1360 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:17:39.0105 1360 RemoteRegistry - ok
13:17:39.0183 1360 [ 2DAC86F10C42B55F2511F14CBCEE7284 ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
13:17:39.0230 1360 RoxMediaDB9 - ok
13:17:39.0276 1360 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
13:17:39.0292 1360 RpcLocator - ok
13:17:39.0323 1360 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
13:17:39.0354 1360 RpcSs - ok
13:17:39.0401 1360 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:17:39.0464 1360 rspndr - ok
13:17:39.0479 1360 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
13:17:39.0495 1360 SamSs - ok
13:17:39.0526 1360 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:17:39.0542 1360 sbp2port - ok
13:17:39.0573 1360 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:17:39.0651 1360 SCardSvr - ok
13:17:39.0698 1360 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
13:17:39.0729 1360 Schedule - ok
13:17:39.0744 1360 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:17:39.0791 1360 SCPolicySvc - ok
13:17:39.0807 1360 [ 56AA904311B3BACC67DBA8679AFF73D4 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:17:39.0869 1360 SDRSVC - ok
13:17:39.0885 1360 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:17:39.0947 1360 secdrv - ok
13:17:39.0978 1360 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
13:17:40.0025 1360 seclogon - ok
13:17:40.0056 1360 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
13:17:40.0134 1360 SENS - ok
13:17:40.0181 1360 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:17:40.0244 1360 Serenum - ok
13:17:40.0259 1360 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
13:17:40.0337 1360 Serial - ok
13:17:40.0353 1360 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:17:40.0384 1360 sermouse - ok
13:17:40.0431 1360 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
13:17:40.0524 1360 SessionEnv - ok
13:17:40.0571 1360 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:17:40.0618 1360 sffdisk - ok
13:17:40.0634 1360 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:17:40.0649 1360 sffp_mmc - ok
13:17:40.0665 1360 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:17:40.0680 1360 sffp_sd - ok
13:17:40.0696 1360 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:17:40.0774 1360 sfloppy - ok
13:17:40.0805 1360 [ 11AAC56C04D26195D21C4F5229DB4726 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:17:40.0883 1360 SharedAccess - ok
13:17:40.0899 1360 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:17:40.0946 1360 ShellHWDetection - ok
13:17:40.0992 1360 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:17:41.0008 1360 sisagp - ok
13:17:41.0024 1360 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:17:41.0024 1360 SiSRaid2 - ok
13:17:41.0055 1360 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:17:41.0055 1360 SiSRaid4 - ok
13:17:41.0148 1360 [ 7610645679BB5994210D21A347E0C479 ] slsvc C:\Windows\system32\SLsvc.exe
13:17:41.0476 1360 slsvc - ok
13:17:41.0523 1360 [ 49670F3E42A0178A0AB425AE15D88E7C ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:17:41.0601 1360 SLUINotify - ok
13:17:41.0648 1360 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:17:41.0694 1360 Smb - ok
13:17:41.0726 1360 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:17:41.0741 1360 SNMPTRAP - ok
13:17:41.0772 1360 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
13:17:41.0772 1360 spldr - ok
13:17:41.0788 1360 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
13:17:41.0850 1360 Spooler - ok
13:17:41.0897 1360 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
13:17:41.0913 1360 srv - ok
13:17:41.0944 1360 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:17:41.0991 1360 srv2 - ok
13:17:42.0022 1360 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:17:42.0038 1360 srvnet - ok
13:17:42.0053 1360 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:17:42.0116 1360 SSDPSRV - ok
13:17:42.0147 1360 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
13:17:42.0209 1360 stisvc - ok
13:17:42.0256 1360 [ E5FF667E416DAC99BFF16B626234A379 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:17:42.0272 1360 stllssvr - ok
13:17:42.0287 1360 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:17:42.0303 1360 swenum - ok
13:17:42.0334 1360 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
13:17:42.0428 1360 swprv - ok
13:17:42.0474 1360 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:17:42.0490 1360 Symc8xx - ok
13:17:42.0521 1360 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:17:42.0537 1360 Sym_hi - ok
13:17:42.0552 1360 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:17:42.0568 1360 Sym_u3 - ok
13:17:42.0615 1360 [ C1FDFF9AFD8C6C905485981B41DCFB40 ] SysMain C:\Windows\system32\sysmain.dll
13:17:42.0740 1360 SysMain - ok
13:17:42.0771 1360 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:17:42.0849 1360 TabletInputService - ok
13:17:42.0864 1360 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:17:42.0927 1360 TapiSrv - ok
13:17:42.0942 1360 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
13:17:42.0989 1360 TBS - ok
13:17:43.0036 1360 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:17:43.0130 1360 Tcpip - ok
13:17:43.0161 1360 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:17:43.0223 1360 Tcpip6 - ok
13:17:43.0270 1360 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:17:43.0348 1360 tcpipreg - ok
13:17:43.0379 1360 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:17:43.0457 1360 TDPIPE - ok
13:17:43.0473 1360 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:17:43.0551 1360 TDTCP - ok
13:17:43.0598 1360 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:17:43.0660 1360 tdx - ok
13:17:43.0691 1360 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:17:43.0707 1360 TermDD - ok
13:17:43.0738 1360 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
13:17:43.0832 1360 TermService - ok
13:17:43.0878 1360 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
13:17:43.0910 1360 Themes - ok
13:17:43.0925 1360 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
13:17:43.0972 1360 THREADORDER - ok
13:17:44.0019 1360 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
13:17:44.0081 1360 TrkWks - ok
13:17:44.0159 1360 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:17:44.0190 1360 TrustedInstaller - ok
13:17:44.0237 1360 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:17:44.0300 1360 tssecsrv - ok
13:17:44.0346 1360 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:17:44.0378 1360 tunmp - ok
13:17:44.0409 1360 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:17:44.0424 1360 tunnel - ok
13:17:44.0456 1360 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:17:44.0471 1360 uagp35 - ok
13:17:44.0518 1360 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:17:44.0596 1360 udfs - ok
13:17:44.0658 1360 [ 13BFF97E926BF8D9C1230CECC371A0C0 ] UI Assistant Service C:\Program Files\1&1 Surf-Stick\AssistantServices.exe
13:17:44.0658 1360 UI Assistant Service - ok
13:17:44.0690 1360 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:17:44.0705 1360 UI0Detect - ok
13:17:44.0736 1360 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:17:44.0752 1360 uliagpkx - ok
13:17:44.0783 1360 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:17:44.0814 1360 uliahci - ok
13:17:44.0830 1360 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:17:44.0846 1360 UlSata - ok
13:17:44.0861 1360 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:17:44.0877 1360 ulsata2 - ok
13:17:44.0908 1360 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:17:44.0986 1360 umbus - ok
13:17:45.0033 1360 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
13:17:45.0126 1360 upnphost - ok
13:17:45.0158 1360 [ 51480458E6E9863F856EBF35AAE801B4 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:17:45.0220 1360 usbccgp - ok
13:17:45.0251 1360 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:17:45.0314 1360 usbcir - ok
13:17:45.0345 1360 [ 11FA3ACBF0DE0286829C69E01FE705E4 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:17:45.0360 1360 usbehci - ok
13:17:45.0376 1360 [ 6A7858A38B5105731E219E7C6A238730 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:17:45.0423 1360 usbhub - ok
13:17:45.0470 1360 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:17:45.0548 1360 usbohci - ok
13:17:45.0610 1360 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:17:45.0704 1360 usbprint - ok
13:17:45.0719 1360 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:17:45.0797 1360 usbscan - ok
13:17:45.0828 1360 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:17:45.0875 1360 USBSTOR - ok
13:17:45.0891 1360 [ 4013315FED70A2D293B998CBBA4022EE ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:17:45.0922 1360 usbuhci - ok
13:17:45.0953 1360 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
13:17:46.0031 1360 UxSms - ok
13:17:46.0203 1360 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
13:17:46.0281 1360 vds - ok
13:17:46.0343 1360 veteboot - ok
13:17:46.0421 1360 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:17:46.0499 1360 vga - ok
13:17:46.0562 1360 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
13:17:46.0640 1360 VgaSave - ok
13:17:46.0702 1360 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:17:46.0733 1360 viaagp - ok
13:17:46.0780 1360 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:17:46.0858 1360 ViaC7 - ok
13:17:46.0889 1360 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
13:17:46.0936 1360 viaide - ok
13:17:46.0967 1360 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:17:46.0983 1360 volmgr - ok
13:17:46.0998 1360 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:17:47.0045 1360 volmgrx - ok
13:17:47.0061 1360 [ 11EF6C1CAEF76B685233450A126125D6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:17:47.0092 1360 volsnap - ok
13:17:47.0123 1360 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:17:47.0154 1360 vsmraid - ok
13:17:47.0342 1360 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
13:17:47.0420 1360 VSS - ok
13:17:47.0560 1360 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
13:17:47.0732 1360 W32Time - ok
13:17:47.0778 1360 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:17:47.0856 1360 WacomPen - ok
13:17:47.0872 1360 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:17:47.0966 1360 Wanarp - ok
13:17:47.0997 1360 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:17:48.0044 1360 Wanarpv6 - ok
13:17:48.0153 1360 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:17:48.0200 1360 wcncsvc - ok
13:17:48.0215 1360 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:17:48.0278 1360 WcsPlugInService - ok
13:17:48.0293 1360 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
13:17:48.0309 1360 Wd - ok
13:17:48.0340 1360 [ DEA0BF2354EB609C33F5F1BED41FD0E4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:17:48.0356 1360 Suspicious file (Forged): C:\Windows\system32\drivers\Wdf01000.sys. Real md5: DEA0BF2354EB609C33F5F1BED41FD0E4, Fake md5: 7B5F66E4A2219C7D9DAF9E738480E534
13:17:48.0356 1360 Wdf01000 ( Virus.Win32.Rloader.a ) - infected
13:17:48.0356 1360 Wdf01000 - detected Virus.Win32.Rloader.a (0)
13:17:48.0371 1360 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:17:48.0418 1360 WdiServiceHost - ok
13:17:48.0418 1360 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:17:48.0434 1360 WdiSystemHost - ok
13:17:48.0527 1360 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
13:17:48.0590 1360 WebClient - ok
13:17:48.0621 1360 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
13:17:48.0683 1360 Wecsvc - ok
13:17:48.0714 1360 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:17:48.0792 1360 wercplsupport - ok
13:17:48.0808 1360 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
13:17:48.0917 1360 WerSvc - ok
13:17:48.0980 1360 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:17:49.0011 1360 WinDefend - ok
13:17:49.0136 1360 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:17:49.0260 1360 Winmgmt - ok
13:17:49.0401 1360 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
13:17:49.0541 1360 WinRM - ok
13:17:49.0650 1360 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:17:49.0775 1360 Wlansvc - ok
13:17:49.0853 1360 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:17:49.0947 1360 WmiAcpi - ok
13:17:50.0040 1360 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:17:50.0103 1360 wmiApSrv - ok
13:17:50.0493 1360 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:17:50.0602 1360 WMPNetworkSvc - ok
13:17:50.0742 1360 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:17:50.0805 1360 WPCSvc - ok
13:17:50.0852 1360 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:17:50.0914 1360 WPDBusEnum - ok
13:17:50.0976 1360 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:17:51.0054 1360 WpdUsb - ok
13:17:51.0117 1360 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:17:51.0179 1360 ws2ifsl - ok
13:17:51.0226 1360 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
13:17:51.0257 1360 wscsvc - ok
13:17:51.0273 1360 WSearch - ok
13:17:51.0366 1360 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
13:17:51.0507 1360 wuauserv - ok
13:17:51.0585 1360 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:17:51.0678 1360 WUDFRd - ok
13:17:51.0710 1360 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:17:51.0788 1360 wudfsvc - ok
13:17:51.0850 1360 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
13:17:51.0897 1360 ZTEusbmdm6k - ok
13:17:51.0959 1360 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
13:17:51.0975 1360 ZTEusbnmea - ok
13:17:52.0022 1360 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
13:17:52.0037 1360 ZTEusbser6k - ok
13:17:52.0053 1360 ================ Scan global ===============================
13:17:52.0084 1360 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
13:17:52.0115 1360 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
13:17:52.0146 1360 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
13:17:52.0193 1360 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
13:17:52.0209 1360 [Global] - ok
13:17:52.0209 1360 ================ Scan MBR ==================================
13:17:52.0209 1360 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
13:17:52.0911 1360 \Device\Harddisk0\DR0 - ok
13:17:52.0911 1360 ================ Scan VBR ==================================
13:17:52.0926 1360 [ BB1F8D07D5A59684530589BACBB75B9D ] \Device\Harddisk0\DR0\Partition1
13:17:52.0926 1360 \Device\Harddisk0\DR0\Partition1 - ok
13:17:52.0942 1360 [ 49CEB98D7C68A84F9BE63B24E643C072 ] \Device\Harddisk0\DR0\Partition2
13:17:52.0942 1360 \Device\Harddisk0\DR0\Partition2 - ok
13:17:52.0942 1360 ============================================================
13:17:52.0942 1360 Scan finished
13:17:52.0942 1360 ============================================================
13:17:52.0958 5068 Detected object count: 19
13:17:52.0958 5068 Actual detected object count: 19
13:18:23.0190 5068 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0190 5068 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0190 5068 AlertService ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0190 5068 AlertService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0206 5068 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0206 5068 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0206 5068 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0206 5068 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0206 5068 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0206 5068 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0206 5068 DQLWinService ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0206 5068 DQLWinService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0206 5068 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0206 5068 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0222 5068 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0222 5068 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0222 5068 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0222 5068 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0222 5068 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0222 5068 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0222 5068 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0222 5068 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0222 5068 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0222 5068 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0237 5068 ISSM ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0237 5068 ISSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0237 5068 M1 Server ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0237 5068 M1 Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0237 5068 MCLServiceATL ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0237 5068 MCLServiceATL ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0237 5068 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0237 5068 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0237 5068 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0237 5068 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0237 5068 Remote UI Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:18:23.0237 5068 Remote UI Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:18:23.0253 5068 Wdf01000 ( Virus.Win32.Rloader.a ) - skipped by user
13:18:23.0253 5068 Wdf01000 ( Virus.Win32.Rloader.a ) - User select action: Skip
13:19:05.0154 3460 Deinitialize success
|
|
11.06.2013, 12:24
| #10 |
| /// Malware-holic | AVAST Prüfergebnisse..416 Bedrohungen..was nun? hi avast konfigurieren wie eben. dann folgenen Fund wählen: Win32.Rloader cure, bzw delete, falls cure nicht vorhanden ist. pc neustarten, tdss killer noch mal wie eben konfigurieren, log postenb
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 13:13
| #11 |
| | AVAST Prüfergebnisse..416 Bedrohungen..was nun? aufgrund der Voreinstellung hat es alle anderen Funde bei AVAST jetzt in den Container verschoben (hoffe das ist nicht weiter schlimm)..bei Win32:RLoader-B bin ich auf läöschen gegangen..habe bei AVAST die Meldung bekommen, dass die Aktion erst beim nächsten Neustart durchgeführt wird..nach neustart war die Meldung immer noch da..hab dann noch zweimal neugestartet und einmal komplett heruntergefahren aber Meldung immer noch da..beim TDSS-Scan kommt ja die Option skip oder cure..soll ich da auf cure gehen?..komischerweise endet der win32:Rloader bei AVAST auf -B und bei TDSS auf -a..ist das schon derselbe? anbei der log Code:
ATTFilter 14:06:19.0338 4388 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:06:19.0579 4388 ============================================================
14:06:19.0579 4388 Current date / time: 2013/06/11 14:06:19.0579
14:06:19.0579 4388 SystemInfo:
14:06:19.0579 4388
14:06:19.0579 4388 OS Version: 6.0.6000 ServicePack: 0.0
14:06:19.0579 4388 Product type: Workstation
14:06:19.0580 4388 ComputerName: MARC-PC
14:06:19.0580 4388 UserName: Marc
14:06:19.0580 4388 Windows directory: C:\Windows
14:06:19.0580 4388 System windows directory: C:\Windows
14:06:19.0580 4388 Processor architecture: Intel x86
14:06:19.0580 4388 Number of processors: 2
14:06:19.0580 4388 Page size: 0x1000
14:06:19.0580 4388 Boot type: Normal boot
14:06:19.0580 4388 ============================================================
14:06:20.0173 4388 Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 (335.35 Gb), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:06:20.0236 4388 ============================================================
14:06:20.0236 4388 \Device\Harddisk0\DR0:
14:06:20.0259 4388 MBR partitions:
14:06:20.0259 4388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x28FA712C
14:06:20.0259 4388 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x28FA716B, BlocksNum 0xF0B856
14:06:20.0259 4388 ============================================================
14:06:20.0482 4388 C: <-> \Device\Harddisk0\DR0\Partition1
14:06:21.0064 4388 D: <-> \Device\Harddisk0\DR0\Partition2
14:06:21.0064 4388 ============================================================
14:06:21.0064 4388 Initialize success
14:06:21.0064 4388 ============================================================
14:06:26.0789 4592 ============================================================
14:06:26.0789 4592 Scan started
14:06:26.0789 4592 Mode: Manual; SigCheck; TDLFS;
14:06:26.0789 4592 ============================================================
14:06:27.0356 4592 ================ Scan system memory ========================
14:06:27.0356 4592 System memory - ok
14:06:27.0357 4592 ================ Scan services =============================
14:06:28.0390 4592 [ 4E5451DD0AEC8504D7F8030DD2D4C416 ] ACEDRV07 C:\Windows\system32\drivers\ACEDRV07.sys
14:06:28.0562 4592 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning
14:06:28.0562 4592 ACEDRV07 - detected UnsignedFile.Multi.Generic (1)
14:06:28.0624 4592 [ 27F954120BABB8A00F8745D8F5BC9B82 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
14:06:28.0718 4592 acedrv11 - ok
14:06:28.0780 4592 [ 192BDBD1540645C4A2AA69F24CCE197F ] ACPI C:\Windows\system32\drivers\acpi.sys
14:06:28.0812 4592 ACPI - ok
14:06:28.0874 4592 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:06:28.0905 4592 adp94xx - ok
14:06:28.0936 4592 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:06:28.0968 4592 adpahci - ok
14:06:28.0999 4592 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:06:29.0014 4592 adpu160m - ok
14:06:29.0092 4592 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:06:29.0155 4592 adpu320 - ok
14:06:29.0217 4592 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:06:29.0342 4592 AeLookupSvc - ok
14:06:29.0373 4592 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
14:06:29.0560 4592 AFD - ok
14:06:29.0592 4592 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:06:29.0592 4592 agp440 - ok
14:06:29.0638 4592 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:06:29.0670 4592 aic78xx - ok
14:06:29.0826 4592 [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
14:06:29.0919 4592 AlertService ( UnsignedFile.Multi.Generic ) - warning
14:06:29.0919 4592 AlertService - detected UnsignedFile.Multi.Generic (1)
14:06:29.0950 4592 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
14:06:30.0044 4592 ALG - ok
14:06:30.0060 4592 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
14:06:30.0075 4592 aliide - ok
14:06:30.0122 4592 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:06:30.0138 4592 amdagp - ok
14:06:30.0169 4592 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
14:06:30.0184 4592 amdide - ok
14:06:30.0231 4592 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
14:06:30.0309 4592 AmdK7 - ok
14:06:30.0340 4592 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:06:30.0465 4592 AmdK8 - ok
14:06:30.0496 4592 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
14:06:30.0590 4592 Appinfo - ok
14:06:30.0652 4592 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
14:06:30.0699 4592 arc - ok
14:06:30.0746 4592 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:06:30.0762 4592 arcsas - ok
14:06:30.0824 4592 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:06:30.0840 4592 aswFsBlk - ok
14:06:30.0871 4592 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:06:30.0886 4592 aswMonFlt - ok
14:06:30.0902 4592 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
14:06:30.0918 4592 AswRdr - ok
14:06:30.0949 4592 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
14:06:30.0964 4592 aswRvrt - ok
14:06:31.0011 4592 [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:06:31.0042 4592 aswSnx - ok
14:06:31.0074 4592 [ 99102F60F344BEBAF4F6114514FD28D3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:06:31.0089 4592 aswSP - ok
14:06:31.0120 4592 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:06:31.0120 4592 aswTdi - ok
14:06:31.0183 4592 [ 16B8E3CD50A460EC32CA680C8210A0A9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
14:06:31.0214 4592 aswVmm - ok
14:06:31.0261 4592 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:06:31.0323 4592 AsyncMac - ok
14:06:31.0386 4592 [ 4F4FCB8B6EA06784FB6D475B7EC7300F ] atapi C:\Windows\system32\drivers\atapi.sys
14:06:31.0386 4592 atapi - ok
14:06:31.0432 4592 [ 00B317C5E88AA439C92A91C34F88E8DC ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
14:06:31.0557 4592 Ati External Event Utility - ok
14:06:31.0682 4592 [ 0BC49A61E33053A8FF80E0D0469E055B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:06:31.0822 4592 atikmdag - ok
14:06:31.0869 4592 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
14:06:31.0885 4592 atksgt - ok
14:06:31.0916 4592 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:06:32.0025 4592 AudioEndpointBuilder - ok
14:06:32.0056 4592 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:06:32.0134 4592 Audiosrv - ok
14:06:32.0337 4592 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:06:32.0353 4592 avast! Antivirus - ok
14:06:32.0446 4592 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
14:06:32.0571 4592 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
14:06:32.0571 4592 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
14:06:32.0634 4592 [ 263CF9D248FD5E020A1333ED4F7EAA88 ] avmeject C:\Windows\system32\drivers\avmeject.sys
14:06:32.0680 4592 avmeject ( UnsignedFile.Multi.Generic ) - warning
14:06:32.0680 4592 avmeject - detected UnsignedFile.Multi.Generic (1)
14:06:32.0727 4592 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
14:06:32.0790 4592 Beep - ok
14:06:32.0852 4592 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
14:06:33.0148 4592 BFE - ok
14:06:33.0429 4592 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
14:06:33.0601 4592 BITS - ok
14:06:33.0601 4592 blbdrive - ok
14:06:33.0710 4592 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:06:33.0757 4592 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
14:06:33.0757 4592 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
14:06:33.0819 4592 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:06:33.0928 4592 bowser - ok
14:06:34.0022 4592 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:06:34.0084 4592 BrFiltLo - ok
14:06:34.0116 4592 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:06:34.0194 4592 BrFiltUp - ok
14:06:34.0209 4592 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
14:06:34.0318 4592 Browser - ok
14:06:34.0396 4592 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
14:06:34.0677 4592 Brserid - ok
14:06:34.0724 4592 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:06:34.0833 4592 BrSerWdm - ok
14:06:34.0880 4592 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:06:35.0005 4592 BrUsbMdm - ok
14:06:35.0036 4592 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:06:35.0161 4592 BrUsbSer - ok
14:06:35.0208 4592 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:06:35.0301 4592 BTHMODEM - ok
14:06:35.0364 4592 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:06:35.0473 4592 cdfs - ok
14:06:35.0535 4592 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:06:35.0644 4592 cdrom - ok
14:06:35.0676 4592 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
14:06:35.0785 4592 CertPropSvc - ok
14:06:35.0832 4592 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
14:06:35.0925 4592 circlass - ok
14:06:36.0019 4592 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
14:06:36.0050 4592 CLFS - ok
14:06:36.0128 4592 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:06:36.0144 4592 clr_optimization_v2.0.50727_32 - ok
14:06:36.0190 4592 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:06:36.0222 4592 cmdide - ok
14:06:36.0237 4592 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:06:36.0253 4592 Compbatt - ok
14:06:36.0253 4592 COMSysApp - ok
14:06:36.0284 4592 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:06:36.0300 4592 crcdisk - ok
14:06:36.0331 4592 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
14:06:36.0424 4592 Crusoe - ok
14:06:36.0471 4592 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:06:36.0565 4592 CryptSvc - ok
14:06:36.0721 4592 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
14:06:36.0783 4592 DcomLaunch - ok
14:06:36.0814 4592 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:06:36.0908 4592 DfsC - ok
14:06:37.0392 4592 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
14:06:37.0610 4592 DFSR - ok
14:06:37.0672 4592 [ 17210D8064EC116A3FC6B5E45E577D43 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:06:37.0750 4592 Dhcp - ok
14:06:37.0782 4592 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
14:06:37.0797 4592 disk - ok
14:06:37.0828 4592 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:06:37.0969 4592 Dnscache - ok
14:06:38.0000 4592 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
14:06:38.0109 4592 dot3svc - ok
14:06:38.0218 4592 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:06:38.0312 4592 Dot4 - ok
14:06:38.0343 4592 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:06:38.0437 4592 Dot4Print - ok
14:06:38.0468 4592 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:06:38.0546 4592 dot4usb - ok
14:06:38.0593 4592 [ 8EF243E3BAF1AB4F6202EDEB8890319B ] DPS C:\Windows\system32\dps.dll
14:06:38.0686 4592 DPS - ok
14:06:38.0920 4592 [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
14:06:38.0967 4592 DQLWinService ( UnsignedFile.Multi.Generic ) - warning
14:06:38.0967 4592 DQLWinService - detected UnsignedFile.Multi.Generic (1)
14:06:39.0014 4592 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:06:39.0108 4592 drmkaud - ok
14:06:39.0248 4592 [ F032A2F91287A0B800891C7BEF9CA7A8 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:06:39.0373 4592 DXGKrnl - ok
14:06:39.0420 4592 [ C0B00E55CF82D122D25983C7A6A53DEA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
14:06:39.0560 4592 E100B - ok
14:06:39.0607 4592 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
14:06:39.0685 4592 E1G60 - ok
14:06:39.0732 4592 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
14:06:39.0794 4592 EapHost - ok
14:06:39.0825 4592 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
14:06:39.0841 4592 Ecache - ok
14:06:39.0934 4592 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:06:39.0997 4592 ehRecvr - ok
14:06:40.0028 4592 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
14:06:40.0059 4592 ehSched - ok
14:06:40.0106 4592 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
14:06:40.0106 4592 ehstart - ok
14:06:40.0246 4592 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:06:40.0293 4592 elxstor - ok
14:06:40.0340 4592 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:06:40.0480 4592 EMDMgmt - ok
14:06:40.0543 4592 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
14:06:40.0636 4592 EventSystem - ok
14:06:40.0683 4592 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:06:40.0792 4592 fastfat - ok
14:06:40.0839 4592 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:06:40.0917 4592 fdc - ok
14:06:40.0948 4592 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
14:06:41.0058 4592 fdPHost - ok
14:06:41.0073 4592 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
14:06:41.0167 4592 FDResPub - ok
14:06:41.0229 4592 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:06:41.0245 4592 FileInfo - ok
14:06:41.0292 4592 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:06:41.0338 4592 Filetrace - ok
14:06:41.0541 4592 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:06:41.0760 4592 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:06:41.0760 4592 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:06:41.0806 4592 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:06:41.0900 4592 flpydisk - ok
14:06:42.0009 4592 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:06:42.0025 4592 FltMgr - ok
14:06:42.0134 4592 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:06:42.0165 4592 FontCache3.0.0.0 - ok
14:06:42.0212 4592 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:06:42.0290 4592 Fs_Rec - ok
14:06:42.0399 4592 [ 34403847D2E224A96B94A123B9AE55A0 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
14:06:42.0493 4592 fwlanusbn - ok
14:06:42.0555 4592 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:06:42.0571 4592 gagp30kx - ok
14:06:42.0633 4592 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
14:06:42.0696 4592 gpsvc - ok
14:06:42.0805 4592 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:06:42.0820 4592 gupdate - ok
14:06:42.0836 4592 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:06:42.0836 4592 gupdatem - ok
14:06:42.0852 4592 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:06:42.0930 4592 HdAudAddService - ok
14:06:42.0961 4592 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:06:42.0992 4592 HDAudBus - ok
14:06:43.0023 4592 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:06:43.0070 4592 HidBth - ok
14:06:43.0101 4592 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:06:43.0148 4592 HidIr - ok
14:06:43.0195 4592 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
14:06:43.0242 4592 hidserv - ok
14:06:43.0288 4592 [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:06:43.0320 4592 HidUsb - ok
14:06:43.0335 4592 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
14:06:43.0413 4592 hkmsvc - ok
14:06:43.0507 4592 [ E48B80F6614D4BEFA7768B960FFEF514 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
14:06:43.0538 4592 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
14:06:43.0538 4592 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
14:06:43.0585 4592 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:06:43.0600 4592 HpCISSs - ok
14:06:43.0756 4592 [ 682358F730B84B63E09C6B4EDC1DE7AE ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:06:43.0756 4592 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:06:43.0756 4592 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:06:43.0788 4592 [ 2E7BEE4AA776CF1C37836B26D1D29403 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:06:43.0803 4592 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
14:06:43.0803 4592 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
14:06:43.0866 4592 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:06:43.0975 4592 HTTP - ok
14:06:44.0006 4592 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:06:44.0037 4592 i2omp - ok
14:06:44.0131 4592 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:06:44.0271 4592 i8042prt - ok
14:06:44.0474 4592 [ 9A4DC97E912C5EA375E2C69917946265 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
14:06:44.0505 4592 IAANTMON - ok
14:06:44.0568 4592 [ 2D8143C90F246D0F1735AF7D05D515F3 ] iaStor C:\Windows\system32\drivers\iastor.sys
14:06:44.0583 4592 iaStor - ok
14:06:44.0614 4592 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:06:44.0630 4592 iaStorV - ok
14:06:44.0724 4592 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:06:44.0786 4592 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:06:44.0786 4592 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:06:44.0895 4592 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:06:44.0989 4592 idsvc - ok
14:06:45.0051 4592 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:06:45.0067 4592 iirsp - ok
14:06:45.0129 4592 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
14:06:45.0254 4592 IKEEXT - ok
14:06:45.0285 4592 IntcAzAudAddService - ok
14:06:45.0348 4592 [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
14:06:45.0379 4592 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - warning
14:06:45.0379 4592 IntelDHSvcConf - detected UnsignedFile.Multi.Generic (1)
14:06:45.0426 4592 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
14:06:45.0426 4592 intelide - ok
14:06:45.0535 4592 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:06:45.0597 4592 intelppm - ok
14:06:45.0613 4592 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:06:45.0675 4592 IPBusEnum - ok
14:06:45.0800 4592 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:06:45.0925 4592 IpFilterDriver - ok
14:06:45.0987 4592 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
14:06:46.0081 4592 IpHlpSvc - ok
14:06:46.0096 4592 IpInIp - ok
14:06:46.0143 4592 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:06:46.0252 4592 IPMIDRV - ok
14:06:46.0284 4592 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:06:46.0408 4592 IPNAT - ok
14:06:46.0486 4592 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:06:46.0564 4592 IRENUM - ok
14:06:46.0627 4592 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:06:46.0658 4592 isapnp - ok
14:06:46.0705 4592 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:06:46.0720 4592 iScsiPrt - ok
14:06:46.0861 4592 [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
14:06:46.0939 4592 ISSM ( UnsignedFile.Multi.Generic ) - warning
14:06:46.0939 4592 ISSM - detected UnsignedFile.Multi.Generic (1)
14:06:46.0986 4592 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:06:46.0986 4592 iteatapi - ok
14:06:47.0001 4592 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:06:47.0017 4592 iteraid - ok
14:06:47.0048 4592 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:06:47.0064 4592 kbdclass - ok
14:06:47.0110 4592 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:06:47.0157 4592 kbdhid - ok
14:06:47.0204 4592 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
14:06:47.0251 4592 KeyIso - ok
14:06:47.0313 4592 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:06:47.0344 4592 KSecDD - ok
14:06:47.0391 4592 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
14:06:47.0454 4592 KtmRm - ok
14:06:47.0500 4592 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
14:06:47.0547 4592 LanmanServer - ok
14:06:47.0610 4592 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:06:47.0656 4592 LanmanWorkstation - ok
14:06:47.0719 4592 [ 98D884ADC0B8C0FEBCC9D7BEE6D86F90 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:06:47.0734 4592 LightScribeService - ok
14:06:47.0766 4592 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
14:06:47.0766 4592 lirsgt - ok
14:06:47.0781 4592 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:06:47.0828 4592 lltdio - ok
14:06:47.0906 4592 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:06:48.0015 4592 lltdsvc - ok
14:06:48.0046 4592 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:06:48.0187 4592 lmhosts - ok
14:06:48.0218 4592 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:06:48.0234 4592 LSI_FC - ok
14:06:48.0265 4592 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:06:48.0280 4592 LSI_SAS - ok
14:06:48.0312 4592 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:06:48.0327 4592 LSI_SCSI - ok
14:06:48.0358 4592 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
14:06:48.0452 4592 luafv - ok
14:06:48.0483 4592 [ 7B073FD0133346D0E555353F164057D7 ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
14:06:48.0483 4592 M1 Server ( UnsignedFile.Multi.Generic ) - warning
14:06:48.0483 4592 M1 Server - detected UnsignedFile.Multi.Generic (1)
14:06:48.0530 4592 [ 59A2783ABA6019BED0C843C706E10A6A ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:06:48.0577 4592 massfilter - ok
14:06:48.0717 4592 [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
14:06:48.0764 4592 MCLServiceATL ( UnsignedFile.Multi.Generic ) - warning
14:06:48.0764 4592 MCLServiceATL - detected UnsignedFile.Multi.Generic (1)
14:06:48.0811 4592 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:06:48.0858 4592 Mcx2Svc - ok
14:06:48.0904 4592 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
14:06:48.0920 4592 megasas - ok
14:06:48.0920 4592 mgisvr - ok
14:06:48.0967 4592 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
14:06:49.0014 4592 MMCSS - ok
14:06:49.0045 4592 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
14:06:49.0154 4592 Modem - ok
14:06:49.0185 4592 [ EC839BA91E45CCE6EADAFC418FFF8206 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:06:49.0263 4592 monitor - ok
14:06:49.0388 4592 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:06:49.0404 4592 mouclass - ok
14:06:49.0466 4592 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:06:49.0544 4592 mouhid - ok
14:06:49.0575 4592 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:06:49.0591 4592 MountMgr - ok
14:06:49.0700 4592 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:06:49.0731 4592 MozillaMaintenance - ok
14:06:49.0762 4592 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
14:06:49.0778 4592 mpio - ok
14:06:49.0809 4592 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:06:49.0856 4592 mpsdrv - ok
14:06:49.0903 4592 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
14:06:49.0965 4592 MpsSvc - ok
14:06:50.0028 4592 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:06:50.0043 4592 Mraid35x - ok
14:06:50.0074 4592 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:06:50.0121 4592 MRxDAV - ok
14:06:50.0152 4592 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:06:50.0199 4592 mrxsmb - ok
14:06:50.0230 4592 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:06:50.0262 4592 mrxsmb10 - ok
14:06:50.0293 4592 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:06:50.0340 4592 mrxsmb20 - ok
14:06:50.0386 4592 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
14:06:50.0433 4592 msahci - ok
14:06:50.0464 4592 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:06:50.0464 4592 msdsm - ok
14:06:50.0496 4592 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
14:06:50.0527 4592 MSDTC - ok
14:06:50.0605 4592 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:06:50.0683 4592 Msfs - ok
14:06:50.0698 4592 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:06:50.0698 4592 msisadrv - ok
14:06:50.0730 4592 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:06:50.0792 4592 MSiSCSI - ok
14:06:50.0808 4592 msiserver - ok
14:06:50.0854 4592 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:06:50.0979 4592 MSKSSRV - ok
14:06:51.0026 4592 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:06:51.0088 4592 MSPCLOCK - ok
14:06:51.0120 4592 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:06:51.0182 4592 MSPQM - ok
14:06:51.0260 4592 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:06:51.0276 4592 MsRPC - ok
14:06:51.0338 4592 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:06:51.0354 4592 mssmbios - ok
14:06:51.0400 4592 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:06:51.0494 4592 MSTEE - ok
14:06:51.0541 4592 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
14:06:51.0556 4592 Mup - ok
14:06:51.0603 4592 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
14:06:51.0681 4592 napagent - ok
14:06:51.0712 4592 [ 497DE786240303EE67AB01F5690C24C2 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:06:51.0759 4592 NativeWifiP - ok
14:06:51.0837 4592 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:06:51.0900 4592 NDIS - ok
14:06:51.0931 4592 [ 7584F1794B23B83D63CC124A8C56D103 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:06:52.0024 4592 NdisTapi - ok
14:06:52.0040 4592 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:06:52.0134 4592 Ndisuio - ok
14:06:52.0180 4592 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:06:52.0258 4592 NdisWan - ok
14:06:52.0290 4592 [ 874C12E3AD1431CABC854697D302C563 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:06:52.0383 4592 NDProxy - ok
14:06:52.0430 4592 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:06:52.0461 4592 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:06:52.0461 4592 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:06:52.0508 4592 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:06:52.0602 4592 NetBIOS - ok
14:06:52.0633 4592 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:06:52.0695 4592 netbt - ok
14:06:52.0726 4592 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
14:06:52.0742 4592 Netlogon - ok
14:06:52.0836 4592 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
14:06:52.0976 4592 Netman - ok
14:06:53.0007 4592 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
14:06:53.0116 4592 netprofm - ok
14:06:53.0210 4592 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:06:53.0241 4592 NetTcpPortSharing - ok
14:06:53.0288 4592 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:06:53.0319 4592 nfrd960 - ok
14:06:53.0350 4592 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
14:06:53.0460 4592 NlaSvc - ok
14:06:53.0475 4592 NMIndexingService - ok
14:06:53.0538 4592 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:06:53.0631 4592 Npfs - ok
14:06:53.0678 4592 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
14:06:53.0772 4592 nsi - ok
14:06:53.0834 4592 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:06:53.0928 4592 nsiproxy - ok
14:06:54.0037 4592 [ 3F379380A4A2637F559444E338CF1B51 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:06:54.0255 4592 Ntfs - ok
14:06:54.0302 4592 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:06:54.0396 4592 ntrigdigi - ok
14:06:54.0427 4592 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
14:06:54.0474 4592 Null - ok
14:06:54.0520 4592 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:06:54.0552 4592 nvraid - ok
14:06:54.0567 4592 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:06:54.0598 4592 nvstor - ok
14:06:54.0614 4592 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:06:54.0630 4592 nv_agp - ok
14:06:54.0630 4592 NwlnkFlt - ok
14:06:54.0645 4592 NwlnkFwd - ok
14:06:54.0692 4592 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:06:54.0739 4592 ohci1394 - ok
14:06:54.0770 4592 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:06:54.0926 4592 p2pimsvc - ok
14:06:54.0957 4592 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
14:06:54.0988 4592 p2psvc - ok
14:06:55.0020 4592 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
14:06:55.0113 4592 Parport - ok
14:06:55.0160 4592 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:06:55.0207 4592 partmgr - ok
14:06:55.0254 4592 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:06:55.0347 4592 Parvdm - ok
14:06:55.0410 4592 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:06:55.0456 4592 PcaSvc - ok
14:06:55.0503 4592 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
14:06:55.0519 4592 pci - ok
14:06:55.0550 4592 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
14:06:55.0566 4592 pciide - ok
14:06:55.0597 4592 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:06:55.0628 4592 pcmcia - ok
14:06:55.0675 4592 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:06:55.0784 4592 PEAUTH - ok
14:06:56.0065 4592 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
14:06:56.0268 4592 pla - ok
14:06:56.0392 4592 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:06:56.0470 4592 PlugPlay - ok
14:06:56.0502 4592 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:06:56.0517 4592 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:06:56.0517 4592 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:06:56.0564 4592 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:06:56.0611 4592 PNRPAutoReg - ok
14:06:56.0720 4592 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:06:56.0782 4592 PNRPsvc - ok
14:06:56.0829 4592 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:06:56.0876 4592 PolicyAgent - ok
14:06:56.0907 4592 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:06:56.0970 4592 PptpMiniport - ok
14:06:57.0001 4592 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
14:06:57.0094 4592 Processor - ok
14:06:57.0172 4592 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
14:06:57.0297 4592 ProfSvc - ok
14:06:57.0313 4592 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:06:57.0328 4592 ProtectedStorage - ok
14:06:57.0406 4592 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
14:06:57.0453 4592 Ps2 - ok
14:06:57.0500 4592 [ B74EDF14453C9987E99E66535047EBEE ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:06:57.0562 4592 PSched - ok
14:06:57.0625 4592 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
14:06:57.0625 4592 PxHelp20 - ok
14:06:57.0718 4592 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:06:57.0796 4592 ql2300 - ok
14:06:57.0874 4592 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:06:57.0890 4592 ql40xx - ok
14:06:57.0968 4592 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
14:06:58.0030 4592 QWAVE - ok
14:06:58.0062 4592 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:06:58.0124 4592 QWAVEdrv - ok
14:06:58.0155 4592 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:06:58.0249 4592 RasAcd - ok
14:06:58.0296 4592 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
14:06:58.0405 4592 RasAuto - ok
14:06:58.0436 4592 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:06:58.0483 4592 Rasl2tp - ok
14:06:58.0483 4592 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
14:06:58.0576 4592 RasMan - ok
14:06:58.0592 4592 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:06:58.0686 4592 RasPppoe - ok
14:06:58.0764 4592 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:06:58.0857 4592 rdbss - ok
14:06:58.0920 4592 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:06:58.0982 4592 RDPCDD - ok
14:06:59.0029 4592 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:06:59.0107 4592 rdpdr - ok
14:06:59.0138 4592 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:06:59.0232 4592 RDPENCDD - ok
14:06:59.0341 4592 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:06:59.0450 4592 RDPWD - ok
14:06:59.0575 4592 [ 752402F6BD5FA012805813C329F88DD3 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
14:06:59.0668 4592 Remote UI Service ( UnsignedFile.Multi.Generic ) - warning
14:06:59.0668 4592 Remote UI Service - detected UnsignedFile.Multi.Generic (1)
14:06:59.0700 4592 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
14:06:59.0778 4592 RemoteAccess - ok
14:06:59.0809 4592 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:06:59.0918 4592 RemoteRegistry - ok
14:07:00.0402 4592 [ 2DAC86F10C42B55F2511F14CBCEE7284 ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
14:07:00.0495 4592 RoxMediaDB9 - ok
14:07:00.0526 4592 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
14:07:00.0542 4592 RpcLocator - ok
14:07:00.0604 4592 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
14:07:00.0651 4592 RpcSs - ok
14:07:00.0714 4592 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:07:00.0776 4592 rspndr - ok
14:07:00.0823 4592 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
14:07:00.0854 4592 SamSs - ok
14:07:00.0916 4592 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:07:00.0963 4592 sbp2port - ok
14:07:00.0994 4592 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:07:01.0104 4592 SCardSvr - ok
14:07:01.0228 4592 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
14:07:01.0322 4592 Schedule - ok
14:07:01.0369 4592 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:07:01.0447 4592 SCPolicySvc - ok
14:07:01.0478 4592 [ 56AA904311B3BACC67DBA8679AFF73D4 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:07:01.0509 4592 SDRSVC - ok
14:07:01.0525 4592 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:07:01.0618 4592 secdrv - ok
14:07:01.0665 4592 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
14:07:01.0790 4592 seclogon - ok
14:07:01.0837 4592 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
14:07:01.0930 4592 SENS - ok
14:07:01.0993 4592 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:07:02.0118 4592 Serenum - ok
14:07:02.0149 4592 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
14:07:02.0274 4592 Serial - ok
14:07:02.0352 4592 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:07:02.0398 4592 sermouse - ok
14:07:02.0461 4592 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
14:07:02.0632 4592 SessionEnv - ok
14:07:02.0679 4592 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:07:02.0726 4592 sffdisk - ok
14:07:02.0757 4592 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:07:02.0773 4592 sffp_mmc - ok
14:07:02.0804 4592 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:07:02.0820 4592 sffp_sd - ok
14:07:02.0851 4592 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:07:02.0960 4592 sfloppy - ok
14:07:03.0022 4592 [ 11AAC56C04D26195D21C4F5229DB4726 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:07:03.0116 4592 SharedAccess - ok
14:07:03.0178 4592 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:07:03.0241 4592 ShellHWDetection - ok
14:07:03.0303 4592 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:07:03.0334 4592 sisagp - ok
14:07:03.0381 4592 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:07:03.0428 4592 SiSRaid2 - ok
14:07:03.0459 4592 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:07:03.0475 4592 SiSRaid4 - ok
14:07:03.0568 4592 [ 7610645679BB5994210D21A347E0C479 ] slsvc C:\Windows\system32\SLsvc.exe
14:07:03.0771 4592 slsvc - ok
14:07:03.0818 4592 [ 49670F3E42A0178A0AB425AE15D88E7C ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:07:03.0912 4592 SLUINotify - ok
14:07:04.0146 4592 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:07:04.0239 4592 Smb - ok
14:07:04.0255 4592 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:07:04.0286 4592 SNMPTRAP - ok
14:07:04.0317 4592 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
14:07:04.0317 4592 spldr - ok
14:07:04.0348 4592 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
14:07:04.0411 4592 Spooler - ok
14:07:04.0504 4592 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
14:07:04.0582 4592 srv - ok
14:07:04.0598 4592 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:07:04.0645 4592 srv2 - ok
14:07:04.0676 4592 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:07:04.0692 4592 srvnet - ok
14:07:04.0738 4592 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:07:04.0801 4592 SSDPSRV - ok
14:07:04.0894 4592 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
14:07:04.0957 4592 stisvc - ok
14:07:05.0019 4592 [ E5FF667E416DAC99BFF16B626234A379 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
14:07:05.0035 4592 stllssvr - ok
14:07:05.0066 4592 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:07:05.0082 4592 swenum - ok
14:07:05.0113 4592 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
14:07:05.0300 4592 swprv - ok
14:07:05.0347 4592 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:07:05.0394 4592 Symc8xx - ok
14:07:05.0425 4592 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:07:05.0440 4592 Sym_hi - ok
14:07:05.0472 4592 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:07:05.0503 4592 Sym_u3 - ok
14:07:05.0550 4592 [ C1FDFF9AFD8C6C905485981B41DCFB40 ] SysMain C:\Windows\system32\sysmain.dll
14:07:05.0690 4592 SysMain - ok
14:07:05.0737 4592 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:07:05.0815 4592 TabletInputService - ok
14:07:05.0846 4592 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:07:05.0971 4592 TapiSrv - ok
14:07:06.0002 4592 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
14:07:06.0064 4592 TBS - ok
14:07:06.0252 4592 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:07:06.0345 4592 Tcpip - ok
14:07:06.0439 4592 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:07:06.0564 4592 Tcpip6 - ok
14:07:06.0610 4592 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:07:06.0704 4592 tcpipreg - ok
14:07:06.0766 4592 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:07:06.0876 4592 TDPIPE - ok
14:07:06.0907 4592 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:07:06.0954 4592 TDTCP - ok
14:07:07.0000 4592 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:07:07.0047 4592 tdx - ok
14:07:07.0078 4592 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:07:07.0094 4592 TermDD - ok
14:07:07.0172 4592 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
14:07:07.0281 4592 TermService - ok
14:07:07.0297 4592 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
14:07:07.0328 4592 Themes - ok
14:07:07.0359 4592 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
14:07:07.0406 4592 THREADORDER - ok
14:07:07.0453 4592 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
14:07:07.0515 4592 TrkWks - ok
14:07:07.0656 4592 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:07:07.0858 4592 TrustedInstaller - ok
14:07:07.0905 4592 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:07:08.0014 4592 tssecsrv - ok
14:07:08.0030 4592 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:07:08.0061 4592 tunmp - ok
14:07:08.0092 4592 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:07:08.0108 4592 tunnel - ok
14:07:08.0155 4592 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:07:08.0186 4592 uagp35 - ok
14:07:08.0217 4592 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:07:08.0311 4592 udfs - ok
14:07:08.0436 4592 [ 13BFF97E926BF8D9C1230CECC371A0C0 ] UI Assistant Service C:\Program Files\1&1 Surf-Stick\AssistantServices.exe
14:07:08.0482 4592 UI Assistant Service - ok
14:07:08.0529 4592 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:07:08.0560 4592 UI0Detect - ok
14:07:08.0592 4592 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:07:08.0607 4592 uliagpkx - ok
14:07:08.0638 4592 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:07:08.0670 4592 uliahci - ok
14:07:08.0685 4592 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:07:08.0701 4592 UlSata - ok
14:07:08.0716 4592 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:07:08.0748 4592 ulsata2 - ok
14:07:08.0794 4592 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:07:08.0888 4592 umbus - ok
14:07:08.0919 4592 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
14:07:09.0044 4592 upnphost - ok
14:07:09.0091 4592 [ 51480458E6E9863F856EBF35AAE801B4 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:07:09.0138 4592 usbccgp - ok
14:07:09.0184 4592 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:07:09.0262 4592 usbcir - ok
14:07:09.0294 4592 [ 11FA3ACBF0DE0286829C69E01FE705E4 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:07:09.0325 4592 usbehci - ok
14:07:09.0340 4592 [ 6A7858A38B5105731E219E7C6A238730 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:07:09.0387 4592 usbhub - ok
14:07:09.0450 4592 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:07:09.0559 4592 usbohci - ok
14:07:09.0621 4592 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:07:09.0699 4592 usbprint - ok
14:07:09.0746 4592 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:07:09.0886 4592 usbscan - ok
14:07:09.0918 4592 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:07:09.0996 4592 USBSTOR - ok
14:07:10.0011 4592 [ 4013315FED70A2D293B998CBBA4022EE ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:07:10.0058 4592 usbuhci - ok
14:07:10.0105 4592 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
14:07:10.0183 4592 UxSms - ok
14:07:10.0276 4592 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
14:07:10.0339 4592 vds - ok
14:07:10.0370 4592 veteboot - ok
14:07:10.0417 4592 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:07:10.0495 4592 vga - ok
14:07:10.0557 4592 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
14:07:10.0682 4592 VgaSave - ok
14:07:10.0713 4592 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:07:10.0744 4592 viaagp - ok
14:07:10.0760 4592 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:07:10.0838 4592 ViaC7 - ok
14:07:10.0885 4592 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
14:07:10.0900 4592 viaide - ok
14:07:10.0947 4592 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:07:10.0963 4592 volmgr - ok
14:07:10.0978 4592 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:07:11.0010 4592 volmgrx - ok
14:07:11.0025 4592 [ 11EF6C1CAEF76B685233450A126125D6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:07:11.0056 4592 volsnap - ok
14:07:11.0103 4592 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:07:11.0134 4592 vsmraid - ok
14:07:11.0337 4592 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
14:07:11.0431 4592 VSS - ok
14:07:11.0478 4592 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
14:07:11.0587 4592 W32Time - ok
14:07:11.0649 4592 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:07:11.0743 4592 WacomPen - ok
14:07:11.0790 4592 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:07:11.0868 4592 Wanarp - ok
14:07:11.0899 4592 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:07:11.0961 4592 Wanarpv6 - ok
14:07:11.0992 4592 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:07:12.0070 4592 wcncsvc - ok
14:07:12.0102 4592 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:07:12.0164 4592 WcsPlugInService - ok
14:07:12.0211 4592 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
14:07:12.0258 4592 Wd - ok
14:07:12.0289 4592 [ DEA0BF2354EB609C33F5F1BED41FD0E4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:07:12.0304 4592 Wdf01000 ( Virus.Win32.Rloader.a ) - infected
14:07:12.0304 4592 Wdf01000 - detected Virus.Win32.Rloader.a (0)
14:07:12.0336 4592 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:07:12.0398 4592 WdiServiceHost - ok
14:07:12.0429 4592 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:07:12.0460 4592 WdiSystemHost - ok
14:07:12.0538 4592 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
14:07:12.0585 4592 WebClient - ok
14:07:12.0648 4592 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
14:07:12.0741 4592 Wecsvc - ok
14:07:12.0772 4592 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:07:12.0835 4592 wercplsupport - ok
14:07:12.0850 4592 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
14:07:12.0913 4592 WerSvc - ok
14:07:12.0944 4592 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:07:12.0960 4592 WinDefend - ok
14:07:13.0022 4592 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:07:13.0100 4592 Winmgmt - ok
14:07:13.0162 4592 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
14:07:13.0240 4592 WinRM - ok
14:07:13.0365 4592 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:07:13.0490 4592 Wlansvc - ok
14:07:13.0537 4592 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:07:13.0630 4592 WmiAcpi - ok
14:07:13.0693 4592 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:07:13.0755 4592 wmiApSrv - ok
14:07:13.0849 4592 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:07:14.0005 4592 WMPNetworkSvc - ok
14:07:14.0052 4592 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:07:14.0114 4592 WPCSvc - ok
14:07:14.0145 4592 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:07:14.0223 4592 WPDBusEnum - ok
14:07:14.0270 4592 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:07:14.0348 4592 WpdUsb - ok
14:07:14.0442 4592 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:07:14.0535 4592 ws2ifsl - ok
14:07:14.0582 4592 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
14:07:14.0613 4592 wscsvc - ok
14:07:14.0613 4592 WSearch - ok
14:07:14.0925 4592 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
14:07:15.0081 4592 wuauserv - ok
14:07:15.0144 4592 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:07:15.0222 4592 WUDFRd - ok
14:07:15.0315 4592 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:07:15.0409 4592 wudfsvc - ok
14:07:15.0456 4592 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:07:15.0518 4592 ZTEusbmdm6k - ok
14:07:15.0549 4592 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:07:15.0565 4592 ZTEusbnmea - ok
14:07:15.0596 4592 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:07:15.0627 4592 ZTEusbser6k - ok
14:07:15.0627 4592 ================ Scan global ===============================
14:07:15.0674 4592 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
14:07:15.0705 4592 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
14:07:15.0768 4592 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
14:07:15.0799 4592 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
14:07:15.0799 4592 [Global] - ok
14:07:15.0814 4592 ================ Scan MBR ==================================
14:07:15.0814 4592 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
14:07:17.0671 4592 \Device\Harddisk0\DR0 - ok
14:07:17.0671 4592 ================ Scan VBR ==================================
14:07:17.0686 4592 [ BB1F8D07D5A59684530589BACBB75B9D ] \Device\Harddisk0\DR0\Partition1
14:07:17.0702 4592 \Device\Harddisk0\DR0\Partition1 - ok
14:07:17.0733 4592 [ 49CEB98D7C68A84F9BE63B24E643C072 ] \Device\Harddisk0\DR0\Partition2
14:07:17.0749 4592 \Device\Harddisk0\DR0\Partition2 - ok
14:07:17.0764 4592 ============================================================
14:07:17.0764 4592 Scan finished
14:07:17.0764 4592 ============================================================
14:07:17.0764 4584 Detected object count: 19
14:07:17.0764 4584 Actual detected object count: 19
14:07:48.0980 4584 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0980 4584 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:48.0980 4584 AlertService ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0980 4584 AlertService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:48.0980 4584 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0980 4584 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:48.0980 4584 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0980 4584 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:48.0996 4584 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0996 4584 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:48.0996 4584 DQLWinService ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0996 4584 DQLWinService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:48.0996 4584 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0996 4584 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:48.0996 4584 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0996 4584 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:48.0996 4584 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0996 4584 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:48.0996 4584 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:48.0996 4584 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:49.0011 4584 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:49.0011 4584 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:49.0011 4584 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:49.0011 4584 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:49.0011 4584 ISSM ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:49.0011 4584 ISSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:49.0011 4584 M1 Server ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:49.0011 4584 M1 Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:49.0011 4584 MCLServiceATL ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:49.0011 4584 MCLServiceATL ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:49.0027 4584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:49.0027 4584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:49.0027 4584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:49.0027 4584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:49.0027 4584 Remote UI Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:49.0027 4584 Remote UI Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:49.0027 4584 Wdf01000 ( Virus.Win32.Rloader.a ) - skipped by user
14:07:49.0027 4584 Wdf01000 ( Virus.Win32.Rloader.a ) - User select action: Skip
14:07:50.0977 4368 Deinitialize success
|
|
11.06.2013, 13:28
| #12 |
| /// Malware-holic | AVAST Prüfergebnisse..416 Bedrohungen..was nun? wie ichgesagt hab, wenn cure da steht, cure wählen. für Rloader.a
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 13:47
| #13 |
| | AVAST Prüfergebnisse..416 Bedrohungen..was nun? danke..hier das log Code:
ATTFilter 14:43:31.0791 1404 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:43:33.0803 1404 ============================================================
14:43:33.0803 1404 Current date / time: 2013/06/11 14:43:33.0803
14:43:33.0803 1404 SystemInfo:
14:43:33.0803 1404
14:43:33.0803 1404 OS Version: 6.0.6000 ServicePack: 0.0
14:43:33.0803 1404 Product type: Workstation
14:43:33.0803 1404 ComputerName: MARC-PC
14:43:33.0803 1404 UserName: Marc
14:43:33.0803 1404 Windows directory: C:\Windows
14:43:33.0803 1404 System windows directory: C:\Windows
14:43:33.0803 1404 Processor architecture: Intel x86
14:43:33.0803 1404 Number of processors: 2
14:43:33.0803 1404 Page size: 0x1000
14:43:33.0803 1404 Boot type: Normal boot
14:43:33.0803 1404 ============================================================
14:43:36.0106 1404 BG loaded
14:43:36.0878 1404 Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 (335.35 Gb), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:43:36.0945 1404 ============================================================
14:43:36.0945 1404 \Device\Harddisk0\DR0:
14:43:36.0978 1404 MBR partitions:
14:43:36.0978 1404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x28FA712C
14:43:36.0978 1404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x28FA716B, BlocksNum 0xF0B856
14:43:36.0978 1404 ============================================================
14:43:37.0334 1404 C: <-> \Device\Harddisk0\DR0\Partition1
14:43:37.0568 1404 D: <-> \Device\Harddisk0\DR0\Partition2
14:43:37.0568 1404 ============================================================
14:43:37.0568 1404 Initialize success
14:43:37.0568 1404 ============================================================
14:45:06.0089 2696 ============================================================
14:45:06.0089 2696 Scan started
14:45:06.0089 2696 Mode: Manual; SigCheck; TDLFS;
14:45:06.0089 2696 ============================================================
14:45:08.0055 2696 ================ Scan system memory ========================
14:45:08.0055 2696 System memory - ok
14:45:08.0055 2696 ================ Scan services =============================
14:45:13.0000 2696 [ 4E5451DD0AEC8504D7F8030DD2D4C416 ] ACEDRV07 C:\Windows\system32\drivers\ACEDRV07.sys
14:45:13.0281 2696 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning
14:45:13.0281 2696 ACEDRV07 - detected UnsignedFile.Multi.Generic (1)
14:45:13.0624 2696 [ 27F954120BABB8A00F8745D8F5BC9B82 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
14:45:13.0686 2696 acedrv11 - ok
14:45:13.0827 2696 [ 192BDBD1540645C4A2AA69F24CCE197F ] ACPI C:\Windows\system32\drivers\acpi.sys
14:45:13.0873 2696 ACPI - ok
14:45:14.0076 2696 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:45:14.0435 2696 adp94xx - ok
14:45:14.0607 2696 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:45:14.0685 2696 adpahci - ok
14:45:14.0731 2696 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:45:14.0809 2696 adpu160m - ok
14:45:14.0919 2696 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:45:14.0965 2696 adpu320 - ok
14:45:15.0090 2696 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:45:15.0199 2696 AeLookupSvc - ok
14:45:15.0340 2696 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
14:45:16.0089 2696 AFD - ok
14:45:16.0167 2696 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:45:16.0260 2696 agp440 - ok
14:45:16.0307 2696 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:45:16.0369 2696 aic78xx - ok
14:45:16.0541 2696 [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
14:45:16.0681 2696 AlertService ( UnsignedFile.Multi.Generic ) - warning
14:45:16.0681 2696 AlertService - detected UnsignedFile.Multi.Generic (1)
14:45:16.0728 2696 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
14:45:16.0791 2696 ALG - ok
14:45:16.0822 2696 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
14:45:16.0853 2696 aliide - ok
14:45:16.0915 2696 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:45:16.0962 2696 amdagp - ok
14:45:17.0009 2696 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
14:45:17.0040 2696 amdide - ok
14:45:17.0134 2696 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
14:45:17.0305 2696 AmdK7 - ok
14:45:17.0337 2696 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:45:17.0461 2696 AmdK8 - ok
14:45:17.0524 2696 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
14:45:17.0664 2696 Appinfo - ok
14:45:17.0867 2696 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
14:45:17.0914 2696 arc - ok
14:45:17.0961 2696 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:45:18.0023 2696 arcsas - ok
14:45:18.0101 2696 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:45:18.0101 2696 aswFsBlk - ok
14:45:18.0148 2696 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:45:18.0148 2696 aswMonFlt - ok
14:45:18.0195 2696 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
14:45:18.0210 2696 AswRdr - ok
14:45:18.0257 2696 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
14:45:18.0273 2696 aswRvrt - ok
14:45:18.0382 2696 [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:45:18.0429 2696 aswSnx - ok
14:45:18.0507 2696 [ 99102F60F344BEBAF4F6114514FD28D3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:45:18.0538 2696 aswSP - ok
14:45:18.0569 2696 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:45:18.0585 2696 aswTdi - ok
14:45:18.0631 2696 [ 16B8E3CD50A460EC32CA680C8210A0A9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
14:45:18.0663 2696 aswVmm - ok
14:45:18.0694 2696 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:45:18.0961 2696 AsyncMac - ok
14:45:19.0035 2696 [ 4F4FCB8B6EA06784FB6D475B7EC7300F ] atapi C:\Windows\system32\drivers\atapi.sys
14:45:19.0087 2696 atapi - ok
14:45:19.0284 2696 [ 00B317C5E88AA439C92A91C34F88E8DC ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
14:45:19.0711 2696 Ati External Event Utility - ok
14:45:19.0906 2696 [ 0BC49A61E33053A8FF80E0D0469E055B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:45:20.0330 2696 atikmdag - ok
14:45:20.0489 2696 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
14:45:20.0506 2696 atksgt - ok
14:45:20.0565 2696 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:45:20.0705 2696 AudioEndpointBuilder - ok
14:45:20.0814 2696 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:45:20.0863 2696 Audiosrv - ok
14:45:20.0956 2696 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:45:20.0969 2696 avast! Antivirus - ok
14:45:21.0109 2696 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
14:45:21.0170 2696 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
14:45:21.0170 2696 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
14:45:21.0286 2696 [ 263CF9D248FD5E020A1333ED4F7EAA88 ] avmeject C:\Windows\system32\drivers\avmeject.sys
14:45:21.0336 2696 avmeject ( UnsignedFile.Multi.Generic ) - warning
14:45:21.0336 2696 avmeject - detected UnsignedFile.Multi.Generic (1)
14:45:21.0448 2696 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
14:45:21.0525 2696 Beep - ok
14:45:21.0657 2696 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
14:45:21.0740 2696 BFE - ok
14:45:22.0015 2696 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
14:45:22.0073 2696 BITS - ok
14:45:22.0079 2696 blbdrive - ok
14:45:22.0186 2696 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:45:22.0233 2696 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
14:45:22.0234 2696 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
14:45:22.0318 2696 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:45:22.0424 2696 bowser - ok
14:45:22.0491 2696 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:45:22.0608 2696 BrFiltLo - ok
14:45:22.0640 2696 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:45:22.0734 2696 BrFiltUp - ok
14:45:22.0810 2696 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
14:45:22.0907 2696 Browser - ok
14:45:22.0994 2696 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
14:45:23.0081 2696 Brserid - ok
14:45:23.0128 2696 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:45:23.0212 2696 BrSerWdm - ok
14:45:23.0271 2696 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:45:23.0338 2696 BrUsbMdm - ok
14:45:23.0355 2696 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:45:23.0413 2696 BrUsbSer - ok
14:45:23.0458 2696 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:45:23.0517 2696 BTHMODEM - ok
14:45:23.0586 2696 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:45:23.0651 2696 cdfs - ok
14:45:23.0684 2696 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:45:23.0730 2696 cdrom - ok
14:45:23.0752 2696 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
14:45:23.0816 2696 CertPropSvc - ok
14:45:23.0892 2696 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
14:45:24.0084 2696 circlass - ok
14:45:24.0172 2696 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
14:45:24.0217 2696 CLFS - ok
14:45:24.0298 2696 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:45:24.0309 2696 clr_optimization_v2.0.50727_32 - ok
14:45:24.0348 2696 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:45:24.0375 2696 cmdide - ok
14:45:24.0401 2696 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:45:24.0409 2696 Compbatt - ok
14:45:24.0415 2696 COMSysApp - ok
14:45:24.0435 2696 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:45:24.0451 2696 crcdisk - ok
14:45:24.0491 2696 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
14:45:24.0569 2696 Crusoe - ok
14:45:24.0662 2696 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:45:24.0756 2696 CryptSvc - ok
14:45:24.0912 2696 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
14:45:24.0959 2696 DcomLaunch - ok
14:45:24.0990 2696 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:45:25.0083 2696 DfsC - ok
14:45:25.0425 2696 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
14:45:26.0632 2696 DFSR - ok
14:45:26.0876 2696 [ 17210D8064EC116A3FC6B5E45E577D43 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:45:26.0902 2696 Dhcp - ok
14:45:26.0956 2696 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
14:45:26.0998 2696 disk - ok
14:45:27.0072 2696 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:45:27.0126 2696 Dnscache - ok
14:45:27.0159 2696 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
14:45:27.0253 2696 dot3svc - ok
14:45:27.0360 2696 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:45:27.0509 2696 Dot4 - ok
14:45:27.0586 2696 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:45:27.0679 2696 Dot4Print - ok
14:45:27.0694 2696 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:45:27.0809 2696 dot4usb - ok
14:45:27.0862 2696 [ 8EF243E3BAF1AB4F6202EDEB8890319B ] DPS C:\Windows\system32\dps.dll
14:45:27.0960 2696 DPS - ok
14:45:28.0060 2696 [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
14:45:28.0097 2696 DQLWinService ( UnsignedFile.Multi.Generic ) - warning
14:45:28.0097 2696 DQLWinService - detected UnsignedFile.Multi.Generic (1)
14:45:28.0166 2696 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:45:28.0264 2696 drmkaud - ok
14:45:28.0294 2696 [ F032A2F91287A0B800891C7BEF9CA7A8 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:45:28.0420 2696 DXGKrnl - ok
14:45:28.0536 2696 [ C0B00E55CF82D122D25983C7A6A53DEA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
14:45:28.0629 2696 E100B - ok
14:45:28.0707 2696 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
14:45:28.0817 2696 E1G60 - ok
14:45:28.0863 2696 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
14:45:28.0941 2696 EapHost - ok
14:45:28.0988 2696 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
14:45:29.0004 2696 Ecache - ok
14:45:29.0113 2696 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:45:29.0160 2696 ehRecvr - ok
14:45:29.0175 2696 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
14:45:29.0207 2696 ehSched - ok
14:45:29.0269 2696 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
14:45:29.0300 2696 ehstart - ok
14:45:29.0363 2696 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:45:29.0425 2696 elxstor - ok
14:45:29.0456 2696 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:45:29.0519 2696 EMDMgmt - ok
14:45:29.0612 2696 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
14:45:29.0675 2696 EventSystem - ok
14:45:29.0721 2696 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:45:29.0815 2696 fastfat - ok
14:45:29.0862 2696 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:45:29.0955 2696 fdc - ok
14:45:29.0971 2696 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
14:45:30.0065 2696 fdPHost - ok
14:45:30.0080 2696 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
14:45:30.0174 2696 FDResPub - ok
14:45:30.0236 2696 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:45:30.0267 2696 FileInfo - ok
14:45:30.0299 2696 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:45:30.0361 2696 Filetrace - ok
14:45:30.0439 2696 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:45:30.0455 2696 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:45:30.0455 2696 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:45:30.0501 2696 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:45:30.0548 2696 flpydisk - ok
14:45:30.0642 2696 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:45:30.0642 2696 FltMgr - ok
14:45:30.0782 2696 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:45:30.0813 2696 FontCache3.0.0.0 - ok
14:45:30.0876 2696 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:45:30.0923 2696 Fs_Rec - ok
14:45:31.0016 2696 [ 34403847D2E224A96B94A123B9AE55A0 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
14:45:31.0079 2696 fwlanusbn - ok
14:45:31.0125 2696 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:45:31.0157 2696 gagp30kx - ok
14:45:31.0188 2696 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
14:45:31.0266 2696 gpsvc - ok
14:45:31.0391 2696 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:45:31.0406 2696 gupdate - ok
14:45:31.0437 2696 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:45:31.0453 2696 gupdatem - ok
14:45:31.0500 2696 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:45:31.0593 2696 HdAudAddService - ok
14:45:31.0625 2696 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:45:31.0640 2696 HDAudBus - ok
14:45:31.0671 2696 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:45:31.0734 2696 HidBth - ok
14:45:31.0781 2696 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:45:31.0905 2696 HidIr - ok
14:45:31.0937 2696 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
14:45:31.0999 2696 hidserv - ok
14:45:32.0046 2696 [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:45:32.0077 2696 HidUsb - ok
14:45:32.0108 2696 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
14:45:32.0202 2696 hkmsvc - ok
14:45:32.0280 2696 [ E48B80F6614D4BEFA7768B960FFEF514 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
14:45:32.0311 2696 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
14:45:32.0311 2696 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
14:45:32.0373 2696 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:45:32.0389 2696 HpCISSs - ok
14:45:32.0623 2696 [ 682358F730B84B63E09C6B4EDC1DE7AE ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:45:32.0623 2696 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:45:32.0639 2696 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:45:32.0670 2696 [ 2E7BEE4AA776CF1C37836B26D1D29403 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:45:32.0701 2696 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
14:45:32.0701 2696 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
14:45:32.0795 2696 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:45:32.0857 2696 HTTP - ok
14:45:32.0904 2696 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:45:32.0951 2696 i2omp - ok
14:45:33.0075 2696 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:45:33.0153 2696 i8042prt - ok
14:45:33.0559 2696 [ 9A4DC97E912C5EA375E2C69917946265 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
14:45:33.0590 2696 IAANTMON - ok
14:45:33.0715 2696 [ 2D8143C90F246D0F1735AF7D05D515F3 ] iaStor C:\Windows\system32\drivers\iastor.sys
14:45:33.0731 2696 iaStor - ok
14:45:33.0840 2696 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:45:33.0933 2696 iaStorV - ok
14:45:34.0121 2696 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:45:34.0214 2696 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:45:34.0214 2696 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:45:34.0620 2696 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:45:35.0088 2696 idsvc - ok
14:45:35.0119 2696 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:45:35.0150 2696 iirsp - ok
14:45:35.0197 2696 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
14:45:35.0306 2696 IKEEXT - ok
14:45:35.0353 2696 IntcAzAudAddService - ok
14:45:35.0509 2696 [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
14:45:35.0634 2696 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - warning
14:45:35.0634 2696 IntelDHSvcConf - detected UnsignedFile.Multi.Generic (1)
14:45:35.0681 2696 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
14:45:35.0712 2696 intelide - ok
14:45:35.0790 2696 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:45:35.0883 2696 intelppm - ok
14:45:35.0930 2696 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:45:36.0024 2696 IPBusEnum - ok
14:45:36.0071 2696 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:45:36.0242 2696 IpFilterDriver - ok
14:45:36.0273 2696 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
14:45:36.0289 2696 IpHlpSvc - ok
14:45:36.0305 2696 IpInIp - ok
14:45:36.0336 2696 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:45:36.0414 2696 IPMIDRV - ok
14:45:36.0445 2696 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:45:36.0570 2696 IPNAT - ok
14:45:36.0648 2696 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:45:36.0726 2696 IRENUM - ok
14:45:36.0757 2696 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:45:36.0773 2696 isapnp - ok
14:45:36.0819 2696 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:45:36.0835 2696 iScsiPrt - ok
14:45:36.0882 2696 [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
14:45:36.0913 2696 ISSM ( UnsignedFile.Multi.Generic ) - warning
14:45:36.0913 2696 ISSM - detected UnsignedFile.Multi.Generic (1)
14:45:36.0960 2696 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:45:36.0991 2696 iteatapi - ok
14:45:37.0053 2696 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:45:37.0069 2696 iteraid - ok
14:45:37.0100 2696 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:45:37.0116 2696 kbdclass - ok
14:45:37.0178 2696 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:45:37.0287 2696 kbdhid - ok
14:45:37.0381 2696 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
14:45:37.0428 2696 KeyIso - ok
14:45:37.0537 2696 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:45:37.0599 2696 KSecDD - ok
14:45:37.0631 2696 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
14:45:37.0693 2696 KtmRm - ok
14:45:37.0740 2696 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
14:45:37.0787 2696 LanmanServer - ok
14:45:37.0833 2696 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:45:37.0865 2696 LanmanWorkstation - ok
14:45:37.0958 2696 [ 98D884ADC0B8C0FEBCC9D7BEE6D86F90 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:45:37.0958 2696 LightScribeService - ok
14:45:37.0974 2696 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
14:45:37.0989 2696 lirsgt - ok
14:45:38.0005 2696 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:45:38.0052 2696 lltdio - ok
14:45:38.0099 2696 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:45:38.0192 2696 lltdsvc - ok
14:45:38.0208 2696 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:45:38.0255 2696 lmhosts - ok
14:45:38.0301 2696 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:45:38.0333 2696 LSI_FC - ok
14:45:38.0364 2696 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:45:38.0379 2696 LSI_SAS - ok
14:45:38.0411 2696 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:45:38.0426 2696 LSI_SCSI - ok
14:45:38.0473 2696 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
14:45:38.0567 2696 luafv - ok
14:45:38.0598 2696 [ 7B073FD0133346D0E555353F164057D7 ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
14:45:38.0629 2696 M1 Server ( UnsignedFile.Multi.Generic ) - warning
14:45:38.0629 2696 M1 Server - detected UnsignedFile.Multi.Generic (1)
14:45:38.0691 2696 [ 59A2783ABA6019BED0C843C706E10A6A ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:45:38.0738 2696 massfilter - ok
14:45:38.0816 2696 [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
14:45:38.0832 2696 MCLServiceATL ( UnsignedFile.Multi.Generic ) - warning
14:45:38.0832 2696 MCLServiceATL - detected UnsignedFile.Multi.Generic (1)
14:45:38.0894 2696 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:45:38.0925 2696 Mcx2Svc - ok
14:45:38.0972 2696 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
14:45:38.0988 2696 megasas - ok
14:45:39.0003 2696 mgisvr - ok
14:45:39.0035 2696 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
14:45:39.0097 2696 MMCSS - ok
14:45:39.0175 2696 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
14:45:39.0284 2696 Modem - ok
14:45:39.0315 2696 [ EC839BA91E45CCE6EADAFC418FFF8206 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:45:39.0378 2696 monitor - ok
14:45:39.0425 2696 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:45:39.0440 2696 mouclass - ok
14:45:39.0581 2696 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:45:39.0612 2696 mouhid - ok
14:45:39.0690 2696 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:45:39.0705 2696 MountMgr - ok
14:45:39.0799 2696 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:45:39.0815 2696 MozillaMaintenance - ok
14:45:39.0893 2696 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
14:45:39.0893 2696 mpio - ok
14:45:39.0939 2696 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:45:39.0971 2696 mpsdrv - ok
14:45:40.0002 2696 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
14:45:40.0049 2696 MpsSvc - ok
14:45:40.0064 2696 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:45:40.0080 2696 Mraid35x - ok
14:45:40.0127 2696 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:45:40.0173 2696 MRxDAV - ok
14:45:40.0205 2696 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:45:40.0236 2696 mrxsmb - ok
14:45:40.0298 2696 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:45:40.0329 2696 mrxsmb10 - ok
14:45:40.0376 2696 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:45:40.0407 2696 mrxsmb20 - ok
14:45:40.0470 2696 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
14:45:40.0501 2696 msahci - ok
14:45:40.0548 2696 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:45:40.0579 2696 msdsm - ok
14:45:40.0626 2696 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
14:45:40.0673 2696 MSDTC - ok
14:45:40.0719 2696 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:45:40.0797 2696 Msfs - ok
14:45:40.0829 2696 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:45:40.0829 2696 msisadrv - ok
14:45:40.0907 2696 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:45:41.0000 2696 MSiSCSI - ok
14:45:41.0000 2696 msiserver - ok
14:45:41.0063 2696 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:45:41.0109 2696 MSKSSRV - ok
14:45:41.0141 2696 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:45:41.0203 2696 MSPCLOCK - ok
14:45:41.0250 2696 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:45:41.0297 2696 MSPQM - ok
14:45:41.0343 2696 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:45:41.0359 2696 MsRPC - ok
14:45:41.0421 2696 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:45:41.0437 2696 mssmbios - ok
14:45:41.0499 2696 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:45:41.0577 2696 MSTEE - ok
14:45:41.0624 2696 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
14:45:41.0640 2696 Mup - ok
14:45:41.0765 2696 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
14:45:41.0843 2696 napagent - ok
14:45:41.0874 2696 [ 497DE786240303EE67AB01F5690C24C2 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:45:41.0921 2696 NativeWifiP - ok
14:45:41.0983 2696 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:45:41.0999 2696 NDIS - ok
14:45:42.0030 2696 [ 7584F1794B23B83D63CC124A8C56D103 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:45:42.0108 2696 NdisTapi - ok
14:45:42.0123 2696 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:45:42.0201 2696 Ndisuio - ok
14:45:42.0233 2696 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:45:42.0279 2696 NdisWan - ok
14:45:42.0357 2696 [ 874C12E3AD1431CABC854697D302C563 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:45:42.0435 2696 NDProxy - ok
14:45:42.0482 2696 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:45:42.0513 2696 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:45:42.0513 2696 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:45:42.0560 2696 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:45:42.0638 2696 NetBIOS - ok
14:45:42.0685 2696 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:45:42.0732 2696 netbt - ok
14:45:42.0763 2696 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
14:45:42.0779 2696 Netlogon - ok
14:45:42.0825 2696 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
14:45:42.0919 2696 Netman - ok
14:45:42.0950 2696 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
14:45:43.0028 2696 netprofm - ok
14:45:43.0075 2696 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:45:43.0091 2696 NetTcpPortSharing - ok
14:45:43.0137 2696 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:45:43.0169 2696 nfrd960 - ok
14:45:43.0231 2696 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
14:45:43.0309 2696 NlaSvc - ok
14:45:43.0325 2696 NMIndexingService - ok
14:45:43.0403 2696 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:45:43.0481 2696 Npfs - ok
14:45:43.0527 2696 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
14:45:43.0605 2696 nsi - ok
14:45:43.0668 2696 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:45:43.0761 2696 nsiproxy - ok
14:45:43.0855 2696 [ 3F379380A4A2637F559444E338CF1B51 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:45:43.0949 2696 Ntfs - ok
14:45:44.0011 2696 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:45:44.0120 2696 ntrigdigi - ok
14:45:44.0136 2696 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
14:45:44.0214 2696 Null - ok
14:45:44.0245 2696 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:45:44.0292 2696 nvraid - ok
14:45:44.0323 2696 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:45:44.0339 2696 nvstor - ok
14:45:44.0354 2696 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:45:44.0385 2696 nv_agp - ok
14:45:44.0385 2696 NwlnkFlt - ok
14:45:44.0401 2696 NwlnkFwd - ok
14:45:44.0448 2696 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:45:44.0510 2696 ohci1394 - ok
14:45:44.0635 2696 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:45:44.0697 2696 p2pimsvc - ok
14:45:44.0729 2696 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
14:45:44.0807 2696 p2psvc - ok
14:45:44.0838 2696 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
14:45:44.0931 2696 Parport - ok
14:45:44.0978 2696 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:45:44.0994 2696 partmgr - ok
14:45:45.0025 2696 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:45:45.0087 2696 Parvdm - ok
14:45:45.0119 2696 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:45:45.0165 2696 PcaSvc - ok
14:45:45.0243 2696 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
14:45:45.0275 2696 pci - ok
14:45:45.0306 2696 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
14:45:45.0337 2696 pciide - ok
14:45:45.0353 2696 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:45:45.0368 2696 pcmcia - ok
14:45:45.0431 2696 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:45:45.0509 2696 PEAUTH - ok
14:45:45.0649 2696 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
14:45:45.0774 2696 pla - ok
14:45:45.0836 2696 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:45:45.0899 2696 PlugPlay - ok
14:45:45.0945 2696 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:45:45.0945 2696 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:45:45.0945 2696 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:45:45.0977 2696 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:45:46.0023 2696 PNRPAutoReg - ok
14:45:46.0101 2696 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:45:46.0164 2696 PNRPsvc - ok
14:45:46.0226 2696 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:45:46.0273 2696 PolicyAgent - ok
14:45:46.0351 2696 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:45:46.0382 2696 PptpMiniport - ok
14:45:46.0445 2696 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
14:45:46.0554 2696 Processor - ok
14:45:46.0601 2696 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
14:45:46.0694 2696 ProfSvc - ok
14:45:46.0725 2696 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:45:46.0741 2696 ProtectedStorage - ok
14:45:46.0788 2696 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
14:45:46.0835 2696 Ps2 - ok
14:45:46.0866 2696 [ B74EDF14453C9987E99E66535047EBEE ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:45:46.0944 2696 PSched - ok
14:45:46.0991 2696 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
14:45:47.0022 2696 PxHelp20 - ok
14:45:47.0084 2696 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:45:47.0162 2696 ql2300 - ok
14:45:47.0225 2696 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:45:47.0240 2696 ql40xx - ok
14:45:47.0256 2696 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
14:45:47.0287 2696 QWAVE - ok
14:45:47.0303 2696 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:45:47.0365 2696 QWAVEdrv - ok
14:45:47.0381 2696 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:45:47.0474 2696 RasAcd - ok
14:45:47.0552 2696 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
14:45:47.0630 2696 RasAuto - ok
14:45:47.0693 2696 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:45:47.0708 2696 Rasl2tp - ok
14:45:47.0771 2696 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
14:45:47.0864 2696 RasMan - ok
14:45:47.0895 2696 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:45:47.0989 2696 RasPppoe - ok
14:45:48.0051 2696 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:45:48.0129 2696 rdbss - ok
14:45:48.0161 2696 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:45:48.0223 2696 RDPCDD - ok
14:45:48.0270 2696 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:45:48.0363 2696 rdpdr - ok
14:45:48.0379 2696 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:45:48.0441 2696 RDPENCDD - ok
14:45:48.0535 2696 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:45:48.0691 2696 RDPWD - ok
14:45:48.0769 2696 [ 752402F6BD5FA012805813C329F88DD3 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
14:45:48.0816 2696 Remote UI Service ( UnsignedFile.Multi.Generic ) - warning
14:45:48.0816 2696 Remote UI Service - detected UnsignedFile.Multi.Generic (1)
14:45:48.0863 2696 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
14:45:48.0941 2696 RemoteAccess - ok
14:45:49.0003 2696 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:45:49.0081 2696 RemoteRegistry - ok
14:45:49.0721 2696 [ 2DAC86F10C42B55F2511F14CBCEE7284 ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
14:45:49.0845 2696 RoxMediaDB9 - ok
14:45:49.0939 2696 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
14:45:49.0955 2696 RpcLocator - ok
14:45:50.0173 2696 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
14:45:50.0204 2696 RpcSs - ok
14:45:50.0235 2696 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:45:50.0298 2696 rspndr - ok
14:45:50.0360 2696 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
14:45:50.0376 2696 SamSs - ok
14:45:50.0516 2696 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:45:50.0563 2696 sbp2port - ok
14:45:50.0641 2696 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:45:50.0766 2696 SCardSvr - ok
14:45:50.0922 2696 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
14:45:50.0984 2696 Schedule - ok
14:45:51.0015 2696 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:45:51.0078 2696 SCPolicySvc - ok
14:45:51.0140 2696 [ 56AA904311B3BACC67DBA8679AFF73D4 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:45:51.0187 2696 SDRSVC - ok
14:45:51.0218 2696 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:45:51.0327 2696 secdrv - ok
14:45:51.0374 2696 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
14:45:51.0468 2696 seclogon - ok
14:45:51.0561 2696 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
14:45:51.0686 2696 SENS - ok
14:45:51.0795 2696 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:45:51.0873 2696 Serenum - ok
14:45:51.0967 2696 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
14:45:52.0045 2696 Serial - ok
14:45:52.0139 2696 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:45:52.0217 2696 sermouse - ok
14:45:52.0310 2696 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
14:45:52.0404 2696 SessionEnv - ok
14:45:52.0497 2696 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:45:52.0622 2696 sffdisk - ok
14:45:52.0638 2696 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:45:52.0653 2696 sffp_mmc - ok
14:45:52.0700 2696 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:45:52.0731 2696 sffp_sd - ok
14:45:52.0778 2696 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:45:52.0856 2696 sfloppy - ok
14:45:52.0919 2696 [ 11AAC56C04D26195D21C4F5229DB4726 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:45:52.0997 2696 SharedAccess - ok
14:45:53.0137 2696 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:45:53.0215 2696 ShellHWDetection - ok
14:45:53.0262 2696 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:45:53.0293 2696 sisagp - ok
14:45:53.0309 2696 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:45:53.0324 2696 SiSRaid2 - ok
14:45:53.0340 2696 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:45:53.0371 2696 SiSRaid4 - ok
14:45:53.0792 2696 [ 7610645679BB5994210D21A347E0C479 ] slsvc C:\Windows\system32\SLsvc.exe
14:45:53.0917 2696 slsvc - ok
14:45:53.0948 2696 [ 49670F3E42A0178A0AB425AE15D88E7C ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:45:54.0057 2696 SLUINotify - ok
14:45:54.0167 2696 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:45:54.0245 2696 Smb - ok
14:45:54.0338 2696 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:45:54.0354 2696 SNMPTRAP - ok
14:45:54.0416 2696 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
14:45:54.0447 2696 spldr - ok
14:45:54.0463 2696 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
14:45:54.0510 2696 Spooler - ok
14:45:54.0557 2696 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
14:45:54.0588 2696 srv - ok
14:45:54.0666 2696 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:45:54.0744 2696 srv2 - ok
14:45:54.0791 2696 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:45:54.0806 2696 srvnet - ok
14:45:54.0900 2696 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:45:54.0978 2696 SSDPSRV - ok
14:45:55.0009 2696 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
14:45:55.0103 2696 stisvc - ok
14:45:55.0165 2696 [ E5FF667E416DAC99BFF16B626234A379 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
14:45:55.0196 2696 stllssvr - ok
14:45:55.0212 2696 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:45:55.0227 2696 swenum - ok
14:45:55.0259 2696 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
14:45:55.0352 2696 swprv - ok
14:45:55.0430 2696 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:45:55.0461 2696 Symc8xx - ok
14:45:55.0508 2696 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:45:55.0524 2696 Sym_hi - ok
14:45:55.0555 2696 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:45:55.0571 2696 Sym_u3 - ok
14:45:55.0617 2696 [ C1FDFF9AFD8C6C905485981B41DCFB40 ] SysMain C:\Windows\system32\sysmain.dll
14:45:55.0727 2696 SysMain - ok
14:45:55.0758 2696 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:45:55.0805 2696 TabletInputService - ok
14:45:55.0867 2696 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:45:55.0945 2696 TapiSrv - ok
14:45:55.0992 2696 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
14:45:56.0070 2696 TBS - ok
14:45:56.0195 2696 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:45:56.0288 2696 Tcpip - ok
14:45:56.0335 2696 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:45:56.0413 2696 Tcpip6 - ok
14:45:56.0460 2696 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:45:56.0553 2696 tcpipreg - ok
14:45:56.0585 2696 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:45:56.0678 2696 TDPIPE - ok
14:45:56.0709 2696 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:45:56.0803 2696 TDTCP - ok
14:45:56.0850 2696 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:45:56.0912 2696 tdx - ok
14:45:56.0959 2696 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:45:56.0975 2696 TermDD - ok
14:45:57.0021 2696 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
14:45:57.0131 2696 TermService - ok
14:45:57.0209 2696 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
14:45:57.0240 2696 Themes - ok
14:45:57.0271 2696 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
14:45:57.0349 2696 THREADORDER - ok
14:45:57.0396 2696 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
14:45:57.0474 2696 TrkWks - ok
14:45:57.0583 2696 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:45:57.0645 2696 TrustedInstaller - ok
14:45:57.0786 2696 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:45:57.0911 2696 tssecsrv - ok
14:45:57.0942 2696 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:45:57.0957 2696 tunmp - ok
14:45:57.0989 2696 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:45:58.0020 2696 tunnel - ok
14:45:58.0051 2696 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:45:58.0098 2696 uagp35 - ok
14:45:58.0145 2696 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:45:58.0238 2696 udfs - ok
14:45:58.0410 2696 [ 13BFF97E926BF8D9C1230CECC371A0C0 ] UI Assistant Service C:\Program Files\1&1 Surf-Stick\AssistantServices.exe
14:45:58.0425 2696 UI Assistant Service - ok
14:45:58.0503 2696 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:45:58.0519 2696 UI0Detect - ok
14:45:58.0628 2696 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:45:58.0675 2696 uliagpkx - ok
14:45:58.0737 2696 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:45:58.0815 2696 uliahci - ok
14:45:58.0831 2696 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:45:58.0847 2696 UlSata - ok
14:45:58.0893 2696 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:45:58.0925 2696 ulsata2 - ok
14:45:58.0940 2696 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:45:59.0034 2696 umbus - ok
14:45:59.0127 2696 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
14:45:59.0205 2696 upnphost - ok
14:45:59.0252 2696 [ 51480458E6E9863F856EBF35AAE801B4 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:45:59.0283 2696 usbccgp - ok
14:45:59.0330 2696 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:45:59.0424 2696 usbcir - ok
14:45:59.0455 2696 [ 11FA3ACBF0DE0286829C69E01FE705E4 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:45:59.0471 2696 usbehci - ok
14:45:59.0517 2696 [ 6A7858A38B5105731E219E7C6A238730 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:45:59.0549 2696 usbhub - ok
14:45:59.0611 2696 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:45:59.0720 2696 usbohci - ok
14:45:59.0767 2696 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:45:59.0829 2696 usbprint - ok
14:45:59.0845 2696 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:45:59.0876 2696 usbscan - ok
14:45:59.0907 2696 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:45:59.0923 2696 USBSTOR - ok
14:45:59.0939 2696 [ 4013315FED70A2D293B998CBBA4022EE ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:45:59.0970 2696 usbuhci - ok
14:46:00.0032 2696 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
14:46:00.0095 2696 UxSms - ok
14:46:00.0188 2696 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
14:46:00.0235 2696 vds - ok
14:46:00.0251 2696 veteboot - ok
14:46:00.0297 2696 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:46:00.0360 2696 vga - ok
14:46:00.0407 2696 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
14:46:00.0485 2696 VgaSave - ok
14:46:00.0547 2696 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:46:00.0563 2696 viaagp - ok
14:46:00.0594 2696 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:46:00.0656 2696 ViaC7 - ok
14:46:00.0703 2696 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
14:46:00.0734 2696 viaide - ok
14:46:00.0765 2696 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:46:00.0797 2696 volmgr - ok
14:46:00.0812 2696 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:46:00.0843 2696 volmgrx - ok
14:46:00.0859 2696 [ 11EF6C1CAEF76B685233450A126125D6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:46:00.0875 2696 volsnap - ok
14:46:00.0937 2696 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:46:00.0984 2696 vsmraid - ok
14:46:01.0031 2696 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
14:46:01.0077 2696 VSS - ok
14:46:01.0171 2696 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
14:46:01.0280 2696 W32Time - ok
14:46:01.0343 2696 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:46:01.0436 2696 WacomPen - ok
14:46:01.0452 2696 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:46:01.0514 2696 Wanarp - ok
14:46:01.0545 2696 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:46:01.0592 2696 Wanarpv6 - ok
14:46:01.0639 2696 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:46:01.0701 2696 wcncsvc - ok
14:46:01.0733 2696 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:46:01.0779 2696 WcsPlugInService - ok
14:46:01.0826 2696 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
14:46:01.0857 2696 Wd - ok
14:46:01.0951 2696 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:46:01.0967 2696 Wdf01000 - ok
14:46:01.0998 2696 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:46:02.0045 2696 WdiServiceHost - ok
14:46:02.0060 2696 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:46:02.0076 2696 WdiSystemHost - ok
14:46:02.0154 2696 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
14:46:02.0169 2696 WebClient - ok
14:46:02.0263 2696 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
14:46:02.0341 2696 Wecsvc - ok
14:46:02.0388 2696 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:46:02.0466 2696 wercplsupport - ok
14:46:02.0497 2696 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
14:46:02.0575 2696 WerSvc - ok
14:46:02.0653 2696 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:46:02.0669 2696 WinDefend - ok
14:46:02.0903 2696 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:46:03.0027 2696 Winmgmt - ok
14:46:03.0105 2696 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
14:46:03.0277 2696 WinRM - ok
14:46:03.0542 2696 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:46:03.0620 2696 Wlansvc - ok
14:46:03.0667 2696 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:46:03.0745 2696 WmiAcpi - ok
14:46:03.0792 2696 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:46:03.0839 2696 wmiApSrv - ok
14:46:03.0932 2696 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:46:03.0995 2696 WMPNetworkSvc - ok
14:46:04.0088 2696 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:46:04.0244 2696 WPCSvc - ok
14:46:04.0275 2696 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:46:04.0322 2696 WPDBusEnum - ok
14:46:04.0385 2696 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:46:04.0463 2696 WpdUsb - ok
14:46:04.0525 2696 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:46:04.0619 2696 ws2ifsl - ok
14:46:04.0681 2696 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
14:46:04.0712 2696 wscsvc - ok
14:46:04.0712 2696 WSearch - ok
14:46:04.0962 2696 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
14:46:05.0087 2696 wuauserv - ok
14:46:05.0180 2696 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:46:05.0305 2696 WUDFRd - ok
14:46:05.0367 2696 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:46:05.0445 2696 wudfsvc - ok
14:46:05.0523 2696 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:46:05.0570 2696 ZTEusbmdm6k - ok
14:46:05.0617 2696 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:46:05.0633 2696 ZTEusbnmea - ok
14:46:05.0679 2696 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:46:05.0711 2696 ZTEusbser6k - ok
14:46:05.0711 2696 ================ Scan global ===============================
14:46:05.0757 2696 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
14:46:05.0867 2696 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
14:46:05.0929 2696 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
14:46:05.0976 2696 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
14:46:05.0991 2696 [Global] - ok
14:46:05.0991 2696 ================ Scan MBR ==================================
14:46:06.0038 2696 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
14:46:09.0080 2696 \Device\Harddisk0\DR0 - ok
14:46:09.0080 2696 ================ Scan VBR ==================================
14:46:09.0096 2696 [ BB1F8D07D5A59684530589BACBB75B9D ] \Device\Harddisk0\DR0\Partition1
14:46:09.0158 2696 \Device\Harddisk0\DR0\Partition1 - ok
14:46:09.0189 2696 [ 49CEB98D7C68A84F9BE63B24E643C072 ] \Device\Harddisk0\DR0\Partition2
14:46:09.0189 2696 \Device\Harddisk0\DR0\Partition2 - ok
14:46:09.0189 2696 ============================================================
14:46:09.0189 2696 Scan finished
14:46:09.0189 2696 ============================================================
14:46:09.0221 2728 Detected object count: 18
14:46:09.0221 2728 Actual detected object count: 18
14:46:17.0567 2728 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0567 2728 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0567 2728 AlertService ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0567 2728 AlertService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0567 2728 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0567 2728 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0567 2728 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0567 2728 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0567 2728 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0567 2728 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0567 2728 DQLWinService ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0567 2728 DQLWinService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0582 2728 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0582 2728 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0582 2728 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0582 2728 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0582 2728 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0582 2728 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0582 2728 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0582 2728 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0582 2728 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0582 2728 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0598 2728 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0598 2728 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0598 2728 ISSM ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0598 2728 ISSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0598 2728 M1 Server ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0598 2728 M1 Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0598 2728 MCLServiceATL ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0598 2728 MCLServiceATL ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0598 2728 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0598 2728 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0598 2728 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0613 2728 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:17.0613 2728 Remote UI Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:17.0613 2728 Remote UI Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:25.0008 4044 Deinitialize success
|
|
11.06.2013, 13:50
| #14 |
| /// Malware-holic | AVAST Prüfergebnisse..416 Bedrohungen..was nun? Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 15:31
| #15 |
| | AVAST Prüfergebnisse..416 Bedrohungen..was nun? hier ist der log...während des Scans meldete er den Fund von Rootkit.Zero-Access (into the tcp/ip stack)..danach ging alles glatt Code:
ATTFilter ComboFix 13-06-08.02 - Marc 11.06.2013 15:13:17.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.49.1031.18.2046.1393 [GMT 2:00]
ausgeführt von:: c:\users\Marc\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marc\AppData\Local\e4f44f4f\U
c:\users\Marc\AppData\Local\e4f44f4f\U\000000cb.@
c:\users\Marc\AppData\Local\e4f44f4f\U\000000cf.@
c:\windows\$NtUninstallKB21572$
c:\windows\$NtUninstallKB21572$\1340280482
c:\windows\$NtUninstallKB21572$\3841216335\@
c:\windows\$NtUninstallKB21572$\3841216335\L\qnbwvoto
c:\windows\$NtUninstallKB21572$\3841216335\loader.tlb
c:\windows\$NtUninstallKB21572$\3841216335\U\@00000001
c:\windows\$NtUninstallKB21572$\3841216335\U\@000000c0
c:\windows\$NtUninstallKB21572$\3841216335\U\@000000cb
c:\windows\$NtUninstallKB21572$\3841216335\U\@000000cf
c:\windows\$NtUninstallKB21572$\3841216335\U\@80000000
c:\windows\$NtUninstallKB21572$\3841216335\U\@800000c0
c:\windows\$NtUninstallKB21572$\3841216335\U\@800000cb
c:\windows\$NtUninstallKB21572$\3841216335\U\@800000cf
c:\windows\IsUn0407.exe
c:\windows\system32\dds_log_ad13.cmd
c:\windows\unin0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-11 bis 2013-06-11 ))))))))))))))))))))))))))))))
.
.
2013-06-11 13:39 . 2013-06-11 13:39 -------- d-----w- c:\users\Supermama\AppData\Local\temp
2013-06-11 13:39 . 2013-06-11 14:23 -------- d-----w- c:\users\Marc\AppData\Local\temp
2013-06-11 13:39 . 2013-06-11 13:39 -------- d-----w- c:\users\Lucky Luke\AppData\Local\temp
2013-06-11 13:39 . 2013-06-11 13:39 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2013-06-11 13:39 . 2013-06-11 13:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-11 12:40 . 2013-06-11 12:40 -------- d-----w- C:\TDSSKiller_Quarantine
2013-06-10 19:30 . 2013-05-09 08:59 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-10 19:30 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-06-10 19:30 . 2013-05-09 08:59 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-10 19:30 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-06-10 19:30 . 2013-05-09 08:59 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-10 19:30 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-06-10 19:30 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-10 19:30 . 2013-05-09 08:59 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-10 19:29 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-06-10 19:01 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-06-10 18:59 . 2013-06-10 19:28 -------- d-----w- c:\program files\AVAST Software
2013-06-10 18:56 . 2013-06-10 19:28 -------- d-----w- c:\programdata\AVAST Software
2013-06-10 18:36 . 2013-04-04 03:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-10 11:34 . 2013-06-10 11:34 -------- d-----w- c:\program files\FilesFrog Update Checker
2013-06-02 19:23 . 2013-06-02 19:29 -------- d-----w- c:\users\Marc\MediathekView
2013-06-02 19:18 . 2013-06-02 19:20 -------- d-----w- c:\users\Marc\.mediathek3
2013-05-26 21:11 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{30CE8914-FAF2-4DDE-98D4-ACD0F3DC59AF}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-11 12:41 . 2011-01-18 10:11 495160 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-06-10 19:42 . 2013-01-26 19:59 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-10 19:42 . 2011-12-02 21:18 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-02 00:06 . 2011-01-18 13:18 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-04 03:36 . 2012-09-16 16:48 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-04 03:35 . 2011-09-14 22:16 788896 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2011-01-13 1232896]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"SDP"="c:\program files\FilesFrog Update Checker\update_checker.exe" [2013-01-31 201808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-06-14 178968]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 71176]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"UIExec"="c:\program files\1&1 Surf-Stick\UIExec.exe" [2010-09-30 139088]
"AVMWlanClient"="c:\program files\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
.
c:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [N/A]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:57693e98c5
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
mgisvr
veteboot
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-18 22:00]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-18 22:00]
.
2013-06-11 c:\windows\Tasks\User_Feed_Synchronization-{8FF0CDE9-A183-482B-A8CB-7957D06F595F}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.startzentrale.de
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
TCP: Interfaces\{652F5BCA-6159-4E8A-A1E7-EE95D0B5CD28}: NameServer = 192.168.178.1,217.237.151.115
FF - ProfilePath - c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\tfe7389y.default\
FF - prefs.js: browser.startup.homepage - www.ixquick.de
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-06-10 21:29; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: !HIDDEN! 2011-03-11 22:07; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-HPAdvisor - c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
SafeBoot-86899356.sys
AddRemove-Adobe Acrobat 4.0 - c:\windows\ISUN0407.EXE
AddRemove-Adobe PageMaker 6.5 - c:\windows\UNIN0407.EXE
.
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\avmwlanstick\WlanNetService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\1&1 Surf-Stick\AssistantServices.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\hp\kbd\kbd.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-11 16:29:29 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-06-11 14:29
.
Vor Suchlauf: 14 Verzeichnis(se), 166.054.232.064 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 167.839.203.328 Bytes frei
.
- - End Of File - - 8095F5C4BE03E217F6A492F917AA43D8
8913823FF508CCF109DB74B636C301DA
|
|
| Themen zu AVAST Prüfergebnisse..416 Bedrohungen..was nun? |
| avast, container, dateien, einzelne, einzelnen, erstelle, erstellen, infizierte, infizierten, löschen, löschen?, protokoll, verschieben, zusammen |
WARNUNG an die MITLESER: 
Linear-Darstellung
