| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU/BKA-TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.06.2013, 13:11
| #16 |
| /// Malware-holic   |  GVU/BKA-Trojaner Sorry war mir entfallen Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\Andre\...\Winlogon: [Shell] explorer.exe,C:\Users\Andre\AppData\Roaming\skype.dat [151552 2012-02-24] () <==== ATTENTION
C:\Users\Andre\AppData\Roaming\skype.dat
C:\Users\Andre\AppData\Roaming\skype.ini
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.06.2013, 13:27
| #17 |
 | GVU/BKA-TrojanerCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-06-2013 04
Ran by SYSTEM at 2013-06-13 19:25:34 Run:1
Running from G:\
Boot Mode: Recovery
==============================================
HKU\Andre\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
C:\Users\Andre\AppData\Roaming\skype.dat => Moved successfully.
C:\Users\Andre\AppData\Roaming\skype.ini => Moved successfully.
==== End of Fixlog ====
|
|
13.06.2013, 13:28
| #18 |
| /// Malware-holic | GVU/BKA-Trojaner heißt das, dass der normale Modus läuft? dann:
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
13.06.2013, 13:41
| #19 |
| | GVU/BKA-TrojanerCode:
ATTFilter 14:35:57.0012 6728 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:35:57.0171 6728 ============================================================
14:35:57.0171 6728 Current date / time: 2013/06/13 14:35:57.0171
14:35:57.0171 6728 SystemInfo:
14:35:57.0171 6728
14:35:57.0171 6728 OS Version: 6.1.7601 ServicePack: 1.0
14:35:57.0171 6728 Product type: Workstation
14:35:57.0171 6728 ComputerName: ANDRE-VAIO
14:35:57.0171 6728 UserName: Andre
14:35:57.0171 6728 Windows directory: C:\Windows
14:35:57.0171 6728 System windows directory: C:\Windows
14:35:57.0171 6728 Running under WOW64
14:35:57.0171 6728 Processor architecture: Intel x64
14:35:57.0171 6728 Number of processors: 2
14:35:57.0171 6728 Page size: 0x1000
14:35:57.0171 6728 Boot type: Normal boot
14:35:57.0171 6728 ============================================================
14:35:58.0001 6728 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:35:58.0003 6728 ============================================================
14:35:58.0003 6728 \Device\Harddisk0\DR0:
14:35:58.0004 6728 MBR partitions:
14:35:58.0004 6728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2151800, BlocksNum 0xAF000
14:35:58.0004 6728 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2200800, BlocksNum 0x38185030
14:35:58.0004 6728 ============================================================
14:35:58.0045 6728 C: <-> \Device\Harddisk0\DR0\Partition2
14:35:58.0045 6728 ============================================================
14:35:58.0045 6728 Initialize success
14:35:58.0045 6728 ============================================================
14:36:54.0172 3968 ============================================================
14:36:54.0172 3968 Scan started
14:36:54.0172 3968 Mode: Manual; SigCheck; TDLFS;
14:36:54.0172 3968 ============================================================
14:36:56.0517 3968 ================ Scan system memory ========================
14:36:56.0517 3968 System memory - ok
14:36:56.0518 3968 ================ Scan services =============================
14:36:57.0093 3968 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:36:57.0278 3968 1394ohci - ok
14:36:57.0471 3968 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:36:57.0533 3968 ACDaemon - ok
14:36:57.0872 3968 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:36:57.0927 3968 ACPI - ok
14:36:57.0971 3968 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:36:58.0136 3968 AcpiPmi - ok
14:36:58.0356 3968 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:36:58.0380 3968 AdobeARMservice - ok
14:36:58.0648 3968 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:36:58.0699 3968 AdobeFlashPlayerUpdateSvc - ok
14:36:58.0750 3968 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:36:58.0805 3968 adp94xx - ok
14:36:58.0844 3968 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:36:58.0888 3968 adpahci - ok
14:36:58.0937 3968 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:36:58.0990 3968 adpu320 - ok
14:36:59.0052 3968 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:36:59.0486 3968 AeLookupSvc - ok
14:36:59.0605 3968 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:36:59.0852 3968 AFD - ok
14:36:59.0931 3968 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:37:00.0001 3968 agp440 - ok
14:37:00.0099 3968 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:37:00.0207 3968 ALG - ok
14:37:00.0371 3968 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:37:00.0426 3968 aliide - ok
14:37:00.0526 3968 [ 3BCC907366522A9E051B517678C2D4F9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:37:00.0860 3968 AMD External Events Utility - ok
14:37:00.0943 3968 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:37:01.0020 3968 amdide - ok
14:37:01.0080 3968 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:37:01.0207 3968 AmdK8 - ok
14:37:03.0268 3968 [ 616B6715B90445402138389E6C024203 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:37:03.0730 3968 amdkmdag - ok
14:37:03.0787 3968 [ EBFD5E4723D51B69C9BD907168C6F5C1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:37:03.0820 3968 amdkmdap - ok
14:37:03.0847 3968 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:37:03.0905 3968 AmdPPM - ok
14:37:03.0934 3968 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:37:03.0973 3968 amdsata - ok
14:37:04.0013 3968 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:37:04.0049 3968 amdsbs - ok
14:37:04.0079 3968 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:37:04.0097 3968 amdxata - ok
14:37:04.0304 3968 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:37:04.0327 3968 AntiVirSchedulerService - ok
14:37:04.0400 3968 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:37:04.0422 3968 AntiVirService - ok
14:37:04.0626 3968 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:37:04.0660 3968 AntiVirWebService - ok
14:37:04.0750 3968 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:37:05.0036 3968 AppID - ok
14:37:05.0100 3968 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:37:05.0169 3968 AppIDSvc - ok
14:37:05.0182 3968 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:37:05.0239 3968 Appinfo - ok
14:37:05.0326 3968 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:37:05.0373 3968 Apple Mobile Device - ok
14:37:05.0417 3968 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:37:05.0438 3968 arc - ok
14:37:05.0466 3968 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:37:05.0487 3968 arcsas - ok
14:37:05.0532 3968 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:37:05.0547 3968 ArcSoftKsUFilter - ok
14:37:05.0655 3968 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:37:05.0768 3968 aspnet_state - ok
14:37:05.0809 3968 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:37:05.0870 3968 AsyncMac - ok
14:37:05.0888 3968 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:37:05.0901 3968 atapi - ok
14:37:05.0928 3968 [ BCC09E0B0362741D0C084828A1B950F3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
14:37:05.0961 3968 AthBTPort - ok
14:37:06.0005 3968 [ 4119870B90E1B5E7797D6433D21F9216 ] ATHDFU C:\Windows\System32\Drivers\AthDfu.sys
14:37:06.0039 3968 ATHDFU - ok
14:37:06.0072 3968 [ 1FDE0AAAEA06519AAE98CCF24715B765 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
14:37:06.0263 3968 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
14:37:06.0263 3968 AtherosSvc - detected UnsignedFile.Multi.Generic (1)
14:37:06.0661 3968 [ 237EE0B7A65D55E08EB7530F77423480 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:37:06.0841 3968 athr - ok
14:37:06.0929 3968 [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:37:06.0956 3968 AtiHDAudioService - ok
14:37:06.0992 3968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:37:07.0053 3968 AudioEndpointBuilder - ok
14:37:07.0081 3968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:37:07.0120 3968 AudioSrv - ok
14:37:07.0178 3968 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:37:07.0193 3968 avgntflt - ok
14:37:07.0220 3968 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:37:07.0240 3968 avipbb - ok
14:37:07.0298 3968 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:37:07.0315 3968 avkmgr - ok
14:37:07.0343 3968 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:37:07.0386 3968 AxInstSV - ok
14:37:07.0421 3968 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:37:07.0459 3968 b06bdrv - ok
14:37:07.0494 3968 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:37:07.0561 3968 b57nd60a - ok
14:37:07.0701 3968 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:37:07.0749 3968 BBSvc - ok
14:37:07.0791 3968 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:37:07.0839 3968 BDESVC - ok
14:37:07.0858 3968 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:37:07.0913 3968 Beep - ok
14:37:07.0947 3968 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:37:08.0015 3968 BFE - ok
14:37:08.0071 3968 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:37:08.0177 3968 BITS - ok
14:37:08.0260 3968 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:37:08.0296 3968 blbdrive - ok
14:37:08.0364 3968 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:37:08.0402 3968 Bonjour Service - ok
14:37:08.0496 3968 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:37:08.0544 3968 bowser - ok
14:37:08.0567 3968 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:37:08.0618 3968 BrFiltLo - ok
14:37:08.0631 3968 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:37:08.0650 3968 BrFiltUp - ok
14:37:08.0665 3968 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:37:08.0685 3968 Browser - ok
14:37:08.0722 3968 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:37:08.0800 3968 Brserid - ok
14:37:08.0826 3968 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:37:08.0901 3968 BrSerWdm - ok
14:37:08.0939 3968 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:37:09.0040 3968 BrUsbMdm - ok
14:37:09.0120 3968 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:37:09.0166 3968 BrUsbSer - ok
14:37:09.0219 3968 [ 9455A8F85BE24514E50AFE90D4C976DB ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
14:37:09.0290 3968 BTATH_A2DP - ok
14:37:09.0317 3968 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
14:37:09.0369 3968 btath_avdt - ok
14:37:09.0404 3968 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
14:37:09.0444 3968 BTATH_BUS - ok
14:37:09.0540 3968 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\drivers\btath_hcrp.sys
14:37:09.0672 3968 BTATH_HCRP - ok
14:37:09.0751 3968 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
14:37:09.0835 3968 BTATH_LWFLT - ok
14:37:09.0896 3968 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\drivers\btath_rcp.sys
14:37:10.0073 3968 BTATH_RCP - ok
14:37:10.0290 3968 [ 680BE9ED6431DAFA844F5F7B61B11F9A ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys
14:37:10.0437 3968 BTATH_VDP - ok
14:37:10.0514 3968 [ EA92CE309DD24F489FDB149847AE6835 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
14:37:10.0630 3968 BtFilter - ok
14:37:10.0674 3968 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:37:10.0838 3968 BthEnum - ok
14:37:10.0921 3968 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:37:11.0011 3968 BTHMODEM - ok
14:37:11.0157 3968 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:37:11.0254 3968 BthPan - ok
14:37:11.0392 3968 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:37:11.0506 3968 BTHPORT - ok
14:37:11.0566 3968 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:37:11.0696 3968 bthserv - ok
14:37:11.0819 3968 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:37:12.0033 3968 BTHUSB - ok
14:37:13.0097 3968 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:37:13.0226 3968 cdfs - ok
14:37:13.0431 3968 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:37:13.0452 3968 cdrom - ok
14:37:13.0563 3968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:37:13.0729 3968 CertPropSvc - ok
14:37:13.0820 3968 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:37:13.0877 3968 circlass - ok
14:37:14.0064 3968 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:37:14.0097 3968 CLFS - ok
14:37:14.0690 3968 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:37:14.0705 3968 clr_optimization_v2.0.50727_32 - ok
14:37:15.0478 3968 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:37:15.0613 3968 clr_optimization_v2.0.50727_64 - ok
14:37:15.0699 3968 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:37:15.0820 3968 clr_optimization_v4.0.30319_32 - ok
14:37:15.0877 3968 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:37:15.0939 3968 clr_optimization_v4.0.30319_64 - ok
14:37:15.0949 3968 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:37:15.0991 3968 CmBatt - ok
14:37:16.0016 3968 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:37:16.0038 3968 cmdide - ok
14:37:16.0063 3968 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:37:16.0120 3968 CNG - ok
14:37:16.0581 3968 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:37:16.0598 3968 Compbatt - ok
14:37:17.0304 3968 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:37:17.0346 3968 CompositeBus - ok
14:37:17.0350 3968 COMSysApp - ok
14:37:17.0709 3968 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:37:17.0729 3968 crcdisk - ok
14:37:18.0058 3968 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:37:18.0312 3968 CryptSvc - ok
14:37:18.0554 3968 [ 461A0688205D088D2A2EBEEDEE81622E ] DCDhcpService C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
14:37:18.0593 3968 DCDhcpService - ok
14:37:18.0645 3968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:37:18.0704 3968 DcomLaunch - ok
14:37:18.0782 3968 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:37:18.0866 3968 defragsvc - ok
14:37:18.0907 3968 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:37:18.0968 3968 DfsC - ok
14:37:18.0999 3968 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:37:19.0038 3968 Dhcp - ok
14:37:19.0069 3968 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:37:19.0118 3968 discache - ok
14:37:19.0160 3968 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:37:19.0173 3968 Disk - ok
14:37:19.0211 3968 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:37:19.0240 3968 Dnscache - ok
14:37:19.0261 3968 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:37:19.0318 3968 dot3svc - ok
14:37:19.0367 3968 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:37:19.0403 3968 Dot4 - ok
14:37:19.0473 3968 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:37:19.0499 3968 Dot4Print - ok
14:37:19.0515 3968 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:37:19.0539 3968 dot4usb - ok
14:37:19.0572 3968 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:37:19.0620 3968 DPS - ok
14:37:19.0656 3968 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:37:19.0688 3968 drmkaud - ok
14:37:19.0752 3968 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:37:19.0779 3968 DXGKrnl - ok
14:37:19.0815 3968 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
14:37:19.0868 3968 e1yexpress - ok
14:37:19.0903 3968 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:37:19.0948 3968 EapHost - ok
14:37:20.0022 3968 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:37:20.0285 3968 ebdrv - ok
14:37:20.0321 3968 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:37:20.0365 3968 EFS - ok
14:37:20.0543 3968 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:37:20.0622 3968 ehRecvr - ok
14:37:20.0651 3968 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:37:20.0668 3968 ehSched - ok
14:37:20.0700 3968 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:37:20.0725 3968 elxstor - ok
14:37:20.0755 3968 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:37:20.0816 3968 ErrDev - ok
14:37:20.0913 3968 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:37:20.0993 3968 EventSystem - ok
14:37:21.0029 3968 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:37:21.0090 3968 exfat - ok
14:37:21.0253 3968 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:37:21.0381 3968 fastfat - ok
14:37:21.0505 3968 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:37:21.0552 3968 Fax - ok
14:37:21.0561 3968 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:37:21.0589 3968 fdc - ok
14:37:21.0612 3968 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:37:21.0670 3968 fdPHost - ok
14:37:21.0746 3968 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:37:21.0818 3968 FDResPub - ok
14:37:21.0890 3968 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:37:21.0923 3968 FileInfo - ok
14:37:21.0949 3968 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:37:22.0015 3968 Filetrace - ok
14:37:22.0060 3968 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:37:22.0074 3968 flpydisk - ok
14:37:22.0096 3968 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:37:22.0118 3968 FltMgr - ok
14:37:22.0265 3968 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:37:22.0392 3968 FontCache - ok
14:37:22.0485 3968 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:37:22.0506 3968 FontCache3.0.0.0 - ok
14:37:22.0551 3968 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:37:22.0577 3968 FsDepends - ok
14:37:22.0616 3968 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:37:22.0661 3968 Fs_Rec - ok
14:37:22.0805 3968 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:37:22.0878 3968 fvevol - ok
14:37:22.0926 3968 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:37:22.0960 3968 gagp30kx - ok
14:37:23.0013 3968 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:37:23.0054 3968 GamesAppService - ok
14:37:23.0105 3968 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:37:23.0130 3968 GEARAspiWDM - ok
14:37:23.0213 3968 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:37:23.0279 3968 gpsvc - ok
14:37:23.0306 3968 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:37:23.0376 3968 hcw85cir - ok
14:37:23.0415 3968 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:37:23.0462 3968 HdAudAddService - ok
14:37:23.0484 3968 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:37:23.0531 3968 HDAudBus - ok
14:37:23.0543 3968 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:37:23.0610 3968 HidBatt - ok
14:37:23.0633 3968 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:37:23.0673 3968 HidBth - ok
14:37:23.0708 3968 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:37:23.0748 3968 HidIr - ok
14:37:23.0794 3968 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:37:23.0878 3968 hidserv - ok
14:37:23.0914 3968 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:37:23.0927 3968 HidUsb - ok
14:37:23.0956 3968 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:37:24.0038 3968 hkmsvc - ok
14:37:24.0078 3968 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:37:24.0108 3968 HomeGroupListener - ok
14:37:24.0140 3968 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:37:24.0171 3968 HomeGroupProvider - ok
14:37:24.0365 3968 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:37:24.0397 3968 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:37:24.0398 3968 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:37:24.0451 3968 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:37:24.0483 3968 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
14:37:24.0483 3968 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
14:37:24.0529 3968 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:37:24.0568 3968 HpSAMD - ok
14:37:24.0665 3968 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:37:24.0767 3968 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
14:37:24.0767 3968 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
14:37:24.0805 3968 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:37:24.0888 3968 HTTP - ok
14:37:24.0916 3968 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:37:24.0928 3968 hwpolicy - ok
14:37:24.0981 3968 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:37:25.0033 3968 i8042prt - ok
14:37:25.0063 3968 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
14:37:25.0083 3968 iaStor - ok
14:37:25.0212 3968 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:37:25.0233 3968 IAStorDataMgrSvc - ok
14:37:25.0312 3968 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:37:25.0357 3968 iaStorV - ok
14:37:25.0671 3968 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:37:25.0751 3968 IconMan_R - ok
14:37:25.0858 3968 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:37:25.0952 3968 idsvc - ok
14:37:25.0978 3968 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:37:25.0992 3968 iirsp - ok
14:37:26.0031 3968 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:37:26.0102 3968 IKEEXT - ok
14:37:26.0309 3968 [ 602788BF364D43E5878AA1B4F85C232B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:37:26.0406 3968 IntcAzAudAddService - ok
14:37:26.0512 3968 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
14:37:26.0543 3968 Intel(R) Capability Licensing Service Interface - ok
14:37:26.0598 3968 [ 9571D8BDB56EBC52280E8020574508E6 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
14:37:26.0612 3968 Intel(R) ME Service - ok
14:37:26.0658 3968 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:37:26.0684 3968 intelide - ok
14:37:26.0742 3968 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
14:37:26.0778 3968 intelppm - ok
14:37:26.0812 3968 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:37:26.0894 3968 IPBusEnum - ok
14:37:26.0933 3968 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:37:26.0982 3968 IpFilterDriver - ok
14:37:27.0087 3968 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:37:27.0188 3968 iphlpsvc - ok
14:37:27.0236 3968 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:37:27.0274 3968 IPMIDRV - ok
14:37:27.0303 3968 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:37:27.0386 3968 IPNAT - ok
14:37:27.0446 3968 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:37:27.0481 3968 iPod Service - ok
14:37:27.0505 3968 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:37:27.0600 3968 IRENUM - ok
14:37:27.0629 3968 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:37:27.0642 3968 isapnp - ok
14:37:27.0713 3968 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:37:27.0745 3968 iScsiPrt - ok
14:37:27.0784 3968 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
14:37:27.0803 3968 iusb3hcs - ok
14:37:27.0840 3968 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
14:37:27.0870 3968 iusb3hub - ok
14:37:27.0932 3968 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
14:37:27.0980 3968 iusb3xhc - ok
14:37:28.0110 3968 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:37:28.0135 3968 jhi_service - ok
14:37:28.0165 3968 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:37:28.0178 3968 kbdclass - ok
14:37:28.0218 3968 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:37:28.0291 3968 kbdhid - ok
14:37:28.0310 3968 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:37:28.0325 3968 KeyIso - ok
14:37:28.0370 3968 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:37:28.0417 3968 KSecDD - ok
14:37:28.0455 3968 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:37:28.0510 3968 KSecPkg - ok
14:37:28.0589 3968 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:37:28.0647 3968 ksthunk - ok
14:37:28.0871 3968 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:37:29.0082 3968 KtmRm - ok
14:37:29.0117 3968 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:37:29.0223 3968 LanmanServer - ok
14:37:29.0271 3968 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:37:29.0370 3968 LanmanWorkstation - ok
14:37:29.0396 3968 [ 6CE0F55287EB8E8E472656E84DDCF4EA ] lehidmini C:\Windows\system32\drivers\leath_hid.sys
14:37:29.0435 3968 lehidmini - ok
14:37:29.0535 3968 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:37:29.0628 3968 lltdio - ok
14:37:29.0692 3968 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:37:29.0779 3968 lltdsvc - ok
14:37:29.0829 3968 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:37:29.0925 3968 lmhosts - ok
14:37:29.0970 3968 [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:37:29.0981 3968 LMS - ok
14:37:30.0011 3968 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:37:30.0026 3968 LSI_FC - ok
14:37:30.0046 3968 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:37:30.0060 3968 LSI_SAS - ok
14:37:30.0104 3968 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:37:30.0125 3968 LSI_SAS2 - ok
14:37:30.0141 3968 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:37:30.0156 3968 LSI_SCSI - ok
14:37:30.0196 3968 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:37:30.0248 3968 luafv - ok
14:37:30.0277 3968 [ 23488767CB18FC3FF39E3AF1DB3FB02C ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:37:30.0296 3968 massfilter - ok
14:37:30.0370 3968 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:37:30.0416 3968 Mcx2Svc - ok
14:37:30.0439 3968 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:37:30.0460 3968 megasas - ok
14:37:30.0502 3968 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:37:30.0524 3968 MegaSR - ok
14:37:30.0548 3968 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
14:37:30.0559 3968 MEIx64 - ok
14:37:30.0689 3968 Microsoft SharePoint Workspace Audit Service - ok
14:37:30.0760 3968 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:37:30.0818 3968 MMCSS - ok
14:37:30.0879 3968 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:37:30.0932 3968 Modem - ok
14:37:30.0952 3968 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:37:30.0971 3968 monitor - ok
14:37:31.0014 3968 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:37:31.0026 3968 mouclass - ok
14:37:31.0072 3968 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:37:31.0106 3968 mouhid - ok
14:37:31.0149 3968 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:37:31.0170 3968 mountmgr - ok
14:37:31.0184 3968 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:37:31.0201 3968 mpio - ok
14:37:31.0219 3968 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:37:31.0255 3968 mpsdrv - ok
14:37:31.0287 3968 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:37:31.0354 3968 MpsSvc - ok
14:37:31.0393 3968 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:37:31.0425 3968 MRxDAV - ok
14:37:31.0463 3968 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:37:31.0511 3968 mrxsmb - ok
14:37:31.0567 3968 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:37:31.0594 3968 mrxsmb10 - ok
14:37:31.0638 3968 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:37:31.0660 3968 mrxsmb20 - ok
14:37:31.0684 3968 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:37:31.0703 3968 msahci - ok
14:37:31.0781 3968 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:37:31.0813 3968 msdsm - ok
14:37:31.0831 3968 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:37:31.0860 3968 MSDTC - ok
14:37:31.0888 3968 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:37:31.0971 3968 Msfs - ok
14:37:31.0997 3968 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:37:32.0054 3968 mshidkmdf - ok
14:37:32.0069 3968 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:37:32.0081 3968 msisadrv - ok
14:37:32.0120 3968 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:37:32.0169 3968 MSiSCSI - ok
14:37:32.0172 3968 msiserver - ok
14:37:32.0199 3968 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:37:32.0243 3968 MSKSSRV - ok
14:37:32.0266 3968 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:37:32.0308 3968 MSPCLOCK - ok
14:37:32.0312 3968 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:37:32.0356 3968 MSPQM - ok
14:37:32.0457 3968 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:37:32.0528 3968 MsRPC - ok
14:37:32.0560 3968 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:37:32.0569 3968 mssmbios - ok
14:37:32.0609 3968 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:37:32.0661 3968 MSTEE - ok
14:37:32.0678 3968 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:37:32.0697 3968 MTConfig - ok
14:37:32.0760 3968 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:37:32.0794 3968 Mup - ok
14:37:32.0840 3968 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:37:32.0915 3968 napagent - ok
14:37:32.0986 3968 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:37:33.0048 3968 NativeWifiP - ok
14:37:33.0214 3968 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:37:33.0259 3968 NDIS - ok
14:37:33.0276 3968 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:37:33.0323 3968 NdisCap - ok
14:37:33.0347 3968 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:37:33.0381 3968 NdisTapi - ok
14:37:33.0391 3968 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:37:33.0442 3968 Ndisuio - ok
14:37:33.0473 3968 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:37:33.0524 3968 NdisWan - ok
14:37:33.0553 3968 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:37:33.0609 3968 NDProxy - ok
14:37:33.0709 3968 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:37:33.0728 3968 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:37:33.0728 3968 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:37:33.0793 3968 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:37:33.0866 3968 NetBIOS - ok
14:37:33.0886 3968 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:37:33.0946 3968 NetBT - ok
14:37:33.0965 3968 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:37:33.0974 3968 Netlogon - ok
14:37:34.0066 3968 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:37:34.0146 3968 Netman - ok
14:37:34.0338 3968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:34.0604 3968 NetMsmqActivator - ok
14:37:34.0871 3968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:34.0895 3968 NetPipeActivator - ok
14:37:35.0263 3968 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:37:35.0341 3968 netprofm - ok
14:37:35.0359 3968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:35.0370 3968 NetTcpActivator - ok
14:37:35.0373 3968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:35.0383 3968 NetTcpPortSharing - ok
14:37:35.0403 3968 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:37:35.0423 3968 nfrd960 - ok
14:37:35.0508 3968 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:37:35.0586 3968 NlaSvc - ok
14:37:35.0612 3968 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:37:35.0667 3968 Npfs - ok
14:37:35.0721 3968 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:37:35.0775 3968 nsi - ok
14:37:35.0792 3968 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:37:35.0862 3968 nsiproxy - ok
14:37:35.0949 3968 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:37:36.0294 3968 Ntfs - ok
14:37:36.0364 3968 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:37:36.0423 3968 Null - ok
14:37:36.0633 3968 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:37:37.0036 3968 nvlddmkm - ok
14:37:37.0059 3968 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:37:37.0079 3968 nvraid - ok
14:37:37.0113 3968 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:37:37.0137 3968 nvstor - ok
14:37:37.0158 3968 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:37:37.0174 3968 nv_agp - ok
14:37:37.0188 3968 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:37:37.0207 3968 ohci1394 - ok
14:37:37.0245 3968 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:37:37.0261 3968 ose - ok
14:37:37.0467 3968 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:37:37.0696 3968 osppsvc - ok
14:37:37.0741 3968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:37:37.0780 3968 p2pimsvc - ok
14:37:37.0813 3968 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:37:37.0842 3968 p2psvc - ok
14:37:37.0867 3968 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:37:37.0893 3968 Parport - ok
14:37:37.0921 3968 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:37:37.0935 3968 partmgr - ok
14:37:37.0962 3968 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:37:38.0002 3968 PcaSvc - ok
14:37:38.0026 3968 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:37:38.0038 3968 pci - ok
14:37:38.0048 3968 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:37:38.0060 3968 pciide - ok
14:37:38.0088 3968 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:37:38.0107 3968 pcmcia - ok
14:37:38.0286 3968 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:37:38.0298 3968 pcw - ok
14:37:38.0332 3968 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:37:38.0412 3968 PEAUTH - ok
14:37:38.0597 3968 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:37:38.0627 3968 PerfHost - ok
14:37:38.0692 3968 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:37:38.0765 3968 pla - ok
14:37:38.0813 3968 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:37:38.0843 3968 PlugPlay - ok
14:37:38.0946 3968 [ 9C4D0DE187CBC24F658C52EFC93B1C73 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
14:37:39.0000 3968 PMBDeviceInfoProvider - ok
14:37:39.0048 3968 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:37:39.0074 3968 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:37:39.0074 3968 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:37:39.0100 3968 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:37:39.0123 3968 PNRPAutoReg - ok
14:37:39.0141 3968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:37:39.0154 3968 PNRPsvc - ok
14:37:39.0186 3968 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:37:39.0241 3968 PolicyAgent - ok
14:37:39.0254 3968 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:37:39.0303 3968 Power - ok
14:37:39.0350 3968 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:37:39.0395 3968 PptpMiniport - ok
14:37:39.0414 3968 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:37:39.0465 3968 Processor - ok
14:37:39.0561 3968 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:37:39.0734 3968 ProfSvc - ok
14:37:39.0888 3968 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:37:39.0905 3968 ProtectedStorage - ok
14:37:39.0922 3968 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:37:39.0991 3968 Psched - ok
14:37:40.0049 3968 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:37:40.0113 3968 ql2300 - ok
14:37:40.0150 3968 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:37:40.0166 3968 ql40xx - ok
14:37:40.0234 3968 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:37:40.0304 3968 QWAVE - ok
14:37:40.0353 3968 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:37:40.0386 3968 QWAVEdrv - ok
14:37:40.0409 3968 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:37:40.0444 3968 RasAcd - ok
14:37:40.0495 3968 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:37:40.0557 3968 RasAgileVpn - ok
14:37:40.0578 3968 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:37:40.0634 3968 RasAuto - ok
14:37:40.0647 3968 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:37:40.0711 3968 Rasl2tp - ok
14:37:40.0793 3968 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:37:40.0845 3968 RasMan - ok
14:37:40.0865 3968 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:37:40.0908 3968 RasPppoe - ok
14:37:40.0938 3968 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:37:40.0984 3968 RasSstp - ok
14:37:41.0035 3968 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:37:41.0088 3968 rdbss - ok
14:37:41.0115 3968 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:37:41.0154 3968 rdpbus - ok
14:37:41.0184 3968 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:37:41.0217 3968 RDPCDD - ok
14:37:41.0253 3968 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:37:41.0316 3968 RDPENCDD - ok
14:37:41.0335 3968 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:37:41.0376 3968 RDPREFMP - ok
14:37:41.0427 3968 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:37:41.0459 3968 RDPWD - ok
14:37:41.0485 3968 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:37:41.0503 3968 rdyboost - ok
14:37:41.0526 3968 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:37:41.0582 3968 RemoteAccess - ok
14:37:41.0612 3968 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:37:41.0680 3968 RemoteRegistry - ok
14:37:41.0744 3968 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:37:41.0780 3968 RFCOMM - ok
14:37:41.0804 3968 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:37:41.0860 3968 RpcEptMapper - ok
14:37:41.0878 3968 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:37:41.0920 3968 RpcLocator - ok
14:37:41.0956 3968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:37:41.0991 3968 RpcSs - ok
14:37:42.0040 3968 [ 9BD6DEBC9862FBE0C0467F0633B34962 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
14:37:42.0058 3968 RSPCIESTOR - ok
14:37:42.0082 3968 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:37:42.0131 3968 rspndr - ok
14:37:42.0260 3968 [ EB8EA1C4C5E076D9EA61FB59960C5830 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:37:42.0331 3968 RTL8167 - ok
14:37:42.0377 3968 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:37:42.0387 3968 SamSs - ok
14:37:42.0414 3968 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:37:42.0452 3968 sbp2port - ok
14:37:42.0496 3968 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:37:42.0544 3968 SCardSvr - ok
14:37:42.0586 3968 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:37:42.0657 3968 scfilter - ok
14:37:42.0694 3968 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:37:42.0792 3968 Schedule - ok
14:37:42.0841 3968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:37:42.0878 3968 SCPolicySvc - ok
14:37:42.0918 3968 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:37:42.0946 3968 sdbus - ok
14:37:42.0979 3968 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:37:43.0014 3968 SDRSVC - ok
14:37:43.0085 3968 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:37:43.0098 3968 SeaPort - ok
14:37:43.0133 3968 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:37:43.0195 3968 secdrv - ok
14:37:43.0214 3968 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:37:43.0254 3968 seclogon - ok
14:37:43.0270 3968 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:37:43.0323 3968 SENS - ok
14:37:43.0360 3968 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:37:43.0387 3968 SensrSvc - ok
14:37:43.0407 3968 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:37:43.0432 3968 Serenum - ok
14:37:43.0465 3968 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:37:43.0485 3968 Serial - ok
14:37:43.0511 3968 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:37:43.0539 3968 sermouse - ok
14:37:43.0571 3968 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:37:43.0621 3968 SessionEnv - ok
14:37:43.0631 3968 [ 85D0F874734C105D02280B39BF0AD23F ] SFEP C:\Windows\system32\drivers\SFEP.sys
14:37:43.0679 3968 SFEP - ok
14:37:43.0707 3968 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:37:43.0730 3968 sffdisk - ok
14:37:43.0755 3968 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:37:43.0777 3968 sffp_mmc - ok
14:37:43.0795 3968 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:37:43.0817 3968 sffp_sd - ok
14:37:43.0855 3968 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:37:43.0881 3968 sfloppy - ok
14:37:43.0909 3968 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:37:43.0989 3968 SharedAccess - ok
14:37:44.0029 3968 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:37:44.0183 3968 ShellHWDetection - ok
14:37:44.0213 3968 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:37:44.0227 3968 SiSRaid2 - ok
14:37:44.0242 3968 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:37:44.0256 3968 SiSRaid4 - ok
14:37:44.0418 3968 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:37:44.0533 3968 SkypeUpdate - ok
14:37:44.0582 3968 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:37:44.0647 3968 Smb - ok
14:37:44.0684 3968 [ AA17A14DA3B572C886D8064C72E9CC50 ] SmbDrv C:\Windows\system32\drivers\Smb_driver.sys
14:37:44.0696 3968 SmbDrv - ok
14:37:44.0729 3968 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:37:44.0752 3968 SNMPTRAP - ok
14:37:44.0840 3968 [ 4AEA7A1C3CA06D95D6966C34D13C0D8B ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:37:44.0931 3968 SOHCImp - ok
14:37:44.0952 3968 [ 16FD95781117E13107D477AE36219E6F ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:37:44.0966 3968 SOHDs - ok
14:37:45.0108 3968 [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
14:37:45.0161 3968 SpfService - ok
14:37:45.0185 3968 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:37:45.0199 3968 spldr - ok
14:37:45.0262 3968 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:37:45.0280 3968 Spooler - ok
14:37:45.0491 3968 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:37:45.0623 3968 sppsvc - ok
14:37:45.0640 3968 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:37:45.0677 3968 sppuinotify - ok
14:37:45.0726 3968 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:37:45.0768 3968 srv - ok
14:37:45.0813 3968 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:37:45.0856 3968 srv2 - ok
14:37:45.0873 3968 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:37:45.0889 3968 srvnet - ok
14:37:45.0919 3968 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:37:45.0963 3968 SSDPSRV - ok
14:37:45.0981 3968 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:37:46.0017 3968 SstpSvc - ok
14:37:46.0082 3968 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:37:46.0238 3968 stexstor - ok
14:37:46.0267 3968 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:37:46.0290 3968 StillCam - ok
14:37:46.0346 3968 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:37:46.0390 3968 stisvc - ok
14:37:46.0412 3968 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:37:46.0429 3968 swenum - ok
14:37:46.0513 3968 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:37:46.0598 3968 swprv - ok
14:37:46.0668 3968 [ 321EA1320771419C0956DE50F270C3E5 ] SynTP C:\Windows\system32\drivers\SynTP.sys
14:37:46.0686 3968 SynTP - ok
14:37:46.0762 3968 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:37:46.0929 3968 SysMain - ok
14:37:47.0223 3968 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:37:47.0266 3968 TabletInputService - ok
14:37:47.0277 3968 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:37:47.0354 3968 TapiSrv - ok
14:37:47.0377 3968 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:37:47.0436 3968 TBS - ok
14:37:47.0532 3968 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:37:47.0711 3968 Tcpip - ok
14:37:47.0799 3968 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:37:47.0839 3968 TCPIP6 - ok
14:37:47.0931 3968 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:37:47.0970 3968 tcpipreg - ok
14:37:48.0012 3968 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:37:48.0065 3968 TDPIPE - ok
14:37:48.0114 3968 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:37:48.0132 3968 TDTCP - ok
14:37:48.0393 3968 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:37:48.0564 3968 tdx - ok
14:37:48.0991 3968 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:37:49.0027 3968 TermDD - ok
14:37:49.0185 3968 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:37:49.0332 3968 TermService - ok
14:37:49.0357 3968 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:37:49.0387 3968 Themes - ok
14:37:49.0415 3968 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:37:49.0449 3968 THREADORDER - ok
14:37:49.0519 3968 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:37:49.0643 3968 TrkWks - ok
14:37:49.0775 3968 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:37:49.0859 3968 TrustedInstaller - ok
14:37:49.0885 3968 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:37:49.0946 3968 tssecsrv - ok
14:37:49.0952 3968 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:37:49.0993 3968 TsUsbFlt - ok
14:37:50.0016 3968 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:37:50.0070 3968 TsUsbGD - ok
14:37:50.0124 3968 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:37:50.0235 3968 tunnel - ok
14:37:50.0352 3968 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:37:50.0389 3968 uagp35 - ok
14:37:50.0710 3968 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
14:37:50.0736 3968 uCamMonitor - ok
14:37:50.0925 3968 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:37:51.0076 3968 udfs - ok
14:37:51.0277 3968 [ EC23505F255D0DA9230A3237EF5839AD ] UI Assistant Service C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
14:37:51.0346 3968 UI Assistant Service ( UnsignedFile.Multi.Generic ) - warning
14:37:51.0346 3968 UI Assistant Service - detected UnsignedFile.Multi.Generic (1)
14:37:51.0498 3968 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:37:51.0595 3968 UI0Detect - ok
14:37:51.0750 3968 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:37:51.0784 3968 uliagpkx - ok
14:37:51.0937 3968 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:37:52.0123 3968 umbus - ok
14:37:52.0293 3968 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:37:52.0354 3968 UmPass - ok
14:37:52.0517 3968 [ D80B1075B69B57A3AB78F750CE463ECE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:37:52.0543 3968 UNS - ok
14:37:52.0658 3968 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:37:52.0775 3968 upnphost - ok
14:37:52.0810 3968 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:37:52.0856 3968 USBAAPL64 - ok
14:37:52.0883 3968 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:37:52.0949 3968 usbccgp - ok
14:37:52.0976 3968 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:37:53.0011 3968 usbcir - ok
14:37:53.0029 3968 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:37:53.0071 3968 usbehci - ok
14:37:53.0167 3968 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
14:37:53.0248 3968 usbhub - ok
14:37:53.0274 3968 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:37:53.0287 3968 usbohci - ok
14:37:53.0315 3968 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:37:53.0341 3968 usbprint - ok
14:37:53.0358 3968 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:37:53.0376 3968 usbscan - ok
14:37:53.0401 3968 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:37:53.0422 3968 USBSTOR - ok
14:37:53.0446 3968 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:37:53.0459 3968 usbuhci - ok
14:37:53.0496 3968 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:37:53.0529 3968 usbvideo - ok
14:37:53.0556 3968 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:37:53.0614 3968 UxSms - ok
14:37:53.0751 3968 [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
14:37:53.0773 3968 VAIO Event Service - ok
14:37:53.0887 3968 [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
14:37:53.0985 3968 VAIO Power Management - ok
14:37:54.0000 3968 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:37:54.0011 3968 VaultSvc - ok
14:37:54.0203 3968 [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
14:37:54.0308 3968 VCFw - ok
14:37:54.0405 3968 [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
14:37:54.0525 3968 VcmIAlzMgr - ok
14:37:54.0580 3968 [ FD5BD55C1854208BC9C51DBCFC3C1941 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
14:37:54.0632 3968 VcmINSMgr - ok
14:37:54.0659 3968 [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
14:37:54.0702 3968 VcmXmlIfHelper - ok
14:37:54.0777 3968 [ 9F2D25FA154A32C8C80420A46FBBF815 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
14:37:54.0797 3968 VCService - ok
14:37:54.0828 3968 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:37:54.0844 3968 vdrvroot - ok
14:37:54.0970 3968 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:37:55.0088 3968 vds - ok
14:37:55.0131 3968 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:37:55.0162 3968 vga - ok
14:37:55.0183 3968 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:37:55.0227 3968 VgaSave - ok
14:37:55.0258 3968 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:37:55.0316 3968 vhdmp - ok
14:37:55.0336 3968 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:37:55.0358 3968 viaide - ok
14:37:55.0394 3968 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:37:55.0420 3968 volmgr - ok
14:37:55.0461 3968 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:37:55.0493 3968 volmgrx - ok
14:37:55.0541 3968 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:37:55.0569 3968 volsnap - ok
14:37:55.0595 3968 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:37:55.0611 3968 vsmraid - ok
14:37:55.0656 3968 [ 596E65BDEE804CC6658A39756CC61849 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
14:37:55.0701 3968 VSNService - ok
14:37:55.0992 3968 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:37:56.0207 3968 VSS - ok
14:37:56.0564 3968 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
14:37:56.0644 3968 VUAgent - ok
14:37:56.0667 3968 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:37:56.0776 3968 vwifibus - ok
14:37:56.0866 3968 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:37:56.0920 3968 vwififlt - ok
14:37:56.0950 3968 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:37:57.0003 3968 W32Time - ok
14:37:57.0035 3968 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:37:57.0084 3968 WacomPen - ok
14:37:57.0129 3968 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:37:57.0226 3968 WANARP - ok
14:37:57.0251 3968 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:37:57.0281 3968 Wanarpv6 - ok
14:37:57.0336 3968 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:37:57.0456 3968 wbengine - ok
14:37:57.0478 3968 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:37:57.0504 3968 WbioSrvc - ok
14:37:57.0537 3968 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:37:57.0606 3968 wcncsvc - ok
14:37:57.0632 3968 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:37:57.0656 3968 WcsPlugInService - ok
14:37:57.0676 3968 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:37:57.0690 3968 Wd - ok
14:37:57.0770 3968 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:37:57.0841 3968 Wdf01000 - ok
14:37:57.0862 3968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:37:57.0895 3968 WdiServiceHost - ok
14:37:57.0898 3968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:37:57.0916 3968 WdiSystemHost - ok
14:37:57.0991 3968 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:37:58.0064 3968 WebClient - ok
14:37:58.0134 3968 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:37:58.0267 3968 Wecsvc - ok
14:37:58.0319 3968 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:37:58.0399 3968 wercplsupport - ok
14:37:58.0423 3968 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:37:58.0461 3968 WerSvc - ok
14:37:58.0487 3968 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:37:58.0521 3968 WfpLwf - ok
14:37:58.0547 3968 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:37:58.0563 3968 WIMMount - ok
14:37:58.0570 3968 WinDefend - ok
14:37:58.0576 3968 WinHttpAutoProxySvc - ok
14:37:58.0719 3968 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:37:58.0783 3968 Winmgmt - ok
14:37:58.0942 3968 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:37:59.0088 3968 WinRM - ok
14:37:59.0140 3968 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:37:59.0200 3968 WinUsb - ok
14:37:59.0287 3968 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:37:59.0341 3968 Wlansvc - ok
14:37:59.0390 3968 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:37:59.0404 3968 wlcrasvc - ok
14:37:59.0585 3968 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:37:59.0677 3968 wlidsvc - ok
14:37:59.0728 3968 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:37:59.0763 3968 WmiAcpi - ok
14:37:59.0795 3968 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:37:59.0823 3968 wmiApSrv - ok
14:37:59.0848 3968 WMPNetworkSvc - ok
14:37:59.0875 3968 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:37:59.0888 3968 WPCSvc - ok
14:37:59.0905 3968 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:37:59.0925 3968 WPDBusEnum - ok
14:37:59.0955 3968 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:37:59.0993 3968 ws2ifsl - ok
14:38:00.0009 3968 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:38:00.0039 3968 wscsvc - ok
14:38:00.0042 3968 WSearch - ok
14:38:00.0319 3968 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:38:00.0436 3968 wuauserv - ok
14:38:00.0496 3968 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:38:00.0540 3968 WudfPf - ok
14:38:00.0603 3968 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:38:00.0689 3968 WUDFRd - ok
14:38:00.0791 3968 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:38:00.0847 3968 wudfsvc - ok
14:38:00.0878 3968 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:38:00.0914 3968 WwanSvc - ok
14:38:00.0974 3968 [ A5B25E310678175F4779499FFF7D0994 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
14:38:01.0028 3968 ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
14:38:01.0028 3968 ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
14:38:01.0051 3968 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:38:01.0082 3968 ZTEusbmdm6k - ok
14:38:01.0115 3968 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:38:01.0147 3968 ZTEusbnmea - ok
14:38:01.0183 3968 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:38:01.0209 3968 ZTEusbser6k - ok
14:38:01.0216 3968 ================ Scan global ===============================
14:38:01.0255 3968 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:38:01.0308 3968 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:38:01.0341 3968 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:38:01.0424 3968 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:38:01.0559 3968 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:38:01.0567 3968 [Global] - ok
14:38:01.0568 3968 ================ Scan MBR ==================================
14:38:01.0593 3968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:38:03.0753 3968 \Device\Harddisk0\DR0 - ok
14:38:03.0754 3968 ================ Scan VBR ==================================
14:38:03.0810 3968 [ 5152EB8AEADE6E753C97A2CE6CF4A450 ] \Device\Harddisk0\DR0\Partition1
14:38:03.0864 3968 \Device\Harddisk0\DR0\Partition1 - ok
14:38:03.0890 3968 [ 2612FEFE1753526836D521B6D56C9787 ] \Device\Harddisk0\DR0\Partition2
14:38:03.0922 3968 \Device\Harddisk0\DR0\Partition2 - ok
14:38:03.0923 3968 ============================================================
14:38:03.0923 3968 Scan finished
14:38:03.0923 3968 ============================================================
14:38:03.0948 5100 Detected object count: 8
14:38:03.0948 5100 Actual detected object count: 8
14:38:57.0580 5100 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:38:57.0580 5100 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:38:57.0582 5100 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:38:57.0582 5100 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:38:57.0583 5100 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:38:57.0583 5100 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:38:57.0586 5100 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:38:57.0586 5100 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:38:57.0586 5100 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:38:57.0586 5100 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:38:57.0588 5100 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:38:57.0588 5100 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:38:57.0591 5100 UI Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:38:57.0591 5100 UI Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:38:57.0592 5100 ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
14:38:57.0592 5100 ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
13.06.2013, 13:45
| #20 |
| /// Malware-holic | GVU/BKA-Trojaner Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.06.2013, 14:04
| #21 |
| | GVU/BKA-Trojaner hab combofix scannen lassen. Code:
ATTFilter ComboFix 13-06-12.02 - Andre 13.06.2013 14:53:18.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4066.2569 [GMT 2:00]
ausgeführt von:: c:\users\Andre\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-13 bis 2013-06-13 ))))))))))))))))))))))))))))))
.
.
2013-06-13 12:59 . 2013-06-13 12:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-13 12:54 . 2013-06-13 12:54 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{97005628-661C-46E3-81E6-ADCDD9451A9D}\offreg.dll
2013-06-12 20:14 . 2013-06-12 20:14 -------- d-----w- C:\FRST
2013-05-30 10:17 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{97005628-661C-46E3-81E6-ADCDD9451A9D}\mpengine.dll
2013-05-30 10:17 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-30 10:16 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-30 10:16 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-30 09:57 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-30 09:57 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-30 09:57 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-30 09:56 . 2013-05-30 09:56 -------- d-----w- c:\users\Andre\AppData\Local\ArcSoft
2013-05-30 09:56 . 2013-05-30 09:56 -------- d-----w- c:\users\Andre\AppData\Roaming\ArcSoft
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-07 17:15 . 2012-09-12 06:39 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-30 09:46 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-14 20:18 . 2012-05-18 08:51 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 20:18 . 2012-05-18 08:51 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-12 14:45 . 2013-04-23 18:49 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-19 06:04 . 2013-04-12 14:21 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-12 14:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-12 14:21 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-12 14:21 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-12 14:21 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-12 14:21 112640 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-02-08 1521800]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2013-02-08 13:17 1521800 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-02-08 1521800]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-10 343168]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-22 291608]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-02-21 693608]
"UIExec"="c:\program files (x86)\Mobile Partner Manager\UIExec.exe" [2009-12-02 132096]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-09-07 348664]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-20 1568976]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\Mobile Partner Manager\AssistantServices.exe;c:\program files (x86)\Mobile Partner Manager\AssistantServices.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 lehidmini;Bluetooth Low Energy Hid Device;c:\windows\system32\drivers\leath_hid.sys;c:\windows\SYSNATIVE\drivers\leath_hid.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys;c:\windows\SYSNATIVE\drivers\Smb_driver.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 74838030
*Deregistered* - 74838030
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-18 20:18]
.
2013-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3774658344-3280360860-3731141497-1001Core.job
- c:\users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-12 12:35]
.
2013-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3774658344-3280360860-3731141497-1001UA.job
- c:\users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-12 12:35]
.
2013-04-14 c:\windows\Tasks\WebReg HP Officejet 4500 G510n-z.job
- c:\program files (x86)\HP\Digital Imaging\bin\hpqwrg.exe [2009-05-21 18:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-03-13 1156712]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-02-23 1020576]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-02-23 800416]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-13 15:01:53
ComboFix-quarantined-files.txt 2013-06-13 13:01
.
Vor Suchlauf: 13 Verzeichnis(se), 268.315.099.136 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 269.178.376.192 Bytes frei
.
- - End Of File - - B512DE6973EC52314DE962EA95715689
D41D8CD98F00B204E9800998ECF8427E
Geändert von Andre123 (13.06.2013 um 14:29 Uhr) |
|
13.06.2013, 18:56
| #22 |
| /// Malware-holic | GVU/BKA-Trojaner Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.06.2013, 17:43
| #23 |
| | GVU/BKA-Trojaner hab Malwarebytes durchgejagt: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.14.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Andre :: ANDRE-VAIO [Administrator] 14.06.2013 17:02:18 mbam-log-2013-06-14 (17-02-18).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 406156 Laufzeit: 1 Stunde(n), 27 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\FRST\Quarantine\skype.dat (Trojan.FavLock) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Andre\Downloads\SoftonicDownloader_fuer_recuva.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
14.06.2013, 17:47
| #24 |
| /// Malware-holic | GVU/BKA-Trojaner hi finger bitte weg von Softonic. software nur vom hersteller laden, benutzerdefiniert instalieren um toolbars zu erkennen. lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.06.2013, 18:18
| #25 |
| | GVU/BKA-Trojaner was sind softonic´s. hab die liste erstellt: Code:
ATTFilter ActiveX контрола на Windows Live Mesh за отдалечени връзки Microsoft Corporation 18.05.2012 5,57MB 15.4.5722.2 UNBEKANNT ActiveX-kontroll för fjärranslutningar för Windows Live Mesh Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT Adobe AIR Adobe Systems Incorporated 18.05.2012 2.7.0.19460 NOTWENDIG Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 13.06.2013 6,00MB 11.7.700.224 NOTWENDIG Adobe Flash Player 11 Plugin Adobe Systems Incorporated 14.06.2013 6,00MB 11.7.700.224 NOTWENDIG Adobe Reader X (10.1.6) MUI Adobe Systems Incorporated 14.04.2013 512MB 10.1.6 NOTWENDIG AMD Catalyst Install Manager Advanced Micro Devices, Inc. 18.05.2012 26,2MB 3.0.859.0 NOTWENDIG Apple Application Support Apple Inc. 04.05.2013 62,7MB 2.3.3 NOTWENDIG Apple Mobile Device Support Apple Inc. 04.05.2013 25,2MB 6.1.0.13 NOTWENDIG Apple Software Update Apple Inc. 23.10.2012 2,38MB 2.1.3.127 NOTWENDIG ArcSoft Magic-i Visual Effects 2 ArcSoft 11.09.2012 69,5MB 2.0.1.161 NOTWENDIG ArcSoft WebCam Companion 4 ArcSoft 11.09.2012 81,3MB 4.0.21.457 NOTWENDIG Atheros Bluetooth Suite (64) Atheros 18.05.2012 76,8MB 7.4.0.125 UNBEKANNT Avira Free Antivirus Avira 15.11.2012 115MB 12.1.9.1236 NOTWENDIG Avira SearchFree Toolbar plus Web Protection Ask.com 10.05.2013 3,90MB 1.15.18.0 NOTWENDIG Avira SearchFree Toolbar plus Web Protection Updater Ask.com 10.05.2013 1.3.0.23930 NOTWENDIG Bing Bar Microsoft Corporation 18.05.2012 24,4MB 7.0.610.0 UNNÖTIG Bonjour Apple Inc. 23.10.2012 2,04MB 3.0.0.10 UNBEKANNT CCleaner Piriform 24.05.2013 4.02 Control ActiveX Windows Live Mesh pentru conexiuni la distanță Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT Controlo ActiveX do Windows Live Mesh para Ligações Remotas Microsoft Corporation 18.05.2012 5,38MB 15.4.5722.2 UNBEKANNT Contrôle ActiveX Windows Live Mesh pour connexions à distance Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT CyberLink PowerDVD CyberLink Corp. 18.05.2012 182MB 9.0.5009.52 UNNÖTIG Drachenkrieg (with media and plugins), version 1.1.29 DwarClientDe 21.11.2012 608MB NOTWENDIG Evernote v. 4.5.2 Evernote Corp. 18.05.2012 170MB 4.5.2.5904 UNBEKANNT Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT Google Chrome Google Inc. 12.09.2012 27.0.1453.110 NOTWENDIG HP Customer Participation Program 13.0 HP 25.03.2013 13.0 UNBEKANNT HP Document Manager 2.0 HP 25.03.2013 2.0 NOTWENDIG HP Imaging Device Functions 13.0 HP 25.03.2013 13.0 UNBEKANNT HP Officejet 4500 G510n-z HP 21.10.2012 13.0 NOTWENDIG HP Smart Web Printing 4.5 HP 25.03.2013 4.5 NOTWENDIG HP Solution Center 13.0 HP 25.03.2013 13.0 NOTWENDIG HP Update Hewlett-Packard 25.03.2013 3,72MB 4.000.011.006 NOTWENDIG HUAWEI 3G Data Card Management Huawei Tech. 13.06.2013 HOST01.11.17.01.04.03 NOTWENDIG Intel(R) Control Center Intel Corporation 18.05.2012 1.2.1.1007 Intel(R) Management Engine Components Intel Corporation 18.05.2012 8.0.2.1410 Intel(R) Rapid Storage Technology Intel Corporation 18.05.2012 11.0.0.1032 Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 18.05.2012 1.0.3.214 Intel® Trusted Connect Service Client Intel Corporation 18.05.2012 10,6MB 1.23.605.1 iTunes Apple Inc. 04.05.2013 187MB 11.0.2.26 NOTWENDIG Java 7 Update 15 Oracle 23.02.2013 129MB 7.0.150 UNBEKANNT Java(TM) 7 Update 1 (64-bit) Oracle 18.05.2012 93,3MB 7.0.10 UNBEKANNT Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 14.06.2013 19,2MB 1.75.0.1300 Media Go Sony 18.05.2012 99,3MB 2.0.317 UNBEKANNT Microsoft .NET Framework 4 Client Profile Microsoft Corporation 11.02.2011 38,8MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 18.05.2012 2,93MB 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 11.02.2011 51,9MB 4.0.30319 Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 18.05.2012 10,6MB 4.0.30319 Microsoft Office Professional Plus 2010 Microsoft Corporation 16.10.2012 14.0.6029.1000 Microsoft Silverlight Microsoft Corporation 16.03.2013 50,6MB 5.1.20125.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 18.05.2012 1,69MB 3.1.0000 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.09.2012 290KB 8.0.61001 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 18.05.2012 788KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 15.09.2012 788KB 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 18.05.2012 596KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 18.05.2012 590KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.09.2012 590KB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 08.11.2012 5,28MB 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 15.09.2012 4,56MB 10.0.40219 Mobile Partner Manager ZTE Corporation 12.09.2012 1.0.0.1 NOTWENDIG MSXML 4.0 SP3 Parser Microsoft Corporation 18.05.2012 1,47MB 4.30.2100.0 UNBEKANNT MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 12.09.2012 1,53MB 4.30.2114.0 UNBEKANNT MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 12.01.2013 1,54MB 4.30.2117.0 UNBEKANNT OCR Software by I.R.I.S. 13.0 HP 25.03.2013 13.0 UNBEKANNT Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT PlayMemories Home Sony Corporation 18.05.2012 6.1.01.14210 UNBEKANNT PlayStation(R)Network Downloader Sony Computer Entertainment Inc. 18.05.2012 827KB 2.07.00849 UNNÖTIG PlayStation(R)Store Sony Computer Entertainment Inc. 18.05.2012 5,54MB 4.5.15.13232 UNNÖTIG Qualcomm Atheros WiFi Driver Installation Qualcomm Atheros 18.05.2012 3.0 UNBEKANNT Realtek High Definition Audio Driver Realtek Semiconductor Corp. 18.05.2012 6.0.1.6564 UNBEKANNT Realtek PCIE Card Reader Realtek Semiconductor Corp. 18.05.2012 6.1.7601.91 UNBEKANNT Shop for HP Supplies HP 25.03.2013 13.0 UNNÖTIG Skype™ 5.10 Skype Technologies S.A. 15.09.2012 19,4MB 5.10.116 NOTWENDIG Stronghold Firefly Studios 24.03.2013 1.20.0000 UNNÖTIG Stronghold Crusader Extreme Firefly Studios 24.03.2013 1.20.0000 UNNÖTIG Synaptics Pointing Device Driver Synaptics Incorporated 18.05.2012 46,4MB 16.0.1.0 UNBEKANNT Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT VAIO - Media Gallery Sony Corporation 18.05.2012 303MB 2.1.0.13300 VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 Sony Corporation 18.05.2012 23,3MB 1.0.00.01300 VAIO - PlayMemories Home Plug-in Sony Corporation 18.05.2012 1,94GB 2.0.00.14200 VAIO - Remote Play mit PlayStation®3 Sony Corporation 18.05.2012 1.1.0.21090 VAIO - Remote-Tastatur Sony Corporation 18.05.2012 1.2.0.09270 VAIO - Remote-Tastatur mit PlayStation®3 Sony Corporation 18.05.2012 1.2.0.09210 VAIO - TrackID™ mit BRAVIA Sony Corporation 18.05.2012 1.2.0.09270 VAIO Care Sony Corporation 11.09.2012 102MB 7.3.1.05290 VAIO Control Center Sony Corporation 18.05.2012 5.2.1.15070 VAIO Data Restore Tool Sony Corporation 18.05.2012 1.9.0.13190 VAIO Easy Connect Sony Corporation 18.05.2012 14,6MB 1.1.2.01120 VAIO Gate Sony Corporation 18.05.2012 2.4.1.09230 VAIO Gate Default Sony Corporation 18.05.2012 2.5.2.02090 VAIO Gesture Control Sony Corporation 18.05.2012 1.0.0.12300 VAIO Improvement Sony Corporation 18.05.2012 1.3.0.12280 VAIO Improvement Validation Sony Corporation 18.05.2012 496KB 1.0.4.01190 VAIO Sample Contents Sony Corporation 18.05.2012 1.4.2.09010 VAIO Smart Network Sony Corporation 18.05.2012 3.11.1.15220 VAIO Transfer Support Sony Corporation 15.09.2012 1.7.1.06040 VAIO Update Sony Corporation 14.06.2013 6.2.1.03260 VAIO-Handbuch Sony Corporation 18.05.2012 2.3.0.12300 VAIOCareLearnContents 11.02.2011 VAIO*CPU-Lüfterdiagnose Sony Corporation 18.05.2012 1.1.0.09200 VLC media player 2.0.3 VideoLAN 12.09.2012 2.0.3 WildTangent-Spiele WildTangent 18.05.2012 1.0.2.5 UNBEKANNT Windows Live Essentials Microsoft Corporation 18.05.2012 15.4.3538.0513 Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 18.05.2012 5,38MB 15.4.5722.2 Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT Windows Live Mesh ActiveX-objekt til fjernforbindelser Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz Microsoft Corporation 18.05.2012 5,38MB 15.4.5722.2 UNBEKANNT Windows Live Meshin etäyhteyksien ActiveX-komponentti Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT WinRAR 4.20 (64-Bit) win.rar GmbH 13.06.2013 4.20.0 NOTWENDIG Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις Microsoft Corporation 18.05.2012 5,38MB 15.4.5722.2 UNBEKANNT Елемент керування Windows Live Mesh ActiveX для віддалених підключень Microsoft Corporation 18.05.2012 5,38MB 15.4.5722.2 UNBEKANNT Элемент управления Windows Live Mesh ActiveX для удаленных подключений Microsoft Corporation 18.05.2012 5,37MB 15.4.5722.2 UNBEKANNT |
|
14.06.2013, 20:12
| #26 |
| /// Malware-holic | GVU/BKA-Trojaner bdas ist eine internet seite. deinstaliere: ActiveX Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Avira SearchFree : weg damit und zwar bitte beide Bing Control Controlo Contrôle CyberLink Evernote Formant Java : alle downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren deinstaliere: Kontrolnik Ovládací : beide PlayStation: beide Shop Skype™ Kostenlose Skype-Internetanrufe und günstige Online-Anrufe an Telefone ? Skype updaten. Stronghold : beide Uzak Windows Live : alle für dich unötigen Öffne CCleaner analysieren starten, pc neustarten Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.06.2013, 21:47
| #27 |
| | GVU/BKA-Trojaner so auch den hab ich durchgejagt: Code:
ATTFilter # AdwCleaner v2.303 - Datei am 14/06/2013 um 22:41:31 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Andre - ANDRE-VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Andre\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Users\Andre\AppData\Local\APN
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16490
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Google Chrome v27.0.1453.110
Datei : C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.37] : icon_url = "hxxp://www.ask.com/favicon.ico",
Gelöscht [l.40] : keyword = "ask.com",
Gelöscht [l.44] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-3&o=APN10395&locale=d[...]
Gelöscht [l.45] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]
Gelöscht [l.2022] : homepage = "hxxp://www.startfenster.com",
*************************
AdwCleaner[S1].txt - [2697 octets] - [14/06/2013 22:41:31]
########## EOF - C:\AdwCleaner[S1].txt - [2757 octets] ##########
|
|
15.06.2013, 13:30
| #28 |
| /// Malware-holic | GVU/BKA-Trojaner Hi, HitmanPro - Download - Filepony Hitmanpro laden, doppelklicken, Scan klicken. Nichts löschen, weiter klicken. Log speichern und posten, bzw als xml exportieren packen und anhängen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.06.2013, 15:11
| #29 |
| | GVU/BKA-Trojaner hab´s durchgejagt aber als ich weiter geklickt hab hat er von allein versucht 2 Datein zu löschen. das löschen ist aber Fehlgeschlagen Code:
ATTFilter HitmanPro 3.7.6.201
www.hitmanpro.com
Computer name . . . . : ANDRE-VAIO
Windows . . . . . . . : 6.1.1.7601.X64/2
User name . . . . . . : Andre-VAIO\Andre
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2013-06-15 16:02:24
Scan mode . . . . . . : Normal
Scan duration . . . . : 5m 36s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 20
Objects scanned . . . : 1.808.781
Files scanned . . . . : 23.414
Remnants scanned . . : 351.705 files / 1.433.662 keys
Cookies _____________________________________________________________________
C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
|
|
15.06.2013, 15:12
| #30 |
| /// Malware-holic | GVU/BKA-Trojaner ok passt Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu GVU/BKA-Trojaner |
| adobe, adobe flash player, antivir, association, avg, avira, bootmgr, desktop, explorer, farbar, farbar recovery scan tool, flash player, frst.txt, google, hdaudio.sys, home, opera, realtek, registry, scan, services.exe, software, starten, svchost.exe, system, trojaner, usb, usbvideo.sys, windows xp, winlogon.exe, wlan |
WARNUNG an die MITLESER: 
Linear-Darstellung
