|
System repair wizard trojaner Hallo Forum, Leider habe ich kaum einen seriösen lösungsvorschlag über google gefunden. Deswegen versuche ich hier mein Glück ! Es geht um folgende warnmeldung , die sich in unzähligen fenstern öffnet: "file system on local disk C: contains critical errors . To prevent data loss, it ist highly recommended to run system repair wizard" Daneben gibt es noch einige andere warnmeldungen. Ich habe noch nichts angeklickt und habe stattdessen den rechner neu gestartet und bin nun im abgesicherten modus mit netzwerktreiben. Gerade läuft ein vollscan mit malwarebytes. Vor einigen Monaten plagte mich ein ähnlicher trojaner: der "system check virus". Diese "neue" Variante scheint sehr ähnlich zu sein. Danke für eure Hilfe! |
Hi neustart, f8 drücken abgesicherter Modus mit netzwerk wählen im betroffenen Konto anmelden Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code: activex
|
OTL Logfile: Code: OTL logfile created on: 04.03.2013 19:33:30 - Run 1OTL Logfile: Code: OTL Extras logfile created on: 04.03.2013 19:33:30 - Run 1Danke schonmal für deine Hilfe. Was muss ich als nächstes machen? ich mah jetzt mal mit Malwarebytes anti Rogueware weiter.Ist das OK? |
hier mal die Log-file von Malwarebytes anti Rootkit: --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1021 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 System is currently in a safe mode Account is Administrative Internet Explorer version: 8.0.7601.17514 Java version: 1.6.0_20 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.808000 GHz Memory total: 8580554752, free: 7114985472 ------------ Kernel report ------------ 03/04/2013 20:28:51 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\system32\drivers\pciide.sys \SystemRoot\system32\drivers\PCIIDEX.SYS \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\vmbus.sys \SystemRoot\system32\drivers\winhv.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\msahci.sys \SystemRoot\system32\DRIVERS\jraid.sys \SystemRoot\system32\DRIVERS\SCSIPORT.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\vmstorfl.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\SysWOW64\speedfan.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\drivers\mfetdik.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\hssdrv6.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\drivers\1394ohci.sys \SystemRoot\system32\DRIVERS\ASACPI.sys \SystemRoot\system32\drivers\cdrom.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\taphss6.sys \SystemRoot\system32\DRIVERS\rdpbus.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\drivers\kbdclass.sys \SystemRoot\system32\drivers\mouclass.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\drivers\umbus.sys \SystemRoot\system32\drivers\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\drivers\hidusb.sys \SystemRoot\system32\drivers\HIDCLASS.SYS \SystemRoot\system32\drivers\HIDPARSE.SYS \SystemRoot\system32\drivers\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_dumpata.sys \SystemRoot\System32\Drivers\dump_atapi.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\framebuf.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8007d8f790 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\ Lower Device Object: 0xfffffa8007b40060 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi Initialization returned 0x0 Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0) Load Function returned 0x0 Downloaded database version: v2013.03.04.09 Initializing... Done! <<<2>>> Device number: 0, partition: 1 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8007d8f790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007c9b930, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007d8f790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007b3e520, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xfffffa8007b40060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xfffff8a008f31660, 0xfffffa8007d8f790, 0xfffffa800a41b790 Lower DeviceData: 0xfffff8a008d9d860, 0xfffffa8007b40060, 0xfffffa800a4af2b0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 1 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 9B1E6225 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 2842062848 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2842066944 Numsec = 1064931504 Partition 2 type is HIDDEN (0x17) Partition is NOT ACTIVE. Partition starts at LBA: 3907000320 Numsec = 20480 Partition is not bootable Hidden partition VBR is not infected. Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 2000398934016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-3907009168-3907029168)... Done! Performing system, memory and registry scan... Infected: HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32| --> [Trojan.Zaccess] Infected: HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 --> [Trojan.Zaccess] Infected: HKLM\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1} --> [Trojan.Zaccess] Infected: HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1} --> [Trojan.Zaccess] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1} --> [Trojan.Zaccess] Infected: HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32| --> [Trojan.Zaccess] Done! Scan finished Creating System Restore point... Could not create restore point... Scheduling clean up... <<<2>>> Device number: 0, partition: 1 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Removal scheduling successful. System shutdown needed. System shutdown occurred ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1021 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 8.0.7601.17514 Java version: 1.6.0_20 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.808000 GHz Memory total: 8580554752, free: 6937956352 Removal queue found; removal started Removal finished ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1021 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 8.0.7601.17514 Java version: 1.6.0_20 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.808000 GHz Memory total: 8580554752, free: 7066234880 ------------ Kernel report ------------ 03/04/2013 20:51:11 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\system32\drivers\pciide.sys \SystemRoot\system32\drivers\PCIIDEX.SYS \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\vmbus.sys \SystemRoot\system32\drivers\winhv.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\msahci.sys \SystemRoot\system32\DRIVERS\jraid.sys \SystemRoot\system32\DRIVERS\SCSIPORT.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\vmstorfl.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\SysWOW64\speedfan.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\system32\drivers\mfehidk.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\system32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\drivers\mfetdik.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\hssdrv6.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\serial.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\nvlddmkm.sys \SystemRoot\System32\Drivers\nvBridge.kmd \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\drivers\1394ohci.sys \SystemRoot\system32\DRIVERS\ASACPI.sys \SystemRoot\system32\DRIVERS\serenum.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\taphss6.sys \SystemRoot\system32\DRIVERS\rdpbus.sys \SystemRoot\system32\drivers\kbdclass.sys \SystemRoot\system32\drivers\mouclass.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\drivers\umbus.sys \SystemRoot\system32\drivers\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\nvhda64v.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\viahduaa.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\drivers\hidusb.sys \SystemRoot\system32\drivers\HIDCLASS.SYS \SystemRoot\system32\drivers\HIDPARSE.SYS \SystemRoot\system32\drivers\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_dumpata.sys \SystemRoot\System32\Drivers\dump_atapi.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \??\C:\Windows\system32\drivers\cpuz133_x64.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\mfeapfk.sys \SystemRoot\system32\drivers\mfeavfk.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\sechost.dll \Windows\System32\msctf.dll \Windows\System32\ole32.dll \Windows\System32\msvcrt.dll \Windows\System32\kernel32.dll \Windows\System32\oleaut32.dll \Windows\System32\gdi32.dll \Windows\System32\ws2_32.dll \Windows\System32\lpk.dll \Windows\System32\wininet.dll \Windows\System32\setupapi.dll \Windows\System32\imagehlp.dll \Windows\System32\iertutil.dll \Windows\System32\rpcrt4.dll \Windows\System32\normaliz.dll \Windows\System32\shell32.dll \Windows\System32\nsi.dll \Windows\System32\psapi.dll \Windows\System32\difxapi.dll \Windows\System32\usp10.dll \Windows\System32\comdlg32.dll \Windows\System32\advapi32.dll \Windows\System32\clbcatq.dll \Windows\System32\urlmon.dll \Windows\System32\shlwapi.dll \Windows\System32\imm32.dll \Windows\System32\user32.dll \Windows\System32\Wldap32.dll \Windows\System32\KernelBase.dll \Windows\System32\comctl32.dll \Windows\System32\cfgmgr32.dll \Windows\System32\wintrust.dll \Windows\System32\crypt32.dll \Windows\System32\devobj.dll \Windows\System32\msasn1.dll \Windows\SysWOW64\normaliz.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8007de0790 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\ Lower Device Object: 0xfffffa8007ba5060 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi Initialization returned 0x0 Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0) Load Function returned 0x0 Downloaded database version: v2013.03.04.10 Initializing... Done! <<<2>>> Device number: 0, partition: 1 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8007de0790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007de02c0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007de0790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007b9f520, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xfffffa8007ba5060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xfffff8a003031a40, 0xfffffa8007de0790, 0xfffffa800aced290 Lower DeviceData: 0xfffff8a004030490, 0xfffffa8007ba5060, 0xfffffa8008d0e200 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 1 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 9B1E6225 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 2842062848 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2842066944 Numsec = 1064931504 Partition 2 type is HIDDEN (0x17) Partition is NOT ACTIVE. Partition starts at LBA: 3907000320 Numsec = 20480 Partition is not bootable Hidden partition VBR is not infected. Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 2000398934016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-3907009168-3907029168)... Done! Performing system, memory and registry scan... Done! Scan finished ======================================= |
Hi, otl fix Fixen mit OTL
Code: :OTL
lade unhide: http://filepony.de/download-unhide/ doppelklicken, dateien werden sichtbar starte in den normalen modus. poste alle Malwarebytes Logs mit funden: http://www.trojaner-board.de/125889-...en-posten.html Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
Hier och der log von adwcleaner:AdwCleaner Logfile: Code: # AdwCleaner v2.113 - Datei am 04/03/2013 um 21:22:04 erstelltIst das Durchführen von TDSS Killer überhaupt noch nötig, wenn ich zuvor schon einen Scan mit Malwarebytes Anti Rootkit durchgeführt habe? OTL-Log file:OTL Logfile: Code: OTL logfile created on: 04.03.2013 19:33:30 - Run 1 |
TDSS Killer Log-file: 21:59:54.0828 2452 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 21:59:55.0234 2452 ============================================================ 21:59:55.0234 2452 Current date / time: 2013/03/04 21:59:55.0234 21:59:55.0234 2452 SystemInfo: 21:59:55.0234 2452 21:59:55.0234 2452 OS Version: 6.1.7601 ServicePack: 1.0 21:59:55.0234 2452 Product type: Workstation 21:59:55.0234 2452 ComputerName: PCPS 21:59:55.0234 2452 UserName: Philipp 21:59:55.0234 2452 Windows directory: C:\Windows 21:59:55.0234 2452 System windows directory: C:\Windows 21:59:55.0234 2452 Running under WOW64 21:59:55.0234 2452 Processor architecture: Intel x64 21:59:55.0234 2452 Number of processors: 8 21:59:55.0234 2452 Page size: 0x1000 21:59:55.0234 2452 Boot type: Normal boot 21:59:55.0234 2452 ============================================================ 21:59:56.0872 2452 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:59:56.0872 2452 ============================================================ 21:59:56.0872 2452 \Device\Harddisk0\DR0: 21:59:56.0872 2452 MBR partitions: 21:59:56.0872 2452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA9667000 21:59:56.0872 2452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA9668000, BlocksNum 0x3F7990B0 21:59:56.0872 2452 ============================================================ 21:59:56.0918 2452 C: <-> \Device\Harddisk0\DR0\Partition1 21:59:56.0918 2452 ============================================================ 21:59:56.0918 2452 Initialize success 21:59:56.0918 2452 ============================================================ 22:00:54.0648 3660 ============================================================ 22:00:54.0648 3660 Scan started 22:00:54.0648 3660 Mode: Manual; SigCheck; TDLFS; 22:00:54.0648 3660 ============================================================ 22:00:55.0006 3660 ================ Scan system memory ======================== 22:00:55.0006 3660 System memory - ok 22:00:55.0006 3660 ================ Scan services ============================= 22:00:55.0131 3660 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 22:00:55.0287 3660 1394ohci - ok 22:00:55.0318 3660 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 22:00:55.0334 3660 ACPI - ok 22:00:55.0365 3660 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 22:00:55.0490 3660 AcpiPmi - ok 22:00:55.0615 3660 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 22:00:55.0740 3660 AdobeARMservice - ok 22:00:55.0880 3660 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 22:00:55.0989 3660 AdobeFlashPlayerUpdateSvc - ok 22:00:56.0036 3660 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 22:00:56.0083 3660 adp94xx - ok 22:00:56.0098 3660 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 22:00:56.0130 3660 adpahci - ok 22:00:56.0145 3660 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 22:00:56.0176 3660 adpu320 - ok 22:00:56.0192 3660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 22:00:56.0270 3660 AeLookupSvc - ok 22:00:56.0332 3660 [ D31DC7A16DEA4A9BAF179F3D6FBDB38C ] AFD C:\Windows\system32\drivers\afd.sys 22:00:56.0473 3660 AFD - ok 22:00:56.0504 3660 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 22:00:56.0520 3660 agp440 - ok 22:00:56.0535 3660 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 22:00:56.0551 3660 ALG - ok 22:00:56.0582 3660 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 22:00:56.0598 3660 aliide - ok 22:00:56.0613 3660 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 22:00:56.0644 3660 amdide - ok 22:00:56.0644 3660 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 22:00:56.0691 3660 AmdK8 - ok 22:00:56.0707 3660 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 22:00:56.0754 3660 AmdPPM - ok 22:00:56.0785 3660 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys 22:00:56.0863 3660 amdsata - ok 22:00:56.0878 3660 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 22:00:56.0894 3660 amdsbs - ok 22:00:56.0894 3660 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys 22:00:57.0003 3660 amdxata - ok 22:00:57.0019 3660 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 22:00:57.0159 3660 AppID - ok 22:00:57.0175 3660 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 22:00:57.0222 3660 AppIDSvc - ok 22:00:57.0253 3660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 22:00:57.0346 3660 Appinfo - ok 22:00:57.0424 3660 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 22:00:57.0518 3660 Apple Mobile Device - ok 22:00:57.0534 3660 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 22:00:57.0565 3660 AppMgmt - ok 22:00:57.0580 3660 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 22:00:57.0580 3660 arc - ok 22:00:57.0580 3660 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 22:00:57.0596 3660 arcsas - ok 22:00:57.0612 3660 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 22:00:57.0674 3660 AsyncMac - ok 22:00:57.0705 3660 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 22:00:57.0721 3660 atapi - ok 22:00:57.0752 3660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 22:00:57.0877 3660 AudioEndpointBuilder - ok 22:00:57.0908 3660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 22:00:57.0939 3660 AudioSrv - ok 22:00:57.0986 3660 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 22:00:58.0064 3660 AxInstSV - ok 22:00:58.0080 3660 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 22:00:58.0111 3660 b06bdrv - ok 22:00:58.0158 3660 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 22:00:58.0204 3660 b57nd60a - ok 22:00:58.0236 3660 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 22:00:58.0298 3660 BDESVC - ok 22:00:58.0298 3660 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 22:00:58.0345 3660 Beep - ok 22:00:58.0392 3660 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 22:00:58.0532 3660 BFE - ok 22:00:58.0563 3660 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 22:00:58.0626 3660 BITS - ok 22:00:58.0641 3660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 22:00:58.0672 3660 blbdrive - ok 22:00:58.0719 3660 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 22:00:58.0828 3660 Bonjour Service - ok 22:00:58.0844 3660 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 22:00:58.0906 3660 bowser - ok 22:00:58.0922 3660 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 22:00:58.0969 3660 BrFiltLo - ok 22:00:58.0969 3660 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 22:00:59.0000 3660 BrFiltUp - ok 22:00:59.0031 3660 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll 22:00:59.0125 3660 Browser - ok 22:00:59.0156 3660 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 22:00:59.0187 3660 Brserid - ok 22:00:59.0203 3660 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 22:00:59.0265 3660 BrSerWdm - ok 22:00:59.0265 3660 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 22:00:59.0296 3660 BrUsbMdm - ok 22:00:59.0312 3660 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 22:00:59.0328 3660 BrUsbSer - ok 22:00:59.0343 3660 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 22:00:59.0359 3660 BTHMODEM - ok 22:00:59.0359 3660 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 22:00:59.0390 3660 bthserv - ok 22:00:59.0406 3660 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 22:00:59.0437 3660 cdfs - ok 22:00:59.0484 3660 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 22:00:59.0577 3660 cdrom - ok 22:00:59.0640 3660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 22:00:59.0718 3660 CertPropSvc - ok 22:00:59.0749 3660 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 22:00:59.0764 3660 circlass - ok 22:00:59.0796 3660 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 22:00:59.0842 3660 CLFS - ok 22:00:59.0889 3660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:00:59.0920 3660 clr_optimization_v2.0.50727_32 - ok 22:00:59.0967 3660 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 22:00:59.0998 3660 clr_optimization_v2.0.50727_64 - ok 22:00:59.0998 3660 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 22:01:00.0045 3660 CmBatt - ok 22:01:00.0045 3660 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 22:01:00.0061 3660 cmdide - ok 22:01:00.0092 3660 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys 22:01:00.0154 3660 CNG - ok 22:01:00.0154 3660 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 22:01:00.0170 3660 Compbatt - ok 22:01:00.0232 3660 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 22:01:00.0326 3660 CompositeBus - ok 22:01:00.0326 3660 COMSysApp - ok 22:01:00.0373 3660 [ 641243746597FBD650E5000D95811EA3 ] cpuz133 C:\Windows\system32\drivers\cpuz133_x64.sys 22:01:00.0560 3660 cpuz133 - ok 22:01:00.0576 3660 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 22:01:00.0591 3660 crcdisk - ok 22:01:00.0622 3660 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll 22:01:00.0732 3660 CryptSvc - ok 22:01:00.0763 3660 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 22:01:00.0856 3660 CSC - ok 22:01:00.0888 3660 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 22:01:00.0981 3660 CscService - ok 22:01:00.0997 3660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 22:01:01.0028 3660 DcomLaunch - ok 22:01:01.0075 3660 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 22:01:01.0137 3660 defragsvc - ok 22:01:01.0168 3660 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 22:01:01.0262 3660 DfsC - ok 22:01:01.0293 3660 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 22:01:01.0356 3660 Dhcp - ok 22:01:01.0371 3660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 22:01:01.0418 3660 discache - ok 22:01:01.0434 3660 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 22:01:01.0434 3660 Disk - ok 22:01:01.0465 3660 [ CD55F5355D8F55D44C9F4ED875705BD6 ] Dnscache C:\Windows\System32\dnsrslvr.dll 22:01:01.0605 3660 Dnscache - ok 22:01:01.0636 3660 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 22:01:01.0746 3660 dot3svc - ok 22:01:01.0761 3660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 22:01:01.0839 3660 DPS - ok 22:01:01.0870 3660 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 22:01:01.0917 3660 drmkaud - ok 22:01:01.0980 3660 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 22:01:02.0073 3660 DXGKrnl - ok 22:01:02.0089 3660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 22:01:02.0167 3660 EapHost - ok 22:01:02.0229 3660 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 22:01:02.0370 3660 ebdrv - ok 22:01:02.0401 3660 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe 22:01:02.0432 3660 EFS - ok 22:01:02.0494 3660 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 22:01:02.0588 3660 ehRecvr - ok 22:01:02.0604 3660 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 22:01:02.0619 3660 ehSched - ok 22:01:02.0650 3660 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 22:01:02.0666 3660 elxstor - ok 22:01:02.0697 3660 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 22:01:02.0744 3660 ErrDev - ok 22:01:02.0760 3660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 22:01:02.0838 3660 EventSystem - ok 22:01:02.0869 3660 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 22:01:02.0916 3660 exfat - ok 22:01:02.0931 3660 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 22:01:02.0962 3660 fastfat - ok 22:01:02.0994 3660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 22:01:03.0072 3660 Fax - ok 22:01:03.0087 3660 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 22:01:03.0118 3660 fdc - ok 22:01:03.0134 3660 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 22:01:03.0196 3660 fdPHost - ok 22:01:03.0196 3660 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 22:01:03.0243 3660 FDResPub - ok 22:01:03.0259 3660 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 22:01:03.0259 3660 FileInfo - ok 22:01:03.0259 3660 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 22:01:03.0306 3660 Filetrace - ok 22:01:03.0321 3660 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 22:01:03.0352 3660 flpydisk - ok 22:01:03.0384 3660 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 22:01:03.0477 3660 FltMgr - ok 22:01:03.0524 3660 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll 22:01:03.0633 3660 FontCache - ok 22:01:03.0664 3660 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 22:01:03.0758 3660 FontCache3.0.0.0 - ok 22:01:03.0774 3660 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 22:01:03.0789 3660 FsDepends - ok 22:01:03.0789 3660 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 22:01:03.0805 3660 Fs_Rec - ok 22:01:03.0820 3660 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 22:01:03.0883 3660 fvevol - ok 22:01:03.0898 3660 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 22:01:03.0914 3660 gagp30kx - ok 22:01:03.0961 3660 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 22:01:04.0054 3660 GEARAspiWDM - ok 22:01:04.0101 3660 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 22:01:04.0226 3660 gpsvc - ok 22:01:04.0351 3660 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 22:01:04.0444 3660 gupdate - ok 22:01:04.0507 3660 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 22:01:04.0522 3660 gupdatem - ok 22:01:04.0554 3660 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 22:01:04.0647 3660 hamachi - ok 22:01:04.0663 3660 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 22:01:04.0710 3660 hcw85cir - ok 22:01:04.0756 3660 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 22:01:04.0866 3660 HdAudAddService - ok 22:01:04.0866 3660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 22:01:04.0912 3660 HDAudBus - ok 22:01:04.0912 3660 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 22:01:04.0944 3660 HidBatt - ok 22:01:04.0959 3660 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 22:01:05.0006 3660 HidBth - ok 22:01:05.0022 3660 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 22:01:05.0068 3660 HidIr - ok 22:01:05.0100 3660 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 22:01:05.0162 3660 hidserv - ok 22:01:05.0178 3660 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 22:01:05.0256 3660 HidUsb - ok 22:01:05.0287 3660 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 22:01:05.0396 3660 hkmsvc - ok 22:01:05.0443 3660 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 22:01:05.0568 3660 HomeGroupListener - ok 22:01:05.0599 3660 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 22:01:05.0708 3660 HomeGroupProvider - ok 22:01:05.0724 3660 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 22:01:05.0755 3660 HpSAMD - ok 22:01:06.0051 3660 [ CCFA6A6925E4544A8167B753C7DDE345 ] hshld C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe 22:01:06.0145 3660 hshld - ok 22:01:06.0207 3660 [ CA53DA4C3EAD4C86918E7F80CD281ABB ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys 22:01:06.0285 3660 HssDRV6 - ok 22:01:06.0316 3660 [ 7321BCA90DD53CC46EFDF1D4D44964E1 ] HssSrv C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe 22:01:06.0441 3660 HssSrv - ok 22:01:06.0488 3660 [ 01BEF3BF1C5262B76981D430E430E89B ] HssTrayService C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE 22:01:06.0582 3660 HssTrayService - ok 22:01:06.0613 3660 [ 2E1DF960A48BDE321881823ABBB2E1C7 ] HssWd C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe 22:01:06.0691 3660 HssWd - ok 22:01:06.0722 3660 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 22:01:06.0862 3660 HTTP - ok 22:01:06.0894 3660 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 22:01:06.0987 3660 hwpolicy - ok 22:01:07.0018 3660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 22:01:07.0050 3660 i8042prt - ok 22:01:07.0065 3660 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 22:01:07.0159 3660 iaStorV - ok 22:01:07.0221 3660 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 22:01:07.0346 3660 idsvc - ok 22:01:07.0377 3660 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 22:01:07.0377 3660 iirsp - ok 22:01:07.0424 3660 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 22:01:07.0564 3660 IKEEXT - ok 22:01:07.0596 3660 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 22:01:07.0611 3660 intelide - ok 22:01:07.0627 3660 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 22:01:07.0642 3660 intelppm - ok 22:01:07.0674 3660 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 22:01:07.0736 3660 IPBusEnum - ok 22:01:07.0736 3660 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:01:07.0845 3660 IpFilterDriver - ok 22:01:07.0892 3660 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 22:01:07.0970 3660 iphlpsvc - ok 22:01:08.0032 3660 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 22:01:08.0095 3660 IPMIDRV - ok 22:01:08.0110 3660 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 22:01:08.0173 3660 IPNAT - ok 22:01:08.0235 3660 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 22:01:08.0329 3660 iPod Service - ok 22:01:08.0344 3660 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 22:01:08.0391 3660 IRENUM - ok 22:01:08.0422 3660 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 22:01:08.0438 3660 isapnp - ok 22:01:08.0485 3660 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 22:01:08.0610 3660 iScsiPrt - ok 22:01:08.0656 3660 [ 86CFEF6DC6DE51AAB0C10384FE98F48F ] JRAID C:\Windows\system32\DRIVERS\jraid.sys 22:01:08.0750 3660 JRAID - ok 22:01:08.0750 3660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 22:01:08.0766 3660 kbdclass - ok 22:01:08.0812 3660 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 22:01:08.0937 3660 kbdhid - ok 22:01:08.0953 3660 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe 22:01:08.0984 3660 KeyIso - ok 22:01:09.0000 3660 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 22:01:09.0046 3660 KSecDD - ok 22:01:09.0046 3660 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 22:01:09.0109 3660 KSecPkg - ok 22:01:09.0140 3660 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 22:01:09.0171 3660 ksthunk - ok 22:01:09.0202 3660 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 22:01:09.0280 3660 KtmRm - ok 22:01:09.0327 3660 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 22:01:09.0374 3660 LanmanServer - ok 22:01:09.0405 3660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 22:01:09.0514 3660 LanmanWorkstation - ok 22:01:09.0577 3660 [ 17203D81A68D9162DB9022A1FC601778 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 22:01:09.0670 3660 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 22:01:09.0670 3660 LightScribeService - detected UnsignedFile.Multi.Generic (1) 22:01:09.0702 3660 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 22:01:09.0764 3660 lltdio - ok 22:01:09.0780 3660 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 22:01:09.0811 3660 lltdsvc - ok 22:01:09.0826 3660 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 22:01:09.0858 3660 lmhosts - ok 22:01:09.0858 3660 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 22:01:09.0873 3660 LSI_FC - ok 22:01:09.0889 3660 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 22:01:09.0904 3660 LSI_SAS - ok 22:01:09.0904 3660 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 22:01:09.0920 3660 LSI_SAS2 - ok 22:01:09.0936 3660 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 22:01:09.0951 3660 LSI_SCSI - ok 22:01:09.0951 3660 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 22:01:09.0982 3660 luafv - ok 22:01:10.0014 3660 [ 639DA8F468552785E15F0F2FD8DB44B3 ] McAfeeEngineService C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe 22:01:10.0060 3660 McAfeeEngineService - ok 22:01:10.0138 3660 [ 1B963D79740B187795407CD03E2F7B4D ] McAfeeFramework C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe 22:01:10.0248 3660 McAfeeFramework - ok 22:01:10.0263 3660 [ 4E09D8C4C861348A7F1C12A5AA9C4DE7 ] McShield C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe 22:01:10.0357 3660 McShield - ok 22:01:10.0388 3660 [ 3774AAD155F31D58D932861D0A4FD641 ] McTaskManager C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe 22:01:10.0450 3660 McTaskManager - ok 22:01:10.0497 3660 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 22:01:10.0591 3660 Mcx2Svc - ok 22:01:10.0622 3660 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 22:01:10.0638 3660 megasas - ok 22:01:10.0638 3660 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 22:01:10.0653 3660 MegaSR - ok 22:01:10.0684 3660 [ E2D642A38A8DC4722F859092F731B6A3 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys 22:01:10.0731 3660 mfeapfk - ok 22:01:10.0762 3660 [ AE23ED41216E160F54E5EF1A5EE325F7 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys 22:01:10.0825 3660 mfeavfk - ok 22:01:10.0856 3660 [ BC76BC7129B2206098AC220B656F15B7 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys 22:01:10.0918 3660 mfehidk - ok 22:01:10.0934 3660 [ C7C15D125AA697BE97087D197C9FAD08 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys 22:01:10.0996 3660 mferkdet - ok 22:01:11.0012 3660 [ 41CA4C4292004486D004D357B9C19718 ] mfetdik C:\Windows\system32\drivers\mfetdik.sys 22:01:11.0074 3660 mfetdik - ok 22:01:11.0090 3660 [ C39855495E82EC6B02E6190C34A1B752 ] mfevtp C:\Windows\system32\mfevtps.exe 22:01:11.0152 3660 mfevtp - ok 22:01:11.0184 3660 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 22:01:11.0246 3660 MMCSS - ok 22:01:11.0262 3660 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 22:01:11.0324 3660 Modem - ok 22:01:11.0371 3660 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 22:01:11.0418 3660 monitor - ok 22:01:11.0433 3660 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys 22:01:11.0449 3660 mouclass - ok 22:01:11.0449 3660 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 22:01:11.0496 3660 mouhid - ok 22:01:11.0542 3660 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 22:01:11.0620 3660 mountmgr - ok 22:01:11.0636 3660 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 22:01:11.0698 3660 mpio - ok 22:01:11.0714 3660 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 22:01:11.0745 3660 mpsdrv - ok 22:01:11.0792 3660 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 22:01:11.0917 3660 MpsSvc - ok 22:01:11.0948 3660 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 22:01:12.0073 3660 MRxDAV - ok 22:01:12.0104 3660 [ FAF015B07E3A2874A790A39B7D2C579F ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 22:01:12.0182 3660 mrxsmb - ok 22:01:12.0213 3660 [ 08E2345DF129082BCDFFDC1440F9C00D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:01:12.0322 3660 mrxsmb10 - ok 22:01:12.0354 3660 [ 108D87409C5812EF47D81E22843E8C9D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:01:12.0432 3660 mrxsmb20 - ok 22:01:12.0478 3660 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 22:01:12.0525 3660 msahci - ok 22:01:12.0572 3660 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 22:01:12.0634 3660 msdsm - ok 22:01:12.0650 3660 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 22:01:12.0666 3660 MSDTC - ok 22:01:12.0681 3660 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 22:01:12.0697 3660 Msfs - ok 22:01:12.0712 3660 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 22:01:12.0744 3660 mshidkmdf - ok 22:01:12.0759 3660 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 22:01:12.0775 3660 msisadrv - ok 22:01:12.0806 3660 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 22:01:12.0868 3660 MSiSCSI - ok 22:01:12.0868 3660 msiserver - ok 22:01:12.0884 3660 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 22:01:12.0931 3660 MSKSSRV - ok 22:01:12.0946 3660 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 22:01:13.0024 3660 MSPCLOCK - ok 22:01:13.0040 3660 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 22:01:13.0102 3660 MSPQM - ok 22:01:13.0134 3660 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 22:01:13.0196 3660 MsRPC - ok 22:01:13.0227 3660 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 22:01:13.0227 3660 mssmbios - ok 22:01:13.0227 3660 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 22:01:13.0258 3660 MSTEE - ok 22:01:13.0274 3660 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 22:01:13.0321 3660 MTConfig - ok 22:01:13.0352 3660 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys 22:01:13.0430 3660 MTsensor - ok 22:01:13.0446 3660 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 22:01:13.0461 3660 Mup - ok 22:01:13.0508 3660 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 22:01:13.0633 3660 napagent - ok 22:01:13.0680 3660 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 22:01:13.0711 3660 NativeWifiP - ok 22:01:13.0773 3660 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys 22:01:13.0820 3660 NDIS - ok 22:01:13.0836 3660 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 22:01:13.0867 3660 NdisCap - ok 22:01:13.0898 3660 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 22:01:13.0945 3660 NdisTapi - ok 22:01:13.0960 3660 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 22:01:14.0054 3660 Ndisuio - ok 22:01:14.0070 3660 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 22:01:14.0148 3660 NdisWan - ok 22:01:14.0179 3660 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 22:01:14.0304 3660 NDProxy - ok 22:01:14.0304 3660 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 22:01:14.0350 3660 NetBIOS - ok 22:01:14.0382 3660 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 22:01:14.0491 3660 NetBT - ok 22:01:14.0506 3660 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe 22:01:14.0506 3660 Netlogon - ok 22:01:14.0553 3660 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 22:01:14.0584 3660 Netman - ok 22:01:14.0584 3660 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 22:01:14.0647 3660 netprofm - ok 22:01:14.0694 3660 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 22:01:14.0709 3660 NetTcpPortSharing - ok 22:01:14.0709 3660 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 22:01:14.0725 3660 nfrd960 - ok 22:01:14.0772 3660 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 22:01:14.0865 3660 NlaSvc - ok 22:01:14.0928 3660 [ 4B300DC9B143C99674B6ECD917384155 ] nmwcdcx64 C:\Windows\system32\drivers\ccdcmbox64.sys 22:01:15.0115 3660 nmwcdcx64 - ok 22:01:15.0162 3660 [ DD1D06C2A7E048766482256AB8C755CF ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys 22:01:15.0271 3660 nmwcdx64 - ok 22:01:15.0302 3660 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 22:01:15.0333 3660 Npfs - ok 22:01:15.0333 3660 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 22:01:15.0380 3660 nsi - ok 22:01:15.0380 3660 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 22:01:15.0427 3660 nsiproxy - ok 22:01:15.0474 3660 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 22:01:15.0567 3660 Ntfs - ok 22:01:15.0583 3660 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 22:01:15.0614 3660 Null - ok 22:01:15.0708 3660 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 22:01:15.0770 3660 NVHDA - ok 22:01:15.0988 3660 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 22:01:16.0113 3660 nvlddmkm - ok 22:01:16.0160 3660 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys 22:01:16.0285 3660 nvraid - ok 22:01:16.0300 3660 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys 22:01:16.0363 3660 nvstor - ok 22:01:16.0425 3660 [ A83AC04D672567CAF8BE7A4D73C0B850 ] NVSvc C:\Windows\system32\nvvsvc.exe 22:01:16.0456 3660 NVSvc - ok 22:01:16.0534 3660 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 22:01:16.0675 3660 nvUpdatusService - ok 22:01:16.0690 3660 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 22:01:16.0706 3660 nv_agp - ok 22:01:16.0784 3660 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 22:01:16.0862 3660 odserv - ok 22:01:16.0909 3660 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 22:01:16.0940 3660 ohci1394 - ok 22:01:16.0987 3660 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:01:17.0080 3660 ose - ok 22:01:17.0096 3660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 22:01:17.0143 3660 p2pimsvc - ok 22:01:17.0174 3660 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 22:01:17.0236 3660 p2psvc - ok 22:01:17.0252 3660 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 22:01:17.0283 3660 Parport - ok 22:01:17.0314 3660 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys 22:01:17.0424 3660 partmgr - ok 22:01:17.0439 3660 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 22:01:17.0502 3660 PcaSvc - ok 22:01:17.0548 3660 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 22:01:17.0658 3660 pccsmcfd - ok 22:01:17.0689 3660 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 22:01:17.0751 3660 pci - ok 22:01:17.0782 3660 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 22:01:17.0798 3660 pciide - ok 22:01:17.0814 3660 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 22:01:17.0829 3660 pcmcia - ok 22:01:17.0845 3660 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 22:01:17.0860 3660 pcw - ok 22:01:17.0876 3660 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 22:01:17.0907 3660 PEAUTH - ok 22:01:17.0938 3660 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 22:01:18.0001 3660 PeerDistSvc - ok 22:01:18.0063 3660 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 22:01:18.0094 3660 PerfHost - ok 22:01:18.0157 3660 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 22:01:18.0266 3660 pla - ok 22:01:18.0328 3660 [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 22:01:18.0453 3660 PlugPlay - ok 22:01:18.0469 3660 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 22:01:18.0500 3660 PNRPAutoReg - ok 22:01:18.0516 3660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 22:01:18.0531 3660 PNRPsvc - ok 22:01:18.0562 3660 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 22:01:18.0703 3660 PolicyAgent - ok 22:01:18.0734 3660 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 22:01:18.0796 3660 Power - ok 22:01:18.0843 3660 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 22:01:18.0937 3660 PptpMiniport - ok 22:01:18.0952 3660 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 22:01:18.0968 3660 Processor - ok 22:01:19.0015 3660 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll 22:01:19.0077 3660 ProfSvc - ok 22:01:19.0093 3660 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe 22:01:19.0108 3660 ProtectedStorage - ok 22:01:19.0140 3660 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 22:01:19.0264 3660 Psched - ok 22:01:19.0311 3660 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 22:01:19.0405 3660 PxHlpa64 - ok 22:01:19.0436 3660 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 22:01:19.0483 3660 ql2300 - ok 22:01:19.0498 3660 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 22:01:19.0514 3660 ql40xx - ok 22:01:19.0530 3660 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 22:01:19.0561 3660 QWAVE - ok 22:01:19.0576 3660 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 22:01:19.0608 3660 QWAVEdrv - ok 22:01:19.0623 3660 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 22:01:19.0670 3660 RasAcd - ok 22:01:19.0701 3660 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 22:01:19.0748 3660 RasAgileVpn - ok 22:01:19.0764 3660 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 22:01:19.0795 3660 RasAuto - ok 22:01:19.0842 3660 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 22:01:19.0935 3660 Rasl2tp - ok 22:01:19.0982 3660 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 22:01:20.0091 3660 RasMan - ok 22:01:20.0107 3660 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 22:01:20.0138 3660 RasPppoe - ok 22:01:20.0154 3660 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 22:01:20.0185 3660 RasSstp - ok 22:01:20.0200 3660 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 22:01:20.0310 3660 rdbss - ok 22:01:20.0310 3660 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 22:01:20.0341 3660 rdpbus - ok 22:01:20.0372 3660 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 22:01:20.0388 3660 RDPCDD - ok 22:01:20.0434 3660 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 22:01:20.0544 3660 RDPDR - ok 22:01:20.0559 3660 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 22:01:20.0590 3660 RDPENCDD - ok 22:01:20.0590 3660 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 22:01:20.0637 3660 RDPREFMP - ok 22:01:20.0668 3660 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 22:01:20.0762 3660 RDPWD - ok 22:01:20.0793 3660 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 22:01:20.0902 3660 rdyboost - ok 22:01:20.0934 3660 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 22:01:21.0012 3660 RemoteAccess - ok 22:01:21.0027 3660 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 22:01:21.0074 3660 RemoteRegistry - ok 22:01:21.0090 3660 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 22:01:21.0136 3660 RpcEptMapper - ok 22:01:21.0168 3660 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 22:01:21.0183 3660 RpcLocator - ok 22:01:21.0199 3660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 22:01:21.0214 3660 RpcSs - ok 22:01:21.0230 3660 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 22:01:21.0261 3660 rspndr - ok 22:01:21.0277 3660 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 22:01:21.0370 3660 RTL8167 - ok 22:01:21.0386 3660 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 22:01:21.0480 3660 s3cap - ok 22:01:21.0495 3660 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe 22:01:21.0495 3660 SamSs - ok 22:01:21.0542 3660 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 22:01:21.0636 3660 sbp2port - ok 22:01:21.0667 3660 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 22:01:21.0729 3660 SCardSvr - ok 22:01:21.0776 3660 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 22:01:21.0870 3660 scfilter - ok 22:01:21.0932 3660 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 22:01:22.0026 3660 Schedule - ok 22:01:22.0057 3660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 22:01:22.0088 3660 SCPolicySvc - ok 22:01:22.0135 3660 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 22:01:22.0322 3660 SDRSVC - ok 22:01:22.0400 3660 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 22:01:22.0447 3660 secdrv - ok 22:01:22.0462 3660 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 22:01:22.0556 3660 seclogon - ok 22:01:22.0572 3660 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 22:01:22.0618 3660 SENS - ok 22:01:22.0634 3660 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 22:01:22.0650 3660 SensrSvc - ok 22:01:22.0650 3660 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 22:01:22.0665 3660 Serenum - ok 22:01:22.0696 3660 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 22:01:22.0696 3660 Serial - ok 22:01:22.0743 3660 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 22:01:22.0759 3660 sermouse - ok 22:01:22.0852 3660 [ 8988D1F32F56B3CD3F0F6C39F8A91A98 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 22:01:22.0993 3660 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning 22:01:22.0993 3660 ServiceLayer - detected UnsignedFile.Multi.Generic (1) 22:01:23.0024 3660 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 22:01:23.0086 3660 SessionEnv - ok 22:01:23.0133 3660 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 22:01:23.0180 3660 sffdisk - ok 22:01:23.0196 3660 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 22:01:23.0227 3660 sffp_mmc - ok 22:01:23.0242 3660 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 22:01:23.0352 3660 sffp_sd - ok 22:01:23.0367 3660 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 22:01:23.0383 3660 sfloppy - ok 22:01:23.0414 3660 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 22:01:23.0445 3660 SharedAccess - ok 22:01:23.0492 3660 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 22:01:23.0570 3660 ShellHWDetection - ok 22:01:23.0586 3660 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 22:01:23.0601 3660 SiSRaid2 - ok 22:01:23.0632 3660 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 22:01:23.0632 3660 SiSRaid4 - ok 22:01:23.0664 3660 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 22:01:23.0679 3660 Smb - ok 22:01:23.0710 3660 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 22:01:23.0726 3660 SNMPTRAP - ok 22:01:23.0773 3660 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys 22:01:23.0882 3660 speedfan - ok 22:01:23.0898 3660 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 22:01:23.0913 3660 spldr - ok 22:01:23.0944 3660 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe 22:01:24.0038 3660 Spooler - ok 22:01:24.0132 3660 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 22:01:24.0178 3660 sppsvc - ok 22:01:24.0194 3660 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 22:01:24.0225 3660 sppuinotify - ok 22:01:24.0272 3660 [ 2098B8556D1CEC2ACA9A29CD479E3692 ] srv C:\Windows\system32\DRIVERS\srv.sys 22:01:24.0366 3660 srv - ok 22:01:24.0412 3660 [ D0F73A42040F21F92FD314B42AC5C9E7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 22:01:24.0522 3660 srv2 - ok 22:01:24.0553 3660 [ 2BA8F3250828CCDB4204ECF2C6F40B6A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 22:01:24.0646 3660 srvnet - ok 22:01:24.0693 3660 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 22:01:24.0756 3660 SSDPSRV - ok 22:01:24.0771 3660 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 22:01:24.0818 3660 SstpSvc - ok 22:01:24.0927 3660 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 22:01:25.0036 3660 Stereo Service - ok 22:01:25.0052 3660 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 22:01:25.0068 3660 stexstor - ok 22:01:25.0130 3660 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 22:01:25.0224 3660 stisvc - ok 22:01:25.0255 3660 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 22:01:25.0348 3660 storflt - ok 22:01:25.0364 3660 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 22:01:25.0380 3660 StorSvc - ok 22:01:25.0395 3660 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 22:01:25.0442 3660 storvsc - ok 22:01:25.0473 3660 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 22:01:25.0489 3660 swenum - ok 22:01:25.0598 3660 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 22:01:25.0723 3660 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning 22:01:25.0723 3660 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 22:01:25.0738 3660 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 22:01:25.0785 3660 swprv - ok 22:01:25.0894 3660 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 22:01:25.0988 3660 SysMain - ok 22:01:26.0019 3660 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 22:01:26.0144 3660 TabletInputService - ok 22:01:26.0175 3660 [ 796FFF20E497A65EF8C0DE94E5B0F70F ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys 22:01:26.0269 3660 taphss6 - ok 22:01:26.0300 3660 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 22:01:26.0394 3660 TapiSrv - ok 22:01:26.0425 3660 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 22:01:26.0487 3660 TBS - ok 22:01:26.0550 3660 [ 509383E505C973ED7534A06B3D19688D ] Tcpip C:\Windows\system32\drivers\tcpip.sys 22:01:26.0659 3660 Tcpip - ok 22:01:26.0690 3660 [ 509383E505C973ED7534A06B3D19688D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 22:01:26.0721 3660 TCPIP6 - ok 22:01:26.0752 3660 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 22:01:26.0908 3660 tcpipreg - ok 22:01:26.0940 3660 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 22:01:26.0986 3660 TDPIPE - ok 22:01:27.0002 3660 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 22:01:27.0018 3660 TDTCP - ok 22:01:27.0033 3660 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 22:01:27.0127 3660 tdx - ok 22:01:27.0142 3660 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 22:01:27.0205 3660 TermDD - ok 22:01:27.0236 3660 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 22:01:27.0314 3660 TermService - ok 22:01:27.0345 3660 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 22:01:27.0361 3660 Themes - ok 22:01:27.0376 3660 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 22:01:27.0408 3660 THREADORDER - ok 22:01:27.0454 3660 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 22:01:27.0501 3660 TrkWks - ok 22:01:27.0532 3660 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 22:01:27.0626 3660 TrustedInstaller - ok 22:01:27.0642 3660 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 22:01:27.0735 3660 tssecsrv - ok 22:01:27.0782 3660 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 22:01:27.0876 3660 TsUsbFlt - ok 22:01:27.0922 3660 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 22:01:28.0063 3660 tunnel - ok 22:01:28.0078 3660 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 22:01:28.0094 3660 uagp35 - ok 22:01:28.0141 3660 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 22:01:28.0281 3660 udfs - ok 22:01:28.0297 3660 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 22:01:28.0344 3660 UI0Detect - ok 22:01:28.0359 3660 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 22:01:28.0375 3660 uliagpkx - ok 22:01:28.0406 3660 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 22:01:28.0484 3660 umbus - ok 22:01:28.0515 3660 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 22:01:28.0531 3660 UmPass - ok 22:01:28.0562 3660 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 22:01:28.0624 3660 UmRdpService - ok 22:01:28.0640 3660 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 22:01:28.0718 3660 upnphost - ok 22:01:28.0765 3660 [ 69405C5429EF448B319F08042B897FC6 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 22:01:28.0890 3660 upperdev - ok 22:01:28.0936 3660 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 22:01:29.0046 3660 USBAAPL64 - ok 22:01:29.0092 3660 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 22:01:29.0233 3660 usbccgp - ok 22:01:29.0280 3660 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 22:01:29.0326 3660 usbcir - ok 22:01:29.0342 3660 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 22:01:29.0436 3660 usbehci - ok 22:01:29.0467 3660 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys 22:01:29.0545 3660 usbhub - ok 22:01:29.0560 3660 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 22:01:29.0576 3660 usbohci - ok 22:01:29.0576 3660 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 22:01:29.0592 3660 usbprint - ok 22:01:29.0638 3660 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys 22:01:29.0701 3660 usbser - ok 22:01:29.0748 3660 [ 0305D5F7D5751D0AE763250EB78DC5D7 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys 22:01:29.0857 3660 UsbserFilt - ok 22:01:29.0873 3660 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:01:29.0935 3660 USBSTOR - ok 22:01:29.0951 3660 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 22:01:29.0966 3660 usbuhci - ok 22:01:29.0982 3660 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 22:01:30.0013 3660 UxSms - ok 22:01:30.0013 3660 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe 22:01:30.0029 3660 VaultSvc - ok 22:01:30.0029 3660 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 22:01:30.0044 3660 vdrvroot - ok 22:01:30.0075 3660 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 22:01:30.0138 3660 vds - ok 22:01:30.0153 3660 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 22:01:30.0169 3660 vga - ok 22:01:30.0169 3660 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 22:01:30.0200 3660 VgaSave - ok 22:01:30.0216 3660 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 22:01:30.0278 3660 vhdmp - ok 22:01:30.0325 3660 [ 627270F2103D41086BAB9675A3315DAB ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys 22:01:30.0481 3660 VIAHdAudAddService - ok 22:01:30.0497 3660 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 22:01:30.0512 3660 viaide - ok 22:01:30.0528 3660 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 22:01:30.0606 3660 vmbus - ok 22:01:30.0637 3660 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 22:01:30.0731 3660 VMBusHID - ok 22:01:30.0731 3660 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 22:01:30.0809 3660 volmgr - ok 22:01:30.0824 3660 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 22:01:30.0887 3660 volmgrx - ok 22:01:30.0918 3660 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 22:01:30.0996 3660 volsnap - ok 22:01:31.0027 3660 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 22:01:31.0043 3660 vsmraid - ok 22:01:31.0105 3660 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 22:01:31.0261 3660 VSS - ok 22:01:31.0261 3660 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 22:01:31.0292 3660 vwifibus - ok 22:01:31.0339 3660 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 22:01:31.0386 3660 W32Time - ok 22:01:31.0401 3660 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 22:01:31.0433 3660 WacomPen - ok 22:01:31.0495 3660 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 22:01:31.0620 3660 WANARP - ok 22:01:31.0620 3660 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 22:01:31.0651 3660 Wanarpv6 - ok 22:01:31.0698 3660 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 22:01:31.0823 3660 wbengine - ok 22:01:31.0838 3660 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 22:01:31.0885 3660 WbioSrvc - ok 22:01:31.0932 3660 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 22:01:32.0041 3660 wcncsvc - ok 22:01:32.0072 3660 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 22:01:32.0088 3660 WcsPlugInService - ok 22:01:32.0103 3660 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 22:01:32.0119 3660 Wd - ok 22:01:32.0135 3660 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 22:01:32.0166 3660 Wdf01000 - ok 22:01:32.0166 3660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 22:01:32.0213 3660 WdiServiceHost - ok 22:01:32.0213 3660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 22:01:32.0228 3660 WdiSystemHost - ok 22:01:32.0244 3660 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 22:01:32.0337 3660 WebClient - ok 22:01:32.0337 3660 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 22:01:32.0384 3660 Wecsvc - ok 22:01:32.0400 3660 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 22:01:32.0431 3660 wercplsupport - ok 22:01:32.0447 3660 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 22:01:32.0478 3660 WerSvc - ok 22:01:32.0478 3660 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 22:01:32.0525 3660 WfpLwf - ok 22:01:32.0525 3660 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 22:01:32.0540 3660 WIMMount - ok 22:01:32.0556 3660 WinDefend - ok 22:01:32.0556 3660 WinHttpAutoProxySvc - ok 22:01:32.0603 3660 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 22:01:32.0634 3660 Winmgmt - ok 22:01:32.0696 3660 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 22:01:32.0805 3660 WinRM - ok 22:01:32.0868 3660 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 22:01:32.0961 3660 WinUsb - ok 22:01:32.0993 3660 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 22:01:33.0039 3660 Wlansvc - ok 22:01:33.0071 3660 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 22:01:33.0102 3660 WmiAcpi - ok 22:01:33.0117 3660 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 22:01:33.0149 3660 wmiApSrv - ok 22:01:33.0164 3660 WMPNetworkSvc - ok 22:01:33.0180 3660 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 22:01:33.0211 3660 WPCSvc - ok 22:01:33.0258 3660 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 22:01:33.0351 3660 WPDBusEnum - ok 22:01:33.0367 3660 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 22:01:33.0398 3660 ws2ifsl - ok 22:01:33.0414 3660 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 22:01:33.0445 3660 wscsvc - ok 22:01:33.0445 3660 WSearch - ok 22:01:33.0523 3660 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll 22:01:33.0617 3660 wuauserv - ok 22:01:33.0648 3660 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 22:01:33.0726 3660 WudfPf - ok 22:01:33.0741 3660 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 22:01:33.0835 3660 WUDFRd - ok 22:01:33.0851 3660 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 22:01:33.0929 3660 wudfsvc - ok 22:01:33.0944 3660 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 22:01:33.0960 3660 WwanSvc - ok 22:01:33.0975 3660 ================ Scan global =============================== 22:01:33.0991 3660 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 22:01:34.0038 3660 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll 22:01:34.0131 3660 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll 22:01:34.0163 3660 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 22:01:34.0178 3660 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 22:01:34.0194 3660 [Global] - ok 22:01:34.0194 3660 ================ Scan MBR ================================== 22:01:34.0194 3660 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 22:01:34.0475 3660 \Device\Harddisk0\DR0 - ok 22:01:34.0490 3660 ================ Scan VBR ================================== 22:01:34.0490 3660 [ 388B7653927B37F77511C9B9050C10D5 ] \Device\Harddisk0\DR0\Partition1 22:01:34.0490 3660 \Device\Harddisk0\DR0\Partition1 - ok 22:01:34.0506 3660 [ 0B6515BB1E677C88B4E7E0A5B6616B9C ] \Device\Harddisk0\DR0\Partition2 22:01:34.0506 3660 \Device\Harddisk0\DR0\Partition2 - ok 22:01:34.0506 3660 ============================================================ 22:01:34.0506 3660 Scan finished 22:01:34.0506 3660 ============================================================ 22:01:34.0521 3848 Detected object count: 3 22:01:34.0521 3848 Actual detected object count: 3 22:03:16.0343 3848 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 22:03:16.0343 3848 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:03:16.0343 3848 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user 22:03:16.0343 3848 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:03:16.0343 3848 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user 22:03:16.0343 3848 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip |
wo ist das malwarebytes log, wo ist das log vom fix mit otl? |
Hier ist der OTL fix log ========== OTL ========== C:\ProgramData\-oKJlROuTVCyAr moved successfully. C:\ProgramData\-oKJlROuTVCyA moved successfully. C:\ProgramData\oKJlROuTVCyA moved successfully. ========== FILES ========== ========== COMMANDS ========== OTL by OldTimer - Version 3.2.69.0 log created on 03042013_214010 Den Malwarebytes Log habe ich nicht mehr, da ich den Scan schon vor einigen Stunden durchgeführt habe... war allerdings nur ein Quick Scan, soll ich och einen Vollscan machen und den Log dann posten? |
das log wird automatisch gespeichert, bitte in malwarebytes, logdateien bzw berichte schauen |
Hier das Malwarrebytes Log nach dem ersten Scandurchgang direkt nachdem ich den Verdacht auf einen Virus hatte als sich die vielen Warnfenster in den Vordergrund gedrängt haben: Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free anti-malware download Datenbank Version: v2013.02.17.08 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 8.0.7601.17514 Philipp :: PCPS [Administrator] 03.03.2013 14:46:14 MBAM-log-2013-03-03 (14-50-19).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 232475 Laufzeit: 3 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 9 HKCU\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
Hi, Scan mit Combofix
|
Hier die Log datei von Combofix: Combofix Logfile: Code: ComboFix 13-03-07.03 - Philipp 09.03.2013 16:57:40.1.8 - x64 |
hi lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 04:29 Uhr. |
Copyright ©2000-2025, Trojaner-Board
Textbox. 
WARNUNG an die MITLESER: