| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: OTH und mbam kann nicht gestartet werden wegen Security ScanWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.07.2012, 11:35
| #1 |
| |  OTH und mbam kann nicht gestartet werden wegen Security Scan Hallo an alle freundlichen Helfer, ich bin neu hier und völlig unerfahren in Dingen, die über das allgemeine Anwenderwissen hinausgehen. Daher schon mal recht herzlichen Dank für Erklärungen und Hilfe in einfachen Worten. Problem: Security Shield fühlt sich auf meinem Laptop wohl! Ich habe bereits Google bemüht und bin auf die Anleitung in diesem Forum gestoßen, habe diese befolgt und kann trotzdem nichts machen. ich kann weder OTH noch mbam starten, auch nicht nach Umbenennung. Klicke ich die Dateien an, "blitzt" extrem kurz das Fenster auf und ist im selben Moment auch wieder weg. Ich schreibe gerade von einem sauberen Rechner aus und habe auch von hier aus die Dateien noch einmal auf einen Stick geladen und auch vor der Speicherung umbenannt. Beim Versuch die Dateien zu öffnen bot sich das selbe Schauspiel. Auf dem Laptop kann ich rein gar nichts mehr machen.... Ich bin echt verzweifelt und suche ganz dringend nach Abhilfe. Enschuldigt bitte meine einfache Ausdrucksweise, aber besser kann ich es nicht beschreiben. Auf dem Laptop ist Win7 64bit installiert. Logfiles kann ich nicht erstellen, Security Scan lässt mich nichts mehr tun. Vielen Dank vorab! LG mini Herzlichen Dank an alle die bisher gelesen haben. "Gelesen" ist das Stichwort: In meiner Aufregung hab ich total übersehen, dass ich alles im abgesicherten Modus machen soll....  Hab ich jetzt getan und alles ist wieder gut  für die tolle Arbeit die hier geleistet wird |
|
04.07.2012, 13:53
| #2 |
| /// Malware-holic   | OTH und mbam kann nicht gestartet werden wegen Security Scan hi
__________________wo ist das Malwarebytes und otl log? nur weil ein paar dateien gelöscht wurden, heist es nicht, das es wieder gut ist :-)
__________________ |
|
04.07.2012, 21:03
| #3 |
| | OTH und mbam kann nicht gestartet werden wegen Security Scan OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 7/4/2012 8:39:44 PM - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = F:\ 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.80 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 50.97% Memory free 7.60 Gb Paging File | 5.51 Gb Available in Paging File | 72.52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 546.25 Gb Total Space | 496.94 Gb Free Space | 90.97% Space Free | Partition Type: NTFS Drive D: | 48.83 Gb Total Space | 24.92 Gb Free Space | 51.04% Space Free | Partition Type: NTFS Drive F: | 1.88 Gb Total Space | 1.79 Gb Free Space | 95.13% Space Free | Partition Type: FAT Computer Name: NOTEBOOK | User Name: pp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - F:\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Launch Manager\WButton.exe (Wistron Corp.) PRC - C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems) PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron) PRC - C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Wistron Corp.) PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (Microsoft Corporation.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (watchmi) -- C:\Program Files (x86)\watchmi\TvdService.exe () SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (DCService.exe) -- C:\ProgramData\DatacardService\DCService.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (WisLMSvc) -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Wistron Corp.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (IT9135BDA) -- C:\Windows\SysNative\drivers\IT9135BDA.sys (ITE ) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation ) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com IE - HKCU\..\SearchScopes,DefaultScope = {C3136BAE-750C-4099-AF49-3FD5B2D382C6} IE - HKCU\..\SearchScopes\{C3136BAE-750C-4099-AF49-3FD5B2D382C6}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_enDE393 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://de.mg41.mail.yahoo.com/dc/launch?.gx=1&.rand=509108302" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/29 09:30:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 22:56:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/29 09:30:57 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 22:56:05 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/13 20:32:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pp\AppData\Roaming\mozilla\Extensions [2012/05/13 20:32:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pp\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012/06/29 15:03:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pp\AppData\Roaming\mozilla\Firefox\Profiles\k3x7o4bb.default\extensions [2011/10/12 11:12:11 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\pp\AppData\Roaming\mozilla\Firefox\Profiles\k3x7o4bb.default\extensions\de-DE@dictionaries.addons.mozilla.org [2012/05/02 22:55:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011/10/25 09:54:52 | 000,626,986 | ---- | M] () (No name found) -- C:\USERS\PP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K3X7O4BB.DEFAULT\EXTENSIONS\{62760FD6-B943-48C9-AB09-F99C6FE96088}.XPI [2012/06/29 15:03:24 | 000,743,305 | ---- | M] () (No name found) -- C:\USERS\PP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K3X7O4BB.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012/06/19 22:56:05 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/06/19 22:56:03 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/06/19 22:56:03 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/06/19 22:56:03 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012/06/19 22:56:03 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/06/19 22:56:03 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/06/19 22:56:03 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [HotkeyApp] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [Wbutton] C:\Program Files (x86)\Launch Manager\Wbutton.exe (Wistron Corp.) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) O4 - HKCU..\Run: [Remote Control Editor] C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - Startup: C:\Users\pp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\pp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A6A47E9-F7CB-4535-A95E-82D5E505447E}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64218A98-EC9F-442E-BD13-37004598096A}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4BEC6CA-6CB9-41F2-814D-28C04FDB7390}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0ed1d371-2b11-11e1-bc03-485d60d39eb1}\Shell - "" = AutoRun O33 - MountPoints2\{0ed1d371-2b11-11e1-bc03-485d60d39eb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{0ed1d373-2b11-11e1-bc03-485d60d39eb1}\Shell - "" = AutoRun O33 - MountPoints2\{0ed1d373-2b11-11e1-bc03-485d60d39eb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{4e196699-c957-11e0-a341-00262dc41da6}\Shell - "" = AutoRun O33 - MountPoints2\{4e196699-c957-11e0-a341-00262dc41da6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{4e19669e-c957-11e0-a341-00262dc41da6}\Shell - "" = AutoRun O33 - MountPoints2\{4e19669e-c957-11e0-a341-00262dc41da6}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{777cc26a-c9c5-11e0-b733-485d60d39eb1}\Shell - "" = AutoRun O33 - MountPoints2\{777cc26a-c9c5-11e0-b733-485d60d39eb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{777cc26c-c9c5-11e0-b733-485d60d39eb1}\Shell - "" = AutoRun O33 - MountPoints2\{777cc26c-c9c5-11e0-b733-485d60d39eb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{777cc26e-c9c5-11e0-b733-485d60d39eb1}\Shell - "" = AutoRun O33 - MountPoints2\{777cc26e-c9c5-11e0-b733-485d60d39eb1}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ab550b2e-ca70-11e0-a1b5-485d60d39eb1}\Shell - "" = AutoRun O33 - MountPoints2\{ab550b2e-ca70-11e0-a1b5-485d60d39eb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ab550b32-ca70-11e0-a1b5-485d60d39eb1}\Shell - "" = AutoRun O33 - MountPoints2\{ab550b32-ca70-11e0-a1b5-485d60d39eb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{cfea53e4-161e-11e1-9849-00262dc41da6}\Shell - "" = AutoRun O33 - MountPoints2\{cfea53e4-161e-11e1-9849-00262dc41da6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{cfea53e7-161e-11e1-9849-00262dc41da6}\Shell - "" = AutoRun O33 - MountPoints2\{cfea53e7-161e-11e1-9849-00262dc41da6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{fd1064b6-458e-11e1-ae75-00262dc41da6}\Shell - "" = AutoRun O33 - MountPoints2\{fd1064b6-458e-11e1-ae75-00262dc41da6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{fd1064c5-458e-11e1-ae75-00262dc41da6}\Shell - "" = AutoRun O33 - MountPoints2\{fd1064c5-458e-11e1-ae75-00262dc41da6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/07/04 20:27:06 | 000,000,000 | ---D | C] -- C:\Users\pp\Documents\MalwareLogs [2012/07/04 13:06:59 | 000,000,000 | ---D | C] -- C:\Users\pp\AppData\Roaming\Malwarebytes [2012/07/04 13:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/07/04 13:06:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/07/04 13:06:52 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/07/04 13:06:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/07/04 11:37:54 | 000,259,584 | ---- | C] (OldTimer Tools) -- C:\Users\pp\Desktop\uTH.scr [2012/06/21 08:52:51 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/06/21 08:52:51 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/06/21 08:52:51 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/06/21 08:52:42 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/06/21 08:52:42 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/06/21 08:52:42 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/06/21 08:52:26 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/06/21 08:52:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012/06/18 08:02:08 | 000,000,000 | ---D | C] -- C:\Users\pp\AppData\Local\Macromedia [2012/06/13 07:14:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/06/13 07:14:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/06/13 07:14:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/06/13 07:14:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/06/13 07:14:07 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/06/13 07:14:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/06/13 07:14:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/06/13 07:14:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/06/13 07:14:04 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/06/13 07:14:04 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/06/13 07:14:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/06/13 07:14:02 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/06/13 07:14:01 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/06/13 07:13:17 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012/06/13 07:13:17 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012/06/13 07:03:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/06/13 07:03:22 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/06/13 07:03:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/06/13 07:03:13 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/06/13 07:03:12 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/06/13 07:03:12 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/06/13 07:02:58 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012/06/13 07:02:55 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012/06/13 07:02:55 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/07/04 16:46:49 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/04 16:46:49 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/04 16:39:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/04 16:39:03 | 3061,911,552 | -HS- | M] () -- C:\hiberfil.sys [2012/07/04 13:06:54 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/07/04 11:37:59 | 000,259,584 | ---- | M] (OldTimer Tools) -- C:\Users\pp\Desktop\uTH.scr [2012/07/04 10:40:51 | 001,500,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/07/04 10:40:51 | 000,654,852 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012/07/04 10:40:51 | 000,616,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/07/04 10:40:51 | 000,130,434 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012/07/04 10:40:51 | 000,106,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/06/29 15:03:16 | 000,044,770 | ---- | M] () -- C:\Users\pp\Documents\Einladung.odt [2012/06/28 16:17:20 | 000,012,095 | ---- | M] () -- C:\Users\pp\Documents\Rundfunkgebührenbefreiung.odt [2012/06/27 14:44:58 | 000,134,603 | ---- | M] () -- C:\Users\pp\Documents\Der_ fränkische_Mann_und_seine_Sprache.pdf [2012/06/22 09:04:28 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/06/22 09:04:28 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/06/13 07:38:29 | 000,316,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/07/04 13:06:54 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/06/29 13:59:17 | 000,044,770 | ---- | C] () -- C:\Users\pp\Documents\Einladung.odt [2012/06/28 16:17:18 | 000,012,095 | ---- | C] () -- C:\Users\pp\Documents\Rundfunkgebührenbefreiung.odt [2012/06/27 14:44:58 | 000,134,603 | ---- | C] () -- C:\Users\pp\Documents\Der_ fränkische_Mann_und_seine_Sprache.pdf [2012/05/25 11:55:00 | 000,185,123 | ---- | C] () -- C:\Users\pp\Rechnung_Deckenventilator.pdf [2012/05/22 08:40:21 | 000,267,083 | ---- | C] () -- C:\Users\pp\Kontoauszug_760085100_20120331_084011.pdf [2012/05/22 08:39:48 | 000,149,944 | ---- | C] () -- C:\Users\pp\Kontoauszug_760085100_20120501_083811.pdf [2012/05/05 08:24:36 | 000,031,440 | ---- | C] () -- C:\Users\pp\Kontoauszug_901300__Nr.005_vom_03.05.2012_20120505082434.pdf [2012/05/05 08:23:38 | 000,149,944 | ---- | C] () -- C:\Users\pp\Kontoauszug_760085100_20120501_082334.pdf [2012/05/05 08:23:27 | 000,133,790 | ---- | C] () -- C:\Users\pp\Kontoauszug_760085100_20120301_082324.pdf [2012/05/05 08:23:14 | 000,147,152 | ---- | C] () -- C:\Users\pp\Kontoauszug_760085100_20120201_082214.pdf [2012/04/01 19:20:00 | 000,000,393 | ---- | C] () -- C:\Users\pp\AppData\Roaming\dpdhl.versandhelfer.medionlap_state.xml [2012/03/30 21:32:10 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012/03/12 10:36:47 | 000,027,357 | ---- | C] () -- C:\Users\pp\Kontoauszug_901300__Nr.003_vom_02.03.2012_20120312093620.pdf [2012/02/22 10:05:33 | 000,122,397 | ---- | C] () -- C:\Users\pp\Bekanntschaftsanzeige.pdf [2012/02/07 10:50:36 | 000,027,369 | ---- | C] () -- C:\Users\pp\Kontoauszug_901300__Nr.002_vom_02.02.2012_20120207094953.pdf [2012/01/10 22:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011/11/17 00:18:37 | 000,000,572 | ---- | C] () -- C:\Windows\hpomdl51.dat.temp [2011/09/29 09:24:03 | 000,192,811 | ---- | C] () -- C:\Windows\hpoins51.dat [2011/09/01 00:04:51 | 000,036,734 | ---- | C] () -- C:\Windows\SysWow64\OggDSuninst.exe [2011/08/31 19:51:16 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2011/08/31 19:51:16 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2011/08/31 19:51:16 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2011/08/15 14:17:27 | 168,166,968 | ---- | C] () -- C:\Users\pp\OOo_3.3.0_Win_x86_install-wJRE_de.exe [2011/08/15 14:07:29 | 001,527,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/11/25 02:55:48 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32.INI [2010/11/24 18:48:23 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe ========== LOP Check ========== [2011/08/30 09:50:26 | 000,000,000 | ---D | M] -- C:\Users\pp\AppData\Roaming\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1 [2011/08/29 10:16:23 | 000,000,000 | ---D | M] -- C:\Users\pp\AppData\Roaming\OpenOffice.org [2011/11/28 22:02:55 | 000,000,000 | ---D | M] -- C:\Users\pp\AppData\Roaming\RobinsonCrusoe [2012/03/31 23:37:56 | 000,000,000 | ---D | M] -- C:\Users\pp\AppData\Roaming\SoftGrid Client [2011/08/17 22:53:16 | 000,000,000 | ---D | M] -- C:\Users\pp\AppData\Roaming\TerraTec [2012/05/13 20:32:01 | 000,000,000 | ---D | M] -- C:\Users\pp\AppData\Roaming\TomTom [2011/08/15 14:08:42 | 000,000,000 | ---D | M] -- C:\Users\pp\AppData\Roaming\TP [2011/11/10 21:29:00 | 000,000,000 | ---D | M] -- C:\Users\pp\AppData\Roaming\TreeCardGames [2012/02/29 17:12:21 | 000,000,000 | ---D | M] -- C:\Users\pp\AppData\Roaming\Windows Live Writer [2012/05/03 12:39:00 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Die Programme habe ich von einem sauberen Rechner auf einen Stick gezogen und vom Stick gestartet. Ich hoffe, dass es das war was du wissen wolltest.  Danke  |
|
05.07.2012, 18:11
| #4 |
| /// Malware-holic | OTH und mbam kann nicht gestartet werden wegen Security Scan jetzt sehe ich immernoch nicht das Malwarebytes log.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.07.2012, 19:07
| #5 |
| | OTH und mbam kann nicht gestartet werden wegen Security Scan Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.05.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 pp :: NOTEBOOK [Administrator] Schutz: Aktiviert 05.07.2012 19:47:54 mbam-log-2012-07-05 (19-47-54).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 251045 Laufzeit: 3 Minute(n), 43 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.04.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 pp :: NOTEBOOK [Administrator] Schutz: Aktiviert 04.07.2012 18:55:16 mbam-log-2012-07-04 (18-55-16).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 437859 Laufzeit: 1 Stunde(n), 22 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) QuickScan von heute und Vollständiger Scan von gestern abend LG Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.04.04 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 pp :: NOTEBOOK [Administrator] Schutz: Deaktiviert 04.07.2012 13:12:04 mbam-log-2012-07-04 (13-12-04).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 436159 Laufzeit: 43 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|usjpcnou (Trojan.Lameshield) -> Daten: C:\Users\pp\AppData\Local\usjpcnou.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\pp\AppData\Local\usjpcnou.exe (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Erster vollständiger Scan von gestern nachmittag, sorry, hatte zu früh abgeschickt und erst jetzt bemerkt LG |
|
06.07.2012, 21:36
| #6 | |
| /// Malware-holic | OTH und mbam kann nicht gestartet werden wegen Security ScanCombofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> OTH und mbam kann nicht gestartet werden wegen Security Scan |
|
11.07.2012, 23:27
| #7 |
| | OTH und mbam kann nicht gestartet werden wegen Security Scan Combofix.log Combofix Logfile: Code:
ATTFilter ComboFix 12-07-11.03 - pp 12.07.2012 0:00.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3893.2332 [GMT 2:00]
ausgeführt von:: c:\users\pp\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Downloads\avira_antivir_personal_de592(2).exe
c:\users\Downloads\avira_antivir_personal_de592.exe.part
c:\users\Downloads\fbinstaller_1.0.exe
c:\users\Downloads\GoogleEarthPluginSetup.exe
c:\users\Downloads\OOo_3.2.1_Win_x86_install_de.exe
c:\users\Pictures\10.jpg
c:\users\Pictures\11.jpg
c:\users\Pictures\12.jpg
c:\users\Pictures\13.jpg
c:\users\Pictures\14.jpg
c:\users\pp\OOo_3.3.0_Win_x86_install-wJRE_de.exe
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-11 bis 2012-07-11 ))))))))))))))))))))))))))))))
.
.
2012-07-11 07:26 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 05:30 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 05:30 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 05:30 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 05:30 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 05:30 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 05:30 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 05:29 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-11 05:29 . 2012-06-02 05:48 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-11 05:29 . 2012-06-02 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-07-11 05:29 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 05:29 . 2012-06-02 05:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-11 05:29 . 2012-06-02 04:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-07-11 05:29 . 2012-06-02 04:40 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-07-11 05:29 . 2012-06-02 04:39 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-11 05:29 . 2012-06-02 04:34 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-07-06 12:18 . 2012-07-06 12:18 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-06 12:18 . 2012-07-06 12:18 -------- d-----w- c:\program files (x86)\Oracle
2012-07-06 12:18 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-04 11:06 . 2012-07-04 11:06 -------- d-----w- c:\users\pp\AppData\Roaming\Malwarebytes
2012-07-04 11:06 . 2012-07-04 11:06 -------- d-----w- c:\programdata\Malwarebytes
2012-07-04 11:06 . 2012-07-04 11:06 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-04 11:06 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-21 06:52 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 06:52 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 06:52 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 06:52 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 06:52 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 06:52 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 06:52 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 06:52 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 06:52 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 20:56 . 2012-06-19 20:56 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-19 20:56 . 2012-06-19 20:56 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-18 06:02 . 2012-06-18 06:02 -------- d-----w- c:\users\pp\AppData\Local\Macromedia
2012-06-13 05:13 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-06-13 05:13 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-06-13 05:03 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 05:03 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 05:03 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 05:03 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 05:03 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-13 05:03 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 05:03 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 05:02 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 05:02 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-13 05:02 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-13 05:02 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 05:02 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 05:02 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 05:02 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-13 05:02 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-13 05:02 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-22 07:04 . 2012-04-05 05:46 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-22 07:04 . 2011-09-23 07:08 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-18 01:12 . 2012-07-10 05:45 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C3EA616D-436F-4B96-8F0E-D48732ECF703}\mpengine.dll
2012-05-14 12:50 . 2012-04-04 06:48 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-14 12:50 . 2012-04-04 06:48 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 14:38 . 2012-04-05 06:38 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 17:29 . 2010-07-07 16:34 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Remote Control Editor"="c:\program files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe" [2010-06-01 1695816]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-04-20 247728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2009-12-14 200704]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2010-06-21 436264]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2010-10-29 136488]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-14 348624]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\pp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
Versandhelfer.lnk - c:\program files (x86)\Versandhelfer\Versandhelfer.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
watchmi tray.lnk - c:\windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe [2011-7-1 300416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-04-07 250368]
R3 IT9135BDA;Cinergy T Stick Mini service;c:\windows\system32\Drivers\IT9135BDA.sys [2010-05-26 119544]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-19 113120]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-05-24 246304]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe [2009-10-23 118560]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2010-10-27 24680]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-05-14 375760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-14 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-14 465360]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2010-05-08 229376]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-10-27 1620584]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-27 236136]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-04-20 92592]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-10 2320920]
S2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe [2010-12-06 62464]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-10-29 31088]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-18 56344]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-04-09 76288]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-03-04 75816]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-01 1100320]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-02 11465320]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-02 2120808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1580368]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.aldi.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{3A6A47E9-F7CB-4535-A95E-82D5E505447E}: NameServer = 193.189.244.225 193.189.244.206
FF - ProfilePath - c:\users\pp\AppData\Roaming\Mozilla\Firefox\Profiles\k3x7o4bb.default\
FF - prefs.js: browser.startup.homepage - hxxp://de.mg41.mail.yahoo.com/dc/launch?.gx=1&.rand=509108302
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-BsScanner
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-OggDS - c:\windows\system32\OggDSuninst.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-12 00:18:07 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-07-11 22:18
.
Vor Suchlauf: 8 Verzeichnis(se), 532.319.002.624 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 532.194.123.776 Bytes frei
.
- - End Of File - - EA236C31BA43158ED6F3B74CFDF28772
|
|
14.07.2012, 11:59
| #8 |
| /// Malware-holic | OTH und mbam kann nicht gestartet werden wegen Security Scan hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.07.2012, 14:24
| #9 |
| | OTH und mbam kann nicht gestartet werden wegen Security Scan Kaspersky Log: 15:05:38.0830 1760 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35 15:05:39.0080 1760 ============================================================ 15:05:39.0080 1760 Current date / time: 2012/07/14 15:05:39.0080 15:05:39.0080 1760 SystemInfo: 15:05:39.0080 1760 15:05:39.0080 1760 OS Version: 6.1.7601 ServicePack: 1.0 15:05:39.0080 1760 Product type: Workstation 15:05:39.0080 1760 ComputerName: NOTEBOOK 15:05:39.0080 1760 UserName: pp 15:05:39.0080 1760 Windows directory: C:\Windows 15:05:39.0080 1760 System windows directory: C:\Windows 15:05:39.0080 1760 Running under WOW64 15:05:39.0080 1760 Processor architecture: Intel x64 15:05:39.0080 1760 Number of processors: 4 15:05:39.0080 1760 Page size: 0x1000 15:05:39.0080 1760 Boot type: Normal boot 15:05:39.0080 1760 ============================================================ 15:05:39.0501 1760 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:05:39.0516 1760 ============================================================ 15:05:39.0516 1760 \Device\Harddisk0\DR0: 15:05:39.0516 1760 MBR partitions: 15:05:39.0516 1760 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 15:05:39.0516 1760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4447D800 15:05:39.0516 1760 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x444B0000, BlocksNum 0x61A8000 15:05:39.0516 1760 ============================================================ 15:05:39.0548 1760 C: <-> \Device\Harddisk0\DR0\Partition1 15:05:39.0657 1760 D: <-> \Device\Harddisk0\DR0\Partition2 15:05:39.0657 1760 ============================================================ 15:05:39.0657 1760 Initialize success 15:05:39.0657 1760 ============================================================ 15:07:27.0922 5484 ============================================================ 15:07:27.0922 5484 Scan started 15:07:27.0922 5484 Mode: Manual; SigCheck; TDLFS; 15:07:27.0922 5484 ============================================================ 15:07:28.0281 5484 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 15:07:28.0406 5484 1394ohci - ok 15:07:28.0499 5484 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:07:28.0515 5484 ACPI - ok 15:07:28.0562 5484 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:07:28.0671 5484 AcpiPmi - ok 15:07:28.0780 5484 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 15:07:28.0811 5484 adp94xx - ok 15:07:28.0889 5484 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 15:07:28.0920 5484 adpahci - ok 15:07:28.0952 5484 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 15:07:28.0967 5484 adpu320 - ok 15:07:29.0030 5484 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 15:07:29.0186 5484 AeLookupSvc - ok 15:07:29.0232 5484 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 15:07:29.0295 5484 AFD - ok 15:07:29.0373 5484 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:07:29.0404 5484 agp440 - ok 15:07:29.0435 5484 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 15:07:29.0529 5484 ALG - ok 15:07:29.0560 5484 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:07:29.0576 5484 aliide - ok 15:07:29.0591 5484 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:07:29.0607 5484 amdide - ok 15:07:29.0700 5484 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 15:07:29.0747 5484 AmdK8 - ok 15:07:29.0778 5484 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 15:07:29.0825 5484 AmdPPM - ok 15:07:29.0856 5484 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 15:07:29.0872 5484 amdsata - ok 15:07:29.0903 5484 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 15:07:29.0934 5484 amdsbs - ok 15:07:29.0950 5484 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 15:07:29.0966 5484 amdxata - ok 15:07:30.0059 5484 AntiVirMailService (b9b5dfafea592bd4ca967824ebb42e3d) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe 15:07:30.0090 5484 AntiVirMailService - ok 15:07:30.0278 5484 AntiVirSchedulerService (67b1d78711b4386c26241096326ee14a) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 15:07:30.0293 5484 AntiVirSchedulerService - ok 15:07:30.0309 5484 AntiVirService (845c4e7ae211edad5e0b832126f56932) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 15:07:30.0324 5484 AntiVirService - ok 15:07:30.0371 5484 AntiVirWebService (30d71e0c149943a8985d02ea0944f2fe) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE 15:07:30.0387 5484 AntiVirWebService - ok 15:07:30.0434 5484 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:07:30.0543 5484 AppID - ok 15:07:30.0558 5484 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 15:07:30.0636 5484 AppIDSvc - ok 15:07:30.0668 5484 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 15:07:30.0714 5484 Appinfo - ok 15:07:30.0761 5484 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 15:07:30.0777 5484 arc - ok 15:07:30.0808 5484 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 15:07:30.0824 5484 arcsas - ok 15:07:30.0855 5484 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:07:30.0902 5484 AsyncMac - ok 15:07:30.0964 5484 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:07:30.0980 5484 atapi - ok 15:07:31.0026 5484 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:07:31.0089 5484 AudioEndpointBuilder - ok 15:07:31.0089 5484 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:07:31.0151 5484 AudioSrv - ok 15:07:31.0214 5484 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 15:07:31.0448 5484 avgntflt - ok 15:07:31.0494 5484 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 15:07:31.0526 5484 avipbb - ok 15:07:31.0557 5484 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 15:07:31.0572 5484 avkmgr - ok 15:07:31.0619 5484 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 15:07:31.0728 5484 AxInstSV - ok 15:07:31.0775 5484 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 15:07:31.0853 5484 b06bdrv - ok 15:07:31.0884 5484 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:07:31.0916 5484 b57nd60a - ok 15:07:32.0072 5484 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe 15:07:32.0103 5484 BBSvc - ok 15:07:32.0150 5484 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe 15:07:32.0181 5484 BBUpdate - ok 15:07:32.0212 5484 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 15:07:32.0259 5484 BDESVC - ok 15:07:32.0306 5484 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:07:32.0384 5484 Beep - ok 15:07:32.0446 5484 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 15:07:32.0524 5484 BFE - ok 15:07:32.0571 5484 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 15:07:32.0633 5484 BITS - ok 15:07:32.0696 5484 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:07:32.0742 5484 blbdrive - ok 15:07:32.0774 5484 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:07:32.0805 5484 bowser - ok 15:07:32.0836 5484 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:07:32.0914 5484 BrFiltLo - ok 15:07:32.0930 5484 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:07:32.0976 5484 BrFiltUp - ok 15:07:33.0039 5484 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 15:07:33.0132 5484 BridgeMP - ok 15:07:33.0148 5484 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 15:07:33.0210 5484 Browser - ok 15:07:33.0242 5484 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:07:33.0288 5484 Brserid - ok 15:07:33.0320 5484 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:07:33.0366 5484 BrSerWdm - ok 15:07:33.0382 5484 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:07:33.0429 5484 BrUsbMdm - ok 15:07:33.0444 5484 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:07:33.0491 5484 BrUsbSer - ok 15:07:33.0522 5484 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 15:07:33.0554 5484 BTHMODEM - ok 15:07:33.0616 5484 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 15:07:33.0663 5484 BTHPORT - ok 15:07:33.0710 5484 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 15:07:33.0772 5484 bthserv - ok 15:07:33.0819 5484 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 15:07:33.0850 5484 BTHUSB - ok 15:07:33.0881 5484 catchme - ok 15:07:33.0912 5484 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:07:33.0990 5484 cdfs - ok 15:07:34.0037 5484 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 15:07:34.0068 5484 cdrom - ok 15:07:34.0100 5484 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:07:34.0162 5484 CertPropSvc - ok 15:07:34.0193 5484 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 15:07:34.0224 5484 circlass - ok 15:07:34.0287 5484 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:07:34.0302 5484 CLFS - ok 15:07:34.0396 5484 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:07:34.0412 5484 clr_optimization_v2.0.50727_32 - ok 15:07:34.0474 5484 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:07:34.0490 5484 clr_optimization_v2.0.50727_64 - ok 15:07:34.0583 5484 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:07:34.0630 5484 clr_optimization_v4.0.30319_32 - ok 15:07:34.0661 5484 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:07:34.0677 5484 clr_optimization_v4.0.30319_64 - ok 15:07:34.0708 5484 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys 15:07:34.0708 5484 clwvd - ok 15:07:34.0739 5484 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 15:07:34.0770 5484 CmBatt - ok 15:07:34.0786 5484 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:07:34.0802 5484 cmdide - ok 15:07:34.0848 5484 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 15:07:34.0880 5484 CNG - ok 15:07:34.0911 5484 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 15:07:34.0926 5484 Compbatt - ok 15:07:34.0973 5484 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 15:07:35.0004 5484 CompositeBus - ok 15:07:35.0020 5484 COMSysApp - ok 15:07:35.0036 5484 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 15:07:35.0051 5484 crcdisk - ok 15:07:35.0098 5484 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 15:07:35.0145 5484 CryptSvc - ok 15:07:35.0254 5484 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 15:07:35.0285 5484 cvhsvc - ok 15:07:35.0332 5484 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:07:35.0394 5484 DcomLaunch - ok 15:07:35.0488 5484 DCService.exe (cc8b5c964b777f4ec3e89f13b4b5ff0f) C:\ProgramData\DatacardService\DCService.exe 15:07:35.0519 5484 DCService.exe ( UnsignedFile.Multi.Generic ) - warning 15:07:35.0519 5484 DCService.exe - detected UnsignedFile.Multi.Generic (1) 15:07:35.0550 5484 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 15:07:35.0628 5484 defragsvc - ok 15:07:35.0691 5484 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:07:35.0738 5484 DfsC - ok 15:07:35.0784 5484 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 15:07:35.0909 5484 Dhcp - ok 15:07:35.0925 5484 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:07:36.0018 5484 discache - ok 15:07:36.0065 5484 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 15:07:36.0096 5484 Disk - ok 15:07:36.0112 5484 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 15:07:36.0174 5484 Dnscache - ok 15:07:36.0190 5484 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 15:07:36.0268 5484 dot3svc - ok 15:07:36.0315 5484 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 15:07:36.0346 5484 Dot4 - ok 15:07:36.0377 5484 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys 15:07:36.0408 5484 Dot4Print - ok 15:07:36.0440 5484 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 15:07:36.0471 5484 dot4usb - ok 15:07:36.0502 5484 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 15:07:36.0580 5484 DPS - ok 15:07:36.0611 5484 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:07:36.0627 5484 drmkaud - ok 15:07:36.0674 5484 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:07:36.0705 5484 DXGKrnl - ok 15:07:36.0736 5484 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 15:07:36.0783 5484 EapHost - ok 15:07:36.0892 5484 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 15:07:36.0954 5484 ebdrv - ok 15:07:37.0032 5484 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 15:07:37.0095 5484 EFS - ok 15:07:37.0173 5484 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 15:07:37.0235 5484 ehRecvr - ok 15:07:37.0266 5484 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 15:07:37.0298 5484 ehSched - ok 15:07:37.0391 5484 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 15:07:37.0422 5484 elxstor - ok 15:07:37.0438 5484 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:07:37.0469 5484 ErrDev - ok 15:07:37.0500 5484 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 15:07:37.0563 5484 EventSystem - ok 15:07:37.0610 5484 ewusbnet (23b79b19f49a037eba4a9a3bb03ed91d) C:\Windows\system32\DRIVERS\ewusbnet.sys 15:07:37.0656 5484 ewusbnet - ok 15:07:37.0703 5484 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:07:37.0766 5484 exfat - ok 15:07:37.0781 5484 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:07:37.0828 5484 fastfat - ok 15:07:37.0890 5484 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 15:07:37.0937 5484 Fax - ok 15:07:37.0968 5484 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 15:07:38.0000 5484 fdc - ok 15:07:38.0015 5484 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 15:07:38.0093 5484 fdPHost - ok 15:07:38.0109 5484 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 15:07:38.0156 5484 FDResPub - ok 15:07:38.0171 5484 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:07:38.0187 5484 FileInfo - ok 15:07:38.0202 5484 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:07:38.0265 5484 Filetrace - ok 15:07:38.0296 5484 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 15:07:38.0343 5484 flpydisk - ok 15:07:38.0390 5484 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:07:38.0405 5484 FltMgr - ok 15:07:38.0452 5484 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 15:07:38.0530 5484 FontCache - ok 15:07:38.0624 5484 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:07:38.0655 5484 FontCache3.0.0.0 - ok 15:07:38.0717 5484 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:07:38.0733 5484 FsDepends - ok 15:07:38.0764 5484 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 15:07:38.0780 5484 Fs_Rec - ok 15:07:38.0811 5484 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:07:38.0826 5484 fvevol - ok 15:07:38.0858 5484 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 15:07:38.0873 5484 gagp30kx - ok 15:07:38.0920 5484 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 15:07:38.0967 5484 gpsvc - ok 15:07:38.0998 5484 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:07:39.0045 5484 hcw85cir - ok 15:07:39.0092 5484 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 15:07:39.0123 5484 HdAudAddService - ok 15:07:39.0154 5484 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 15:07:39.0185 5484 HDAudBus - ok 15:07:39.0232 5484 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 15:07:39.0248 5484 HECIx64 - ok 15:07:39.0263 5484 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 15:07:39.0294 5484 HidBatt - ok 15:07:39.0326 5484 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:07:39.0372 5484 HidBth - ok 15:07:39.0388 5484 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 15:07:39.0435 5484 HidIr - ok 15:07:39.0466 5484 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 15:07:39.0513 5484 hidserv - ok 15:07:39.0575 5484 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 15:07:39.0591 5484 HidUsb - ok 15:07:39.0684 5484 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 15:07:39.0747 5484 hkmsvc - ok 15:07:39.0794 5484 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 15:07:39.0856 5484 HomeGroupListener - ok 15:07:39.0903 5484 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 15:07:39.0950 5484 HomeGroupProvider - ok 15:07:40.0106 5484 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 15:07:40.0714 5484 hpqcxs08 - ok 15:07:40.0761 5484 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 15:07:40.0792 5484 hpqddsvc - ok 15:07:40.0823 5484 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:07:40.0854 5484 HpSAMD - ok 15:07:40.0901 5484 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:07:40.0979 5484 HTTP - ok 15:07:41.0026 5484 huawei_enumerator (08b1a06a55f068a17a51ba26618cf50f) C:\Windows\system32\DRIVERS\ew_jubusenum.sys 15:07:41.0057 5484 huawei_enumerator - ok 15:07:41.0104 5484 hwdatacard (6e5cd3984742a922d0c183c7e82c3c94) C:\Windows\system32\DRIVERS\ewusbmdm.sys 15:07:41.0135 5484 hwdatacard - ok 15:07:41.0151 5484 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:07:41.0166 5484 hwpolicy - ok 15:07:41.0244 5484 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:07:41.0260 5484 i8042prt - ok 15:07:41.0307 5484 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys 15:07:41.0322 5484 iaStor - ok 15:07:41.0447 5484 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 15:07:41.0463 5484 IAStorDataMgrSvc - ok 15:07:41.0510 5484 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 15:07:41.0525 5484 iaStorV - ok 15:07:41.0712 5484 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:07:41.0759 5484 idsvc - ok 15:07:42.0258 5484 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys 15:07:42.0617 5484 igfx - ok 15:07:42.0742 5484 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 15:07:42.0773 5484 iirsp - ok 15:07:42.0820 5484 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 15:07:42.0882 5484 IKEEXT - ok 15:07:42.0945 5484 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 15:07:42.0976 5484 Impcd - ok 15:07:43.0070 5484 IntcAzAudAddService (98220284537e9c96561406f99be48086) C:\Windows\system32\drivers\RTKVHD64.sys 15:07:43.0116 5484 IntcAzAudAddService - ok 15:07:43.0257 5484 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys 15:07:43.0288 5484 IntcDAud - ok 15:07:43.0335 5484 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:07:43.0350 5484 intelide - ok 15:07:43.0366 5484 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:07:43.0397 5484 intelppm - ok 15:07:43.0428 5484 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 15:07:43.0475 5484 IPBusEnum - ok 15:07:43.0506 5484 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:07:43.0569 5484 IpFilterDriver - ok 15:07:43.0616 5484 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 15:07:43.0678 5484 iphlpsvc - ok 15:07:43.0694 5484 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:07:43.0725 5484 IPMIDRV - ok 15:07:43.0756 5484 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:07:43.0803 5484 IPNAT - ok 15:07:43.0818 5484 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:07:43.0850 5484 IRENUM - ok 15:07:43.0881 5484 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:07:43.0881 5484 isapnp - ok 15:07:43.0928 5484 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:07:43.0943 5484 iScsiPrt - ok 15:07:43.0990 5484 IT9135BDA (88a571f5fba97854b49f841086970003) C:\Windows\system32\Drivers\IT9135BDA.sys 15:07:44.0006 5484 IT9135BDA - ok 15:07:44.0037 5484 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:07:44.0052 5484 kbdclass - ok 15:07:44.0084 5484 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 15:07:44.0130 5484 kbdhid - ok 15:07:44.0162 5484 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:07:44.0177 5484 KeyIso - ok 15:07:44.0208 5484 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 15:07:44.0224 5484 KSecDD - ok 15:07:44.0255 5484 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 15:07:44.0255 5484 KSecPkg - ok 15:07:44.0302 5484 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:07:44.0333 5484 ksthunk - ok 15:07:44.0364 5484 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 15:07:44.0427 5484 KtmRm - ok 15:07:44.0474 5484 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys 15:07:44.0474 5484 L1C - ok 15:07:44.0520 5484 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 15:07:44.0583 5484 LanmanServer - ok 15:07:44.0614 5484 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 15:07:44.0661 5484 LanmanWorkstation - ok 15:07:44.0708 5484 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:07:44.0770 5484 lltdio - ok 15:07:44.0801 5484 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 15:07:44.0848 5484 lltdsvc - ok 15:07:44.0864 5484 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 15:07:44.0926 5484 lmhosts - ok 15:07:45.0035 5484 LMS (1e2f802846eb944e0333efee7c9532a8) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 15:07:45.0066 5484 LMS - ok 15:07:45.0098 5484 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 15:07:45.0113 5484 LSI_FC - ok 15:07:45.0144 5484 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 15:07:45.0160 5484 LSI_SAS - ok 15:07:45.0191 5484 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:07:45.0191 5484 LSI_SAS2 - ok 15:07:45.0238 5484 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:07:45.0269 5484 LSI_SCSI - ok 15:07:45.0300 5484 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:07:45.0347 5484 luafv - ok 15:07:45.0410 5484 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 15:07:45.0425 5484 MBAMProtector - ok 15:07:45.0503 5484 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 15:07:45.0534 5484 MBAMService - ok 15:07:45.0566 5484 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 15:07:45.0581 5484 Mcx2Svc - ok 15:07:45.0612 5484 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 15:07:45.0612 5484 megasas - ok 15:07:45.0675 5484 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 15:07:45.0690 5484 MegaSR - ok 15:07:45.0706 5484 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:07:45.0768 5484 MMCSS - ok 15:07:45.0800 5484 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:07:45.0846 5484 Modem - ok 15:07:45.0862 5484 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:07:45.0878 5484 monitor - ok 15:07:45.0909 5484 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:07:45.0924 5484 mouclass - ok 15:07:45.0956 5484 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:07:45.0971 5484 mouhid - ok 15:07:46.0002 5484 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:07:46.0018 5484 mountmgr - ok 15:07:46.0112 5484 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 15:07:46.0127 5484 MozillaMaintenance - ok 15:07:46.0158 5484 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:07:46.0174 5484 mpio - ok 15:07:46.0205 5484 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:07:46.0252 5484 mpsdrv - ok 15:07:46.0299 5484 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 15:07:46.0377 5484 MpsSvc - ok 15:07:46.0392 5484 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:07:46.0439 5484 MRxDAV - ok 15:07:46.0470 5484 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:07:46.0517 5484 mrxsmb - ok 15:07:46.0533 5484 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:07:46.0580 5484 mrxsmb10 - ok 15:07:46.0611 5484 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:07:46.0642 5484 mrxsmb20 - ok 15:07:46.0673 5484 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:07:46.0689 5484 msahci - ok 15:07:46.0720 5484 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:07:46.0736 5484 msdsm - ok 15:07:46.0767 5484 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 15:07:46.0798 5484 MSDTC - ok 15:07:46.0814 5484 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:07:46.0876 5484 Msfs - ok 15:07:46.0892 5484 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:07:46.0938 5484 mshidkmdf - ok 15:07:46.0954 5484 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:07:46.0970 5484 msisadrv - ok 15:07:47.0001 5484 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 15:07:47.0063 5484 MSiSCSI - ok 15:07:47.0063 5484 msiserver - ok 15:07:47.0094 5484 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:07:47.0141 5484 MSKSSRV - ok 15:07:47.0141 5484 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:07:47.0188 5484 MSPCLOCK - ok 15:07:47.0204 5484 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:07:47.0235 5484 MSPQM - ok 15:07:47.0250 5484 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:07:47.0266 5484 MsRPC - ok 15:07:47.0297 5484 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 15:07:47.0313 5484 mssmbios - ok 15:07:47.0344 5484 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:07:47.0375 5484 MSTEE - ok 15:07:47.0406 5484 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 15:07:47.0422 5484 MTConfig - ok 15:07:47.0453 5484 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:07:47.0469 5484 Mup - ok 15:07:47.0500 5484 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 15:07:47.0578 5484 napagent - ok 15:07:47.0640 5484 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:07:47.0687 5484 NativeWifiP - ok 15:07:47.0765 5484 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 15:07:47.0796 5484 NDIS - ok 15:07:47.0828 5484 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:07:47.0874 5484 NdisCap - ok 15:07:47.0906 5484 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:07:47.0952 5484 NdisTapi - ok 15:07:47.0984 5484 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:07:48.0030 5484 Ndisuio - ok 15:07:48.0062 5484 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:07:48.0140 5484 NdisWan - ok 15:07:48.0171 5484 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:07:48.0218 5484 NDProxy - ok 15:07:48.0280 5484 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll 15:07:48.0280 5484 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 15:07:48.0280 5484 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 15:07:48.0327 5484 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:07:48.0389 5484 NetBIOS - ok 15:07:48.0420 5484 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:07:48.0467 5484 NetBT - ok 15:07:48.0498 5484 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:07:48.0514 5484 Netlogon - ok 15:07:48.0561 5484 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 15:07:48.0623 5484 Netman - ok 15:07:48.0639 5484 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 15:07:48.0686 5484 netprofm - ok 15:07:48.0795 5484 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:07:48.0810 5484 NetTcpPortSharing - ok 15:07:48.0888 5484 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 15:07:48.0904 5484 nfrd960 - ok 15:07:48.0951 5484 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 15:07:48.0998 5484 NlaSvc - ok 15:07:49.0029 5484 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:07:49.0060 5484 Npfs - ok 15:07:49.0091 5484 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 15:07:49.0154 5484 nsi - ok 15:07:49.0154 5484 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:07:49.0200 5484 nsiproxy - ok 15:07:49.0278 5484 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 15:07:49.0325 5484 Ntfs - ok 15:07:49.0450 5484 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:07:49.0512 5484 Null - ok 15:07:49.0575 5484 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys 15:07:49.0606 5484 nusb3hub - ok 15:07:49.0653 5484 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys 15:07:49.0700 5484 nusb3xhc - ok 15:07:50.0058 5484 nvlddmkm (589feba7a8e3eb0c3df254ababa3a257) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:07:50.0246 5484 nvlddmkm - ok 15:07:50.0370 5484 nvpciflt (273b73bf8f214154b6c499c9842ca3a2) C:\Windows\system32\DRIVERS\nvpciflt.sys 15:07:50.0386 5484 nvpciflt - ok 15:07:50.0433 5484 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 15:07:50.0464 5484 nvraid - ok 15:07:50.0495 5484 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 15:07:50.0511 5484 nvstor - ok 15:07:50.0558 5484 nvsvc (03055fdfd0f9f17e95e27f6193ce4eb9) C:\Windows\system32\nvvsvc.exe 15:07:50.0573 5484 nvsvc - ok 15:07:50.0682 5484 nvUpdatusService (9c42974ef3dab4d3b38e5f26f311645a) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 15:07:50.0729 5484 nvUpdatusService - ok 15:07:50.0854 5484 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:07:50.0885 5484 nv_agp - ok 15:07:50.0916 5484 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:07:50.0948 5484 ohci1394 - ok 15:07:51.0026 5484 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:07:51.0041 5484 ose - ok 15:07:51.0197 5484 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 15:07:51.0431 5484 osppsvc - ok 15:07:51.0525 5484 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:07:51.0556 5484 p2pimsvc - ok 15:07:51.0587 5484 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 15:07:51.0603 5484 p2psvc - ok 15:07:51.0665 5484 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 15:07:51.0696 5484 Parport - ok 15:07:51.0728 5484 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 15:07:51.0743 5484 partmgr - ok 15:07:51.0759 5484 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 15:07:51.0790 5484 PcaSvc - ok 15:07:51.0837 5484 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:07:51.0868 5484 pci - ok 15:07:51.0884 5484 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:07:51.0899 5484 pciide - ok 15:07:51.0930 5484 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 15:07:51.0946 5484 pcmcia - ok 15:07:51.0977 5484 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:07:51.0993 5484 pcw - ok 15:07:52.0008 5484 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:07:52.0071 5484 PEAUTH - ok 15:07:52.0133 5484 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 15:07:52.0196 5484 PerfHost - ok 15:07:52.0289 5484 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 15:07:52.0414 5484 pla - ok 15:07:52.0539 5484 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 15:07:52.0586 5484 PlugPlay - ok 15:07:52.0664 5484 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll 15:07:52.0679 5484 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 15:07:52.0679 5484 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 15:07:52.0710 5484 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 15:07:52.0742 5484 PNRPAutoReg - ok 15:07:52.0757 5484 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:07:52.0773 5484 PNRPsvc - ok 15:07:52.0804 5484 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 15:07:52.0866 5484 PolicyAgent - ok 15:07:52.0882 5484 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 15:07:52.0929 5484 Power - ok 15:07:52.0991 5484 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:07:53.0069 5484 PptpMiniport - ok 15:07:53.0100 5484 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 15:07:53.0132 5484 Processor - ok 15:07:53.0163 5484 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 15:07:53.0194 5484 ProfSvc - ok 15:07:53.0225 5484 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:07:53.0241 5484 ProtectedStorage - ok 15:07:53.0272 5484 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:07:53.0334 5484 Psched - ok 15:07:53.0412 5484 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 15:07:53.0428 5484 PSI_SVC_2 - ok 15:07:53.0490 5484 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 15:07:53.0537 5484 ql2300 - ok 15:07:53.0646 5484 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 15:07:53.0678 5484 ql40xx - ok 15:07:53.0709 5484 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 15:07:53.0740 5484 QWAVE - ok 15:07:53.0771 5484 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:07:53.0787 5484 QWAVEdrv - ok 15:07:53.0802 5484 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:07:53.0849 5484 RasAcd - ok 15:07:53.0896 5484 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:07:53.0943 5484 RasAgileVpn - ok 15:07:53.0974 5484 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 15:07:54.0021 5484 RasAuto - ok 15:07:54.0036 5484 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:07:54.0099 5484 Rasl2tp - ok 15:07:54.0130 5484 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 15:07:54.0177 5484 RasMan - ok 15:07:54.0208 5484 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:07:54.0302 5484 RasPppoe - ok 15:07:54.0317 5484 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:07:54.0364 5484 RasSstp - ok 15:07:54.0395 5484 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:07:54.0442 5484 rdbss - ok 15:07:54.0473 5484 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 15:07:54.0489 5484 rdpbus - ok 15:07:54.0504 5484 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:07:54.0598 5484 RDPCDD - ok 15:07:54.0629 5484 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:07:54.0676 5484 RDPENCDD - ok 15:07:54.0707 5484 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:07:54.0754 5484 RDPREFMP - ok 15:07:54.0785 5484 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 15:07:54.0832 5484 RDPWD - ok 15:07:54.0863 5484 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:07:54.0879 5484 rdyboost - ok 15:07:54.0910 5484 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 15:07:54.0957 5484 RemoteAccess - ok 15:07:55.0004 5484 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 15:07:55.0050 5484 RemoteRegistry - ok 15:07:55.0160 5484 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 15:07:55.0191 5484 RichVideo ( UnsignedFile.Multi.Generic ) - warning 15:07:55.0191 5484 RichVideo - detected UnsignedFile.Multi.Generic (1) 15:07:55.0222 5484 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 15:07:55.0284 5484 RpcEptMapper - ok 15:07:55.0300 5484 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 15:07:55.0331 5484 RpcLocator - ok 15:07:55.0378 5484 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:07:55.0409 5484 RpcSs - ok 15:07:55.0487 5484 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:07:55.0550 5484 rspndr - ok 15:07:55.0596 5484 RSUSBSTOR (44ed82612403021e36998e1ecb1198f1) C:\Windows\System32\Drivers\RtsUStor.sys 15:07:55.0628 5484 RSUSBSTOR - ok 15:07:55.0674 5484 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 15:07:55.0690 5484 RTL8167 - ok 15:07:55.0768 5484 rtl8192se (8e843c0340c30994161c10fba87eea18) C:\Windows\system32\DRIVERS\rtl8192se.sys 15:07:55.0799 5484 rtl8192se - ok 15:07:55.0830 5484 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:07:55.0830 5484 SamSs - ok 15:07:55.0862 5484 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:07:55.0862 5484 sbp2port - ok 15:07:55.0893 5484 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 15:07:55.0924 5484 SCardSvr - ok 15:07:55.0955 5484 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:07:56.0002 5484 scfilter - ok 15:07:56.0064 5484 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 15:07:56.0142 5484 Schedule - ok 15:07:56.0174 5484 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:07:56.0220 5484 SCPolicySvc - ok 15:07:56.0252 5484 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 15:07:56.0283 5484 SDRSVC - ok 15:07:56.0345 5484 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:07:56.0423 5484 secdrv - ok 15:07:56.0439 5484 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 15:07:56.0486 5484 seclogon - ok 15:07:56.0517 5484 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 15:07:56.0564 5484 SENS - ok 15:07:56.0595 5484 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 15:07:56.0626 5484 SensrSvc - ok 15:07:56.0657 5484 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 15:07:56.0688 5484 Serenum - ok 15:07:56.0720 5484 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 15:07:56.0751 5484 Serial - ok 15:07:56.0782 5484 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 15:07:56.0813 5484 sermouse - ok 15:07:56.0844 5484 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 15:07:56.0891 5484 SessionEnv - ok 15:07:56.0922 5484 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:07:56.0985 5484 sffdisk - ok 15:07:56.0985 5484 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:07:57.0000 5484 sffp_mmc - ok 15:07:57.0016 5484 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:07:57.0047 5484 sffp_sd - ok 15:07:57.0063 5484 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 15:07:57.0094 5484 sfloppy - ok 15:07:57.0141 5484 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 15:07:57.0172 5484 Sftfs - ok 15:07:57.0266 5484 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 15:07:57.0281 5484 sftlist - ok 15:07:57.0406 5484 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 15:07:57.0422 5484 Sftplay - ok 15:07:57.0437 5484 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 15:07:57.0453 5484 Sftredir - ok 15:07:57.0484 5484 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 15:07:57.0484 5484 Sftvol - ok 15:07:57.0531 5484 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 15:07:57.0546 5484 sftvsa - ok 15:07:57.0593 5484 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 15:07:57.0656 5484 SharedAccess - ok 15:07:57.0687 5484 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 15:07:57.0734 5484 ShellHWDetection - ok 15:07:57.0765 5484 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:07:57.0796 5484 SiSRaid2 - ok 15:07:57.0827 5484 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 15:07:57.0827 5484 SiSRaid4 - ok 15:07:57.0858 5484 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:07:57.0905 5484 Smb - ok 15:07:57.0936 5484 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 15:07:57.0968 5484 SNMPTRAP - ok 15:07:57.0983 5484 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:07:57.0983 5484 spldr - ok 15:07:58.0030 5484 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 15:07:58.0077 5484 Spooler - ok 15:07:58.0186 5484 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 15:07:58.0311 5484 sppsvc - ok 15:07:58.0404 5484 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 15:07:58.0467 5484 sppuinotify - ok 15:07:58.0529 5484 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:07:58.0592 5484 srv - ok 15:07:58.0607 5484 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:07:58.0638 5484 srv2 - ok 15:07:58.0670 5484 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:07:58.0701 5484 srvnet - ok 15:07:58.0732 5484 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 15:07:58.0794 5484 SSDPSRV - ok 15:07:58.0810 5484 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 15:07:58.0857 5484 SstpSvc - ok 15:07:58.0950 5484 Stereo Service (47a0a473ad1822e9e6c76e519bd0a023) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 15:07:58.0982 5484 Stereo Service - ok 15:07:58.0997 5484 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 15:07:59.0013 5484 stexstor - ok 15:07:59.0075 5484 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 15:07:59.0122 5484 stisvc - ok 15:07:59.0153 5484 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 15:07:59.0184 5484 swenum - ok 15:07:59.0200 5484 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 15:07:59.0262 5484 swprv - ok 15:07:59.0325 5484 SynTP (064a2530a4a7c7cec1be6a1945645be4) C:\Windows\system32\DRIVERS\SynTP.sys 15:07:59.0340 5484 SynTP - ok 15:07:59.0418 5484 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 15:07:59.0496 5484 SysMain - ok 15:07:59.0590 5484 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 15:07:59.0637 5484 TabletInputService - ok 15:07:59.0668 5484 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 15:07:59.0715 5484 TapiSrv - ok 15:07:59.0746 5484 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 15:07:59.0793 5484 TBS - ok 15:07:59.0902 5484 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 15:07:59.0949 5484 Tcpip - ok 15:08:00.0120 5484 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 15:08:00.0167 5484 TCPIP6 - ok 15:08:00.0276 5484 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:08:00.0339 5484 tcpipreg - ok 15:08:00.0370 5484 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:08:00.0401 5484 TDPIPE - ok 15:08:00.0417 5484 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 15:08:00.0448 5484 TDTCP - ok 15:08:00.0479 5484 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:08:00.0557 5484 tdx - ok 15:08:00.0588 5484 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 15:08:00.0588 5484 TermDD - ok 15:08:00.0635 5484 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 15:08:00.0698 5484 TermService - ok 15:08:00.0729 5484 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 15:08:00.0744 5484 Themes - ok 15:08:00.0760 5484 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:08:00.0807 5484 THREADORDER - ok 15:08:00.0869 5484 TomTomHOMEService (83682f469a3d65e8b6f06c28212318bd) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe 15:08:00.0900 5484 TomTomHOMEService - ok 15:08:00.0916 5484 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 15:08:00.0994 5484 TrkWks - ok 15:08:01.0025 5484 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 15:08:01.0072 5484 TrustedInstaller - ok 15:08:01.0119 5484 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:08:01.0181 5484 tssecsrv - ok 15:08:01.0212 5484 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:08:01.0244 5484 TsUsbFlt - ok 15:08:01.0275 5484 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:08:01.0322 5484 tunnel - ok 15:08:01.0353 5484 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 15:08:01.0368 5484 uagp35 - ok 15:08:01.0384 5484 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:08:01.0446 5484 udfs - ok 15:08:01.0478 5484 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 15:08:01.0509 5484 UI0Detect - ok 15:08:01.0540 5484 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:08:01.0556 5484 uliagpkx - ok 15:08:01.0587 5484 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 15:08:01.0618 5484 umbus - ok 15:08:01.0634 5484 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 15:08:01.0665 5484 UmPass - ok 15:08:01.0836 5484 UNS (af905f4966cfc8b973623ab150cd4b2b) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 15:08:01.0883 5484 UNS - ok 15:08:01.0977 5484 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 15:08:02.0039 5484 upnphost - ok 15:08:02.0086 5484 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 15:08:02.0148 5484 usbccgp - ok 15:08:02.0180 5484 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:08:02.0242 5484 usbcir - ok 15:08:02.0258 5484 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 15:08:02.0273 5484 usbehci - ok 15:08:02.0304 5484 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 15:08:02.0336 5484 usbhub - ok 15:08:02.0367 5484 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 15:08:02.0414 5484 usbohci - ok 15:08:02.0429 5484 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:08:02.0476 5484 usbprint - ok 15:08:02.0523 5484 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:08:02.0554 5484 usbscan - ok 15:08:02.0570 5484 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:08:02.0601 5484 USBSTOR - ok 15:08:02.0616 5484 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 15:08:02.0648 5484 usbuhci - ok 15:08:02.0679 5484 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 15:08:02.0726 5484 UxSms - ok 15:08:02.0757 5484 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:08:02.0772 5484 VaultSvc - ok 15:08:02.0788 5484 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:08:02.0804 5484 vdrvroot - ok 15:08:02.0835 5484 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 15:08:02.0897 5484 vds - ok 15:08:02.0944 5484 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:08:02.0944 5484 vga - ok 15:08:02.0960 5484 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:08:03.0006 5484 VgaSave - ok 15:08:03.0038 5484 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:08:03.0069 5484 vhdmp - ok 15:08:03.0084 5484 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:08:03.0100 5484 viaide - ok 15:08:03.0131 5484 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:08:03.0147 5484 volmgr - ok 15:08:03.0178 5484 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:08:03.0194 5484 volmgrx - ok 15:08:03.0225 5484 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:08:03.0240 5484 volsnap - ok 15:08:03.0272 5484 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 15:08:03.0287 5484 vsmraid - ok 15:08:03.0350 5484 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 15:08:03.0396 5484 VSS - ok 15:08:03.0521 5484 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:08:03.0568 5484 vwifibus - ok 15:08:03.0599 5484 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:08:03.0615 5484 vwififlt - ok 15:08:03.0615 5484 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:08:03.0646 5484 vwifimp - ok 15:08:03.0677 5484 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 15:08:03.0724 5484 W32Time - ok 15:08:03.0740 5484 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 15:08:03.0755 5484 WacomPen - ok 15:08:03.0786 5484 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:08:03.0833 5484 WANARP - ok 15:08:03.0833 5484 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:08:03.0880 5484 Wanarpv6 - ok 15:08:03.0942 5484 watchmi (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe 15:08:03.0958 5484 watchmi ( UnsignedFile.Multi.Generic ) - warning 15:08:03.0958 5484 watchmi - detected UnsignedFile.Multi.Generic (1) 15:08:04.0020 5484 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 15:08:04.0098 5484 wbengine - ok 15:08:04.0192 5484 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 15:08:04.0223 5484 WbioSrvc - ok 15:08:04.0270 5484 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 15:08:04.0301 5484 wcncsvc - ok 15:08:04.0317 5484 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 15:08:04.0364 5484 WcsPlugInService - ok 15:08:04.0426 5484 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 15:08:04.0442 5484 Wd - ok 15:08:04.0488 5484 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:08:04.0504 5484 Wdf01000 - ok 15:08:04.0535 5484 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:08:04.0629 5484 WdiServiceHost - ok 15:08:04.0629 5484 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:08:04.0644 5484 WdiSystemHost - ok 15:08:04.0676 5484 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 15:08:04.0707 5484 WebClient - ok 15:08:04.0738 5484 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 15:08:04.0785 5484 Wecsvc - ok 15:08:04.0800 5484 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 15:08:04.0847 5484 wercplsupport - ok 15:08:04.0878 5484 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 15:08:04.0925 5484 WerSvc - ok 15:08:05.0003 5484 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:08:05.0066 5484 WfpLwf - ok 15:08:05.0081 5484 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:08:05.0081 5484 WIMMount - ok 15:08:05.0144 5484 WinDefend - ok 15:08:05.0144 5484 WinHttpAutoProxySvc - ok 15:08:05.0222 5484 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 15:08:05.0268 5484 Winmgmt - ok 15:08:05.0331 5484 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 15:08:05.0409 5484 WinRM - ok 15:08:05.0549 5484 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 15:08:05.0580 5484 WinUsb - ok 15:08:05.0674 5484 WisLMSvc (4c69a8e2e159c1c59bc4b688e9dd7f8c) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe 15:08:05.0690 5484 WisLMSvc - ok 15:08:05.0752 5484 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 15:08:05.0799 5484 Wlansvc - ok 15:08:05.0877 5484 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 15:08:05.0892 5484 wlcrasvc - ok 15:08:05.0970 5484 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:08:06.0033 5484 wlidsvc - ok 15:08:06.0142 5484 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 15:08:06.0158 5484 WmiAcpi - ok 15:08:06.0236 5484 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 15:08:06.0282 5484 wmiApSrv - ok 15:08:06.0329 5484 WMPNetworkSvc - ok 15:08:06.0360 5484 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 15:08:06.0407 5484 WPCSvc - ok 15:08:06.0438 5484 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 15:08:06.0454 5484 WPDBusEnum - ok 15:08:06.0485 5484 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:08:06.0563 5484 ws2ifsl - ok 15:08:06.0579 5484 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 15:08:06.0610 5484 wscsvc - ok 15:08:06.0610 5484 WSearch - ok 15:08:06.0704 5484 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 15:08:06.0750 5484 wuauserv - ok 15:08:06.0860 5484 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:08:06.0922 5484 WudfPf - ok 15:08:06.0938 5484 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:08:06.0969 5484 WUDFRd - ok 15:08:07.0000 5484 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 15:08:07.0031 5484 wudfsvc - ok 15:08:07.0047 5484 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 15:08:07.0062 5484 WwanSvc - ok 15:08:07.0109 5484 MBR (0x1B8) (8b790a79784018d2b00dc944072570f8) \Device\Harddisk0\DR0 15:08:09.0480 5484 \Device\Harddisk0\DR0 - ok 15:08:09.0480 5484 Boot (0x1200) (378f052d5d58afd217edb9fdb50fcf80) \Device\Harddisk0\DR0\Partition0 15:08:09.0496 5484 \Device\Harddisk0\DR0\Partition0 - ok 15:08:09.0527 5484 Boot (0x1200) (7ad2168ef754372bedb27de016f9039d) \Device\Harddisk0\DR0\Partition1 15:08:09.0527 5484 \Device\Harddisk0\DR0\Partition1 - ok 15:08:09.0558 5484 Boot (0x1200) (1468261406a3b7f63be7e920f56b5aa6) \Device\Harddisk0\DR0\Partition2 15:08:09.0558 5484 \Device\Harddisk0\DR0\Partition2 - ok 15:08:09.0558 5484 ============================================================ 15:08:09.0558 5484 Scan finished 15:08:09.0558 5484 ============================================================ 15:08:09.0574 5492 Detected object count: 5 15:08:09.0574 5492 Actual detected object count: 5 15:08:19.0464 5492 DCService.exe ( UnsignedFile.Multi.Generic ) - skipped by user 15:08:19.0464 5492 DCService.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:08:19.0464 5492 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:08:19.0464 5492 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:08:19.0464 5492 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:08:19.0464 5492 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:08:19.0464 5492 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user 15:08:19.0464 5492 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:08:19.0464 5492 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user 15:08:19.0464 5492 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:08:50.0696 5576 ============================================================ 15:08:50.0696 5576 Scan started 15:08:50.0696 5576 Mode: Manual; SigCheck; TDLFS; 15:08:50.0696 5576 ============================================================ 15:08:50.0867 5576 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 15:08:50.0899 5576 1394ohci - ok 15:08:50.0930 5576 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:08:50.0961 5576 ACPI - ok 15:08:51.0008 5576 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:08:51.0023 5576 AcpiPmi - ok 15:08:51.0086 5576 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 15:08:51.0133 5576 adp94xx - ok 15:08:51.0164 5576 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 15:08:51.0179 5576 adpahci - ok 15:08:51.0226 5576 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 15:08:51.0242 5576 adpu320 - ok 15:08:51.0257 5576 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 15:08:51.0304 5576 AeLookupSvc - ok 15:08:51.0351 5576 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 15:08:51.0367 5576 AFD - ok 15:08:51.0382 5576 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:08:51.0398 5576 agp440 - ok 15:08:51.0429 5576 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 15:08:51.0445 5576 ALG - ok 15:08:51.0460 5576 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:08:51.0460 5576 aliide - ok 15:08:51.0476 5576 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:08:51.0491 5576 amdide - ok 15:08:51.0523 5576 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 15:08:51.0538 5576 AmdK8 - ok 15:08:51.0569 5576 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 15:08:51.0569 5576 AmdPPM - ok 15:08:51.0601 5576 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 15:08:51.0616 5576 amdsata - ok 15:08:51.0632 5576 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 15:08:51.0647 5576 amdsbs - ok 15:08:51.0663 5576 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 15:08:51.0679 5576 amdxata - ok 15:08:51.0757 5576 AntiVirMailService (b9b5dfafea592bd4ca967824ebb42e3d) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe 15:08:51.0772 5576 AntiVirMailService - ok 15:08:51.0803 5576 AntiVirSchedulerService (67b1d78711b4386c26241096326ee14a) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 15:08:51.0819 5576 AntiVirSchedulerService - ok 15:08:51.0850 5576 AntiVirService (845c4e7ae211edad5e0b832126f56932) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 15:08:51.0866 5576 AntiVirService - ok 15:08:51.0897 5576 AntiVirWebService (30d71e0c149943a8985d02ea0944f2fe) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE 15:08:51.0913 5576 AntiVirWebService - ok 15:08:51.0959 5576 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:08:52.0006 5576 AppID - ok 15:08:52.0037 5576 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 15:08:52.0069 5576 AppIDSvc - ok 15:08:52.0131 5576 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 15:08:52.0193 5576 Appinfo - ok 15:08:52.0225 5576 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 15:08:52.0240 5576 arc - ok 15:08:52.0271 5576 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 15:08:52.0287 5576 arcsas - ok 15:08:52.0303 5576 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:08:52.0334 5576 AsyncMac - ok 15:08:52.0365 5576 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:08:52.0365 5576 atapi - ok 15:08:52.0412 5576 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:08:52.0459 5576 AudioEndpointBuilder - ok 15:08:52.0459 5576 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:08:52.0505 5576 AudioSrv - ok 15:08:52.0521 5576 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 15:08:52.0537 5576 avgntflt - ok 15:08:52.0568 5576 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 15:08:52.0568 5576 avipbb - ok 15:08:52.0599 5576 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 15:08:52.0599 5576 avkmgr - ok 15:08:52.0646 5576 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 15:08:52.0677 5576 AxInstSV - ok 15:08:52.0724 5576 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 15:08:52.0739 5576 b06bdrv - ok 15:08:52.0771 5576 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:08:52.0771 5576 b57nd60a - ok 15:08:52.0880 5576 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe 15:08:52.0895 5576 BBSvc - ok 15:08:52.0911 5576 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe 15:08:52.0942 5576 BBUpdate - ok 15:08:52.0958 5576 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 15:08:52.0973 5576 BDESVC - ok 15:08:52.0989 5576 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:08:53.0036 5576 Beep - ok 15:08:53.0067 5576 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 15:08:53.0114 5576 BFE - ok 15:08:53.0161 5576 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 15:08:53.0207 5576 BITS - ok 15:08:53.0254 5576 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:08:53.0285 5576 blbdrive - ok 15:08:53.0317 5576 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:08:53.0317 5576 bowser - ok 15:08:53.0348 5576 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:08:53.0363 5576 BrFiltLo - ok 15:08:53.0395 5576 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:08:53.0410 5576 BrFiltUp - ok 15:08:53.0426 5576 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 15:08:53.0457 5576 BridgeMP - ok 15:08:53.0488 5576 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 15:08:53.0519 5576 Browser - ok 15:08:53.0551 5576 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:08:53.0551 5576 Brserid - ok 15:08:53.0582 5576 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:08:53.0597 5576 BrSerWdm - ok 15:08:53.0629 5576 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:08:53.0644 5576 BrUsbMdm - ok 15:08:53.0675 5576 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:08:53.0675 5576 BrUsbSer - ok 15:08:53.0707 5576 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 15:08:53.0722 5576 BTHMODEM - ok 15:08:53.0785 5576 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 15:08:53.0800 5576 BTHPORT - ok 15:08:53.0831 5576 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 15:08:53.0863 5576 bthserv - ok 15:08:53.0878 5576 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 15:08:53.0894 5576 BTHUSB - ok 15:08:53.0894 5576 catchme - ok 15:08:53.0925 5576 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:08:53.0956 5576 cdfs - ok 15:08:53.0987 5576 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 15:08:53.0987 5576 cdrom - ok 15:08:54.0019 5576 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:08:54.0081 5576 CertPropSvc - ok 15:08:54.0097 5576 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 15:08:54.0112 5576 circlass - ok 15:08:54.0143 5576 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:08:54.0159 5576 CLFS - ok 15:08:54.0221 5576 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:08:54.0253 5576 clr_optimization_v2.0.50727_32 - ok 15:08:54.0299 5576 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:08:54.0331 5576 clr_optimization_v2.0.50727_64 - ok 15:08:54.0377 5576 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:08:54.0393 5576 clr_optimization_v4.0.30319_32 - ok 15:08:54.0424 5576 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:08:54.0440 5576 clr_optimization_v4.0.30319_64 - ok 15:08:54.0455 5576 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys 15:08:54.0471 5576 clwvd - ok 15:08:54.0487 5576 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 15:08:54.0487 5576 CmBatt - ok 15:08:54.0518 5576 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:08:54.0533 5576 cmdide - ok 15:08:54.0565 5576 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 15:08:54.0611 5576 CNG - ok 15:08:54.0627 5576 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 15:08:54.0643 5576 Compbatt - ok 15:08:54.0658 5576 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 15:08:54.0674 5576 CompositeBus - ok 15:08:54.0674 5576 COMSysApp - ok 15:08:54.0705 5576 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 15:08:54.0721 5576 crcdisk - ok 15:08:54.0752 5576 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 15:08:54.0767 5576 CryptSvc - ok 15:08:54.0861 5576 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 15:08:54.0892 5576 cvhsvc - ok 15:08:54.0939 5576 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:08:54.0986 5576 DcomLaunch - ok 15:08:55.0064 5576 DCService.exe (cc8b5c964b777f4ec3e89f13b4b5ff0f) C:\ProgramData\DatacardService\DCService.exe 15:08:55.0079 5576 DCService.exe ( UnsignedFile.Multi.Generic ) - warning 15:08:55.0079 5576 DCService.exe - detected UnsignedFile.Multi.Generic (1) 15:08:55.0111 5576 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 15:08:55.0157 5576 defragsvc - ok 15:08:55.0220 5576 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:08:55.0282 5576 DfsC - ok 15:08:55.0313 5576 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 15:08:55.0360 5576 Dhcp - ok 15:08:55.0376 5576 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:08:55.0407 5576 discache - ok 15:08:55.0438 5576 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 15:08:55.0438 5576 Disk - ok 15:08:55.0469 5576 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 15:08:55.0485 5576 Dnscache - ok 15:08:55.0501 5576 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 15:08:55.0547 5576 dot3svc - ok 15:08:55.0563 5576 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 15:08:55.0579 5576 Dot4 - ok 15:08:55.0610 5576 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys 15:08:55.0610 5576 Dot4Print - ok 15:08:55.0641 5576 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 15:08:55.0672 5576 dot4usb - ok 15:08:55.0703 5576 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 15:08:55.0766 5576 DPS - ok 15:08:55.0797 5576 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:08:55.0813 5576 drmkaud - ok 15:08:55.0844 5576 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:08:55.0875 5576 DXGKrnl - ok 15:08:55.0891 5576 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 15:08:55.0937 5576 EapHost - ok 15:08:56.0031 5576 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 15:08:56.0078 5576 ebdrv - ok 15:08:56.0156 5576 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 15:08:56.0171 5576 EFS - ok 15:08:56.0234 5576 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 15:08:56.0265 5576 ehRecvr - ok 15:08:56.0296 5576 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 15:08:56.0312 5576 ehSched - ok 15:08:56.0374 5576 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 15:08:56.0421 5576 elxstor - ok 15:08:56.0452 5576 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:08:56.0452 5576 ErrDev - ok 15:08:56.0499 5576 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 15:08:56.0546 5576 EventSystem - ok 15:08:56.0577 5576 ewusbnet (23b79b19f49a037eba4a9a3bb03ed91d) C:\Windows\system32\DRIVERS\ewusbnet.sys 15:08:56.0593 5576 ewusbnet - ok 15:08:56.0608 5576 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:08:56.0655 5576 exfat - ok 15:08:56.0671 5576 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:08:56.0702 5576 fastfat - ok 15:08:56.0733 5576 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 15:08:56.0749 5576 Fax - ok 15:08:56.0780 5576 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 15:08:56.0795 5576 fdc - ok 15:08:56.0827 5576 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 15:08:56.0858 5576 fdPHost - ok 15:08:56.0873 5576 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 15:08:56.0905 5576 FDResPub - ok 15:08:56.0936 5576 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:08:56.0936 5576 FileInfo - ok 15:08:56.0951 5576 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:08:56.0998 5576 Filetrace - ok 15:08:57.0014 5576 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 15:08:57.0029 5576 flpydisk - ok 15:08:57.0061 5576 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:08:57.0061 5576 FltMgr - ok 15:08:57.0107 5576 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 15:08:57.0139 5576 FontCache - ok 15:08:57.0232 5576 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:08:57.0248 5576 FontCache3.0.0.0 - ok 15:08:57.0310 5576 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:08:57.0326 5576 FsDepends - ok 15:08:57.0357 5576 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 15:08:57.0357 5576 Fs_Rec - ok 15:08:57.0388 5576 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:08:57.0404 5576 fvevol - ok 15:08:57.0419 5576 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 15:08:57.0435 5576 gagp30kx - ok 15:08:57.0482 5576 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 15:08:57.0544 5576 gpsvc - ok 15:08:57.0560 5576 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:08:57.0575 5576 hcw85cir - ok 15:08:57.0607 5576 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 15:08:57.0622 5576 HdAudAddService - ok 15:08:57.0638 5576 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 15:08:57.0653 5576 HDAudBus - ok 15:08:57.0685 5576 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 15:08:57.0700 5576 HECIx64 - ok 15:08:57.0731 5576 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 15:08:57.0731 5576 HidBatt - ok 15:08:57.0763 5576 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:08:57.0778 5576 HidBth - ok 15:08:57.0809 5576 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 15:08:57.0825 5576 HidIr - ok 15:08:57.0856 5576 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 15:08:57.0903 5576 hidserv - ok 15:08:57.0919 5576 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 15:08:57.0934 5576 HidUsb - ok 15:08:57.0965 5576 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 15:08:57.0997 5576 hkmsvc - ok 15:08:58.0028 5576 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 15:08:58.0043 5576 HomeGroupListener - ok 15:08:58.0075 5576 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 15:08:58.0090 5576 HomeGroupProvider - ok 15:08:58.0199 5576 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 15:08:58.0231 5576 hpqcxs08 - ok 15:08:58.0246 5576 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 15:08:58.0262 5576 hpqddsvc - ok 15:08:58.0293 5576 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:08:58.0309 5576 HpSAMD - ok 15:08:58.0340 5576 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:08:58.0387 5576 HTTP - ok 15:08:58.0418 5576 huawei_enumerator (08b1a06a55f068a17a51ba26618cf50f) C:\Windows\system32\DRIVERS\ew_jubusenum.sys 15:08:58.0418 5576 huawei_enumerator - ok 15:08:58.0449 5576 hwdatacard (6e5cd3984742a922d0c183c7e82c3c94) C:\Windows\system32\DRIVERS\ewusbmdm.sys 15:08:58.0449 5576 hwdatacard - ok 15:08:58.0480 5576 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:08:58.0480 5576 hwpolicy - ok 15:08:58.0511 5576 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:08:58.0511 5576 i8042prt - ok 15:08:58.0558 5576 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys 15:08:58.0574 5576 iaStor - ok 15:08:58.0667 5576 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 15:08:58.0699 5576 IAStorDataMgrSvc - ok 15:08:58.0730 5576 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 15:08:58.0761 5576 iaStorV - ok 15:08:58.0870 5576 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:08:58.0901 5576 idsvc - ok 15:08:59.0276 5576 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys 15:08:59.0416 5576 igfx - ok 15:08:59.0541 5576 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 15:08:59.0557 5576 iirsp - ok 15:08:59.0603 5576 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 15:08:59.0650 5576 IKEEXT - ok 15:08:59.0681 5576 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 15:08:59.0713 5576 Impcd - ok 15:08:59.0791 5576 IntcAzAudAddService (98220284537e9c96561406f99be48086) C:\Windows\system32\drivers\RTKVHD64.sys 15:08:59.0837 5576 IntcAzAudAddService - ok 15:08:59.0962 5576 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys 15:08:59.0978 5576 IntcDAud - ok 15:09:00.0009 5576 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:09:00.0025 5576 intelide - ok 15:09:00.0056 5576 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:09:00.0071 5576 intelppm - ok 15:09:00.0087 5576 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 15:09:00.0134 5576 IPBusEnum - ok 15:09:00.0149 5576 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:09:00.0181 5576 IpFilterDriver - ok 15:09:00.0227 5576 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 15:09:00.0259 5576 iphlpsvc - ok 15:09:00.0274 5576 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:09:00.0290 5576 IPMIDRV - ok 15:09:00.0305 5576 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:09:00.0352 5576 IPNAT - ok 15:09:00.0352 5576 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:09:00.0368 5576 IRENUM - ok 15:09:00.0383 5576 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:09:00.0399 5576 isapnp - ok 15:09:00.0430 5576 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:09:00.0430 5576 iScsiPrt - ok 15:09:00.0461 5576 IT9135BDA (88a571f5fba97854b49f841086970003) C:\Windows\system32\Drivers\IT9135BDA.sys 15:09:00.0477 5576 IT9135BDA - ok 15:09:00.0493 5576 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:09:00.0493 5576 kbdclass - ok 15:09:00.0524 5576 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 15:09:00.0539 5576 kbdhid - ok 15:09:00.0571 5576 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:09:00.0586 5576 KeyIso - ok 15:09:00.0602 5576 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 15:09:00.0617 5576 KSecDD - ok 15:09:00.0649 5576 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 15:09:00.0664 5576 KSecPkg - ok 15:09:00.0695 5576 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:09:00.0727 5576 ksthunk - ok 15:09:00.0758 5576 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 15:09:00.0805 5576 KtmRm - ok 15:09:00.0836 5576 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys 15:09:00.0851 5576 L1C - ok 15:09:00.0883 5576 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 15:09:00.0914 5576 LanmanServer - ok 15:09:00.0945 5576 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 15:09:00.0976 5576 LanmanWorkstation - ok 15:09:01.0007 5576 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:09:01.0039 5576 lltdio - ok 15:09:01.0070 5576 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 15:09:01.0117 5576 lltdsvc - ok 15:09:01.0132 5576 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 15:09:01.0163 5576 lmhosts - ok 15:09:01.0257 5576 LMS (1e2f802846eb944e0333efee7c9532a8) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 15:09:01.0288 5576 LMS - ok 15:09:01.0319 5576 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 15:09:01.0335 5576 LSI_FC - ok 15:09:01.0366 5576 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 15:09:01.0366 5576 LSI_SAS - ok 15:09:01.0382 5576 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:09:01.0397 5576 LSI_SAS2 - ok 15:09:01.0413 5576 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:09:01.0429 5576 LSI_SCSI - ok 15:09:01.0460 5576 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:09:01.0507 5576 luafv - ok 15:09:01.0522 5576 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 15:09:01.0538 5576 MBAMProtector - ok 15:09:01.0585 5576 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 15:09:01.0616 5576 MBAMService - ok 15:09:01.0678 5576 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 15:09:01.0709 5576 Mcx2Svc - ok 15:09:01.0741 5576 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 15:09:01.0741 5576 megasas - ok 15:09:01.0787 5576 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 15:09:01.0803 5576 MegaSR - ok 15:09:01.0834 5576 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:09:01.0865 5576 MMCSS - ok 15:09:01.0881 5576 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:09:01.0928 5576 Modem - ok 15:09:01.0943 5576 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:09:01.0959 5576 monitor - ok 15:09:01.0975 5576 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:09:01.0990 5576 mouclass - ok 15:09:02.0006 5576 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:09:02.0021 5576 mouhid - ok 15:09:02.0037 5576 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:09:02.0053 5576 mountmgr - ok 15:09:02.0115 5576 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 15:09:02.0131 5576 MozillaMaintenance - ok 15:09:02.0162 5576 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:09:02.0177 5576 mpio - ok 15:09:02.0209 5576 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:09:02.0240 5576 mpsdrv - ok 15:09:02.0287 5576 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 15:09:02.0318 5576 MpsSvc - ok 15:09:02.0349 5576 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:09:02.0365 5576 MRxDAV - ok 15:09:02.0396 5576 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:09:02.0396 5576 mrxsmb - ok 15:09:02.0427 5576 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:09:02.0427 5576 mrxsmb10 - ok 15:09:02.0458 5576 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:09:02.0458 5576 mrxsmb20 - ok 15:09:02.0505 5576 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:09:02.0505 5576 msahci - ok 15:09:02.0536 5576 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:09:02.0552 5576 msdsm - ok 15:09:02.0583 5576 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 15:09:02.0599 5576 MSDTC - ok 15:09:02.0630 5576 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:09:02.0661 5576 Msfs - ok 15:09:02.0677 5576 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:09:02.0708 5576 mshidkmdf - ok 15:09:02.0739 5576 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:09:02.0739 5576 msisadrv - ok 15:09:02.0770 5576 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 15:09:02.0817 5576 MSiSCSI - ok 15:09:02.0817 5576 msiserver - ok 15:09:02.0817 5576 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:09:02.0864 5576 MSKSSRV - ok 15:09:02.0864 5576 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:09:02.0911 5576 MSPCLOCK - ok 15:09:02.0911 5576 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:09:02.0957 5576 MSPQM - ok 15:09:02.0989 5576 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:09:03.0004 5576 MsRPC - ok 15:09:03.0035 5576 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 15:09:03.0035 5576 mssmbios - ok 15:09:03.0067 5576 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:09:03.0098 5576 MSTEE - ok 15:09:03.0129 5576 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 15:09:03.0129 5576 MTConfig - ok 15:09:03.0145 5576 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:09:03.0160 5576 Mup - ok 15:09:03.0191 5576 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 15:09:03.0238 5576 napagent - ok 15:09:03.0269 5576 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:09:03.0285 5576 NativeWifiP - ok 15:09:03.0347 5576 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 15:09:03.0379 5576 NDIS - ok 15:09:03.0394 5576 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:09:03.0441 5576 NdisCap - ok 15:09:03.0457 5576 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:09:03.0488 5576 NdisTapi - ok 15:09:03.0519 5576 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:09:03.0550 5576 Ndisuio - ok 15:09:03.0581 5576 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:09:03.0628 5576 NdisWan - ok 15:09:03.0644 5576 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:09:03.0675 5576 NDProxy - ok 15:09:03.0706 5576 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll 15:09:03.0706 5576 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 15:09:03.0706 5576 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 15:09:03.0737 5576 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:09:03.0769 5576 NetBIOS - ok 15:09:03.0800 5576 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:09:03.0847 5576 NetBT - ok 15:09:03.0862 5576 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:09:03.0878 5576 Netlogon - ok 15:09:03.0909 5576 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 15:09:03.0956 5576 Netman - ok 15:09:03.0987 5576 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 15:09:04.0018 5576 netprofm - ok 15:09:04.0127 5576 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:09:04.0143 5576 NetTcpPortSharing - ok 15:09:04.0205 5576 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 15:09:04.0221 5576 nfrd960 - ok 15:09:04.0252 5576 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 15:09:04.0299 5576 NlaSvc - ok 15:09:04.0315 5576 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:09:04.0361 5576 Npfs - ok 15:09:04.0393 5576 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 15:09:04.0424 5576 nsi - ok 15:09:04.0424 5576 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:09:04.0471 5576 nsiproxy - ok 15:09:04.0517 5576 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 15:09:04.0564 5576 Ntfs - ok 15:09:04.0689 5576 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:09:04.0751 5576 Null - ok 15:09:04.0767 5576 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys 15:09:04.0783 5576 nusb3hub - ok 15:09:04.0814 5576 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys 15:09:04.0829 5576 nusb3xhc - ok 15:09:05.0141 5576 nvlddmkm (589feba7a8e3eb0c3df254ababa3a257) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:09:05.0329 5576 nvlddmkm - ok 15:09:05.0453 5576 nvpciflt (273b73bf8f214154b6c499c9842ca3a2) C:\Windows\system32\DRIVERS\nvpciflt.sys 15:09:05.0469 5576 nvpciflt - ok 15:09:05.0500 5576 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 15:09:05.0516 5576 nvraid - ok 15:09:05.0547 5576 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 15:09:05.0563 5576 nvstor - ok 15:09:05.0594 5576 nvsvc (03055fdfd0f9f17e95e27f6193ce4eb9) C:\Windows\system32\nvvsvc.exe 15:09:05.0609 5576 nvsvc - ok 15:09:05.0719 5576 nvUpdatusService (9c42974ef3dab4d3b38e5f26f311645a) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 15:09:05.0750 5576 nvUpdatusService - ok 15:09:05.0875 5576 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:09:05.0890 5576 nv_agp - ok 15:09:05.0906 5576 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:09:05.0921 5576 ohci1394 - ok 15:09:05.0953 5576 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:09:05.0984 5576 ose - ok 15:09:06.0140 5576 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 15:09:06.0249 5576 osppsvc - ok 15:09:06.0343 5576 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:09:06.0374 5576 p2pimsvc - ok 15:09:06.0405 5576 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 15:09:06.0421 5576 p2psvc - ok 15:09:06.0467 5576 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 15:09:06.0483 5576 Parport - ok 15:09:06.0514 5576 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 15:09:06.0530 5576 partmgr - ok 15:09:06.0561 5576 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 15:09:06.0577 5576 PcaSvc - ok 15:09:06.0592 5576 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:09:06.0608 5576 pci - ok 15:09:06.0623 5576 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:09:06.0639 5576 pciide - ok 15:09:06.0670 5576 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 15:09:06.0670 5576 pcmcia - ok 15:09:06.0701 5576 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:09:06.0717 5576 pcw - ok 15:09:06.0733 5576 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:09:06.0779 5576 PEAUTH - ok 15:09:06.0842 5576 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 15:09:06.0873 5576 PerfHost - ok 15:09:06.0951 5576 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 15:09:07.0013 5576 pla - ok 15:09:07.0076 5576 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 15:09:07.0107 5576 PlugPlay - ok 15:09:07.0138 5576 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll 15:09:07.0138 5576 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 15:09:07.0138 5576 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 15:09:07.0154 5576 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 15:09:07.0169 5576 PNRPAutoReg - ok 15:09:07.0185 5576 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:09:07.0201 5576 PNRPsvc - ok 15:09:07.0232 5576 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 15:09:07.0279 5576 PolicyAgent - ok 15:09:07.0310 5576 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 15:09:07.0341 5576 Power - ok 15:09:07.0403 5576 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:09:07.0481 5576 PptpMiniport - ok 15:09:07.0497 5576 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 15:09:07.0513 5576 Processor - ok 15:09:07.0544 5576 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 15:09:07.0559 5576 ProfSvc - ok 15:09:07.0575 5576 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:09:07.0591 5576 ProtectedStorage - ok 15:09:07.0637 5576 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:09:07.0669 5576 Psched - ok 15:09:07.0747 5576 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 15:09:07.0762 5576 PSI_SVC_2 - ok 15:09:07.0825 5576 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 15:09:07.0871 5576 ql2300 - ok 15:09:07.0965 5576 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 15:09:07.0996 5576 ql40xx - ok 15:09:08.0012 5576 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 15:09:08.0027 5576 QWAVE - ok 15:09:08.0059 5576 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:09:08.0074 5576 QWAVEdrv - ok 15:09:08.0090 5576 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:09:08.0137 5576 RasAcd - ok 15:09:08.0152 5576 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:09:08.0199 5576 RasAgileVpn - ok 15:09:08.0230 5576 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 15:09:08.0277 5576 RasAuto - ok 15:09:08.0293 5576 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:09:08.0324 5576 Rasl2tp - ok 15:09:08.0371 5576 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 15:09:08.0417 5576 RasMan - ok 15:09:08.0449 5576 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:09:08.0495 5576 RasPppoe - ok 15:09:08.0495 5576 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:09:08.0527 5576 RasSstp - ok 15:09:08.0573 5576 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:09:08.0620 5576 rdbss - ok 15:09:08.0651 5576 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 15:09:08.0667 5576 rdpbus - ok 15:09:08.0698 5576 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:09:08.0745 5576 RDPCDD - ok 15:09:08.0761 5576 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:09:08.0792 5576 RDPENCDD - ok 15:09:08.0807 5576 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:09:08.0839 5576 RDPREFMP - ok 15:09:08.0870 5576 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 15:09:08.0885 5576 RDPWD - ok 15:09:08.0901 5576 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:09:08.0917 5576 rdyboost - ok 15:09:08.0948 5576 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 15:09:09.0010 5576 RemoteAccess - ok 15:09:09.0041 5576 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 15:09:09.0073 5576 RemoteRegistry - ok 15:09:09.0166 5576 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 15:09:09.0182 5576 RichVideo ( UnsignedFile.Multi.Generic ) - warning 15:09:09.0182 5576 RichVideo - detected UnsignedFile.Multi.Generic (1) 15:09:09.0197 5576 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 15:09:09.0244 5576 RpcEptMapper - ok 15:09:09.0260 5576 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 15:09:09.0275 5576 RpcLocator - ok 15:09:09.0307 5576 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:09:09.0353 5576 RpcSs - ok 15:09:09.0385 5576 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:09:09.0447 5576 rspndr - ok 15:09:09.0478 5576 RSUSBSTOR (44ed82612403021e36998e1ecb1198f1) C:\Windows\System32\Drivers\RtsUStor.sys 15:09:09.0494 5576 RSUSBSTOR - ok 15:09:09.0525 5576 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 15:09:09.0525 5576 RTL8167 - ok 15:09:09.0587 5576 rtl8192se (8e843c0340c30994161c10fba87eea18) C:\Windows\system32\DRIVERS\rtl8192se.sys 15:09:09.0603 5576 rtl8192se - ok 15:09:09.0634 5576 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:09:09.0650 5576 SamSs - ok 15:09:09.0665 5576 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:09:09.0681 5576 sbp2port - ok 15:09:09.0697 5576 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 15:09:09.0743 5576 SCardSvr - ok 15:09:09.0759 5576 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:09:09.0790 5576 scfilter - ok 15:09:09.0853 5576 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 15:09:09.0915 5576 Schedule - ok 15:09:09.0946 5576 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:09:09.0977 5576 SCPolicySvc - ok 15:09:10.0009 5576 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 15:09:10.0009 5576 SDRSVC - ok 15:09:10.0087 5576 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:09:10.0133 5576 secdrv - ok 15:09:10.0149 5576 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 15:09:10.0196 5576 seclogon - ok 15:09:10.0211 5576 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 15:09:10.0243 5576 SENS - ok 15:09:10.0258 5576 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 15:09:10.0258 5576 SensrSvc - ok 15:09:10.0289 5576 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 15:09:10.0305 5576 Serenum - ok 15:09:10.0321 5576 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 15:09:10.0336 5576 Serial - ok 15:09:10.0367 5576 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 15:09:10.0383 5576 sermouse - ok 15:09:10.0430 5576 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 15:09:10.0461 5576 SessionEnv - ok 15:09:10.0492 5576 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:09:10.0508 5576 sffdisk - ok 15:09:10.0523 5576 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:09:10.0539 5576 sffp_mmc - ok 15:09:10.0539 5576 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:09:10.0555 5576 sffp_sd - ok 15:09:10.0586 5576 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 15:09:10.0601 5576 sfloppy - ok 15:09:10.0648 5576 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 15:09:10.0679 5576 Sftfs - ok 15:09:10.0773 5576 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 15:09:10.0789 5576 sftlist - ok 15:09:10.0898 5576 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 15:09:10.0913 5576 Sftplay - ok 15:09:10.0945 5576 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 15:09:10.0945 5576 Sftredir - ok 15:09:10.0976 5576 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 15:09:10.0991 5576 Sftvol - ok 15:09:11.0023 5576 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 15:09:11.0038 5576 sftvsa - ok 15:09:11.0069 5576 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 15:09:11.0116 5576 SharedAccess - ok 15:09:11.0147 5576 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 15:09:11.0194 5576 ShellHWDetection - ok 15:09:11.0210 5576 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:09:11.0225 5576 SiSRaid2 - ok 15:09:11.0257 5576 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 15:09:11.0257 5576 SiSRaid4 - ok 15:09:11.0272 5576 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:09:11.0303 5576 Smb - ok 15:09:11.0335 5576 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 15:09:11.0350 5576 SNMPTRAP - ok 15:09:11.0350 5576 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:09:11.0366 5576 spldr - ok 15:09:11.0397 5576 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 15:09:11.0444 5576 Spooler - ok 15:09:11.0553 5576 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 15:09:11.0631 5576 sppsvc - ok 15:09:11.0709 5576 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 15:09:11.0756 5576 sppuinotify - ok 15:09:11.0818 5576 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:09:11.0849 5576 srv - ok 15:09:11.0865 5576 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:09:11.0896 5576 srv2 - ok 15:09:11.0912 5576 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:09:11.0912 5576 srvnet - ok 15:09:11.0943 5576 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 15:09:11.0990 5576 SSDPSRV - ok 15:09:11.0990 5576 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 15:09:12.0037 5576 SstpSvc - ok 15:09:12.0130 5576 Stereo Service (47a0a473ad1822e9e6c76e519bd0a023) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 15:09:12.0146 5576 Stereo Service - ok 15:09:12.0161 5576 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 15:09:12.0177 5576 stexstor - ok 15:09:12.0224 5576 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 15:09:12.0255 5576 stisvc - ok 15:09:12.0286 5576 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 15:09:12.0302 5576 swenum - ok 15:09:12.0333 5576 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 15:09:12.0380 5576 swprv - ok 15:09:12.0411 5576 SynTP (064a2530a4a7c7cec1be6a1945645be4) C:\Windows\system32\DRIVERS\SynTP.sys 15:09:12.0427 5576 SynTP - ok 15:09:12.0489 5576 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 15:09:12.0520 5576 SysMain - ok 15:09:12.0598 5576 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 15:09:12.0629 5576 TabletInputService - ok 15:09:12.0645 5576 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 15:09:12.0692 5576 TapiSrv - ok 15:09:12.0707 5576 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 15:09:12.0739 5576 TBS - ok 15:09:12.0832 5576 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 15:09:12.0879 5576 Tcpip - ok 15:09:13.0051 5576 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 15:09:13.0097 5576 TCPIP6 - ok 15:09:13.0207 5576 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:09:13.0253 5576 tcpipreg - ok 15:09:13.0285 5576 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:09:13.0300 5576 TDPIPE - ok 15:09:13.0316 5576 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 15:09:13.0331 5576 TDTCP - ok 15:09:13.0363 5576 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:09:13.0394 5576 tdx - ok 15:09:13.0425 5576 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 15:09:13.0441 5576 TermDD - ok 15:09:13.0472 5576 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 15:09:13.0519 5576 TermService - ok 15:09:13.0550 5576 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 15:09:13.0565 5576 Themes - ok 15:09:13.0581 5576 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:09:13.0628 5576 THREADORDER - ok 15:09:13.0690 5576 TomTomHOMEService (83682f469a3d65e8b6f06c28212318bd) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe 15:09:13.0721 5576 TomTomHOMEService - ok 15:09:13.0737 5576 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 15:09:13.0784 5576 TrkWks - ok 15:09:13.0831 5576 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 15:09:13.0893 5576 TrustedInstaller - ok 15:09:13.0940 5576 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:09:13.0971 5576 tssecsrv - ok 15:09:13.0987 5576 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:09:14.0002 5576 TsUsbFlt - ok 15:09:14.0018 5576 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:09:14.0065 5576 tunnel - ok 15:09:14.0080 5576 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 15:09:14.0096 5576 uagp35 - ok 15:09:14.0127 5576 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:09:14.0158 5576 udfs - ok 15:09:14.0189 5576 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 15:09:14.0205 5576 UI0Detect - ok 15:09:14.0236 5576 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:09:14.0236 5576 uliagpkx - ok 15:09:14.0267 5576 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 15:09:14.0267 5576 umbus - ok 15:09:14.0283 5576 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 15:09:14.0299 5576 UmPass - ok 15:09:14.0501 5576 UNS (af905f4966cfc8b973623ab150cd4b2b) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 15:09:14.0548 5576 UNS - ok 15:09:14.0642 5576 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 15:09:14.0704 5576 upnphost - ok 15:09:14.0751 5576 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 15:09:14.0782 5576 usbccgp - ok 15:09:14.0813 5576 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:09:14.0845 5576 usbcir - ok 15:09:14.0860 5576 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 15:09:14.0876 5576 usbehci - ok 15:09:14.0891 5576 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 15:09:14.0907 5576 usbhub - ok 15:09:14.0923 5576 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 15:09:14.0938 5576 usbohci - ok 15:09:14.0954 5576 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:09:14.0969 5576 usbprint - ok 15:09:15.0001 5576 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:09:15.0016 5576 usbscan - ok 15:09:15.0047 5576 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:09:15.0047 5576 USBSTOR - ok 15:09:15.0063 5576 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 15:09:15.0063 5576 usbuhci - ok 15:09:15.0094 5576 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 15:09:15.0141 5576 UxSms - ok 15:09:15.0172 5576 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:09:15.0172 5576 VaultSvc - ok 15:09:15.0188 5576 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:09:15.0203 5576 vdrvroot - ok 15:09:15.0235 5576 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 15:09:15.0281 5576 vds - ok 15:09:15.0297 5576 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:09:15.0313 5576 vga - ok 15:09:15.0328 5576 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:09:15.0375 5576 VgaSave - ok 15:09:15.0406 5576 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:09:15.0406 5576 vhdmp - ok 15:09:15.0437 5576 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:09:15.0453 5576 viaide - ok 15:09:15.0469 5576 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:09:15.0484 5576 volmgr - ok 15:09:15.0515 5576 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:09:15.0531 5576 volmgrx - ok 15:09:15.0562 5576 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:09:15.0578 5576 volsnap - ok 15:09:15.0593 5576 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 15:09:15.0609 5576 vsmraid - ok 15:09:15.0671 5576 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 15:09:15.0718 5576 VSS - ok 15:09:15.0843 5576 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:09:15.0874 5576 vwifibus - ok 15:09:15.0890 5576 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:09:15.0905 5576 vwififlt - ok 15:09:15.0905 5576 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:09:15.0921 5576 vwifimp - ok 15:09:15.0952 5576 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 15:09:15.0999 5576 W32Time - ok 15:09:16.0015 5576 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 15:09:16.0030 5576 WacomPen - ok 15:09:16.0046 5576 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:09:16.0077 5576 WANARP - ok 15:09:16.0093 5576 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:09:16.0124 5576 Wanarpv6 - ok 15:09:16.0202 5576 watchmi (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe 15:09:16.0202 5576 watchmi ( UnsignedFile.Multi.Generic ) - warning 15:09:16.0202 5576 watchmi - detected UnsignedFile.Multi.Generic (1) 15:09:16.0264 5576 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 15:09:16.0295 5576 wbengine - ok 15:09:16.0389 5576 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 15:09:16.0420 5576 WbioSrvc - ok 15:09:16.0451 5576 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 15:09:16.0483 5576 wcncsvc - ok 15:09:16.0514 5576 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 15:09:16.0529 5576 WcsPlugInService - ok 15:09:16.0592 5576 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 15:09:16.0607 5576 Wd - ok 15:09:16.0654 5576 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:09:16.0670 5576 Wdf01000 - ok 15:09:16.0701 5576 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:09:16.0732 5576 WdiServiceHost - ok 15:09:16.0732 5576 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:09:16.0748 5576 WdiSystemHost - ok 15:09:16.0779 5576 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 15:09:16.0810 5576 WebClient - ok 15:09:16.0826 5576 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 15:09:16.0873 5576 Wecsvc - ok 15:09:16.0888 5576 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 15:09:16.0919 5576 wercplsupport - ok 15:09:16.0935 5576 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 15:09:16.0982 5576 WerSvc - ok 15:09:17.0029 5576 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:09:17.0091 5576 WfpLwf - ok 15:09:17.0091 5576 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:09:17.0107 5576 WIMMount - ok 15:09:17.0153 5576 WinDefend - ok 15:09:17.0153 5576 WinHttpAutoProxySvc - ok 15:09:17.0231 5576 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 15:09:17.0278 5576 Winmgmt - ok 15:09:17.0356 5576 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 15:09:17.0434 5576 WinRM - ok 15:09:17.0559 5576 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 15:09:17.0590 5576 WinUsb - ok 15:09:17.0668 5576 WisLMSvc (4c69a8e2e159c1c59bc4b688e9dd7f8c) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe 15:09:17.0684 5576 WisLMSvc - ok 15:09:17.0731 5576 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 15:09:17.0762 5576 Wlansvc - ok 15:09:17.0809 5576 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 15:09:17.0809 5576 wlcrasvc - ok 15:09:17.0918 5576 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:09:17.0965 5576 wlidsvc - ok 15:09:18.0074 5576 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 15:09:18.0089 5576 WmiAcpi - ok 15:09:18.0167 5576 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 15:09:18.0183 5576 wmiApSrv - ok 15:09:18.0230 5576 WMPNetworkSvc - ok 15:09:18.0277 5576 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 15:09:18.0292 5576 WPCSvc - ok 15:09:18.0323 5576 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 15:09:18.0339 5576 WPDBusEnum - ok 15:09:18.0386 5576 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:09:18.0417 5576 ws2ifsl - ok 15:09:18.0448 5576 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 15:09:18.0464 5576 wscsvc - ok 15:09:18.0464 5576 WSearch - ok 15:09:18.0557 5576 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 15:09:18.0604 5576 wuauserv - ok 15:09:18.0729 5576 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:09:18.0776 5576 WudfPf - ok 15:09:18.0807 5576 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:09:18.0838 5576 WUDFRd - ok 15:09:18.0854 5576 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 15:09:18.0901 5576 wudfsvc - ok 15:09:18.0916 5576 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 15:09:18.0932 5576 WwanSvc - ok 15:09:18.0963 5576 MBR (0x1B8) (8b790a79784018d2b00dc944072570f8) \Device\Harddisk0\DR0 15:09:21.0402 5576 \Device\Harddisk0\DR0 - ok 15:09:21.0407 5576 Boot (0x1200) (378f052d5d58afd217edb9fdb50fcf80) \Device\Harddisk0\DR0\Partition0 15:09:21.0410 5576 \Device\Harddisk0\DR0\Partition0 - ok 15:09:21.0443 5576 Boot (0x1200) (7ad2168ef754372bedb27de016f9039d) \Device\Harddisk0\DR0\Partition1 15:09:21.0445 5576 \Device\Harddisk0\DR0\Partition1 - ok 15:09:21.0471 5576 Boot (0x1200) (1468261406a3b7f63be7e920f56b5aa6) \Device\Harddisk0\DR0\Partition2 15:09:21.0473 5576 \Device\Harddisk0\DR0\Partition2 - ok 15:09:21.0474 5576 ============================================================ 15:09:21.0474 5576 Scan finished 15:09:21.0474 5576 ============================================================ 15:09:21.0485 3664 Detected object count: 5 15:09:21.0485 3664 Actual detected object count: 5 15:11:15.0346 3664 DCService.exe ( UnsignedFile.Multi.Generic ) - skipped by user 15:11:15.0346 3664 DCService.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:11:15.0348 3664 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:11:15.0348 3664 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:11:15.0351 3664 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:11:15.0351 3664 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:11:15.0353 3664 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user 15:11:15.0353 3664 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:11:15.0354 3664 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user 15:11:15.0354 3664 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:12:15.0660 5652 Deinitialize success |
|
15.07.2012, 17:52
| #10 |
| /// Malware-holic | OTH und mbam kann nicht gestartet werden wegen Security Scan hi gibts noch probleme? lade den CCleaner standard: CCleaner Download - CCleaner 3.20.1750 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.07.2012, 07:44
| #11 |
| | OTH und mbam kann nicht gestartet werden wegen Security Scan Mit ??? markierte Progs. = weiß nicht ob nötig oder unnötig Der Rechner braucht sehr lange zum hochfahren  123 Free Solitaire 2009 v7.2 TreeCardGames.com 10.11.2011 unnötig Acrobat.com Adobe Systems Incorporated 13.10.2010 1,60MB 1.6.65 notwendig ActiveX-kontroll för fjärranslutningar för Windows Live Mesh Microsoft Corporation 24.11.2010 5,57MB 15.4.5722.2 unbekannt Adobe AIR Adobe Systems Incorporated 02.04.2012 3.2.0.2070 notwendig Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 05.05.2012 6,00MB 11.2.202.235 notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 22.06.2012 6,00MB 11.3.300.262 notwendig Adobe Reader 9.5.1 MUI Adobe Systems Incorporated 12.04.2012 691MB 9.5.1 notwendig Apple Application Support Apple Inc. 16.05.2012 61,0MB 2.1.7 unbekannt Apple Software Update Apple Inc. 17.03.2012 2,38MB 2.1.3.127 unbekannt Ashampoo Burning Studio ashampoo GmbH & Co. KG 30.11.2010 130MB 9.23.0 notwendig Ashampoo Photo Commander ashampoo GmbH & Co. KG 30.11.2010 115MB 8.3.2 notwendig Ashampoo Photo Optimizer ashampoo GmbH & Co. KG 30.11.2010 37,1MB 3.12.0 notwendig Ashampoo Snap ashampoo GmbH & Co. KG 30.11.2010 29,7MB 3.4.1 notwendig Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Atheros Communications Inc. 04.12.2010 1.0.0.27 unbekannt Avira Antivirus Premium 2012 Avira 12.06.2012 107MB 12.0.0.1145 notwendig Bing Bar Microsoft Corporation 11.04.2012 464KB 7.1.361.0 unnötig CCleaner Piriform 22.06.2012 3.20 notwendig Cinergy T Stick Mini V10.02.03.02 17.08.2011 10.02.03.02 notwendig Cisco EAP-FAST Module Cisco Systems, Inc. 24.11.2010 1,55MB 2.2.14 unbekannt Cisco LEAP Module Cisco Systems, Inc. 24.11.2010 644KB 1.0.19 unbekannt Cisco PEAP Module Cisco Systems, Inc. 24.11.2010 1,23MB 1.1.6 unbekannt Control ActiveX de Windows Live Mesh para conexiones remotas Microsoft Corporation 27.10.2010 5,57MB 15.4.5722.2 ??? Controlo ActiveX do Windows Live Mesh para Ligações Remotas Microsoft Corporation 27.10.2010 5,57MB 15.4.5722.2 ??? Contrôle ActiveX Windows Live Mesh pour connexions à distance Microsoft Corporation 27.10.2010 5,57MB 15.4.5722.2 ??? CorelDRAW Essentials 4 Corel Corporation 01.07.2011 notwendig CorelDRAW Essentials 4 - Windows Shell Extension Corel Corporation 01.07.2011 2,93MB notwendig CyberLink LabelPrint CyberLink Corp. 30.11.2010 148MB 2.5.3418 notwendig CyberLink MediaShow CyberLink Corp. 30.11.2010 251MB 5.0.1410a notwendig CyberLink MediaShow Espresso CyberLink Corp. 30.11.2010 82,0MB 5.5.1412_24021a notwendig CyberLink PhotoNow CyberLink Corp. 30.11.2010 21,8MB 1.1.0.6904 notwendig CyberLink Power2Go CyberLink Corp. 30.11.2010 115MB 6.1.3802 notwendig CyberLink PowerDirector CyberLink Corp. 30.11.2010 356MB 8.0.3224a notwendig CyberLink PowerDVD 10 CyberLink Corp. 30.11.2010 184MB 10.0.2225 notwendig CyberLink PowerDVD Copy CyberLink Corp. 30.11.2010 30,9MB 1.5.1306 notwendig CyberLink PowerProducer CyberLink Corp. 30.11.2010 166MB 5.0.2.2429 notwendig CyberLink YouCam CyberLink Corp. 30.11.2010 135MB 3.1.3428 notwendig DEUTSCHLAND SPIELT GAME CENTER INTENIUM GmbH 06.12.2011 1.0.0.45 notwendig Diamantenfee 2 INTENIUM GmbH 06.12.2011 0.0.0.0 notwendig Diamantenfee 2 Special 28.11.2011 notwendig Direct Show Ogg Vorbis Filter (remove only) 01.09.2011 ??? Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych Microsoft Corporation 27.10.2010 5,57MB 15.4.5722.2 unbekannt Great Mahjong Special 28.11.2011 notwendig Haali Media Splitter 02.07.2011 ??? HP Customer Participation Program 14.0 HP 29.09.2011 14.0 notwendig HP Imaging Device Functions 14.0 HP 29.09.2011 14.0 notwendig HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7 HP 29.09.2011 14.0 notwendig HP Product Detection HP 07.05.2012 1,86MB 11.14.0001 notwendig HP Smart Web Printing 4.60 HP 29.09.2011 4.60 notwendig HP Solution Center 14.0 HP 29.09.2011 14.0 notwendig HP Update Hewlett-Packard 31.12.2011 3,98MB 5.003.001.001 notwendig Intel(R) Graphics Media Accelerator Driver Intel Corporation 01.09.2011 8.15.10.2189 notwendig? Intel(R) Management Engine Components Intel Corporation 22.11.2010 6.0.0.1179 notwendig? Intel(R) Rapid Storage Technology Intel Corporation 24.11.2010 9.6.0.1014 notwendig? Java(TM) 6 Update 22 (64-bit) Oracle 13.10.2010 90,6MB 6.0.220 notwendig Java(TM) 7 Update 5 Oracle 06.07.2012 99,3MB 7.0.50 notwendig JavaFX 2.1.1 Oracle Corporation 06.07.2012 20,8MB 2.1.1 notwendig Launch Manager Wistron Corp. 24.11.2010 1.5.1.2 unbekannt Malwarebytes Anti-Malware Version 1.61.0.1400 Malwarebytes Corporation 04.07.2012 18,0MB 1.61.0.1400 notwendig Medion Home Cinema CyberLink Corp. 30.11.2010 36,5MB 8.0.2213 notwendig Microsoft .NET Framework 4 Client Profile Microsoft Corporation 07.07.2010 38,8MB 4.0.30319 notwendig Microsoft Office 2010 Microsoft Corporation 07.07.2010 6,31MB 14.0.4763.1000 notwendig Microsoft Office Klick-und-Los 2010 Microsoft Corporation 15.08.2011 14.0.4763.1000 notwendig Microsoft Office Starter 2010 - Deutsch Microsoft Corporation 15.08.2011 14.0.4763.1000 notwendig Microsoft Silverlight Microsoft Corporation 09.05.2012 140MB 4.1.10329.0 notwendig? Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 27.10.2010 1,69MB 3.1.0000 notwendig Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 07.07.2010 260KB 8.0.50727.4053 notwendig Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 24.01.2012 252KB 8.0.50727.4053 notwendig Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 17.08.2011 300KB 8.0.61001 notwendig Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 03.12.2010 212KB 9.0.30729.4148 notwendig Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 03.12.2010 200KB 9.0.30729.4148 notwendig Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 03.12.2010 788KB 9.0.30729 notwendig Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 15.08.2011 782KB 9.0.30729.4148 notwendig Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 17.08.2011 788KB 9.0.30729.6161 notwendig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 30.11.2010 596KB 9.0.30729 notwendig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 15.08.2011 590KB 9.0.30729.4148 notwendig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 17.08.2011 600KB 9.0.30729.6161 notwendig Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 05.04.2012 12,2MB 10.0.40219 notwendig Mobile Partner Huawei Technologies Co.,Ltd 23.01.2012 11.302.09.04.382 notwendig Mozilla Firefox 13.0.1 (x86 de) Mozilla 19.06.2012 35,8MB 13.0.1 notwendig Mozilla Maintenance Service Mozilla 19.06.2012 309KB 13.0.1 notwendig MSXML 4.0 SP2 (KB973688) Microsoft Corporation 07.07.2010 1,34MB 4.20.9876.0 ??? NVIDIA Display Control Panel NVIDIA Corporation 10.12.2010 135MB 6.14.12.5995 notwendig NVIDIA Drivers NVIDIA Corporation 10.12.2010 63,0MB 1.10.62.40 notwendig NVIDIA Stereoscopic 3D Driver NVIDIA Corporation 02.07.2011 7.17.12.5995 notwendig OpenOffice.org 3.3 OpenOffice.org 15.08.2011 414MB 3.3.9567 notwendig PlayReady PC Runtime amd64 Microsoft Corporation 01.07.2011 2,05MB 1.3.0 ??? QuickTime Apple Inc. 16.05.2012 73,2MB 7.72.80.56 ??? Realtek High Definition Audio Driver Realtek Semiconductor Corp. 10.12.2010 6.0.1.6192 notwendig Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 24.11.2010 6.1.7600.30121 notwendig REALTEK Wireless LAN Driver REALTEK Semiconductor Corp. 24.11.2010 1.00.0148 notwendig Renesas Electronics USB 3.0 Host Controller Driver Renesas Electronics Corporation 24.11.2010 1,00MB 2.0.26.0 notwendig Shop for HP Supplies HP 29.09.2011 14.0 unnötig Surf & E-Mail-Stick Huawei Technologies Co.,Ltd 18.08.2011 11.301.08.00.35 notwendig Synaptics Pointing Device Driver Synaptics Incorporated 24.11.2010 14.0.19.0 notwendig? TerraTec Home Cinema 17.08.2011 6.15.10 notwendig TomTom HOME 2.8.4.2596 TomTom 13.05.2012 2.8.4.2596 notwendig TomTom HOME Visual Studio Merge Modules TomTom International B.V. 13.05.2012 1,88MB 1.0.2 notwendig watchmi Axel Springer Digital TV Guide GmbH 01.07.2011 1,74MB 2.5.0 unbekannt Windows Live Essentials Microsoft Corporation 27.10.2010 15.4.3502.0922 ??? Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Microsoft Corporation 27.10.2010 5,57MB 15.4.5722.2 ??? Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 27.10.2010 5,37MB 15.4.5722.2 ??? Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 27.10.2010 5,57MB 15.4.5722.2 ??? Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Microsoft Corporation 24.11.2010 5,57MB 15.4.5722.2 ??? Windows Live Mesh ActiveX-objekt til fjernforbindelser Microsoft Corporation 27.10.2010 5,57MB 15.4.5722.2 ??? Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz Microsoft Corporation 27.10.2010 5,57MB 15.4.5722.2 ??? Windows Live Meshin etäyhteyksien ActiveX-komponentti Microsoft Corporation 24.11.2010 5,57MB 15.4.5722.2 ??? Windows Media Encoder 9 Series 30.11.2010 ??? |
|
17.07.2012, 20:46
| #12 |
| /// Malware-holic | OTH und mbam kann nicht gestartet werden wegen Security Scan deinstaliere: 123 Free Solitaire ActiveX Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Bing Control Controlo Contrôle Formant Java(TM) 6 Update 22 Shop for watchmi Windows Live : alle die die du nicht nutzt öffne ccleaner, analysieren starten öffne otl, cleanup, pc startet neu ccleaner extras, autostart liste, erstellen und posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.07.2012, 23:33
| #13 |
| | OTH und mbam kann nicht gestartet werden wegen Security Scan Ja HKCU:Run Remote Control Editor Elgato Systems "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe" Ja HKCU:Run Sidebar Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /autoRun Ja HKCU:Run TomTomHOME.exe TomTom "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" Ja HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Ja HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" Ja HKLM:Run avgnt Avira Operations GmbH & Co. KG "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min Ja HKLM:Run CLMLServer CyberLink "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" Ja HKLM:Run HotkeyApp Wistron "C:\Program Files (x86)\Launch Manager\HotkeyApp.exe" Ja HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe Ja HKLM:Run HP Software Update Hewlett-Packard C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe Ja HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe Ja HKLM:Run LMgrVolOSD Wistron Corp. "C:\Program Files (x86)\Launch Manager\OSD.exe" Ja HKLM:Run Logitech Download Assistant Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch Ja HKLM:Run Malwarebytes' Anti-Malware Malwarebytes Corporation "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray Ja HKLM:Run NUSB3MON Renesas Electronics Corporation "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" Ja HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe Ja HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime Ja HKLM:Run RtHDVBg Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 Ja HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s Ja HKLM:Run SynTPEnh %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe Ja HKLM:Run Wbutton Wistron Corp. "C:\Program Files (x86)\Launch Manager\Wbutton.exe" Ja HKLM:Run YouCam Mirage CyberLink "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" Ja Startup Common HP Digital Imaging Monitor.lnk Hewlett-Packard Co. C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe Ja Startup User OpenOffice.org 3.3.lnk C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe Ja Startup User Versandhelfer.lnk C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe |
|
19.07.2012, 20:21
| #14 |
| /// Malware-holic | OTH und mbam kann nicht gestartet werden wegen Security Scan start ausführen, tippe: msconfig enter systemstart alle haken raus außer bei: Avira klicke dann ok, pc startet neu. führe danach noch mal selbstständig einen neustart aus, teste wie dr pc läuft. wenn was wichtiges fehlt aktivieren wiers wieder.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
19.07.2012, 20:44
| #15 |
| | OTH und mbam kann nicht gestartet werden wegen Security Scan WOW!!!  Jetzt flitzzzzzt er wieder und alles funktioniert! Ich freu mich wie Bolle, neige mein Haupt in Demut vor deinem Wissen und sage ganz herzlich DANKE  |
|
| Themen zu OTH und mbam kann nicht gestartet werden wegen Security Scan |
| anleitung, besser, bli, dringend, forum, google, logfiles, malwarebites, mbam, min, neu, othelper, rechner, scan, security, security scan, shield, starten, stick, suche, trojan.lameshield, win, win7, win7 64bit, öffnen |
Linear-Darstellung
