|
Ukash Trojaner gefunden Hallo zusammen, habe folgendes Problem, ich habe heute morgen meinen Rechner wieder angemacht und er war schonmal sehr langsam, da dachte ich mir ja gut mal schauen warum. Kurz danach wurde mein Desktop gesperrt und es kam die Meldung ,mein Rechner wurde gesperrt. Das Ding ist nur das ist nicht der BKA oder Bundespolizei Trojaner sonder irgendwas englisch amerikanisches. Sieht aber so ähnlich aus. Zur zeit kann ich wieder auf meinen Desktop zugreifen, denn ich habe im Taskmanager die Prozesse schonmal gelöscht und den PC zurück gesetzt. Wie gehe ich jetzt am besten weiter vor? Mein System ist Windows 7 64bit. Danke schonmal! MfG Oemmel |
Hi finger weg von der Systemwiederherstellung bei Malware, dass kann zu Problemen führen Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code: activex
|
Ok scan wurde durchgeführt. Allerdings kam mitten im scan eine Meldung die mir in meiner Taskleiste mit einem gelben Dreieck und Ausrufezeichen angezeigt wurde: OTL: OTl.exe Datei beschädigt. Die Datei oder das Verzeichnis C:Windows\Prefetch\ReadyBoot\Trace4.fx beschädigt oder nicht lesbar. Bitte fürhen Sie CHKDSK aus. Log Extra.txt:OTL Logfile: Code: OTL Extras logfile created on: 11.01.2013 13:36:24 - Run 1Log OTL.txtOTL Logfile: Code: OTL logfile created on: 11.01.2013 13:36:24 - Run 1 |
hi dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user. wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code: :OTL• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden |
Ok erfolgreich durchgeführt. Nur nach jedem Neustart will Windows einen Datenträgerüberprüfung machen. Einmal schon ausgeführt, kommt aber immer wieder. Zusätzlich ist mir aufgefallen das ich eben kein USB stick verwenden kann. Soll immer erst formatieren aber wenn ich das machen will kommt die Fehlermeldung Windows kann den USB Stick nicht formatieren. Log: All processes killed ========== OTL ========== C:\ProgramData\dsgsdgdsgdsgw.pad moved successfully. C:\ProgramData\dsgsdgdsgdsgw.js moved successfully. C:\Users\A.Schattke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk moved successfully. C:\ProgramData\dsgsdgdsgdsgw.reg moved successfully. C:\ProgramData\dsgsdgdsgdsgw.bat moved successfully. ========== COMMANDS ========== [EMPTYFLASH] User: A.Schattke ->Flash cache emptied: 1620 bytes User: All Users User: Default User: Default User User: Public Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: A.Schattke ->Temp folder emptied: 193468214 bytes ->Temporary Internet Files folder emptied: 214352788 bytes ->Java cache emptied: 3058348 bytes ->FireFox cache emptied: 86864300 bytes ->Flash cache emptied: 0 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 289968431 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 751,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 01112013_160306 Files\Folders moved on Reboot... C:\Users\A.Schattke\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\windows\temp\TmpFile1 scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... |
Hi hast du noch n andern Stick, der den du verwendet hast, könnte evtl. kaputt sein. download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten |
Hier der log 16:54:05.0997 4360 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 16:54:06.0247 4360 ============================================================ 16:54:06.0247 4360 Current date / time: 2013/01/11 16:54:06.0247 16:54:06.0247 4360 SystemInfo: 16:54:06.0247 4360 16:54:06.0247 4360 OS Version: 6.1.7601 ServicePack: 1.0 16:54:06.0247 4360 Product type: Workstation 16:54:06.0247 4360 ComputerName: KONSTRUKTION-PC 16:54:06.0247 4360 UserName: A.Schattke 16:54:06.0247 4360 Windows directory: C:\windows 16:54:06.0247 4360 System windows directory: C:\windows 16:54:06.0247 4360 Running under WOW64 16:54:06.0247 4360 Processor architecture: Intel x64 16:54:06.0247 4360 Number of processors: 4 16:54:06.0247 4360 Page size: 0x1000 16:54:06.0247 4360 Boot type: Normal boot 16:54:06.0247 4360 ============================================================ 16:54:06.0730 4360 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x700FC, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040 16:54:06.0746 4360 ============================================================ 16:54:06.0746 4360 \Device\Harddisk0\DR0: 16:54:06.0746 4360 MBR partitions: 16:54:06.0746 4360 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 16:54:06.0746 4360 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x732D3800 16:54:06.0746 4360 ============================================================ 16:54:06.0886 4360 C: <-> \Device\Harddisk0\DR0\Partition2 16:54:06.0886 4360 ============================================================ 16:54:06.0886 4360 Initialize success 16:54:06.0886 4360 ============================================================ 16:54:56.0978 1320 ============================================================ 16:54:56.0978 1320 Scan started 16:54:56.0978 1320 Mode: Manual; SigCheck; TDLFS; 16:54:56.0978 1320 ============================================================ 16:54:57.0150 1320 ================ Scan system memory ======================== 16:54:57.0150 1320 System memory - ok 16:54:57.0150 1320 ================ Scan services ============================= 16:54:57.0290 1320 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys 16:54:57.0353 1320 1394ohci - ok 16:54:57.0368 1320 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys 16:54:57.0368 1320 ACPI - ok 16:54:57.0368 1320 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 16:54:57.0431 1320 AcpiPmi - ok 16:54:57.0493 1320 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:54:57.0524 1320 AdobeARMservice - ok 16:54:57.0618 1320 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:54:57.0633 1320 AdobeFlashPlayerUpdateSvc - ok 16:54:57.0649 1320 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys 16:54:57.0680 1320 adp94xx - ok 16:54:57.0727 1320 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys 16:54:57.0743 1320 adpahci - ok 16:54:57.0758 1320 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys 16:54:57.0774 1320 adpu320 - ok 16:54:57.0805 1320 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 16:54:57.0899 1320 AeLookupSvc - ok 16:54:57.0961 1320 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys 16:54:58.0023 1320 AFD - ok 16:54:58.0023 1320 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys 16:54:58.0039 1320 agp440 - ok 16:54:58.0086 1320 [ 44F360B65C37A42EB5B71C2E5179FDD5 ] aksdf C:\windows\system32\drivers\aksdf.sys 16:54:58.0133 1320 aksdf - ok 16:54:58.0148 1320 [ A56F1B0F967AEF8A82D7771E6D166DEF ] akshasp C:\windows\system32\DRIVERS\akshasp.sys 16:54:58.0179 1320 akshasp - ok 16:54:58.0211 1320 [ E444E6F621A3CDF0E3FF018293895061 ] aksusb C:\windows\system32\DRIVERS\aksusb.sys 16:54:58.0226 1320 aksusb - ok 16:54:58.0273 1320 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe 16:54:58.0304 1320 ALG - ok 16:54:58.0320 1320 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys 16:54:58.0335 1320 aliide - ok 16:54:58.0367 1320 [ 812349D328EB406815183A5D17B49E7C ] AMD External Events Utility C:\windows\system32\atiesrxx.exe 16:54:58.0429 1320 AMD External Events Utility - ok 16:54:58.0429 1320 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys 16:54:58.0445 1320 amdide - ok 16:54:58.0445 1320 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys 16:54:58.0476 1320 AmdK8 - ok 16:54:58.0632 1320 [ 0415FFE1B6A6EA141FEAFCA57567F57F ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys 16:54:58.0788 1320 amdkmdag - ok 16:54:58.0850 1320 [ DC24D6F38F17C0D643D9AA8A6852F8D0 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys 16:54:58.0897 1320 amdkmdap - ok 16:54:58.0913 1320 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys 16:54:58.0944 1320 AmdPPM - ok 16:54:58.0959 1320 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys 16:54:58.0975 1320 amdsata - ok 16:54:58.0975 1320 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys 16:54:58.0991 1320 amdsbs - ok 16:54:59.0006 1320 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys 16:54:59.0006 1320 amdxata - ok 16:54:59.0053 1320 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 16:54:59.0053 1320 AntiVirSchedulerService - ok 16:54:59.0084 1320 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 16:54:59.0100 1320 AntiVirService - ok 16:54:59.0115 1320 [ 255527AB98293EA390352A8C53B0042A ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE 16:54:59.0147 1320 AntiVirWebService - ok 16:54:59.0178 1320 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys 16:54:59.0256 1320 AppID - ok 16:54:59.0318 1320 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll 16:54:59.0381 1320 AppIDSvc - ok 16:54:59.0381 1320 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll 16:54:59.0427 1320 Appinfo - ok 16:54:59.0427 1320 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys 16:54:59.0443 1320 arc - ok 16:54:59.0459 1320 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys 16:54:59.0459 1320 arcsas - ok 16:54:59.0521 1320 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:54:59.0537 1320 aspnet_state - ok 16:54:59.0552 1320 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 16:54:59.0583 1320 AsyncMac - ok 16:54:59.0599 1320 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys 16:54:59.0599 1320 atapi - ok 16:54:59.0630 1320 [ 7D89B0C443F6068E5B27AA3B972069FF ] athr C:\windows\system32\DRIVERS\athrx.sys 16:54:59.0677 1320 athr - ok 16:54:59.0724 1320 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys 16:54:59.0755 1320 AtiHDAudioService - ok 16:54:59.0786 1320 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 16:54:59.0849 1320 AudioEndpointBuilder - ok 16:54:59.0849 1320 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll 16:54:59.0880 1320 AudioSrv - ok 16:54:59.0895 1320 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys 16:54:59.0895 1320 avgntflt - ok 16:54:59.0958 1320 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys 16:54:59.0973 1320 avipbb - ok 16:54:59.0989 1320 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys 16:55:00.0005 1320 avkmgr - ok 16:55:00.0020 1320 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll 16:55:00.0067 1320 AxInstSV - ok 16:55:00.0083 1320 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys 16:55:00.0098 1320 b06bdrv - ok 16:55:00.0114 1320 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys 16:55:00.0145 1320 b57nd60a - ok 16:55:00.0207 1320 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll 16:55:00.0239 1320 BDESVC - ok 16:55:00.0239 1320 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys 16:55:00.0270 1320 Beep - ok 16:55:00.0285 1320 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll 16:55:00.0332 1320 BFE - ok 16:55:00.0363 1320 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll 16:55:00.0410 1320 BITS - ok 16:55:00.0410 1320 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys 16:55:00.0441 1320 blbdrive - ok 16:55:00.0441 1320 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys 16:55:00.0457 1320 bowser - ok 16:55:00.0473 1320 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys 16:55:00.0488 1320 BrFiltLo - ok 16:55:00.0488 1320 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys 16:55:00.0488 1320 BrFiltUp - ok 16:55:00.0535 1320 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll 16:55:00.0551 1320 Browser - ok 16:55:00.0566 1320 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys 16:55:00.0613 1320 Brserid - ok 16:55:00.0629 1320 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 16:55:00.0660 1320 BrSerWdm - ok 16:55:00.0660 1320 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 16:55:00.0675 1320 BrUsbMdm - ok 16:55:00.0675 1320 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 16:55:00.0707 1320 BrUsbSer - ok 16:55:00.0753 1320 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 16:55:00.0769 1320 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning 16:55:00.0769 1320 BrYNSvc - detected UnsignedFile.Multi.Generic (1) 16:55:00.0769 1320 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys 16:55:00.0800 1320 BTHMODEM - ok 16:55:00.0831 1320 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll 16:55:00.0863 1320 bthserv - ok 16:55:00.0878 1320 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 16:55:00.0909 1320 cdfs - ok 16:55:00.0925 1320 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys 16:55:00.0941 1320 cdrom - ok 16:55:00.0941 1320 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll 16:55:00.0972 1320 CertPropSvc - ok 16:55:00.0972 1320 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys 16:55:00.0987 1320 circlass - ok 16:55:01.0019 1320 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys 16:55:01.0034 1320 CLFS - ok 16:55:01.0081 1320 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:55:01.0097 1320 clr_optimization_v2.0.50727_32 - ok 16:55:01.0128 1320 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:55:01.0143 1320 clr_optimization_v2.0.50727_64 - ok 16:55:01.0175 1320 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:55:01.0190 1320 clr_optimization_v4.0.30319_32 - ok 16:55:01.0190 1320 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:55:01.0206 1320 clr_optimization_v4.0.30319_64 - ok 16:55:01.0221 1320 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys 16:55:01.0237 1320 CmBatt - ok 16:55:01.0253 1320 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys 16:55:01.0253 1320 cmdide - ok 16:55:01.0299 1320 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys 16:55:01.0346 1320 CNG - ok 16:55:01.0346 1320 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys 16:55:01.0346 1320 Compbatt - ok 16:55:01.0346 1320 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys 16:55:01.0377 1320 CompositeBus - ok 16:55:01.0377 1320 COMSysApp - ok 16:55:01.0377 1320 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys 16:55:01.0393 1320 crcdisk - ok 16:55:01.0424 1320 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll 16:55:01.0455 1320 CryptSvc - ok 16:55:01.0471 1320 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll 16:55:01.0518 1320 DcomLaunch - ok 16:55:01.0549 1320 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll 16:55:01.0580 1320 defragsvc - ok 16:55:01.0596 1320 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys 16:55:01.0627 1320 DfsC - ok 16:55:01.0643 1320 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll 16:55:01.0658 1320 Dhcp - ok 16:55:01.0674 1320 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys 16:55:01.0705 1320 discache - ok 16:55:01.0705 1320 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys 16:55:01.0721 1320 Disk - ok 16:55:01.0736 1320 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll 16:55:01.0767 1320 Dnscache - ok 16:55:01.0783 1320 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll 16:55:01.0814 1320 dot3svc - ok 16:55:01.0814 1320 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll 16:55:01.0845 1320 DPS - ok 16:55:02.0001 1320 [ F4BEEE27ACAB429FB6FCAF8D29325A7D ] DraftSight API Service C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe 16:55:02.0017 1320 DraftSight API Service ( UnsignedFile.Multi.Generic ) - warning 16:55:02.0017 1320 DraftSight API Service - detected UnsignedFile.Multi.Generic (1) 16:55:02.0033 1320 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 16:55:02.0064 1320 drmkaud - ok 16:55:02.0095 1320 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 16:55:02.0126 1320 DXGKrnl - ok 16:55:02.0142 1320 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll 16:55:02.0189 1320 EapHost - ok 16:55:02.0235 1320 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys 16:55:02.0282 1320 ebdrv - ok 16:55:02.0313 1320 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe 16:55:02.0329 1320 EFS - ok 16:55:02.0391 1320 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe 16:55:02.0423 1320 ehRecvr - ok 16:55:02.0423 1320 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe 16:55:02.0454 1320 ehSched - ok 16:55:02.0469 1320 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys 16:55:02.0485 1320 elxstor - ok 16:55:02.0501 1320 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys 16:55:02.0532 1320 ErrDev - ok 16:55:02.0547 1320 [ D182C5A0D436C8FD8C08A5424A3448FA ] EtronHub3 C:\windows\System32\Drivers\EtronHub3.sys 16:55:02.0563 1320 EtronHub3 - ok 16:55:02.0563 1320 [ CAD747ACEB8E693B3D92613655602219 ] EtronXHCI C:\windows\System32\Drivers\EtronXHCI.sys 16:55:02.0594 1320 EtronXHCI - ok 16:55:02.0657 1320 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll 16:55:02.0703 1320 EventSystem - ok 16:55:02.0719 1320 ew_usbenumfilter - ok 16:55:02.0719 1320 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys 16:55:02.0750 1320 exfat - ok 16:55:02.0766 1320 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe 16:55:02.0797 1320 Fax - ok 16:55:02.0844 1320 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys 16:55:02.0875 1320 fdc - ok 16:55:02.0891 1320 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll 16:55:02.0937 1320 fdPHost - ok 16:55:02.0937 1320 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll 16:55:02.0969 1320 FDResPub - ok 16:55:02.0984 1320 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 16:55:03.0000 1320 FileInfo - ok 16:55:03.0000 1320 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys 16:55:03.0031 1320 Filetrace - ok 16:55:03.0047 1320 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys 16:55:03.0047 1320 flpydisk - ok 16:55:03.0062 1320 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 16:55:03.0078 1320 FltMgr - ok 16:55:03.0140 1320 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll 16:55:03.0187 1320 FontCache - ok 16:55:03.0218 1320 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:55:03.0234 1320 FontCache3.0.0.0 - ok 16:55:03.0249 1320 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys 16:55:03.0265 1320 FsDepends - ok 16:55:03.0281 1320 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys 16:55:03.0296 1320 fssfltr - ok 16:55:03.0359 1320 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 16:55:03.0405 1320 fsssvc - ok 16:55:03.0437 1320 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 16:55:03.0452 1320 Fs_Rec - ok 16:55:03.0468 1320 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 16:55:03.0499 1320 fvevol - ok 16:55:03.0515 1320 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys 16:55:03.0530 1320 gagp30kx - ok 16:55:03.0561 1320 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll 16:55:03.0593 1320 gpsvc - ok 16:55:03.0624 1320 [ D619BA1712B83D14149850E758B835AD ] hardlock C:\windows\system32\drivers\hardlock.sys 16:55:03.0671 1320 hardlock - ok 16:55:03.0671 1320 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys 16:55:03.0686 1320 hcw85cir - ok 16:55:03.0702 1320 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 16:55:03.0717 1320 HdAudAddService - ok 16:55:03.0733 1320 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys 16:55:03.0733 1320 HDAudBus - ok 16:55:03.0733 1320 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys 16:55:03.0749 1320 HidBatt - ok 16:55:03.0764 1320 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys 16:55:03.0780 1320 HidBth - ok 16:55:03.0795 1320 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys 16:55:03.0795 1320 HidIr - ok 16:55:03.0811 1320 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll 16:55:03.0873 1320 hidserv - ok 16:55:03.0873 1320 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys 16:55:03.0889 1320 HidUsb - ok 16:55:03.0920 1320 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll 16:55:03.0951 1320 hkmsvc - ok 16:55:03.0967 1320 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll 16:55:03.0983 1320 HomeGroupListener - ok 16:55:03.0998 1320 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll 16:55:04.0014 1320 HomeGroupProvider - ok 16:55:04.0029 1320 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys 16:55:04.0029 1320 HpSAMD - ok 16:55:04.0045 1320 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys 16:55:04.0092 1320 HTTP - ok 16:55:04.0092 1320 huawei_cdcacm - ok 16:55:04.0092 1320 huawei_enumerator - ok 16:55:04.0107 1320 huawei_ext_ctrl - ok 16:55:04.0107 1320 huawei_wwanecm - ok 16:55:04.0107 1320 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys 16:55:04.0123 1320 hwpolicy - ok 16:55:04.0123 1320 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys 16:55:04.0139 1320 i8042prt - ok 16:55:04.0139 1320 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\windows\system32\drivers\iaStor.sys 16:55:04.0154 1320 iaStor - ok 16:55:04.0170 1320 [ DB81EDC524A0F07FC2BD0B7415676528 ] iaStorA C:\windows\system32\drivers\iaStorA.sys 16:55:04.0185 1320 iaStorA - ok 16:55:04.0232 1320 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 16:55:04.0232 1320 IAStorDataMgrSvc - ok 16:55:04.0248 1320 [ 4621FAE7D3C969A1E84A2790D88FCCDE ] iaStorF C:\windows\system32\drivers\iaStorF.sys 16:55:04.0263 1320 iaStorF - ok 16:55:04.0279 1320 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys 16:55:04.0295 1320 iaStorV - ok 16:55:04.0341 1320 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:55:04.0388 1320 idsvc - ok 16:55:04.0404 1320 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys 16:55:04.0419 1320 iirsp - ok 16:55:04.0451 1320 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll 16:55:04.0513 1320 IKEEXT - ok 16:55:04.0560 1320 [ 150AC23F21DBDBF8488408BA944B0D65 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys 16:55:04.0622 1320 IntcAzAudAddService - ok 16:55:04.0622 1320 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys 16:55:04.0638 1320 intelide - ok 16:55:04.0638 1320 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 16:55:04.0653 1320 intelppm - ok 16:55:04.0669 1320 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll 16:55:04.0716 1320 IPBusEnum - ok 16:55:04.0716 1320 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 16:55:04.0731 1320 IpFilterDriver - ok 16:55:04.0763 1320 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll 16:55:04.0809 1320 iphlpsvc - ok 16:55:04.0809 1320 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys 16:55:04.0825 1320 IPMIDRV - ok 16:55:04.0825 1320 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys 16:55:04.0872 1320 IPNAT - ok 16:55:04.0872 1320 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys 16:55:04.0887 1320 IRENUM - ok 16:55:04.0903 1320 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys 16:55:04.0919 1320 isapnp - ok 16:55:04.0919 1320 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys 16:55:04.0934 1320 iScsiPrt - ok 16:55:04.0934 1320 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys 16:55:04.0950 1320 kbdclass - ok 16:55:04.0950 1320 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys 16:55:04.0965 1320 kbdhid - ok 16:55:04.0981 1320 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe 16:55:04.0981 1320 KeyIso - ok 16:55:05.0012 1320 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 16:55:05.0043 1320 KSecDD - ok 16:55:05.0059 1320 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys 16:55:05.0075 1320 KSecPkg - ok 16:55:05.0090 1320 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys 16:55:05.0137 1320 ksthunk - ok 16:55:05.0153 1320 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll 16:55:05.0199 1320 KtmRm - ok 16:55:05.0215 1320 [ 173666119D217E3739205C169E2BF0E5 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys 16:55:05.0215 1320 L1C - ok 16:55:05.0246 1320 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll 16:55:05.0277 1320 LanmanServer - ok 16:55:05.0293 1320 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll 16:55:05.0340 1320 LanmanWorkstation - ok 16:55:05.0340 1320 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 16:55:05.0371 1320 lltdio - ok 16:55:05.0387 1320 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll 16:55:05.0418 1320 lltdsvc - ok 16:55:05.0433 1320 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll 16:55:05.0465 1320 lmhosts - ok 16:55:05.0496 1320 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys 16:55:05.0496 1320 LSI_FC - ok 16:55:05.0511 1320 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys 16:55:05.0511 1320 LSI_SAS - ok 16:55:05.0527 1320 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys 16:55:05.0527 1320 LSI_SAS2 - ok 16:55:05.0543 1320 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys 16:55:05.0543 1320 LSI_SCSI - ok 16:55:05.0543 1320 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys 16:55:05.0574 1320 luafv - ok 16:55:05.0605 1320 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll 16:55:05.0621 1320 Mcx2Svc - ok 16:55:05.0621 1320 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys 16:55:05.0636 1320 megasas - ok 16:55:05.0636 1320 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys 16:55:05.0652 1320 MegaSR - ok 16:55:05.0808 1320 Microsoft SharePoint Workspace Audit Service - ok 16:55:05.0839 1320 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll 16:55:05.0886 1320 MMCSS - ok 16:55:05.0901 1320 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys 16:55:05.0933 1320 Modem - ok 16:55:05.0933 1320 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys 16:55:05.0948 1320 monitor - ok 16:55:05.0948 1320 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys 16:55:05.0964 1320 mouclass - ok 16:55:05.0964 1320 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys 16:55:05.0979 1320 mouhid - ok 16:55:05.0979 1320 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys 16:55:05.0995 1320 mountmgr - ok 16:55:06.0026 1320 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:55:06.0042 1320 MozillaMaintenance - ok 16:55:06.0073 1320 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys 16:55:06.0104 1320 mpio - ok 16:55:06.0104 1320 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 16:55:06.0135 1320 mpsdrv - ok 16:55:06.0167 1320 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll 16:55:06.0213 1320 MpsSvc - ok 16:55:06.0213 1320 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 16:55:06.0229 1320 MRxDAV - ok 16:55:06.0229 1320 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 16:55:06.0260 1320 mrxsmb - ok 16:55:06.0276 1320 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 16:55:06.0291 1320 mrxsmb10 - ok 16:55:06.0338 1320 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 16:55:06.0354 1320 mrxsmb20 - ok 16:55:06.0369 1320 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys 16:55:06.0385 1320 msahci - ok 16:55:06.0385 1320 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys 16:55:06.0401 1320 msdsm - ok 16:55:06.0416 1320 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe 16:55:06.0447 1320 MSDTC - ok 16:55:06.0447 1320 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys 16:55:06.0494 1320 Msfs - ok 16:55:06.0494 1320 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys 16:55:06.0525 1320 mshidkmdf - ok 16:55:06.0541 1320 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys 16:55:06.0557 1320 msisadrv - ok 16:55:06.0603 1320 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll 16:55:06.0650 1320 MSiSCSI - ok 16:55:06.0650 1320 msiserver - ok 16:55:06.0650 1320 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 16:55:06.0681 1320 MSKSSRV - ok 16:55:06.0681 1320 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 16:55:06.0728 1320 MSPCLOCK - ok 16:55:06.0728 1320 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys 16:55:06.0744 1320 MSPQM - ok 16:55:06.0759 1320 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys 16:55:06.0775 1320 MsRPC - ok 16:55:06.0822 1320 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys 16:55:06.0837 1320 mssmbios - ok 16:55:06.0931 1320 MSSQL$EULANDA - ok 16:55:07.0009 1320 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 16:55:07.0025 1320 MSSQLServerADHelper100 - ok 16:55:07.0040 1320 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys 16:55:07.0087 1320 MSTEE - ok 16:55:07.0103 1320 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys 16:55:07.0103 1320 MTConfig - ok 16:55:07.0134 1320 [ EA42B8682687C77E25F0023691D86D42 ] multikey C:\windows\system32\DRIVERS\multikey.sys 16:55:07.0149 1320 multikey - ok 16:55:07.0181 1320 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys 16:55:07.0181 1320 Mup - ok 16:55:07.0243 1320 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll 16:55:07.0305 1320 napagent - ok 16:55:07.0321 1320 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 16:55:07.0337 1320 NativeWifiP - ok 16:55:07.0383 1320 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys 16:55:07.0399 1320 NDIS - ok 16:55:07.0446 1320 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys 16:55:07.0493 1320 NdisCap - ok 16:55:07.0508 1320 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 16:55:07.0524 1320 NdisTapi - ok 16:55:07.0524 1320 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 16:55:07.0555 1320 Ndisuio - ok 16:55:07.0571 1320 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 16:55:07.0602 1320 NdisWan - ok 16:55:07.0602 1320 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys 16:55:07.0633 1320 NDProxy - ok 16:55:07.0680 1320 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 16:55:07.0727 1320 NetBIOS - ok 16:55:07.0727 1320 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys 16:55:07.0758 1320 NetBT - ok 16:55:07.0773 1320 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe 16:55:07.0773 1320 Netlogon - ok 16:55:07.0805 1320 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll 16:55:07.0836 1320 Netman - ok 16:55:07.0851 1320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:55:07.0867 1320 NetMsmqActivator - ok 16:55:07.0867 1320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:55:07.0867 1320 NetPipeActivator - ok 16:55:07.0883 1320 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll 16:55:07.0914 1320 netprofm - ok 16:55:07.0914 1320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:55:07.0929 1320 NetTcpActivator - ok 16:55:07.0929 1320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:55:07.0929 1320 NetTcpPortSharing - ok 16:55:07.0945 1320 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys 16:55:07.0961 1320 nfrd960 - ok 16:55:07.0992 1320 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll 16:55:08.0007 1320 NlaSvc - ok 16:55:08.0023 1320 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys 16:55:08.0039 1320 Npfs - ok 16:55:08.0054 1320 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll 16:55:08.0085 1320 nsi - ok 16:55:08.0085 1320 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 16:55:08.0117 1320 nsiproxy - ok 16:55:08.0179 1320 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys 16:55:08.0241 1320 Ntfs - ok 16:55:08.0273 1320 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys 16:55:08.0288 1320 Null - ok 16:55:08.0304 1320 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys 16:55:08.0304 1320 nvraid - ok 16:55:08.0319 1320 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys 16:55:08.0319 1320 nvstor - ok 16:55:08.0335 1320 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys 16:55:08.0335 1320 nv_agp - ok 16:55:08.0351 1320 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys 16:55:08.0366 1320 ohci1394 - ok 16:55:08.0413 1320 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:55:08.0444 1320 ose - ok 16:55:08.0553 1320 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 16:55:08.0631 1320 osppsvc - ok 16:55:08.0647 1320 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll 16:55:08.0678 1320 p2pimsvc - ok 16:55:08.0678 1320 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll 16:55:08.0694 1320 p2psvc - ok 16:55:08.0725 1320 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys 16:55:08.0741 1320 Parport - ok 16:55:08.0756 1320 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys 16:55:08.0803 1320 partmgr - ok 16:55:08.0834 1320 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll 16:55:08.0881 1320 PcaSvc - ok 16:55:08.0881 1320 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys 16:55:08.0881 1320 pci - ok 16:55:08.0897 1320 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys 16:55:08.0897 1320 pciide - ok 16:55:08.0928 1320 [ 28C9AF2398DA99BCCD647A44F838949B ] PciPPorts C:\windows\system32\DRIVERS\PciPPorts.sys 16:55:08.0959 1320 PciPPorts - ok 16:55:08.0990 1320 [ 443BCB6D87ACE6F3FCDC65B299DD3EB7 ] PciSPorts C:\windows\system32\DRIVERS\PciSPorts.sys 16:55:09.0037 1320 PciSPorts - ok 16:55:09.0053 1320 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys 16:55:09.0084 1320 pcmcia - ok 16:55:09.0084 1320 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys 16:55:09.0099 1320 pcw - ok 16:55:09.0177 1320 [ 98655F862BB07CFB1CCC9262DA621AE1 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe 16:55:09.0224 1320 PDF Architect Helper Service - ok 16:55:09.0287 1320 [ 73406F96E946F2B38615375269EF286F ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe 16:55:09.0318 1320 PDF Architect Service - ok 16:55:09.0489 1320 [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe 16:55:09.0521 1320 PDFProFiltSrvPP - ok 16:55:09.0552 1320 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys 16:55:09.0614 1320 PEAUTH - ok 16:55:09.0645 1320 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe 16:55:09.0677 1320 PerfHost - ok 16:55:09.0708 1320 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll 16:55:09.0755 1320 pla - ok 16:55:09.0786 1320 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll 16:55:09.0817 1320 PlugPlay - ok 16:55:09.0817 1320 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll 16:55:09.0848 1320 PNRPAutoReg - ok 16:55:09.0848 1320 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll 16:55:09.0879 1320 PNRPsvc - ok 16:55:09.0911 1320 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 16:55:09.0973 1320 PolicyAgent - ok 16:55:09.0973 1320 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll 16:55:10.0004 1320 Power - ok 16:55:10.0035 1320 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 16:55:10.0067 1320 PptpMiniport - ok 16:55:10.0082 1320 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys 16:55:10.0098 1320 Processor - ok 16:55:10.0129 1320 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll 16:55:10.0160 1320 ProfSvc - ok 16:55:10.0176 1320 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe 16:55:10.0176 1320 ProtectedStorage - ok 16:55:10.0238 1320 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys 16:55:10.0285 1320 Psched - ok 16:55:10.0363 1320 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys 16:55:10.0410 1320 ql2300 - ok 16:55:10.0425 1320 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys 16:55:10.0441 1320 ql40xx - ok 16:55:10.0519 1320 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll 16:55:10.0550 1320 QWAVE - ok 16:55:10.0566 1320 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 16:55:10.0581 1320 QWAVEdrv - ok 16:55:10.0597 1320 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 16:55:10.0613 1320 RasAcd - ok 16:55:10.0628 1320 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys 16:55:10.0644 1320 RasAgileVpn - ok 16:55:10.0659 1320 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll 16:55:10.0691 1320 RasAuto - ok 16:55:10.0706 1320 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 16:55:10.0737 1320 Rasl2tp - ok 16:55:10.0753 1320 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll 16:55:10.0784 1320 RasMan - ok 16:55:10.0800 1320 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 16:55:10.0831 1320 RasPppoe - ok 16:55:10.0831 1320 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 16:55:10.0862 1320 RasSstp - ok 16:55:10.0878 1320 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 16:55:10.0909 1320 rdbss - ok 16:55:10.0909 1320 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys 16:55:10.0925 1320 rdpbus - ok 16:55:10.0940 1320 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 16:55:10.0956 1320 RDPCDD - ok 16:55:10.0956 1320 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 16:55:11.0003 1320 RDPENCDD - ok 16:55:11.0003 1320 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys 16:55:11.0018 1320 RDPREFMP - ok 16:55:11.0065 1320 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys 16:55:11.0081 1320 RDPWD - ok 16:55:11.0112 1320 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys 16:55:11.0143 1320 rdyboost - ok 16:55:11.0205 1320 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll 16:55:11.0237 1320 RemoteAccess - ok 16:55:11.0268 1320 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll 16:55:11.0299 1320 RemoteRegistry - ok 16:55:11.0315 1320 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll 16:55:11.0346 1320 RpcEptMapper - ok 16:55:11.0361 1320 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe 16:55:11.0377 1320 RpcLocator - ok 16:55:11.0393 1320 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll 16:55:11.0424 1320 RpcSs - ok 16:55:11.0471 1320 [ C606C5F712A3761896CEFFA4AF6B1268 ] RsFx0151 C:\windows\system32\DRIVERS\RsFx0151.sys 16:55:11.0486 1320 RsFx0151 - ok 16:55:11.0502 1320 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 16:55:11.0549 1320 rspndr - ok 16:55:11.0564 1320 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe 16:55:11.0564 1320 SamSs - ok 16:55:11.0564 1320 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys 16:55:11.0580 1320 sbp2port - ok 16:55:11.0595 1320 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll 16:55:11.0627 1320 SCardSvr - ok 16:55:11.0627 1320 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys 16:55:11.0658 1320 scfilter - ok 16:55:11.0689 1320 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll 16:55:11.0736 1320 Schedule - ok 16:55:11.0751 1320 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll 16:55:11.0767 1320 SCPolicySvc - ok 16:55:11.0783 1320 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll 16:55:11.0814 1320 SDRSVC - ok 16:55:11.0876 1320 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\A.Schattke\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe 16:55:11.0907 1320 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning 16:55:11.0907 1320 SearchAnonymizer - detected UnsignedFile.Multi.Generic (1) 16:55:11.0907 1320 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys 16:55:11.0970 1320 secdrv - ok 16:55:11.0985 1320 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll 16:55:12.0032 1320 seclogon - ok 16:55:12.0048 1320 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll 16:55:12.0079 1320 SENS - ok 16:55:12.0079 1320 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll 16:55:12.0095 1320 SensrSvc - ok 16:55:12.0126 1320 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys 16:55:12.0141 1320 Serenum - ok 16:55:12.0141 1320 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys 16:55:12.0173 1320 Serial - ok 16:55:12.0173 1320 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys 16:55:12.0204 1320 sermouse - ok 16:55:12.0204 1320 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll 16:55:12.0235 1320 SessionEnv - ok 16:55:12.0251 1320 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys 16:55:12.0251 1320 sffdisk - ok 16:55:12.0251 1320 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 16:55:12.0266 1320 sffp_mmc - ok 16:55:12.0266 1320 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 16:55:12.0282 1320 sffp_sd - ok 16:55:12.0282 1320 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys 16:55:12.0297 1320 sfloppy - ok 16:55:12.0360 1320 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll 16:55:12.0407 1320 SharedAccess - ok 16:55:12.0453 1320 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll 16:55:12.0516 1320 ShellHWDetection - ok 16:55:12.0516 1320 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys 16:55:12.0531 1320 SiSRaid2 - ok 16:55:12.0531 1320 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys 16:55:12.0547 1320 SiSRaid4 - ok 16:55:12.0547 1320 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys 16:55:12.0578 1320 Smb - ok 16:55:12.0594 1320 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe 16:55:12.0609 1320 SNMPTRAP - ok 16:55:12.0609 1320 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys 16:55:12.0609 1320 spldr - ok 16:55:12.0641 1320 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe 16:55:12.0656 1320 Spooler - ok 16:55:12.0703 1320 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe 16:55:12.0781 1320 sppsvc - ok 16:55:12.0828 1320 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll 16:55:12.0875 1320 sppuinotify - ok 16:55:12.0968 1320 [ 3420E0482AD95120B471B7328A8D7D08 ] SQLAgent$EULANDA C:\Program Files\Microsoft SQL Server\MSSQL10_50.EULANDA\MSSQL\Binn\SQLAGENT.EXE 16:55:12.0984 1320 SQLAgent$EULANDA - ok 16:55:13.0031 1320 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 16:55:13.0062 1320 SQLBrowser - ok 16:55:13.0093 1320 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 16:55:13.0109 1320 SQLWriter - ok 16:55:13.0124 1320 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys 16:55:13.0171 1320 srv - ok 16:55:13.0187 1320 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys 16:55:13.0202 1320 srv2 - ok 16:55:13.0218 1320 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 16:55:13.0233 1320 srvnet - ok 16:55:13.0296 1320 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 16:55:13.0343 1320 SSDPSRV - ok 16:55:13.0343 1320 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll 16:55:13.0374 1320 SstpSvc - ok 16:55:13.0374 1320 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys 16:55:13.0374 1320 stexstor - ok 16:55:13.0405 1320 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys 16:55:13.0436 1320 StillCam - ok 16:55:13.0452 1320 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll 16:55:13.0467 1320 stisvc - ok 16:55:13.0467 1320 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys 16:55:13.0483 1320 swenum - ok 16:55:13.0499 1320 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll 16:55:13.0530 1320 swprv - ok 16:55:13.0561 1320 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll 16:55:13.0592 1320 SysMain - ok 16:55:13.0592 1320 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll 16:55:13.0608 1320 TabletInputService - ok 16:55:13.0608 1320 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll 16:55:13.0655 1320 TapiSrv - ok 16:55:13.0655 1320 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll 16:55:13.0686 1320 TBS - ok 16:55:13.0733 1320 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys 16:55:13.0764 1320 Tcpip - ok 16:55:13.0779 1320 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys 16:55:13.0811 1320 TCPIP6 - ok 16:55:13.0826 1320 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 16:55:13.0842 1320 tcpipreg - ok 16:55:13.0889 1320 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 16:55:13.0904 1320 TDPIPE - ok 16:55:13.0951 1320 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 16:55:13.0967 1320 TDTCP - ok 16:55:13.0967 1320 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys 16:55:13.0998 1320 tdx - ok 16:55:14.0013 1320 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys 16:55:14.0013 1320 TermDD - ok 16:55:14.0045 1320 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll 16:55:14.0076 1320 TermService - ok 16:55:14.0076 1320 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll 16:55:14.0091 1320 Themes - ok 16:55:14.0123 1320 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll 16:55:14.0138 1320 THREADORDER - ok 16:55:14.0154 1320 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll 16:55:14.0185 1320 TrkWks - ok 16:55:14.0216 1320 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 16:55:14.0247 1320 TrustedInstaller - ok 16:55:14.0247 1320 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 16:55:14.0279 1320 tssecsrv - ok 16:55:14.0294 1320 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys 16:55:14.0310 1320 TsUsbFlt - ok 16:55:14.0310 1320 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys 16:55:14.0325 1320 TsUsbGD - ok 16:55:14.0325 1320 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 16:55:14.0357 1320 tunnel - ok 16:55:14.0357 1320 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys 16:55:14.0372 1320 uagp35 - ok 16:55:14.0388 1320 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys 16:55:14.0419 1320 udfs - ok 16:55:14.0435 1320 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe 16:55:14.0450 1320 UI0Detect - ok 16:55:14.0450 1320 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 16:55:14.0466 1320 uliagpkx - ok 16:55:14.0466 1320 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys 16:55:14.0497 1320 umbus - ok 16:55:14.0497 1320 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys 16:55:14.0513 1320 UmPass - ok 16:55:14.0513 1320 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll 16:55:14.0559 1320 upnphost - ok 16:55:14.0575 1320 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 16:55:14.0606 1320 usbccgp - ok 16:55:14.0606 1320 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys 16:55:14.0622 1320 usbcir - ok 16:55:14.0622 1320 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys 16:55:14.0637 1320 usbehci - ok 16:55:14.0653 1320 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\drivers\usbhub.sys 16:55:14.0669 1320 usbhub - ok 16:55:14.0669 1320 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys 16:55:14.0684 1320 usbohci - ok 16:55:14.0684 1320 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys 16:55:14.0700 1320 usbprint - ok 16:55:14.0731 1320 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 16:55:14.0747 1320 USBSTOR - ok 16:55:14.0747 1320 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys 16:55:14.0762 1320 usbuhci - ok 16:55:14.0778 1320 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll 16:55:14.0825 1320 UxSms - ok 16:55:14.0825 1320 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe 16:55:14.0840 1320 VaultSvc - ok 16:55:14.0840 1320 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys 16:55:14.0840 1320 vdrvroot - ok 16:55:14.0856 1320 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe 16:55:14.0887 1320 vds - ok 16:55:14.0887 1320 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys 16:55:14.0903 1320 vga - ok 16:55:14.0903 1320 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys 16:55:14.0934 1320 VgaSave - ok 16:55:14.0949 1320 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys 16:55:14.0965 1320 vhdmp - ok 16:55:14.0981 1320 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys 16:55:14.0981 1320 viaide - ok 16:55:14.0996 1320 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys 16:55:14.0996 1320 volmgr - ok 16:55:15.0012 1320 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys 16:55:15.0027 1320 volmgrx - ok 16:55:15.0027 1320 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys 16:55:15.0043 1320 volsnap - ok 16:55:15.0043 1320 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys 16:55:15.0059 1320 vsmraid - ok 16:55:15.0074 1320 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe 16:55:15.0121 1320 VSS - ok 16:55:15.0137 1320 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys 16:55:15.0152 1320 vwifibus - ok 16:55:15.0168 1320 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys 16:55:15.0183 1320 vwififlt - ok 16:55:15.0199 1320 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll 16:55:15.0230 1320 W32Time - ok 16:55:15.0246 1320 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys 16:55:15.0246 1320 WacomPen - ok 16:55:15.0261 1320 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys 16:55:15.0293 1320 WANARP - ok 16:55:15.0308 1320 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 16:55:15.0324 1320 Wanarpv6 - ok 16:55:15.0355 1320 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe 16:55:15.0386 1320 wbengine - ok 16:55:15.0402 1320 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll 16:55:15.0417 1320 WbioSrvc - ok 16:55:15.0433 1320 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll 16:55:15.0449 1320 wcncsvc - ok 16:55:15.0449 1320 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 16:55:15.0464 1320 WcsPlugInService - ok 16:55:15.0495 1320 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys 16:55:15.0495 1320 Wd - ok 16:55:15.0542 1320 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 16:55:15.0589 1320 Wdf01000 - ok 16:55:15.0605 1320 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll 16:55:15.0636 1320 WdiServiceHost - ok 16:55:15.0636 1320 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll 16:55:15.0651 1320 WdiSystemHost - ok 16:55:15.0667 1320 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll 16:55:15.0683 1320 WebClient - ok 16:55:15.0698 1320 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll 16:55:15.0729 1320 Wecsvc - ok 16:55:15.0729 1320 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll 16:55:15.0761 1320 wercplsupport - ok 16:55:15.0776 1320 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll 16:55:15.0807 1320 WerSvc - ok 16:55:15.0807 1320 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys 16:55:15.0839 1320 WfpLwf - ok 16:55:15.0839 1320 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys 16:55:15.0839 1320 WIMMount - ok 16:55:15.0854 1320 WinDefend - ok 16:55:15.0854 1320 WinHttpAutoProxySvc - ok 16:55:15.0901 1320 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 16:55:15.0948 1320 Winmgmt - ok 16:55:15.0979 1320 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll 16:55:16.0026 1320 WinRM - ok 16:55:16.0041 1320 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll 16:55:16.0073 1320 Wlansvc - ok 16:55:16.0119 1320 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 16:55:16.0119 1320 wlcrasvc - ok 16:55:16.0182 1320 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:55:16.0244 1320 wlidsvc - ok 16:55:16.0260 1320 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys 16:55:16.0275 1320 WmiAcpi - ok 16:55:16.0291 1320 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 16:55:16.0338 1320 wmiApSrv - ok 16:55:16.0353 1320 WMPNetworkSvc - ok 16:55:16.0369 1320 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll 16:55:16.0385 1320 WPCSvc - ok 16:55:16.0385 1320 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 16:55:16.0416 1320 WPDBusEnum - ok 16:55:16.0416 1320 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 16:55:16.0463 1320 ws2ifsl - ok 16:55:16.0509 1320 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll 16:55:16.0541 1320 wscsvc - ok 16:55:16.0572 1320 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys 16:55:16.0587 1320 WSDPrintDevice - ok 16:55:16.0619 1320 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys 16:55:16.0634 1320 WSDScan - ok 16:55:16.0634 1320 WSearch - ok 16:55:16.0697 1320 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll 16:55:16.0728 1320 wuauserv - ok 16:55:16.0743 1320 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys 16:55:16.0790 1320 WudfPf - ok 16:55:16.0790 1320 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 16:55:16.0821 1320 WUDFRd - ok 16:55:16.0884 1320 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll 16:55:16.0931 1320 wudfsvc - ok 16:55:16.0946 1320 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll 16:55:16.0977 1320 WwanSvc - ok 16:55:16.0977 1320 ================ Scan global =============================== 16:55:17.0180 1320 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll 16:55:17.0227 1320 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll 16:55:17.0243 1320 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll 16:55:17.0258 1320 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll 16:55:17.0274 1320 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe 16:55:17.0289 1320 [Global] - ok 16:55:17.0289 1320 ================ Scan MBR ================================== 16:55:17.0305 1320 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 16:55:17.0523 1320 \Device\Harddisk0\DR0 - ok 16:55:17.0523 1320 ================ Scan VBR ================================== 16:55:17.0523 1320 [ 1B78DBBDE2E3F405F05B181172D54F77 ] \Device\Harddisk0\DR0\Partition1 16:55:17.0523 1320 \Device\Harddisk0\DR0\Partition1 - ok 16:55:17.0555 1320 [ 1007BE0C2AB7E446FE506472382CD5D9 ] \Device\Harddisk0\DR0\Partition2 16:55:17.0555 1320 \Device\Harddisk0\DR0\Partition2 - ok 16:55:17.0555 1320 ============================================================ 16:55:17.0555 1320 Scan finished 16:55:17.0555 1320 ============================================================ 16:55:17.0570 1124 Detected object count: 3 16:55:17.0570 1124 Actual detected object count: 3 16:55:36.0431 1124 BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user 16:55:36.0431 1124 BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:55:36.0431 1124 DraftSight API Service ( UnsignedFile.Multi.Generic ) - skipped by user 16:55:36.0431 1124 DraftSight API Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:55:36.0431 1124 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user 16:55:36.0431 1124 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip |
Hi, combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
|
Ok ComboFix ist durch. Zu dem USB Stick, es klappt mit keinen USB Stick. An einem anderen PC funktioniert es einwandfrei. ComboFix Log: Combofix Logfile: Code: ComboFix 13-01-11.01 - A.Schattke 11.01.2013 17:02:01.1.4 - x64 |
malwarebytes: Downloade Dir bitte Malwarebytes
|
Moin! Malwarebytes ist soweit durch. Ohne Funde! Zu der Sache mit den USB Stick, hängt das auch mit dem Trojaner zusammen? Weil ich absolut keine Stick verwenden kann. Ich soll alle immer formatieren aber wenn ich das versuche, bekomme ich immer die Fehlermeldung das dieser Stick nicht formatiert werden kann. Malwarebytes Anti-Malware (Test) 1.70.0.1100 Malwarebytes : Free anti-malware download Datenbank Version: v2013.01.12.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 A.Schattke :: KONSTRUKTION-PC [Administrator] Schutz: Aktiviert 12.01.2013 20:55:03 mbam-log-2013-01-12 (20-55-03).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 802173 Laufzeit: 1 Stunde(n), 39 Minute(n), 50 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
ist das bei allen sticks so? laufen sie auf anderen PC's? lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten. |
Guten morgen Markusg, also mit dem USB Stick habe ich es hin bekommen, der musste komplett formtiert werden, damit der wieder unter windows 7 läuft. Ich weiß zwar nicht warum, denn bevor ich dieser Trojaner hatte, funktionierte es einwandfrei. Aber jetzt geht es wieder. Hier die Liste: 1&1 SmartFax 1&1 Internet AG 16.11.2012 2.00.224 notwendig Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 09.01.2013 6,00MB 11.5.502.146 notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 09.01.2013 6,00MB 11.5.502.146 unbekannt Adobe Reader X (10.1.5) MUI Adobe Systems Incorporated 10.01.2013 480MB 10.1.5 notwendig AMD Catalyst Install Manager Advanced Micro Devices, Inc. 09.01.2012 22,7MB 3.0.851.0 unbekannt Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Atheros Communications Inc. 09.01.2012 1.0.2.43 notwendig Avira Free Antivirus Avira 11.12.2012 124MB 13.0.0.2890 notwendig Avira SearchFree Toolbar plus Web Protection Ask.com 30.10.2012 10,2MB 1.15.10.0 unbekannt Avira SearchFree Toolbar plus Web Protection Updater Ask.com 30.10.2012 1.4.1.29781 unbekannt Brother MFL-Pro Suite MFC-J5910DW Brother Industries, Ltd. 31.10.2012 1.0.0.0 notwendig CCleaner Piriform 19.12.2012 3.26 notwendig Desktop Icon für Amazon 07.11.2012 1.0.1 (de) unnötig DraftSight Dassault Systemes 10.01.2013 183MB 8.4.274 notwendig EPLAN 5.70.3 EPLAN 29.11.2012 84,4MB 5.70.3 notwendig EPLAN Electric P8 2.1 EPLAN Software & Service 22.11.2012 32,2MB 2.1.4.5325 notwendig EPLAN Electric P8 2.2 EPLAN Software & Service GmbH & Co. KG 12.12.2012 32,2MB 2.2.5.6338 notwendig EPLAN Electric P8 Addon 2.1 EPLAN Software & Service 22.11.2012 1,24GB 2.1.4.5325 notwendig EPLAN Electric P8 Data 2.2 EPLAN Software & Service GmbH & Co. KG 12.12.2012 322MB 2.2.5.6338 notwendig EPLAN License Client EPLAN Software & Service GmbH & Co. KG 12.12.2012 58,0MB 9.1.10.32500 notwendig EPLAN Platform 2.1 EPLAN Software & Service 22.11.2012 340MB 2.1.4.5325 notwendig EPLAN Platform 2.2 EPLAN Software & Service GmbH & Co. KG 12.12.2012 411MB 2.2.5.6338 notwendig EPLAN Platform Addon 2.1 EPLAN Software & Service 22.11.2012 648MB 2.1.4.5325 notwendig EPLAN Platform Data 2.2 EPLAN Software & Service GmbH & Co. KG 12.12.2012 671MB 2.2.5.6338 notwendig Etron USB3.0 Host Controller Etron Technology 09.01.2012 5,23MB 0.105 unbekannt EULANDA EULANDA Software GmbH 30.10.2012 4.4.74.6200 notwendig FireJump FireJump.net 07.11.2012 4,28MB 1.0.2.5 unbekannt GIMP 2.8.2 The GIMP Team 28.11.2012 234MB 2.8.2 notwendig Hardlock Device Driver 29.11.2012 notwendig IM Lock Comvigo, Inc. 16.02.2012 unbekannt Intel(R) Rapid Storage Technology Intel Corporation 16.02.2012 10.6.0.1002 unbekannt IrfanView (remove only) Irfan Skiljan 04.12.2012 2,00MB 4.35 unnötig Java 7 Update 9 Oracle 26.11.2012 128MB 7.0.90 unbekannt Java 7 Update 9 (64-bit) Oracle 26.11.2012 127MB 7.0.90 unbekannt Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 12.01.2013 18,4MB 1.70.0.1100 notwendig Microsoft .NET Framework 4 Client Profile Microsoft Corporation 09.01.2012 38,8MB 4.0.30319 notwendig Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 09.01.2012 2,93MB 4.0.30319 notwendig Microsoft .NET Framework 4 Extended Microsoft Corporation 27.10.2012 51,9MB 4.0.30319 notwendig Microsoft Office 2010 Microsoft Corporation 09.01.2012 6,31MB 14.0.4763.1000 notwendig Microsoft Office Professional Plus 2010 Microsoft Corporation 01.11.2012 14.0.6029.1000 notwendig Microsoft Silverlight Microsoft Corporation 31.10.2012 40,3MB 4.1.10329.0 unbekannt Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 09.01.2012 1,69MB 3.1.0000 unbekannt Microsoft SQL Server 2008 R2 (64-bit) Microsoft Corporation 30.10.2012 unbekannt Microsoft SQL Server 2008 R2 Native Client Microsoft Corporation 30.10.2012 6,09MB 10.51.2500.0 unbekannt Microsoft SQL Server 2008 R2 Setup (English) Microsoft Corporation 30.10.2012 43,6MB 10.51.2500.0 unbekannt Microsoft SQL Server 2008 Setup Support Files Microsoft Corporation 30.10.2012 24,8MB 10.1.2731.0 unbekannt Microsoft SQL Server Browser Microsoft Corporation 30.10.2012 9,00MB 10.51.2500.0 unbekannt Microsoft SQL Server VSS Writer Microsoft Corporation 30.10.2012 3,60MB 10.51.2500.0 unbekannt Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 01.11.2012 300KB 8.0.56336 unbekannt Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 31.10.2012 618KB 8.0.61000 unbekannt Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 09.01.2012 784KB 9.0.30729.4148 unbekannt Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 31.10.2012 788KB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 01.11.2012 244KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 09.01.2012 592KB 9.0.30729.4148 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 31.10.2012 600KB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 01.11.2012 13,7MB 10.0.30319 unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 01.11.2012 16,5MB 10.0.40219 unbekannt Microsoft Visual J# 2.0 Redistributable Package Microsoft Corporation 01.11.2012 unbekannt Mozilla Firefox 18.0 (x86 de) Mozilla 11.01.2013 43,2MB 18.0 notwendig Mozilla Maintenance Service Mozilla 11.01.2013 330KB 18.0 unbekannt MSXML 4.0 SP2 (KB954430) Microsoft Corporation 30.10.2012 1,27MB 4.20.9870.0 unbekannt MSXML 4.0 SP2 (KB973688) Microsoft Corporation 30.10.2012 1,33MB 4.20.9876.0 unbekannt MSXML 4.0 SP3 Parser Microsoft Corporation 31.10.2012 1,47MB 4.30.2100.0 unbekannt MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 01.11.2012 1,53MB 4.30.2114.0 unbekannt MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 09.01.2013 1,54MB 4.30.2117.0 unbekannt Nuance PaperPort 12 Nuance Communications, Inc. 31.10.2012 202MB 12.1.0000 unbekannt Nuance PDF Viewer Plus Nuance Communications, Inc 31.10.2012 38,0MB 5.30.3290 unbekannt PaperPort Image Printer 64-bit Nuance Communications, Inc. 31.10.2012 558KB 1.00.0001 unbekannt PC-Kaufmann Komplettpaket Pro 2012 Sage Software GmbH 05.11.2012 notwendig PDF Architect pdfforge 03.12.2012 93,2MB 1.0.41.8362 notwendig PDFCreator Frank Heindörfer, Philip Chinery 03.12.2012 1.6.0notwendig Preispilot für Firefox Preispilot 07.11.2012 1,75MB 2.0 unnötig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 11.01.2012 6.0.1.6526 notwendig Recuva Piriform 14.11.2012 1.43 unbekannt Sage HBCI-Kontaktverwaltung Sage Software GmbH 05.11.2012 978KB 3.0 notwendig SearchAnonymizer 07.11.2012 1.0.1 (de) unbekannt SIW version 2011.10.29 Topala Software Solutions 30.10.2012 3,42MB 2011.10.29 unbekannt Windows Live Essentials Microsoft Corporation 09.01.2012 15.4.3508.1109 unbekannt Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 09.01.2012 5,57MB 15.4.5722.2 unbekannt WinRAR 4.20 (64-Bit) win.rar GmbH 01.11.2012 4.20.0 notwendig |
deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Avira SearchFree : beide Desktop Icon FireJump IrfanView Java : beide downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren deinstaliere: Nuance : beide PaperPort Preispilot Recuva SearchAnonymizer SIW Windows Live : alle die, die du nicht nutzt. Öffne CCleaner, analysieren starten, PC neustarten. Downloade Dir bitte AdwCleaner auf deinen Desktop.
|
Moin Markusg, ich habe alles soweit deinstalliert bzw neu installiert. Hier die Textdatei: # AdwCleaner v2.105 - Datei am 16/01/2013 um 09:13:34 erstellt # Aktualisiert am 08/01/2013 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : A.Schattke - KONSTRUKTION-PC # Bootmodus : Normal # Ausgeführt unter : C:\Users\A.Schattke\Downloads\adwcleaner.exe # Option [Suche] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gefunden : C:\Users\A.Schattke\AppData\Roaming\Mozilla\Firefox\Profiles\b2cdqmax.default\searchplugins\Askcom.xml Ordner Gefunden : C:\Program Files (x86)\SweetIM Ordner Gefunden : C:\ProgramData\SweetIM Ordner Gefunden : C:\Users\A.Schattke\AppData\Roaming\pdfforge Ordner Gefunden : C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} ***** [Registrierungsdatenbank] ***** Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKCU\Software\Softonic Schlüssel Gefunden : HKCU\Software\SweetIM Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3 Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sim-packages Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Schlüssel Gefunden : HKLM\Software\SweetIM Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKU\S-1-5-21-352515027-633855842-707027720-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}] ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16457 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.00000&barid={2CB2D577-5EF7-11E2-BFDD-50E549D577AE} [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.00000&barid={2CB2D577-5EF7-11E2-BFDD-50E549D577AE} -\\ Mozilla Firefox v18.0 (de) Datei : C:\Users\A.Schattke\AppData\Roaming\Mozilla\Firefox\Profiles\b2cdqmax.default\prefs.js Gefunden : user_pref("browser.search.order.1", "Ask.com"); Gefunden : user_pref("browser.search.selectedEngine", "Ask.com"); Gefunden : user_pref("extensions.toolbar@ask.com.install-event-fired", true); ************************* AdwCleaner[R1].txt - [7114 octets] - [16/01/2013 09:13:34] ########## EOF - C:\AdwCleaner[R1].txt - [7174 octets] ########## |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 02:33 Uhr. |
Copyright ©2000-2025, Trojaner-Board