| |
| |||||||
Log-Analyse und Auswertung: wssetup.exe eingefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.06.2013, 10:48
| #1 |
 |  wssetup.exe eingefangen Ich bekomme seit einigen Tagen nach dem Hochfahren meines Vaios die Aufforderung, dass ich einem Programm namens "wssetup.exe" erlauben soll, auf meinen PC zuzugreifen.Ich habe es bis jetzt nicht bestätigt ! Könntet ihr mir weiterhelfen, das Programm von meinem Rechner zu bekommen? Ich benutze Windows 8. Logfile ist zu groß zum anhängen, was nun ? Danke im voraus |
|
14.06.2013, 10:54
| #2 |
| /// Malware-holic   | wssetup.exe eingefangen Hi
__________________teilen, packen, oder am besten posten.
__________________ |
|
14.06.2013, 11:41
| #3 | |
| | wssetup.exe eingefangenZitat:
Als Anhang das Logfile. |
|
14.06.2013, 12:10
| #4 |
| /// Malware-holic | wssetup.exe eingefangen Hi am besten posten dass lässst sich am besten auswerten :-) falls zu groß zwischen diese 2 taks, also in code. Code:
ATTFilter
 TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.06.2013, 15:02
| #5 | |
| | wssetup.exe eingefangenZitat:
hier das File 15:58:31.0027 7824 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 15:58:31.0178 7824 ============================================================ 15:58:31.0178 7824 Current date / time: 2013/06/14 15:58:31.0178 15:58:31.0178 7824 SystemInfo: 15:58:31.0178 7824 15:58:31.0178 7824 OS Version: 6.2.9200 ServicePack: 0.0 15:58:31.0178 7824 Product type: Workstation 15:58:31.0179 7824 ComputerName: CLAUS-VAIO 15:58:31.0179 7824 UserName: Claus 15:58:31.0179 7824 Windows directory: C:\WINDOWS 15:58:31.0179 7824 System windows directory: C:\WINDOWS 15:58:31.0179 7824 Running under WOW64 15:58:31.0179 7824 Processor architecture: Intel x64 15:58:31.0179 7824 Number of processors: 8 15:58:31.0179 7824 Page size: 0x1000 15:58:31.0179 7824 Boot type: Normal boot 15:58:31.0179 7824 ============================================================ 15:58:32.0244 7824 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:58:32.0248 7824 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 15:58:32.0250 7824 ============================================================ 15:58:32.0250 7824 \Device\Harddisk0\DR0: 15:58:32.0250 7824 MBR partitions: 15:58:32.0250 7824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2872000, BlocksNum 0x32000 15:58:32.0250 7824 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x28A4000, BlocksNum 0x54CA1800 15:58:32.0250 7824 \Device\Harddisk1\DR1: 15:58:32.0251 7824 MBR partitions: 15:58:32.0251 7824 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x4000000 15:58:32.0251 7824 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x4000800, BlocksNum 0x36384800 15:58:32.0251 7824 ============================================================ 15:58:32.0273 7824 C: <-> \Device\Harddisk0\DR0\Partition2 15:58:32.0274 7824 E: <-> \Device\Harddisk1\DR1\Partition1 15:58:32.0613 7824 F: <-> \Device\Harddisk1\DR1\Partition2 15:58:32.0613 7824 ============================================================ 15:58:32.0613 7824 Initialize success 15:58:32.0613 7824 ============================================================ 15:58:41.0741 2464 ============================================================ 15:58:41.0741 2464 Scan started 15:58:41.0741 2464 Mode: Manual; SigCheck; TDLFS; 15:58:41.0741 2464 ============================================================ 15:58:42.0518 2464 ================ Scan system memory ======================== 15:58:42.0519 2464 System memory - ok 15:58:42.0519 2464 ================ Scan services ============================= 15:58:42.0657 2464 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 15:58:42.0729 2464 1394ohci - ok 15:58:42.0761 2464 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 15:58:42.0770 2464 3ware - ok 15:58:42.0875 2464 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 15:58:42.0910 2464 ACDaemon - ok 15:58:42.0958 2464 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 15:58:42.0984 2464 ACPI - ok 15:58:43.0010 2464 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 15:58:43.0018 2464 acpiex - ok 15:58:43.0034 2464 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 15:58:43.0085 2464 acpipagr - ok 15:58:43.0126 2464 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 15:58:43.0165 2464 AcpiPmi - ok 15:58:43.0202 2464 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 15:58:43.0231 2464 acpitime - ok 15:58:43.0280 2464 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys 15:58:43.0320 2464 adp94xx - ok 15:58:43.0336 2464 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys 15:58:43.0350 2464 adpahci - ok 15:58:43.0392 2464 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys 15:58:43.0418 2464 adpu320 - ok 15:58:43.0455 2464 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 15:58:43.0492 2464 AeLookupSvc - ok 15:58:43.0529 2464 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys 15:58:43.0567 2464 AFD - ok 15:58:43.0592 2464 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 15:58:43.0600 2464 agp440 - ok 15:58:43.0626 2464 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe 15:58:43.0667 2464 ALG - ok 15:58:43.0698 2464 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll 15:58:43.0724 2464 AllUserInstallAgent - ok 15:58:43.0760 2464 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 15:58:43.0785 2464 AmdK8 - ok 15:58:43.0807 2464 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 15:58:43.0828 2464 AmdPPM - ok 15:58:43.0864 2464 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 15:58:43.0889 2464 amdsata - ok 15:58:43.0928 2464 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 15:58:43.0946 2464 amdsbs - ok 15:58:43.0965 2464 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 15:58:43.0973 2464 amdxata - ok 15:58:44.0032 2464 [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll 15:58:44.0067 2464 AppHostSvc - ok 15:58:44.0102 2464 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys 15:58:44.0136 2464 AppID - ok 15:58:44.0174 2464 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 15:58:44.0209 2464 AppIDSvc - ok 15:58:44.0245 2464 [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo C:\WINDOWS\System32\appinfo.dll 15:58:44.0315 2464 Appinfo - ok 15:58:44.0406 2464 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 15:58:44.0429 2464 Apple Mobile Device - ok 15:58:44.0459 2464 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 15:58:44.0494 2464 AppMgmt - ok 15:58:44.0532 2464 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys 15:58:44.0548 2464 arc - ok 15:58:44.0584 2464 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 15:58:44.0600 2464 arcsas - ok 15:58:44.0619 2464 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys 15:58:44.0632 2464 ArcSoftKsUFilter - ok 15:58:44.0750 2464 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 15:58:44.0775 2464 aspnet_state - ok 15:58:44.0811 2464 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:58:44.0852 2464 AsyncMac - ok 15:58:44.0884 2464 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 15:58:44.0894 2464 atapi - ok 15:58:44.0916 2464 [ 50F257E19554421B6891E3F998EDCA90 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys 15:58:44.0938 2464 AthBTPort - ok 15:58:44.0971 2464 [ 51B7849747A0582096A41A366454E88E ] AtherosSvc C:\WINDOWS\system32\AdminService.exe 15:58:45.0016 2464 AtherosSvc - ok 15:58:45.0090 2464 [ DECE3E2832F125A41A02FB59F4C54EEA ] athr C:\WINDOWS\system32\DRIVERS\athrx.sys 15:58:45.0189 2464 athr - ok 15:58:45.0217 2464 [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 15:58:45.0253 2464 AudioEndpointBuilder - ok 15:58:45.0293 2464 [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 15:58:45.0324 2464 Audiosrv - ok 15:58:45.0358 2464 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 15:58:45.0389 2464 AxInstSV - ok 15:58:45.0430 2464 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 15:58:45.0467 2464 b06bdrv - ok 15:58:45.0500 2464 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 15:58:45.0522 2464 BasicDisplay - ok 15:58:45.0544 2464 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 15:58:45.0569 2464 BasicRender - ok 15:58:45.0608 2464 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 15:58:45.0636 2464 BBSvc - ok 15:58:45.0669 2464 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 15:58:45.0697 2464 BDESVC - ok 15:58:45.0717 2464 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 15:58:45.0741 2464 Beep - ok 15:58:45.0800 2464 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll 15:58:45.0853 2464 BFE - ok 15:58:45.0903 2464 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll 15:58:45.0961 2464 BITS - ok 15:58:46.0033 2464 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 15:58:46.0060 2464 Bonjour Service - ok 15:58:46.0071 2464 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 15:58:46.0104 2464 bowser - ok 15:58:46.0134 2464 [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 15:58:46.0164 2464 BrokerInfrastructure - ok 15:58:46.0190 2464 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll 15:58:46.0221 2464 Browser - ok 15:58:46.0248 2464 [ 848AF6F0CA27A9878F95489CF3858562 ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys 15:58:46.0278 2464 BTATH_A2DP - ok 15:58:46.0295 2464 [ 5E8DC51F85980AD3680ECE33F0086ED1 ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys 15:58:46.0307 2464 btath_avdt - ok 15:58:46.0354 2464 [ 8C816EBE14B24CD9CFBE94254D92A89A ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys 15:58:46.0376 2464 BtFilter - ok 15:58:46.0404 2464 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 15:58:46.0413 2464 BthAvrcpTg - ok 15:58:46.0435 2464 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 15:58:46.0460 2464 BthEnum - ok 15:58:46.0491 2464 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 15:58:46.0525 2464 BthHFEnum - ok 15:58:46.0557 2464 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 15:58:46.0590 2464 bthhfhid - ok 15:58:46.0626 2464 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 15:58:46.0668 2464 BTHMODEM - ok 15:58:46.0695 2464 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys 15:58:46.0708 2464 BthPan - ok 15:58:46.0769 2464 [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys 15:58:46.0817 2464 BTHPORT - ok 15:58:46.0851 2464 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll 15:58:46.0876 2464 bthserv - ok 15:58:46.0908 2464 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys 15:58:46.0945 2464 BTHUSB - ok 15:58:46.0979 2464 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 15:58:47.0007 2464 cdfs - ok 15:58:47.0036 2464 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 15:58:47.0072 2464 cdrom - ok 15:58:47.0102 2464 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 15:58:47.0129 2464 CertPropSvc - ok 15:58:47.0156 2464 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys 15:58:47.0210 2464 circlass - ok 15:58:47.0251 2464 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 15:58:47.0278 2464 CLFS - ok 15:58:47.0392 2464 [ 56FD3254AD494BF18F9829ECC48526B6 ] CLHNServiceForPowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe 15:58:47.0410 2464 CLHNServiceForPowerDVD12 - ok 15:58:47.0449 2464 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 15:58:47.0482 2464 CmBatt - ok 15:58:47.0523 2464 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 15:58:47.0556 2464 CNG - ok 15:58:47.0572 2464 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 15:58:47.0608 2464 CompositeBus - ok 15:58:47.0611 2464 COMSysApp - ok 15:58:47.0636 2464 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys 15:58:47.0661 2464 condrv - ok 15:58:47.0697 2464 [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 15:58:47.0738 2464 CryptSvc - ok 15:58:47.0776 2464 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys 15:58:47.0801 2464 CSC - ok 15:58:47.0841 2464 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll 15:58:47.0859 2464 CscService - ok 15:58:47.0911 2464 [ 07B1F56AC12C5B70EEDF3AD8F218B663 ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe 15:58:47.0923 2464 CyberLink PowerDVD 12 Media Server Monitor Service - ok 15:58:47.0943 2464 [ 666E28DB4F17EBBC629447047A3A38B8 ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe 15:58:47.0963 2464 CyberLink PowerDVD 12 Media Server Service - ok 15:58:48.0003 2464 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys 15:58:48.0028 2464 dam - ok 15:58:48.0073 2464 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 15:58:48.0116 2464 DcomLaunch - ok 15:58:48.0139 2464 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 15:58:48.0176 2464 defragsvc - ok 15:58:48.0209 2464 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 15:58:48.0245 2464 DeviceAssociationService - ok 15:58:48.0305 2464 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 15:58:48.0337 2464 DeviceInstall - ok 15:58:48.0363 2464 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 15:58:48.0388 2464 Dfsc - ok 15:58:48.0429 2464 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 15:58:48.0460 2464 Dhcp - ok 15:58:48.0499 2464 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys 15:58:48.0519 2464 discache - ok 15:58:48.0536 2464 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys 15:58:48.0548 2464 disk - ok 15:58:48.0584 2464 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 15:58:48.0612 2464 dmvsc - ok 15:58:48.0648 2464 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 15:58:48.0682 2464 Dnscache - ok 15:58:48.0720 2464 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll 15:58:48.0762 2464 dot3svc - ok 15:58:48.0796 2464 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll 15:58:48.0817 2464 DPS - ok 15:58:48.0851 2464 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 15:58:48.0859 2464 drmkaud - ok 15:58:48.0894 2464 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 15:58:48.0922 2464 DsmSvc - ok 15:58:48.0984 2464 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 15:58:49.0038 2464 DXGKrnl - ok 15:58:49.0063 2464 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll 15:58:49.0074 2464 Eaphost - ok 15:58:49.0169 2464 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 15:58:49.0317 2464 ebdrv - ok 15:58:49.0350 2464 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe 15:58:49.0387 2464 EFS - ok 15:58:49.0457 2464 [ 4B84E647C934EDFF7F28C4B91A5C0864 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe 15:58:49.0509 2464 ehRecvr - ok 15:58:49.0540 2464 [ 72781EC7A97E44B9651550D7A83D1B96 ] ehSched C:\WINDOWS\ehome\ehsched.exe 15:58:49.0556 2464 ehSched - ok 15:58:49.0590 2464 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 15:58:49.0604 2464 EhStorClass - ok 15:58:49.0624 2464 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 15:58:49.0640 2464 EhStorTcgDrv - ok 15:58:49.0655 2464 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 15:58:49.0678 2464 ErrDev - ok 15:58:49.0718 2464 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll 15:58:49.0750 2464 EventSystem - ok 15:58:49.0776 2464 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 15:58:49.0807 2464 exfat - ok 15:58:49.0830 2464 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 15:58:49.0841 2464 fastfat - ok 15:58:49.0871 2464 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe 15:58:49.0899 2464 Fax - ok 15:58:49.0917 2464 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 15:58:49.0937 2464 fdc - ok 15:58:49.0970 2464 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll 15:58:50.0005 2464 fdPHost - ok 15:58:50.0034 2464 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll 15:58:50.0078 2464 FDResPub - ok 15:58:50.0112 2464 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 15:58:50.0145 2464 fhsvc - ok 15:58:50.0171 2464 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 15:58:50.0181 2464 FileInfo - ok 15:58:50.0204 2464 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 15:58:50.0227 2464 Filetrace - ok 15:58:50.0251 2464 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 15:58:50.0279 2464 flpydisk - ok 15:58:50.0300 2464 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 15:58:50.0314 2464 FltMgr - ok 15:58:50.0372 2464 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll 15:58:50.0416 2464 FontCache - ok 15:58:50.0472 2464 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:58:50.0493 2464 FontCache3.0.0.0 - ok 15:58:50.0514 2464 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 15:58:50.0528 2464 FsDepends - ok 15:58:50.0556 2464 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:58:50.0569 2464 Fs_Rec - ok 15:58:50.0615 2464 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 15:58:50.0631 2464 fvevol - ok 15:58:50.0668 2464 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 15:58:50.0687 2464 FxPPM - ok 15:58:50.0700 2464 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 15:58:50.0715 2464 gagp30kx - ok 15:58:50.0755 2464 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 15:58:50.0766 2464 GEARAspiWDM - ok 15:58:50.0807 2464 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 15:58:50.0845 2464 gencounter - ok 15:58:50.0881 2464 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 15:58:50.0911 2464 GPIOClx0101 - ok 15:58:50.0958 2464 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 15:58:50.0989 2464 gpsvc - ok 15:58:51.0020 2464 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 15:58:51.0043 2464 HDAudBus - ok 15:58:51.0077 2464 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 15:58:51.0105 2464 HidBatt - ok 15:58:51.0139 2464 [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 15:58:51.0185 2464 HidBth - ok 15:58:51.0228 2464 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 15:58:51.0267 2464 hidi2c - ok 15:58:51.0300 2464 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 15:58:51.0358 2464 HidIr - ok 15:58:51.0379 2464 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll 15:58:51.0408 2464 hidserv - ok 15:58:51.0442 2464 [ 012C354B4AB48E9A7A657DF39E3A2073 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 15:58:51.0450 2464 HidUsb - ok 15:58:51.0481 2464 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 15:58:51.0505 2464 hkmsvc - ok 15:58:51.0531 2464 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 15:58:51.0561 2464 HomeGroupListener - ok 15:58:51.0586 2464 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 15:58:51.0611 2464 HomeGroupProvider - ok 15:58:51.0639 2464 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 15:58:51.0651 2464 HpSAMD - ok 15:58:51.0703 2464 [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 15:58:51.0754 2464 HTTP - ok 15:58:51.0791 2464 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 15:58:51.0798 2464 hwpolicy - ok 15:58:51.0813 2464 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 15:58:51.0836 2464 hyperkbd - ok 15:58:51.0860 2464 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 15:58:51.0894 2464 HyperVideo - ok 15:58:51.0926 2464 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 15:58:51.0961 2464 i8042prt - ok 15:58:52.0002 2464 [ D469B77687E12FE43E344806740B624D ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys 15:58:52.0025 2464 iaStor - ok 15:58:52.0051 2464 [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 15:58:52.0063 2464 iaStorA - ok 15:58:52.0127 2464 [ 777788D9B63CCEEEF2DB353BA4EDD454 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 15:58:52.0142 2464 IAStorDataMgrSvc - ok 15:58:52.0190 2464 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 15:58:52.0235 2464 iaStorV - ok 15:58:52.0247 2464 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys 15:58:52.0257 2464 iirsp - ok 15:58:52.0309 2464 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll 15:58:52.0349 2464 IKEEXT - ok 15:58:52.0417 2464 [ A3C9367A02B2A1FC22536ADD3601B64F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 15:58:52.0468 2464 IntcAzAudAddService - ok 15:58:52.0529 2464 [ C2712BF2D18C0D4214065A170E80C664 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 15:58:52.0567 2464 Intel(R) Capability Licensing Service Interface - ok 15:58:52.0603 2464 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 15:58:52.0610 2464 intelide - ok 15:58:52.0643 2464 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 15:58:52.0672 2464 intelppm - ok 15:58:52.0698 2464 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:58:52.0730 2464 IpFilterDriver - ok 15:58:52.0780 2464 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 15:58:52.0820 2464 iphlpsvc - ok 15:58:52.0831 2464 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 15:58:52.0859 2464 IPMIDRV - ok 15:58:52.0891 2464 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 15:58:52.0921 2464 IPNAT - ok 15:58:52.0990 2464 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 15:58:53.0023 2464 iPod Service - ok 15:58:53.0058 2464 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 15:58:53.0094 2464 IRENUM - ok 15:58:53.0137 2464 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 15:58:53.0151 2464 isapnp - ok 15:58:53.0195 2464 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 15:58:53.0228 2464 iScsiPrt - ok 15:58:53.0295 2464 [ 54C6B346D6FF1944A6E7587EB4942589 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 15:58:53.0317 2464 jhi_service - ok 15:58:53.0340 2464 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 15:58:53.0365 2464 kbdclass - ok 15:58:53.0379 2464 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 15:58:53.0391 2464 kbdhid - ok 15:58:53.0419 2464 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 15:58:53.0447 2464 kdnic - ok 15:58:53.0472 2464 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe 15:58:53.0486 2464 KeyIso - ok 15:58:53.0517 2464 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 15:58:53.0532 2464 KSecDD - ok 15:58:53.0563 2464 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 15:58:53.0579 2464 KSecPkg - ok 15:58:53.0609 2464 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 15:58:53.0631 2464 ksthunk - ok 15:58:53.0668 2464 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 15:58:53.0691 2464 KtmRm - ok 15:58:53.0722 2464 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 15:58:53.0757 2464 LanmanServer - ok 15:58:53.0776 2464 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 15:58:53.0788 2464 LanmanWorkstation - ok 15:58:53.0803 2464 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 15:58:53.0815 2464 lltdio - ok 15:58:53.0834 2464 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 15:58:53.0861 2464 lltdsvc - ok 15:58:53.0874 2464 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 15:58:53.0895 2464 lmhosts - ok 15:58:53.0929 2464 [ 4BE94D758691FAA00181F799CF528088 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 15:58:53.0938 2464 LMS - ok 15:58:53.0970 2464 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 15:58:53.0980 2464 LSI_SAS - ok 15:58:53.0990 2464 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 15:58:53.0999 2464 LSI_SAS2 - ok 15:58:54.0012 2464 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys 15:58:54.0022 2464 LSI_SCSI - ok 15:58:54.0050 2464 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 15:58:54.0059 2464 LSI_SSS - ok 15:58:54.0091 2464 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\WINDOWS\System32\lsm.dll 15:58:54.0135 2464 LSM - ok 15:58:54.0172 2464 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 15:58:54.0203 2464 luafv - ok 15:58:54.0220 2464 [ 4448CCEA974F0B15A00EA33FCEDFC062 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll 15:58:54.0251 2464 Mcx2Svc - ok 15:58:54.0272 2464 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys 15:58:54.0283 2464 megasas - ok 15:58:54.0314 2464 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys 15:58:54.0360 2464 MegaSR - ok 15:58:54.0381 2464 [ D71FD7A4FDB01C554AE144037B688DF1 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys 15:58:54.0386 2464 MEIx64 - ok 15:58:54.0417 2464 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll 15:58:54.0427 2464 MMCSS - ok 15:58:54.0442 2464 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys 15:58:54.0468 2464 Modem - ok 15:58:54.0498 2464 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\WINDOWS\System32\drivers\monitor.sys 15:58:54.0529 2464 monitor - ok 15:58:54.0558 2464 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 15:58:54.0574 2464 mouclass - ok 15:58:54.0599 2464 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 15:58:54.0622 2464 mouhid - ok 15:58:54.0658 2464 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 15:58:54.0667 2464 mountmgr - ok 15:58:54.0702 2464 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 15:58:54.0730 2464 mpsdrv - ok 15:58:54.0774 2464 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 15:58:54.0818 2464 MpsSvc - ok 15:58:54.0871 2464 [ 866AF645A3B1F4358C4201CE089839EA ] MQAC C:\WINDOWS\system32\drivers\mqac.sys 15:58:54.0918 2464 MQAC - ok 15:58:54.0945 2464 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 15:58:54.0976 2464 MRxDAV - ok 15:58:55.0013 2464 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:58:55.0034 2464 mrxsmb - ok 15:58:55.0053 2464 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 15:58:55.0074 2464 mrxsmb10 - ok 15:58:55.0100 2464 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 15:58:55.0147 2464 mrxsmb20 - ok 15:58:55.0196 2464 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 15:58:55.0246 2464 MsBridge - ok 15:58:55.0275 2464 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe 15:58:55.0309 2464 MSDTC - ok 15:58:55.0339 2464 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 15:58:55.0367 2464 Msfs - ok 15:58:55.0394 2464 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 15:58:55.0407 2464 msgpiowin32 - ok 15:58:55.0425 2464 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 15:58:55.0456 2464 mshidkmdf - ok 15:58:55.0493 2464 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 15:58:55.0521 2464 mshidumdf - ok 15:58:55.0556 2464 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 15:58:55.0569 2464 msisadrv - ok 15:58:55.0623 2464 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 15:58:55.0660 2464 MSiSCSI - ok 15:58:55.0664 2464 msiserver - ok 15:58:55.0687 2464 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:58:55.0738 2464 MSKSSRV - ok 15:58:55.0758 2464 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 15:58:55.0798 2464 MsLldp - ok 15:58:55.0829 2464 [ 80FF037D6184FFACB2740A50C7949D20 ] MSMQ C:\WINDOWS\system32\mqsvc.exe 15:58:55.0839 2464 MSMQ - ok 15:58:55.0860 2464 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:58:55.0880 2464 MSPCLOCK - ok 15:58:55.0908 2464 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 15:58:55.0934 2464 MSPQM - ok 15:58:55.0959 2464 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 15:58:55.0986 2464 MsRPC - ok 15:58:56.0008 2464 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 15:58:56.0015 2464 mssmbios - ok 15:58:56.0026 2464 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 15:58:56.0053 2464 MSTEE - ok 15:58:56.0076 2464 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 15:58:56.0084 2464 MTConfig - ok 15:58:56.0093 2464 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys 15:58:56.0102 2464 Mup - ok 15:58:56.0122 2464 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 15:58:56.0130 2464 mvumis - ok 15:58:56.0172 2464 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll 15:58:56.0224 2464 napagent - ok 15:58:56.0258 2464 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 15:58:56.0278 2464 NativeWifiP - ok 15:58:56.0294 2464 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 15:58:56.0305 2464 NcaSvc - ok 15:58:56.0332 2464 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 15:58:56.0357 2464 NcdAutoSetup - ok 15:58:56.0401 2464 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 15:58:56.0429 2464 NDIS - ok 15:58:56.0468 2464 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 15:58:56.0515 2464 NdisCap - ok 15:58:56.0539 2464 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 15:58:56.0567 2464 NdisImPlatform - ok 15:58:56.0605 2464 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:58:56.0617 2464 NdisTapi - ok 15:58:56.0636 2464 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:58:56.0662 2464 Ndisuio - ok 15:58:56.0682 2464 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:58:56.0711 2464 NdisWan - ok 15:58:56.0715 2464 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:58:56.0726 2464 NDISWANLEGACY - ok 15:58:56.0747 2464 [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 15:58:56.0767 2464 NDProxy - ok 15:58:56.0800 2464 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 15:58:56.0826 2464 Ndu - ok 15:58:56.0846 2464 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 15:58:56.0856 2464 NetBIOS - ok 15:58:56.0878 2464 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 15:58:56.0902 2464 NetBT - ok 15:58:56.0917 2464 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe 15:58:56.0926 2464 Netlogon - ok 15:58:56.0952 2464 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll 15:58:56.0984 2464 Netman - ok 15:58:57.0022 2464 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:58:57.0031 2464 NetMsmqActivator - ok 15:58:57.0034 2464 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:58:57.0042 2464 NetPipeActivator - ok 15:58:57.0077 2464 [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 15:58:57.0093 2464 netprofm - ok 15:58:57.0097 2464 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:58:57.0105 2464 NetTcpActivator - ok 15:58:57.0108 2464 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:58:57.0116 2464 NetTcpPortSharing - ok 15:58:57.0145 2464 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys 15:58:57.0153 2464 nfrd960 - ok 15:58:57.0189 2464 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 15:58:57.0222 2464 NlaSvc - ok 15:58:57.0245 2464 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 15:58:57.0255 2464 Npfs - ok 15:58:57.0285 2464 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 15:58:57.0316 2464 npsvctrig - ok 15:58:57.0337 2464 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll 15:58:57.0349 2464 nsi - ok 15:58:57.0377 2464 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 15:58:57.0408 2464 nsiproxy - ok 15:58:57.0481 2464 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 15:58:57.0534 2464 Ntfs - ok 15:58:57.0565 2464 [ A773AA47341A1FD16C6A9BA3C11D7DAA ] ntk_PowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys 15:58:57.0571 2464 ntk_PowerDVD12 - ok 15:58:57.0594 2464 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys 15:58:57.0602 2464 Null - ok 15:58:57.0644 2464 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys 15:58:57.0667 2464 NVHDA - ok 15:58:57.0888 2464 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 15:58:58.0160 2464 nvlddmkm - ok 15:58:58.0190 2464 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 15:58:58.0199 2464 nvraid - ok 15:58:58.0230 2464 [ 445CD678770FEE791665E2650594BFC2 ] nvservice C:\WINDOWS\system32\nvservice.exe 15:58:58.0238 2464 nvservice - ok 15:58:58.0274 2464 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 15:58:58.0284 2464 nvstor - ok 15:58:58.0330 2464 [ A83AC04D672567CAF8BE7A4D73C0B850 ] NVSvc C:\Windows\system32\nvvsvc.exe 15:58:58.0375 2464 NVSvc - ok 15:58:58.0433 2464 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 15:58:58.0482 2464 nvUpdatusService - ok 15:58:58.0507 2464 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 15:58:58.0520 2464 nv_agp - ok 15:58:58.0554 2464 [ 771CBC95B0B8A45AAAF049736EFCCF10 ] NWVoltron C:\WINDOWS\System32\drivers\NWVoltron.sys 15:58:58.0561 2464 NWVoltron - ok 15:58:58.0591 2464 [ A625C7EB31AE9F9C78F79303C28EE472 ] NWWakeFilterV C:\WINDOWS\System32\drivers\NWWakeFilterV.sys 15:58:58.0598 2464 NWWakeFilterV - ok 15:58:58.0684 2464 [ CF7B55AEF7AA9CF053C8B33D8055C367 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe 15:58:58.0724 2464 OfficeSvc - ok 15:58:58.0751 2464 [ 11E0B35479C895888BA3D7F619DCFFF3 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:58:58.0760 2464 ose64 - ok 15:58:58.0800 2464 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 15:58:58.0853 2464 p2pimsvc - ok 15:58:58.0881 2464 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 15:58:58.0920 2464 p2psvc - ok 15:58:58.0956 2464 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys 15:58:58.0983 2464 Parport - ok 15:58:59.0014 2464 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 15:58:59.0023 2464 partmgr - ok 15:58:59.0055 2464 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 15:58:59.0088 2464 PcaSvc - ok 15:58:59.0116 2464 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys 15:58:59.0128 2464 pci - ok 15:58:59.0145 2464 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 15:58:59.0152 2464 pciide - ok 15:58:59.0169 2464 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 15:58:59.0180 2464 pcmcia - ok 15:58:59.0206 2464 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 15:58:59.0213 2464 pcw - ok 15:58:59.0241 2464 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\WINDOWS\system32\drivers\pdc.sys 15:58:59.0249 2464 pdc - ok 15:58:59.0309 2464 [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 15:58:59.0354 2464 PEAUTH - ok 15:58:59.0466 2464 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll 15:58:59.0519 2464 PeerDistSvc - ok 15:58:59.0593 2464 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 15:58:59.0612 2464 PerfHost - ok 15:58:59.0667 2464 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll 15:58:59.0698 2464 pla - ok 15:58:59.0739 2464 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 15:58:59.0767 2464 PlugPlay - ok 15:58:59.0794 2464 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 15:58:59.0817 2464 PNRPAutoReg - ok 15:58:59.0841 2464 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 15:58:59.0858 2464 PNRPsvc - ok 15:58:59.0888 2464 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 15:58:59.0905 2464 PolicyAgent - ok 15:58:59.0938 2464 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\WINDOWS\system32\umpo.dll 15:58:59.0948 2464 Power - ok 15:58:59.0978 2464 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:58:59.0989 2464 PptpMiniport - ok 15:59:00.0115 2464 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll 15:59:00.0186 2464 PrintNotify - ok 15:59:00.0212 2464 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys 15:59:00.0234 2464 Processor - ok 15:59:00.0264 2464 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll 15:59:00.0294 2464 ProfSvc - ok 15:59:00.0324 2464 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 15:59:00.0353 2464 Psched - ok 15:59:00.0385 2464 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll 15:59:00.0410 2464 QWAVE - ok 15:59:00.0447 2464 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 15:59:00.0456 2464 QWAVEdrv - ok 15:59:00.0486 2464 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:59:00.0496 2464 RasAcd - ok 15:59:00.0520 2464 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys 15:59:00.0547 2464 RasAgileVpn - ok 15:59:00.0586 2464 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll 15:59:00.0638 2464 RasAuto - ok 15:59:00.0665 2464 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:59:00.0701 2464 Rasl2tp - ok 15:59:00.0750 2464 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll 15:59:00.0787 2464 RasMan - ok 15:59:00.0820 2464 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:59:00.0836 2464 RasPppoe - ok 15:59:00.0845 2464 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys 15:59:00.0868 2464 RasSstp - ok 15:59:00.0896 2464 [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:59:00.0932 2464 rdbss - ok 15:59:00.0968 2464 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 15:59:00.0976 2464 rdpbus - ok 15:59:00.0994 2464 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 15:59:01.0023 2464 RDPDR - ok 15:59:01.0056 2464 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 15:59:01.0064 2464 RdpVideoMiniport - ok 15:59:01.0100 2464 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 15:59:01.0138 2464 RDPWD - ok 15:59:01.0164 2464 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 15:59:01.0181 2464 rdyboost - ok 15:59:01.0205 2464 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys 15:59:01.0222 2464 regi - ok 15:59:01.0266 2464 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 15:59:01.0299 2464 RemoteAccess - ok 15:59:01.0325 2464 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 15:59:01.0367 2464 RemoteRegistry - ok 15:59:01.0421 2464 [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 15:59:01.0438 2464 RFCOMM - ok 15:59:01.0470 2464 [ B55AECDB72923D649F4A3F0FE99C254C ] rimspci C:\WINDOWS\system32\DRIVERS\rimssne64.sys 15:59:01.0482 2464 rimspci - ok 15:59:01.0486 2464 [ B55AECDB72923D649F4A3F0FE99C254C ] rimssne C:\WINDOWS\System32\drivers\rimssne64.sys 15:59:01.0495 2464 rimssne - ok 15:59:01.0532 2464 [ E33075C22C14C57095F037253F936BB8 ] risdsnpe C:\WINDOWS\system32\DRIVERS\risdsnxc64.sys 15:59:01.0547 2464 risdsnpe ( UnsignedFile.Multi.Generic ) - warning 15:59:01.0547 2464 risdsnpe - detected UnsignedFile.Multi.Generic (1) 15:59:01.0581 2464 [ 5B5FF622A55B479E1F2DDD92FF6CBFD3 ] risdxc C:\WINDOWS\System32\drivers\risdxc64.sys 15:59:01.0603 2464 risdxc - ok 15:59:01.0633 2464 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 15:59:01.0642 2464 RpcEptMapper - ok 15:59:01.0667 2464 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe 15:59:01.0676 2464 RpcLocator - ok 15:59:01.0722 2464 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll 15:59:01.0751 2464 RpcSs - ok 15:59:01.0770 2464 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 15:59:01.0793 2464 rspndr - ok 15:59:01.0846 2464 [ 17DFD02577A5A635FA9642E1F7AE866B ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 15:59:01.0900 2464 RTL8168 - ok 15:59:01.0912 2464 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 15:59:01.0922 2464 s3cap - ok 15:59:01.0939 2464 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\WINDOWS\system32\lsass.exe 15:59:01.0947 2464 SamSs - ok 15:59:01.0983 2464 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 15:59:02.0010 2464 sbp2port - ok 15:59:02.0051 2464 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 15:59:02.0085 2464 SCardSvr - ok 15:59:02.0125 2464 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 15:59:02.0155 2464 scfilter - ok 15:59:02.0206 2464 [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule C:\WINDOWS\system32\schedsvc.dll 15:59:02.0237 2464 Schedule - ok 15:59:02.0269 2464 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 15:59:02.0279 2464 SCPolicySvc - ok 15:59:02.0310 2464 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 15:59:02.0321 2464 sdbus - ok 15:59:02.0355 2464 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 15:59:02.0381 2464 SDRSVC - ok 15:59:02.0417 2464 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 15:59:02.0426 2464 sdstor - ok 15:59:02.0475 2464 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 15:59:02.0501 2464 SeaPort - ok 15:59:02.0514 2464 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 15:59:02.0529 2464 secdrv - ok 15:59:02.0562 2464 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll 15:59:02.0600 2464 seclogon - ok 15:59:02.0630 2464 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll 15:59:02.0663 2464 SENS - ok 15:59:02.0698 2464 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 15:59:02.0712 2464 SensrSvc - ok 15:59:02.0726 2464 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 15:59:02.0757 2464 SerCx - ok 15:59:02.0792 2464 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 15:59:02.0828 2464 Serenum - ok 15:59:02.0846 2464 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys 15:59:02.0867 2464 Serial - ok 15:59:02.0902 2464 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 15:59:02.0940 2464 sermouse - ok 15:59:03.0000 2464 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll 15:59:03.0053 2464 SessionEnv - ok 15:59:03.0089 2464 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\WINDOWS\System32\drivers\SFEP.sys 15:59:03.0112 2464 SFEP - ok 15:59:03.0141 2464 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 15:59:03.0165 2464 sfloppy - ok 15:59:03.0206 2464 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 15:59:03.0248 2464 SharedAccess - ok 15:59:03.0284 2464 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 15:59:03.0338 2464 ShellHWDetection - ok 15:59:03.0377 2464 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 15:59:03.0390 2464 SiSRaid2 - ok 15:59:03.0405 2464 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 15:59:03.0421 2464 SiSRaid4 - ok 15:59:03.0465 2464 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 15:59:03.0485 2464 SkypeUpdate - ok 15:59:03.0514 2464 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 15:59:03.0534 2464 SNMPTRAP - ok 15:59:03.0566 2464 [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 15:59:03.0577 2464 spaceport - ok 15:59:03.0601 2464 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 15:59:03.0622 2464 SpbCx - ok 15:59:03.0660 2464 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe 15:59:03.0678 2464 Spooler - ok 15:59:03.0795 2464 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe 15:59:03.0971 2464 sppsvc - ok 15:59:04.0005 2464 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 15:59:04.0031 2464 srv - ok 15:59:04.0072 2464 [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 15:59:04.0115 2464 srv2 - ok 15:59:04.0151 2464 [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 15:59:04.0175 2464 srvnet - ok 15:59:04.0211 2464 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 15:59:04.0225 2464 SSDPSRV - ok 15:59:04.0247 2464 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 15:59:04.0259 2464 SstpSvc - ok 15:59:04.0329 2464 [ E4487C3B028E2B0A3573F4727205EA46 ] Start8 C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe 15:59:04.0359 2464 Start8 - ok 15:59:04.0405 2464 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 15:59:04.0421 2464 Stereo Service - ok 15:59:04.0442 2464 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 15:59:04.0453 2464 stexstor - ok 15:59:04.0483 2464 [ 8043459C054DC9C0AEF298234C303D0A ] sthid C:\WINDOWS\System32\drivers\sthid.sys 15:59:04.0491 2464 sthid - ok 15:59:04.0535 2464 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll 15:59:04.0576 2464 stisvc - ok 15:59:04.0608 2464 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 15:59:04.0616 2464 storahci - ok 15:59:04.0648 2464 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys 15:59:04.0655 2464 storflt - ok 15:59:04.0673 2464 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll 15:59:04.0682 2464 StorSvc - ok 15:59:04.0694 2464 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 15:59:04.0702 2464 storvsc - ok 15:59:04.0730 2464 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys 15:59:04.0757 2464 storvsp - ok 15:59:04.0783 2464 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll 15:59:04.0834 2464 svsvc - ok 15:59:04.0850 2464 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 15:59:04.0857 2464 swenum - ok 15:59:04.0889 2464 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll 15:59:04.0909 2464 swprv - ok 15:59:04.0949 2464 [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain C:\WINDOWS\system32\sysmain.dll 15:59:05.0008 2464 SysMain - ok 15:59:05.0054 2464 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 15:59:05.0090 2464 SystemEventsBroker - ok 15:59:05.0132 2464 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 15:59:05.0150 2464 TabletInputService - ok 15:59:05.0192 2464 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 15:59:05.0234 2464 TapiSrv - ok 15:59:05.0312 2464 [ D750CE2A52F1B95E654CF2904C88EF1F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 15:59:05.0367 2464 Tcpip - ok 15:59:05.0424 2464 [ D750CE2A52F1B95E654CF2904C88EF1F ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:59:05.0466 2464 TCPIP6 - ok 15:59:05.0503 2464 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 15:59:05.0514 2464 tcpipreg - ok 15:59:05.0549 2464 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 15:59:05.0600 2464 tdx - ok 15:59:05.0631 2464 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 15:59:05.0645 2464 terminpt - ok 15:59:05.0667 2464 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll 15:59:05.0696 2464 TermService - ok 15:59:05.0718 2464 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll 15:59:05.0743 2464 Themes - ok 15:59:05.0774 2464 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\WINDOWS\system32\mmcss.dll 15:59:05.0782 2464 THREADORDER - ok 15:59:05.0808 2464 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 15:59:05.0818 2464 TimeBroker - ok 15:59:05.0848 2464 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\WINDOWS\system32\drivers\tpm.sys 15:59:05.0868 2464 TPM - ok 15:59:05.0902 2464 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll 15:59:05.0937 2464 TrkWks - ok 15:59:05.0981 2464 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 15:59:06.0012 2464 TrustedInstaller - ok 15:59:06.0037 2464 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 15:59:06.0045 2464 TsUsbFlt - ok 15:59:06.0077 2464 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 15:59:06.0117 2464 TsUsbGD - ok 15:59:06.0143 2464 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 15:59:06.0167 2464 tunnel - ok 15:59:06.0190 2464 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 15:59:06.0207 2464 uagp35 - ok 15:59:06.0230 2464 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 15:59:06.0241 2464 UASPStor - ok 15:59:06.0297 2464 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 15:59:06.0315 2464 uCamMonitor - ok 15:59:06.0351 2464 [ 7C33D8B8A5EA2321B84A1B6653CBD0DB ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 15:59:06.0371 2464 UCX01000 - ok 15:59:06.0400 2464 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 15:59:06.0428 2464 udfs - ok 15:59:06.0449 2464 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 15:59:06.0472 2464 UI0Detect - ok 15:59:06.0497 2464 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 15:59:06.0505 2464 uliagpkx - ok 15:59:06.0518 2464 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 15:59:06.0549 2464 umbus - ok 15:59:06.0579 2464 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 15:59:06.0601 2464 UmPass - ok 15:59:06.0632 2464 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll 15:59:06.0657 2464 UmRdpService - ok 15:59:06.0736 2464 [ C3F2CA25E371DA2EB0AE13DDF9484FDE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 15:59:06.0767 2464 UNS - ok 15:59:06.0810 2464 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll 15:59:06.0844 2464 upnphost - ok 15:59:06.0863 2464 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys 15:59:06.0893 2464 USBAAPL64 - ok 15:59:06.0915 2464 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 15:59:06.0937 2464 usbccgp - ok 15:59:06.0966 2464 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 15:59:06.0994 2464 usbcir - ok 15:59:07.0028 2464 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 15:59:07.0055 2464 usbehci - ok 15:59:07.0078 2464 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 15:59:07.0102 2464 usbhub - ok 15:59:07.0124 2464 [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 15:59:07.0141 2464 USBHUB3 - ok 15:59:07.0182 2464 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 15:59:07.0217 2464 usbohci - ok 15:59:07.0258 2464 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 15:59:07.0295 2464 usbprint - ok 15:59:07.0336 2464 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 15:59:07.0355 2464 USBSTOR - ok 15:59:07.0372 2464 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 15:59:07.0394 2464 usbuhci - ok 15:59:07.0428 2464 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 15:59:07.0457 2464 usbvideo - ok 15:59:07.0489 2464 [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 15:59:07.0503 2464 USBXHCI - ok 15:59:07.0591 2464 [ D1933E428D991B15AFFD48B1A7BEB643 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 15:59:07.0625 2464 VAIO Power Management - ok 15:59:07.0640 2464 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\WINDOWS\system32\lsass.exe 15:59:07.0648 2464 VaultSvc - ok 15:59:07.0664 2464 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 15:59:07.0671 2464 vdrvroot - ok 15:59:07.0732 2464 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\WINDOWS\System32\vds.exe 15:59:07.0780 2464 vds - ok 15:59:07.0794 2464 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 15:59:07.0808 2464 VerifierExt - ok 15:59:07.0833 2464 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 15:59:07.0858 2464 vhdmp - ok 15:59:07.0892 2464 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys 15:59:07.0908 2464 viaide - ok 15:59:07.0946 2464 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys 15:59:07.0974 2464 Vid - ok 15:59:08.0021 2464 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 15:59:08.0034 2464 vmbus - ok 15:59:08.0050 2464 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 15:59:08.0092 2464 VMBusHID - ok 15:59:08.0127 2464 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys 15:59:08.0143 2464 vmbusr - ok 15:59:08.0183 2464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 15:59:08.0222 2464 vmicheartbeat - ok 15:59:08.0229 2464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 15:59:08.0248 2464 vmickvpexchange - ok 15:59:08.0255 2464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 15:59:08.0265 2464 vmicrdv - ok 15:59:08.0270 2464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 15:59:08.0279 2464 vmicshutdown - ok 15:59:08.0285 2464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 15:59:08.0295 2464 vmictimesync - ok 15:59:08.0299 2464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 15:59:08.0308 2464 vmicvss - ok 15:59:08.0337 2464 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 15:59:08.0345 2464 volmgr - ok 15:59:08.0367 2464 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 15:59:08.0381 2464 volmgrx - ok 15:59:08.0397 2464 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 15:59:08.0409 2464 volsnap - ok 15:59:08.0448 2464 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys 15:59:08.0456 2464 vpci - ok 15:59:08.0474 2464 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys 15:59:08.0494 2464 vpcivsp - ok 15:59:08.0524 2464 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 15:59:08.0534 2464 vsmraid - ok 15:59:08.0590 2464 [ 8BE8C47D5B09F5550DCBF6FCD8832CCB ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe 15:59:08.0652 2464 VSNService - ok 15:59:08.0721 2464 [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS C:\WINDOWS\system32\vssvc.exe 15:59:08.0766 2464 VSS - ok 15:59:08.0801 2464 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 15:59:08.0814 2464 VSTXRAID - ok 15:59:08.0842 2464 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 15:59:08.0849 2464 vwifibus - ok 15:59:08.0858 2464 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 15:59:08.0867 2464 vwififlt - ok 15:59:08.0873 2464 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 15:59:08.0897 2464 vwifimp - ok 15:59:08.0925 2464 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll 15:59:08.0951 2464 W32Time - ok 15:59:09.0028 2464 [ 901CC968412F8155B08D7ABE0171166A ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll 15:59:09.0066 2464 W3SVC - ok 15:59:09.0088 2464 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 15:59:09.0100 2464 WacomPen - ok 15:59:09.0137 2464 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:59:09.0161 2464 Wanarp - ok 15:59:09.0164 2464 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:59:09.0172 2464 Wanarpv6 - ok 15:59:09.0201 2464 [ 901CC968412F8155B08D7ABE0171166A ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll 15:59:09.0212 2464 WAS - ok 15:59:09.0256 2464 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe 15:59:09.0306 2464 wbengine - ok 15:59:09.0342 2464 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 15:59:09.0354 2464 WbioSrvc - ok 15:59:09.0378 2464 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 15:59:09.0390 2464 Wcmsvc - ok 15:59:09.0431 2464 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 15:59:09.0464 2464 wcncsvc - ok 15:59:09.0477 2464 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 15:59:09.0491 2464 WcsPlugInService - ok 15:59:09.0524 2464 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys 15:59:09.0535 2464 Wd - ok 15:59:09.0555 2464 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 15:59:09.0567 2464 WdBoot - ok 15:59:09.0606 2464 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 15:59:09.0636 2464 Wdf01000 - ok 15:59:09.0658 2464 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 15:59:09.0670 2464 WdFilter - ok 15:59:09.0706 2464 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 15:59:09.0739 2464 WdiServiceHost - ok 15:59:09.0742 2464 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 15:59:09.0756 2464 WdiSystemHost - ok 15:59:09.0793 2464 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll 15:59:09.0806 2464 WebClient - ok 15:59:09.0821 2464 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 15:59:09.0847 2464 Wecsvc - ok 15:59:09.0875 2464 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 15:59:09.0893 2464 wercplsupport - ok 15:59:09.0906 2464 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 15:59:09.0942 2464 WerSvc - ok 15:59:09.0968 2464 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 15:59:09.0977 2464 WFPLWFS - ok 15:59:10.0043 2464 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 15:59:10.0072 2464 WiaRpc - ok 15:59:10.0105 2464 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 15:59:10.0112 2464 WIMMount - ok 15:59:10.0130 2464 WinDefend - ok 15:59:10.0183 2464 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 15:59:10.0227 2464 WinHttpAutoProxySvc - ok 15:59:10.0282 2464 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 15:59:10.0303 2464 Winmgmt - ok 15:59:10.0404 2464 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll 15:59:10.0481 2464 WinRM - ok 15:59:10.0505 2464 [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys 15:59:10.0554 2464 WinUsb - ok 15:59:10.0639 2464 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 15:59:10.0669 2464 WlanSvc - ok 15:59:10.0732 2464 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 15:59:10.0793 2464 wlidsvc - ok 15:59:10.0819 2464 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 15:59:10.0826 2464 WmiAcpi - ok 15:59:10.0866 2464 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 15:59:10.0898 2464 wmiApSrv - ok 15:59:10.0928 2464 WMPNetworkSvc - ok 15:59:10.0944 2464 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 15:59:10.0955 2464 wpcfltr - ok 15:59:11.0001 2464 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 15:59:11.0038 2464 WPCSvc - ok 15:59:11.0064 2464 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 15:59:11.0093 2464 WPDBusEnum - ok 15:59:11.0110 2464 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 15:59:11.0133 2464 WpdUpFltr - ok 15:59:11.0156 2464 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 15:59:11.0172 2464 ws2ifsl - ok 15:59:11.0210 2464 [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc C:\WINDOWS\System32\wscsvc.dll 15:59:11.0245 2464 wscsvc - ok 15:59:11.0253 2464 WSearch - ok 15:59:11.0345 2464 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\WINDOWS\System32\WSService.dll 15:59:11.0407 2464 WSService - ok 15:59:11.0528 2464 [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv C:\WINDOWS\system32\wuaueng.dll 15:59:11.0656 2464 wuauserv - ok 15:59:11.0692 2464 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 15:59:11.0723 2464 WudfPf - ok 15:59:11.0762 2464 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 15:59:11.0784 2464 WUDFRd - ok 15:59:11.0793 2464 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 15:59:11.0803 2464 WUDFSensorLP - ok 15:59:11.0851 2464 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 15:59:11.0906 2464 wudfsvc - ok 15:59:11.0923 2464 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 15:59:11.0949 2464 WUDFWpdFs - ok 15:59:11.0973 2464 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 15:59:11.0989 2464 WUDFWpdMtp - ok 15:59:12.0029 2464 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 15:59:12.0045 2464 WwanSvc - ok 15:59:12.0074 2464 [ D107AA09E4E233E1AAE126255D8A4057 ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys 15:59:12.0105 2464 xusb22 - ok 15:59:12.0201 2464 [ 6F610F00DC6B4489811EDCBC76D3EBA6 ] {73526619-C24F-470B-9BED-53D455FBB5C6} C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl 15:59:12.0222 2464 {73526619-C24F-470B-9BED-53D455FBB5C6} - ok 15:59:12.0247 2464 ================ Scan global =============================== 15:59:12.0269 2464 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll 15:59:12.0309 2464 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll 15:59:12.0329 2464 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll 15:59:12.0366 2464 [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe 15:59:12.0374 2464 [Global] - ok 15:59:12.0374 2464 ================ Scan MBR ================================== 15:59:12.0391 2464 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 15:59:12.0834 2464 \Device\Harddisk0\DR0 - ok 15:59:12.0842 2464 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 15:59:42.0582 2464 \Device\Harddisk1\DR1 - ok 15:59:42.0583 2464 ================ Scan VBR ================================== 15:59:42.0617 2464 [ 17F974DA838B74A783DD208A37EA09DA ] \Device\Harddisk0\DR0\Partition1 15:59:42.0618 2464 \Device\Harddisk0\DR0\Partition1 - ok 15:59:42.0625 2464 [ FE32D8096A6A3632C7C831DA0ACD2DCE ] \Device\Harddisk0\DR0\Partition2 15:59:42.0626 2464 \Device\Harddisk0\DR0\Partition2 - ok 15:59:42.0629 2464 [ 56CE50EA8D8F12F758931A7EA8AB873D ] \Device\Harddisk1\DR1\Partition1 15:59:42.0631 2464 \Device\Harddisk1\DR1\Partition1 - ok 15:59:42.0666 2464 [ 590C9FD51FDBB3DF40DF2C9D9A050482 ] \Device\Harddisk1\DR1\Partition2 15:59:42.0669 2464 \Device\Harddisk1\DR1\Partition2 - ok 15:59:42.0670 2464 ============================================================ 15:59:42.0670 2464 Scan finished 15:59:42.0670 2464 ============================================================ 15:59:42.0681 4908 Detected object count: 1 15:59:42.0682 4908 Actual detected object count: 1 16:00:06.0919 4908 risdsnpe ( UnsignedFile.Multi.Generic ) - skipped by user 16:00:06.0919 4908 risdsnpe ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:00:27.0134 3960 Deinitialize success Hei Marcusg, wie klappt das posten mit dem Code...? Gruß thxcpv |
|
14.06.2013, 19:06
| #6 |
| /// Malware-holic | wssetup.exe eingefangen hi auf code einfügen klicken. Scan mit Combofix
__________________ --> wssetup.exe eingefangen |
|
14.06.2013, 20:26
| #7 | ||
| | wssetup.exe eingefangenZitat:
Zitat:
Code:
ATTFilter ComboFix 13-06-13.01 - Claus 14.06.2013 20:56:24.1.8 - x64
Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.49.1031.18.8173.6173 [GMT 2:00]
ausgeführt von:: c:\users\Claus\Desktop\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Claus\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-14 bis 2013-06-14 ))))))))))))))))))))))))))))))
.
.
2013-06-14 10:11 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{32F0E675-5AF9-4DDC-9698-584CBF805233}\mpengine.dll
2013-06-14 08:40 . 2013-06-14 08:40 -------- d-----w- c:\program files\iPod
2013-06-14 08:40 . 2013-06-14 08:41 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 08:40 . 2013-06-14 08:41 -------- d-----w- c:\program files\iTunes
2013-06-14 08:40 . 2013-06-14 08:41 -------- d-----w- c:\program files (x86)\iTunes
2013-06-14 08:37 . 2013-06-14 08:37 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-14 08:37 . 2013-06-14 08:36 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-14 08:37 . 2013-06-14 08:36 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-14 08:37 . 2013-06-14 08:36 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-14 08:37 . 2013-06-14 08:36 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-06-14 08:36 . 2013-06-14 08:36 -------- d-----w- c:\program files (x86)\QuickTime
2013-06-13 12:09 . 2013-05-04 06:57 560640 ----a-w- c:\windows\system32\mfmp4srcsnk.dll
2013-06-12 13:52 . 2013-06-12 13:52 -------- d-----w- c:\users\Claus\AppData\Roaming\Avant Downloader
2013-06-12 13:52 . 2013-06-12 14:08 -------- d-----w- c:\users\Claus\AppData\Roaming\Avant Profiles
2013-06-12 13:52 . 2013-06-12 13:52 -------- d-----w- c:\program files (x86)\Avant Browser
2013-06-11 10:55 . 2013-06-11 10:55 264880 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10206.bin
2013-05-22 15:04 . 2013-04-09 04:49 210432 ----a-w- c:\windows\system32\iuilp.dll
2013-05-22 15:04 . 2013-04-08 21:51 155648 ----a-w- c:\windows\SysWow64\dmvdsitf.dll
2013-05-22 15:04 . 2013-04-09 02:34 95744 ----a-w- c:\windows\system32\drivers\hidbth.sys
2013-05-22 15:04 . 2013-04-09 05:20 86280 ----a-w- c:\windows\system32\kdnet.dll
2013-05-22 15:04 . 2013-04-08 21:52 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-22 15:04 . 2013-04-09 04:51 99840 ----a-w- c:\windows\system32\wscsvc.dll
2013-05-22 15:04 . 2013-04-08 21:51 214528 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2013-05-22 15:04 . 2013-04-09 02:31 83456 ----a-w- c:\windows\system32\drivers\wanarp.sys
2013-05-20 19:00 . 2013-05-20 19:00 5079256 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2013-05-20 19:00 . 2013-05-20 19:00 4843712 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2013-05-20 19:00 . 2013-05-20 19:00 25367232 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2013-05-20 18:34 . 2013-05-20 18:34 6795992 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2013-05-20 18:34 . 2013-05-20 18:34 6572736 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2013-05-20 18:33 . 2013-05-20 18:33 3001536 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1031\MSOINTL.DLL
2013-05-20 18:33 . 2013-05-20 18:33 35345600 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2013-05-16 20:19 . 2013-05-16 20:19 61042368 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2013-05-16 20:15 . 2013-05-16 20:15 61042368 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2013-05-16 07:33 . 2013-05-16 07:33 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-14 10:00 . 2013-01-04 20:30 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-06-13 14:46 . 2013-04-07 20:49 812240 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-06-13 12:13 . 2013-01-04 17:00 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-04 22:09 . 2012-07-26 08:14 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:09 . 2012-07-26 08:14 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-09 05:28 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:29 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2013-04-16 02:34 . 2013-05-15 07:26 1455368 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 05:56 . 2013-05-15 07:25 444416 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-11 06:40 . 2013-05-15 07:25 6987528 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-22 03:49 . 2013-05-15 07:25 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2013-03-21 22:47 . 2013-05-15 07:25 2851840 ----a-w- c:\windows\system32\esent.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-06-05 06:18 222832 ----a-w- c:\users\Claus\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-06-05 06:18 222832 ----a-w- c:\users\Claus\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-06-05 06:18 222832 ----a-w- c:\users\Claus\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-06-13 14:48 1725128 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-06-13 14:48 1725128 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-06-13 14:48 1725128 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024]
"SkyDrive"="c:\users\Claus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-06-05 257136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-05-02 500736]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-11-30 56128]
"PowerDVD12DMREngine"="c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2012-10-19 505872]
"PowerDVD12Agent"="c:\program files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2012-10-19 374560]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"Ulead AutoDetector v2"="c:\program files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-08-27 90112]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi5"=wdmaud.drv
.
R2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimssne64.sys;c:\windows\SYSNATIVE\DRIVERS\rimssne64.sys [x]
R2 risdsnpe;risdsnpe;c:\windows\system32\DRIVERS\risdsnxc64.sys;c:\windows\SYSNATIVE\DRIVERS\risdsnxc64.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 sthid;Splashtop Virtual Hid;c:\windows\System32\drivers\sthid.sys;c:\windows\SYSNATIVE\drivers\sthid.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/01/11 16:49];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 AtherosSvc;AtherosSvc;c:\windows\system32\AdminService.exe;c:\windows\SYSNATIVE\AdminService.exe [x]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 nvservice;NVIDIA GuardService;c:\windows\system32\nvservice.exe;c:\windows\SYSNATIVE\nvservice.exe [x]
S2 OfficeSvc;Microsoft Office-Dienst;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 Start8;Stardock Start8;c:\program files (x86)\Stardock\Start8\Start8Srv.exe;c:\program files (x86)\Stardock\Start8\Start8Srv.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 NWVoltron;NextWindow Voltron Touch Screen;c:\windows\System32\drivers\NWVoltron.sys;c:\windows\SYSNATIVE\drivers\NWVoltron.sys [x]
S3 NWWakeFilterV;NextWindow Remote Wake Blocker (V);c:\windows\System32\drivers\NWWakeFilterV.sys;c:\windows\SYSNATIVE\drivers\NWWakeFilterV.sys [x]
S3 rimssne;rimssne;c:\windows\System32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S3 risdxc;risdxc;c:\windows\System32\drivers\risdxc64.sys;c:\windows\SYSNATIVE\drivers\risdxc64.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 xusb22;Treiberdienst 22 für Xbox 360 Wireless Receiver;c:\windows\System32\drivers\xusb22.sys;c:\windows\SYSNATIVE\drivers\xusb22.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-06-05 06:18 261744 ----a-w- c:\users\Claus\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-06-05 06:18 261744 ----a-w- c:\users\Claus\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-06-05 06:18 261744 ----a-w- c:\users\Claus\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-03 11855976]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-03 2226280]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-10-09 765056]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-10-09 127616]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://de.search.yahoo.com/?fr=avantsearch6
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\users\Claus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Real Desktop.lnk - c:\program files (x86)\Real Desktop\rdesc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-06-14 21:02:26
ComboFix-quarantined-files.txt 2013-06-14 19:02
.
Vor Suchlauf: 17 Verzeichnis(se), 593.974.984.704 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 593.824.100.352 Bytes frei
.
- - End Of File - - D3BBFAAE591EADF784D9CD975AB66D1D
A36C5E4F47E84449FF07ED3517B43A31
|
|
14.06.2013, 20:30
| #8 |
| /// Malware-holic | wssetup.exe eingefangen Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.06.2013, 22:25
| #9 | ||
| | wssetup.exe eingefangenZitat:
hier noch einmal das logfile Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.14.07 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16599 Claus :: CLAUS-VAIO [Administrator] Schutz: Aktiviert 14.06.2013 21:49:09 mbam-log-2013-06-14 (21-49-09).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 560886 Laufzeit: 1 Stunde(n), 16 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Zitat:
heute morgen beim Start Win8 hat er wieder nach wssetup.exe gefragt ! Gruss thxcpv |
|
15.06.2013, 14:22
| #10 |
| /// Malware-holic | wssetup.exe eingefangen hatt ja keiner gesagt, dass wir durch sind. lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.06.2013, 17:08
| #11 | |
| | wssetup.exe eingefangenZitat:
Code:
ATTFilter Adobe AIR Adobe Systems Incorporated 20.01.2013 3.5.0.1060 benötigt Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 04.01.2013 2,95MB 10.3.181.26 benötigt Adobe Flash Player 10 Plugin Adobe Systems Incorporated 04.01.2013 2,92MB 10.3.181.26 benötigt Apple Application Support Apple Inc. 14.06.2013 64,7MB 2.3.4 benötigt Apple Mobile Device Support Apple Inc. 14.03.2013 25,2MB 6.1.0.13 benötigt Apple Software Update Apple Inc. 15.01.2013 2,38MB 2.1.3.127 benötigt ArcSoft Family Paint 3D ArcSoft 04.01.2013 92,1MB 1.0.4.206 benötigt ArcSoft Magic-i Visual Effects 2 ArcSoft 04.01.2013 83,1MB 2.0.149 benötigt ArcSoft WebCam Companion 4 ArcSoft 04.01.2013 189MB 4.0.21.485 benötigt ArcSoft WebCam Message Board ArcSoft 04.01.2013 68,0MB 1.1.84 benötigt Atheros WiFi Driver Installation Atheros 04.01.2013 3.0 benötigt Avant Browser (remove only) Avant Force 12.06.2013 12.5.0.0 nicht benötigt Bing Bar Microsoft Corporation 04.01.2013 24,4MB 7.0.610.0 nicht benötigt Bing Maps 3D Microsoft Corporation 04.01.2013 19,8MB 4.0.903.16005 nicht benötigt Bonjour Apple Inc. 15.01.2013 2,00MB 3.0.0.10 benötigt CCleaner Piriform 24.05.2013 4.02 benötigt CPUID HWMonitor 1.21 18.01.2013 2,41MB nicht benötigt CyberLink PowerDVD 12 CyberLink Corp. 11.01.2013 343MB 12.0.2219.57 benötigt Desktop Icon für Amazon 18.01.2013 1.0.1 (de) nicht benötigt Dolby Home Theater v4 Dolby Laboratories Inc 04.01.2013 2,32MB 7.2.7000.6 benötigt Driver Genius Driver-Soft Inc. 04.01.2013 13,2MB 12.0 nicht benötigt Evernote v. 4.4 Evernote Corp. 04.01.2013 141MB 4.4.0.4848 benötigt Intel(R) Management Engine Components Intel Corporation 05.01.2013 8.1.20.1337 benötigt Intel(R) Rapid Storage Technology Intel Corporation 05.01.2013 11.7.0.1013 benötigt iTunes Apple Inc. 14.06.2013 187MB 11.0.4.4 benötigt Landwirtschafts Simulator 2013 GIANTS Software 12.01.2013 1,43GB 1.0 nicht benötigt Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 14.06.2013 19,3MB 1.75.0.1300 nicht benötigt Microsoft .NET Framework 4 Client Profile 04.01.2013 unbekannt Microsoft .NET Framework 4 Client Profile DEU Language Pack 04.01.2013 unbekannt Microsoft .NET Framework 4 Extended 04.01.2013 unbekannt Microsoft .NET Framework 4 Extended DEU Language Pack 04.01.2013 unbekannt Microsoft Office 365 Home Premium - de-de Microsoft Corporation 13.06.2013 15.0.4505.1510 benötigt Microsoft Office Professional Plus 2013 Microsoft Corporation 14.01.2013 15.0.4420.1017 benötigt Microsoft Silverlight Microsoft Corporation 13.03.2013 50,6MB 5.1.20125.0 unbekannt Microsoft SkyDrive Microsoft Corporation 05.06.2013 26,6MB 17.0.2010.0530 benötigt Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 06.01.2013 4,84MB 8.0.59193 unbekannt Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 04.01.2013 788KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 06.01.2013 13,2MB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 04.01.2013 596KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 04.01.2013 590KB 9.0.30729.4148 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 06.01.2013 10,1MB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 05.01.2013 13,8MB 10.0.40219 unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 05.01.2013 11,1MB 10.0.40219 unbekannt Microsoft Xbox 360 Accessories 1.2 Microsoft 08.01.2013 7,82MB 1.20.146.0 benötigt Microsoft XNA Framework Redistributable 3.0 Microsoft Corporation 04.01.2013 7,61MB 3.0.11010.0 unbekannt MSXML 4.0 SP3 Parser Microsoft Corporation 04.01.2013 1,47MB 4.30.2100.0 unbekannt MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 04.01.2013 1,53MB 4.30.2114.0 unbekannt MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 08.01.2013 2,90MB 4.30.2117.0 unbekannt NetObjects Fusion 1&1 Edition 27.01.2013 11.0 German benötigt NextWindow DesktopTouch Driver Package NextWindow 04.01.2013 11,7MB 1.1.014 benötigt NVIDIA 3D Vision Treiber 310.90 NVIDIA Corporation 06.01.2013 310.90 benötigt NVIDIA 3D Vision Video Player NVIDIA Corporation 04.01.2013 7,33MB 1.6.9 benötigt NVIDIA Grafiktreiber 310.90 NVIDIA Corporation 06.01.2013 310.90 benötigt NVIDIA HD-Audiotreiber 1.3.18.0 NVIDIA Corporation 06.01.2013 1.3.18.0 benötigt NVIDIA PhysX-Systemsoftware 9.12.1031 NVIDIA Corporation 05.01.2013 9.12.1031 benötigt NVIDIA Update 1.11.3 NVIDIA Corporation 06.01.2013 1.11.3 benötigt PlayStation(R)Network Downloader Sony Computer Entertainment Inc. 04.01.2013 534KB 2.05.00710 benötigt PlayStation(R)Store Sony Computer Entertainment Inc. 04.01.2013 5,43MB 4.1.8.11883 benötigt Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros Communications 05.01.2013 91,0MB 8.0.0.212 benötigt Quick Web Access Sony Corporation 04.01.2013 334MB 1.4.6.10 unbekannt QuickTime Apple Inc. 14.06.2013 74,6MB 7.74.80.86 benötigt Realtek High Definition Audio Driver Realtek Semiconductor Corp. 04.01.2013 6.0.1.6383 benötigt Renesas Electronics USB 3.0 Host Controller Driver Renesas Electronics Corporation 04.01.2013 272KB 2.0.32.0 benötigt RICOH_Media_Driver_v2.24.18.01 RICOH 05.01.2013 2.24.18.01 benötigt Skype™ 6.3 Skype Technologies S.A. 16.05.2013 21,1MB 6.3.105 benötigt Start8 Stardock Corporation 21.01.2013 1.10 benötigt Ulead PhotoImpact 10 Ulead System 11.02.2013 10.0 nicht nötig Update Manager for SweetPacks 1.1 SweetIM Technologies Ltd. 18.01.2013 2,76MB 1.1.0008 unbekannt VAIO - Remote Play mit PlayStation®3 Sony Corporation 04.01.2013 1.1.0.15072 unbekannt VAIO - Remote-Tastatur Sony Corporation 04.01.2013 1.1.0.07060 unbekannt VAIO 3D Portal Sony Corporation 04.01.2013 1.1.0.06240 unbekannt VAIO Data Restore Tool Sony Corporation 04.01.2013 1.7.0.05270 unbekannt VAIO Easy Connect Sony Corporation 04.01.2013 1.0.0.03050 unbekannt VAIO Improvement Sony Corporation 04.01.2013 1.1.0.06030 unbekannt VAIO Improvement Validation Sony Corporation 04.01.2013 496KB 1.0.4.01190 unbekannt VAIO Smart Network Sony Corporation 04.01.2013 3.7.0.07150 unbekannt VAIO Touch Portal Sony Corporation 04.01.2013 1.1.0.06160 unbekannt VAIO Update Sony Corporation 07.03.2013 6.0.1.10150 unbekannt VAIO-Handbuch Sony Corporation 04.01.2013 1.4.0.05310 unbekannt VAIO-Support für Übertragungen Sony Corporation 04.01.2013 1.4.0.14230 unbekannt VAIOCareLearnContents 04.01.2013 unbekannt Windows-Treiberpaket - NextWindow (NWVoltron) HIDClass (08/24/2012 3.1.3.34) NextWindow 05.01.2013 08/24/2012 3.1.3.34 benötigt Windows-Treiberpaket - Ricoh Company MS Host Controller (07/20/2012 6.20.13.30) Ricoh Company 13.01.2013 07/20/2012 6.20.13.30 benötigt Windows-Treiberpaket - Ricoh Company SD Host Controller (07/10/2012 6.20.13.42) Ricoh Company 13.01.2013 07/10/2012 6.20.13.42 benötigt ZDFmediathek Version 2.1.6 ZDF 06.01.2013 nicht nötig |
|
15.06.2013, 17:52
| #12 |
| /// Malware-holic | wssetup.exe eingefangen deinstalire: Avant Bing CPUID Desktop Icon Driver Genius Landwirtschafts Malwarebytes Ulead Update Manager ZDFmediathek Öffne CCleaner, analysieren, starten, PC neustarten Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.06.2013, 12:12
| #14 |
| /// Malware-holic | wssetup.exe eingefangen steht doch da, mit adw cleaner
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.06.2013, 12:24
| #15 | |
| | wssetup.exe eingefangenZitat:
Hier das File Code:
ATTFilter # AdwCleaner v2.303 - Datei am 17/06/2013 um 13:18:52 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 8 Pro with Media Center (64 bits)
# Benutzer : Claus - CLAUS-VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Claus\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\XingHaoLyrics
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\Users\Claus\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Claus\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Claus\AppData\Roaming\DesktopIconForAmazon
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\5d0dbdfb36ee946
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[S1].txt - [2751 octets] - [17/06/2013 13:18:52]
########## EOF - C:\AdwCleaner[S1].txt - [2811 octets] ##########
|
|
| Themen zu wssetup.exe eingefangen |
| anhänge, anhängen, aufforderung, eingefangen, gefangen, gen, hochfahren, hänge, hängen, könntet, namens, programm, rechner, tagen, weiterhelfen, windows, wssetup.exe |
WARNUNG an die MITLESER: 
Linear-Darstellung
