| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom RechnerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.08.2012, 19:32
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.08.2012, 18:53
| #17 |
 | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom RechnerCode:
ATTFilter 19:43:06.0822 12132 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
19:43:07.0015 12132 ============================================================
19:43:07.0015 12132 Current date / time: 2012/08/18 19:43:07.0015
19:43:07.0015 12132 SystemInfo:
19:43:07.0015 12132
19:43:07.0015 12132 OS Version: 6.1.7601 ServicePack: 1.0
19:43:07.0015 12132 Product type: Workstation
19:43:07.0015 12132 ComputerName: HOMEBASE
19:43:07.0015 12132 UserName: Melanie
19:43:07.0015 12132 Windows directory: C:\Windows
19:43:07.0015 12132 System windows directory: C:\Windows
19:43:07.0015 12132 Running under WOW64
19:43:07.0015 12132 Processor architecture: Intel x64
19:43:07.0015 12132 Number of processors: 2
19:43:07.0015 12132 Page size: 0x1000
19:43:07.0015 12132 Boot type: Normal boot
19:43:07.0015 12132 ============================================================
19:43:07.0996 12132 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:43:08.0010 12132 Drive \Device\Harddisk1\DR1 - Size: 0xF0000000 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:43:08.0019 12132 Drive \Device\Harddisk2\DR2 - Size: 0x75398000 (1.83 Gb), SectorSize: 0x200, Cylinders: 0xEF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:43:08.0027 12132 ============================================================
19:43:08.0027 12132 \Device\Harddisk0\DR0:
19:43:08.0027 12132 MBR partitions:
19:43:08.0027 12132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:43:08.0027 12132 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x728D9800
19:43:08.0027 12132 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7290C000, BlocksNum 0x1DFA000
19:43:08.0027 12132 \Device\Harddisk1\DR1:
19:43:08.0028 12132 MBR partitions:
19:43:08.0028 12132 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x77FFDF
19:43:08.0028 12132 \Device\Harddisk2\DR2:
19:43:08.0028 12132 MBR partitions:
19:43:08.0028 12132 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x6, StartLBA 0x40, BlocksNum 0x3A9C80
19:43:08.0029 12132 ============================================================
19:43:08.0050 12132 C: <-> \Device\Harddisk0\DR0\Partition2
19:43:08.0111 12132 D: <-> \Device\Harddisk0\DR0\Partition3
19:43:08.0111 12132 ============================================================
19:43:08.0111 12132 Initialize success
19:43:08.0111 12132 ============================================================
19:45:35.0010 4832 ============================================================
19:45:35.0010 4832 Scan started
19:45:35.0010 4832 Mode: Manual; SigCheck; TDLFS;
19:45:35.0010 4832 ============================================================
19:45:35.0868 4832 ================ Scan services =============================
19:45:36.0024 4832 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:45:36.0133 4832 1394ohci - ok
19:45:36.0164 4832 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:45:36.0196 4832 ACPI - ok
19:45:36.0227 4832 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:45:36.0289 4832 AcpiPmi - ok
19:45:36.0320 4832 [ de7e8d852a806be6091983838bf9697f ] ACPIService C:\Windows\system32\DRIVERS\OSDACPI.SYS
19:45:36.0352 4832 ACPIService - ok
19:45:36.0476 4832 [ d19c4ee2ac7c47b8f5f84fff1a789d8a ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:45:36.0492 4832 AdobeARMservice - ok
19:45:36.0695 4832 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:45:36.0710 4832 AdobeFlashPlayerUpdateSvc - ok
19:45:36.0742 4832 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:45:36.0773 4832 adp94xx - ok
19:45:36.0788 4832 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:45:36.0804 4832 adpahci - ok
19:45:36.0820 4832 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:45:36.0835 4832 adpu320 - ok
19:45:36.0866 4832 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:45:36.0976 4832 AeLookupSvc - ok
19:45:37.0038 4832 [ 3ac22a3dfa8a050e35f0e3cd99d0cdf2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
19:45:37.0100 4832 AERTFilters - ok
19:45:37.0147 4832 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:45:37.0210 4832 AFD - ok
19:45:37.0241 4832 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:45:37.0256 4832 agp440 - ok
19:45:37.0272 4832 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
19:45:37.0319 4832 ALG - ok
19:45:37.0319 4832 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:45:37.0334 4832 aliide - ok
19:45:37.0350 4832 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
19:45:37.0366 4832 amdide - ok
19:45:37.0397 4832 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:45:37.0459 4832 AmdK8 - ok
19:45:37.0475 4832 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:45:37.0506 4832 AmdPPM - ok
19:45:37.0537 4832 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:45:37.0553 4832 amdsata - ok
19:45:37.0568 4832 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:45:37.0584 4832 amdsbs - ok
19:45:37.0600 4832 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:45:37.0600 4832 amdxata - ok
19:45:37.0662 4832 [ b9b5dfafea592bd4ca967824ebb42e3d ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
19:45:37.0693 4832 AntiVirMailService - ok
19:45:37.0724 4832 [ 67b1d78711b4386c26241096326ee14a ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:45:37.0740 4832 AntiVirSchedulerService - ok
19:45:37.0756 4832 [ 845c4e7ae211edad5e0b832126f56932 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:45:37.0771 4832 AntiVirService - ok
19:45:37.0787 4832 [ 30d71e0c149943a8985d02ea0944f2fe ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:45:37.0802 4832 AntiVirWebService - ok
19:45:37.0834 4832 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
19:45:38.0005 4832 AppID - ok
19:45:38.0036 4832 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:45:38.0083 4832 AppIDSvc - ok
19:45:38.0130 4832 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:45:38.0192 4832 Appinfo - ok
19:45:38.0270 4832 [ f401929ee0cc92bfe7f15161ca535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:45:38.0286 4832 Apple Mobile Device - ok
19:45:38.0302 4832 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
19:45:38.0317 4832 arc - ok
19:45:38.0333 4832 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:45:38.0348 4832 arcsas - ok
19:45:38.0458 4832 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:45:38.0473 4832 aspnet_state - ok
19:45:38.0489 4832 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:45:38.0551 4832 AsyncMac - ok
19:45:38.0598 4832 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
19:45:38.0614 4832 atapi - ok
19:45:38.0692 4832 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:45:38.0770 4832 AudioEndpointBuilder - ok
19:45:38.0785 4832 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:45:38.0832 4832 AudioSrv - ok
19:45:38.0879 4832 [ 59e75082dc7da252592ec3489a2cf4ea ] AVerAVF2 C:\Windows\system32\DRIVERS\AVerAVF2.sys
19:45:38.0941 4832 AVerAVF2 - ok
19:45:38.0988 4832 [ 26e38b5a58c6c55fafbc563eeddb0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:45:39.0004 4832 avgntflt - ok
19:45:39.0004 4832 [ 9d1f00beff84cbbf46d7f052bc7e0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:45:39.0019 4832 avipbb - ok
19:45:39.0035 4832 [ 248db59fc86de44d2779f4c7fb1a567d ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:45:39.0050 4832 avkmgr - ok
19:45:39.0097 4832 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:45:39.0160 4832 AxInstSV - ok
19:45:39.0206 4832 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:45:39.0253 4832 b06bdrv - ok
19:45:39.0284 4832 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:45:39.0300 4832 b57nd60a - ok
19:45:39.0331 4832 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:45:39.0378 4832 BDESVC - ok
19:45:39.0394 4832 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:45:39.0456 4832 Beep - ok
19:45:39.0534 4832 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
19:45:39.0581 4832 BFE - ok
19:45:39.0612 4832 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll
19:45:39.0674 4832 BITS - ok
19:45:39.0690 4832 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:45:39.0721 4832 blbdrive - ok
19:45:39.0784 4832 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:45:39.0799 4832 Bonjour Service - ok
19:45:39.0846 4832 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:45:39.0877 4832 bowser - ok
19:45:39.0877 4832 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:45:39.0940 4832 BrFiltLo - ok
19:45:39.0955 4832 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:45:39.0986 4832 BrFiltUp - ok
19:45:40.0018 4832 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll
19:45:40.0049 4832 Browser - ok
19:45:40.0064 4832 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:45:40.0142 4832 Brserid - ok
19:45:40.0158 4832 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:45:40.0189 4832 BrSerWdm - ok
19:45:40.0205 4832 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:45:40.0236 4832 BrUsbMdm - ok
19:45:40.0252 4832 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:45:40.0267 4832 BrUsbSer - ok
19:45:40.0330 4832 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:45:40.0392 4832 BthEnum - ok
19:45:40.0423 4832 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:45:40.0454 4832 BTHMODEM - ok
19:45:40.0470 4832 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:45:40.0517 4832 BthPan - ok
19:45:40.0548 4832 [ 738d0e9272f59eb7a1449c3ec118e6c4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:45:40.0579 4832 BTHPORT - ok
19:45:40.0626 4832 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
19:45:40.0688 4832 bthserv - ok
19:45:40.0704 4832 [ f188b7394d81010767b6df3178519a37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:45:40.0720 4832 BTHUSB - ok
19:45:40.0766 4832 [ 6bcfdc2b5b7f66d484486d4bd4b39a6b ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:45:40.0766 4832 btwaudio - ok
19:45:40.0782 4832 [ 82dc8b7c626e526681c1bebed2bc3ff9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:45:40.0798 4832 btwavdt - ok
19:45:40.0844 4832 [ d65aa164acd0f6706dbcfbbcc9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:45:40.0860 4832 btwdins - ok
19:45:40.0876 4832 [ 6149301dc3f81d6f9667a3fbac410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:45:40.0891 4832 btwl2cap - ok
19:45:40.0891 4832 [ 28e105ad3b79f440bf94780f507bf66a ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:45:40.0907 4832 btwrchid - ok
19:45:40.0985 4832 [ a7784f6dd505672e11dbd7acdc718e75 ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
19:45:41.0000 4832 CalendarSynchService - ok
19:45:41.0016 4832 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:45:41.0094 4832 cdfs - ok
19:45:41.0172 4832 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:45:41.0219 4832 cdrom - ok
19:45:41.0266 4832 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
19:45:41.0328 4832 CertPropSvc - ok
19:45:41.0359 4832 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:45:41.0406 4832 circlass - ok
19:45:41.0437 4832 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
19:45:41.0484 4832 CLFS - ok
19:45:41.0624 4832 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:45:41.0640 4832 clr_optimization_v2.0.50727_32 - ok
19:45:41.0765 4832 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:45:41.0780 4832 clr_optimization_v2.0.50727_64 - ok
19:45:41.0890 4832 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:45:41.0952 4832 clr_optimization_v4.0.30319_32 - ok
19:45:41.0983 4832 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:45:42.0077 4832 clr_optimization_v4.0.30319_64 - ok
19:45:42.0108 4832 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:45:42.0139 4832 CmBatt - ok
19:45:42.0170 4832 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:45:42.0170 4832 cmdide - ok
19:45:42.0233 4832 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
19:45:42.0264 4832 CNG - ok
19:45:42.0280 4832 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:45:42.0295 4832 Compbatt - ok
19:45:42.0358 4832 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:45:42.0404 4832 CompositeBus - ok
19:45:42.0436 4832 COMSysApp - ok
19:45:42.0451 4832 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:45:42.0467 4832 crcdisk - ok
19:45:42.0529 4832 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:45:42.0607 4832 CryptSvc - ok
19:45:42.0654 4832 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:45:42.0779 4832 DcomLaunch - ok
19:45:42.0810 4832 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
19:45:42.0872 4832 defragsvc - ok
19:45:42.0904 4832 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:45:42.0950 4832 DfsC - ok
19:45:42.0997 4832 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
19:45:43.0044 4832 Dhcp - ok
19:45:43.0075 4832 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
19:45:43.0138 4832 discache - ok
19:45:43.0153 4832 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:45:43.0169 4832 Disk - ok
19:45:43.0216 4832 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:45:43.0262 4832 Dnscache - ok
19:45:43.0309 4832 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:45:43.0372 4832 dot3svc - ok
19:45:43.0418 4832 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
19:45:43.0481 4832 DPS - ok
19:45:43.0512 4832 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:45:43.0528 4832 drmkaud - ok
19:45:43.0574 4832 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:45:43.0606 4832 DXGKrnl - ok
19:45:43.0621 4832 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:45:43.0668 4832 EapHost - ok
19:45:43.0746 4832 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:45:43.0855 4832 ebdrv - ok
19:45:43.0886 4832 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
19:45:43.0949 4832 EFS - ok
19:45:43.0996 4832 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:45:44.0058 4832 ehRecvr - ok
19:45:44.0089 4832 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
19:45:44.0136 4832 ehSched - ok
19:45:44.0183 4832 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:45:44.0214 4832 elxstor - ok
19:45:44.0276 4832 [ 1e345f2a2d95da3190596e691cde9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
19:45:44.0323 4832 EPSON_PM_RPCV4_01 - ok
19:45:44.0339 4832 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:45:44.0354 4832 ErrDev - ok
19:45:44.0401 4832 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
19:45:44.0448 4832 EventSystem - ok
19:45:44.0479 4832 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
19:45:44.0510 4832 exfat - ok
19:45:44.0526 4832 ezSharedSvc - ok
19:45:44.0557 4832 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:45:44.0604 4832 fastfat - ok
19:45:44.0666 4832 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
19:45:44.0713 4832 Fax - ok
19:45:44.0729 4832 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:45:44.0760 4832 fdc - ok
19:45:44.0776 4832 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:45:44.0838 4832 fdPHost - ok
19:45:44.0854 4832 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:45:44.0885 4832 FDResPub - ok
19:45:44.0900 4832 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:45:44.0916 4832 FileInfo - ok
19:45:44.0916 4832 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:45:44.0978 4832 Filetrace - ok
19:45:44.0994 4832 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:45:45.0010 4832 flpydisk - ok
19:45:45.0041 4832 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:45:45.0072 4832 FltMgr - ok
19:45:45.0134 4832 [ b4447f606bb19fd8ad0bafb59b90f5d9 ] FontCache C:\Windows\system32\FntCache.dll
19:45:45.0181 4832 FontCache - ok
19:45:45.0228 4832 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:45:45.0244 4832 FontCache3.0.0.0 - ok
19:45:45.0259 4832 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:45:45.0290 4832 FsDepends - ok
19:45:45.0322 4832 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:45:45.0337 4832 Fs_Rec - ok
19:45:45.0384 4832 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:45:45.0415 4832 fvevol - ok
19:45:45.0431 4832 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:45:45.0446 4832 gagp30kx - ok
19:45:45.0509 4832 [ c44d560e441f091ea3b72f778ec60de2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:45:45.0524 4832 GameConsoleService - ok
19:45:45.0571 4832 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:45:45.0587 4832 GEARAspiWDM - ok
19:45:45.0602 4832 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
19:45:45.0696 4832 gpsvc - ok
19:45:45.0712 4832 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:45:45.0743 4832 hcw85cir - ok
19:45:45.0774 4832 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:45:45.0821 4832 HDAudBus - ok
19:45:45.0836 4832 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:45:45.0883 4832 HidBatt - ok
19:45:45.0914 4832 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:45:45.0930 4832 HidBth - ok
19:45:45.0946 4832 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:45:45.0977 4832 HidIr - ok
19:45:45.0992 4832 [ d4bfba2eec009e26854fe61110ef509f ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
19:45:46.0008 4832 hidkmdf - ok
19:45:46.0039 4832 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
19:45:46.0102 4832 hidserv - ok
19:45:46.0195 4832 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:45:46.0211 4832 HidUsb - ok
19:45:46.0273 4832 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:45:46.0429 4832 hkmsvc - ok
19:45:46.0476 4832 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:45:46.0507 4832 HomeGroupListener - ok
19:45:46.0554 4832 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:45:46.0585 4832 HomeGroupProvider - ok
19:45:46.0632 4832 [ 0141816a095a3f5a83ffa5b4a47b8023 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
19:45:46.0648 4832 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
19:45:46.0648 4832 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
19:45:46.0710 4832 [ fdf273a845f1ffcceadf363aaf47582f ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
19:45:46.0741 4832 hpqwmiex - ok
19:45:46.0757 4832 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:45:46.0757 4832 HpSAMD - ok
19:45:46.0819 4832 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:45:46.0897 4832 HTTP - ok
19:45:46.0928 4832 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:45:46.0928 4832 hwpolicy - ok
19:45:46.0991 4832 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:45:47.0006 4832 i8042prt - ok
19:45:47.0038 4832 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:45:47.0069 4832 iaStorV - ok
19:45:47.0116 4832 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:45:47.0147 4832 idsvc - ok
19:45:47.0178 4832 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:45:47.0194 4832 iirsp - ok
19:45:47.0225 4832 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
19:45:47.0303 4832 IKEEXT - ok
19:45:47.0365 4832 [ bc64b75e8e0a0b8982ab773483164e72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:45:47.0428 4832 IntcAzAudAddService - ok
19:45:47.0443 4832 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
19:45:47.0459 4832 intelide - ok
19:45:47.0474 4832 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:45:47.0506 4832 intelppm - ok
19:45:47.0521 4832 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:45:47.0568 4832 IPBusEnum - ok
19:45:47.0599 4832 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:45:47.0662 4832 IpFilterDriver - ok
19:45:47.0708 4832 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:45:47.0771 4832 iphlpsvc - ok
19:45:47.0802 4832 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:45:47.0833 4832 IPMIDRV - ok
19:45:47.0849 4832 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:45:47.0911 4832 IPNAT - ok
19:45:47.0942 4832 [ a9ab99ee7d39725eafec82732d2b3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:45:47.0974 4832 iPod Service - ok
19:45:47.0989 4832 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:45:48.0067 4832 IRENUM - ok
19:45:48.0098 4832 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:45:48.0114 4832 isapnp - ok
19:45:48.0161 4832 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:45:48.0176 4832 iScsiPrt - ok
19:45:48.0208 4832 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:45:48.0208 4832 kbdclass - ok
19:45:48.0270 4832 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:45:48.0301 4832 kbdhid - ok
19:45:48.0317 4832 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
19:45:48.0332 4832 KeyIso - ok
19:45:48.0364 4832 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:45:48.0379 4832 KSecDD - ok
19:45:48.0395 4832 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:45:48.0410 4832 KSecPkg - ok
19:45:48.0410 4832 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:45:48.0473 4832 ksthunk - ok
19:45:48.0504 4832 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
19:45:48.0551 4832 KtmRm - ok
19:45:48.0598 4832 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:45:48.0644 4832 LanmanServer - ok
19:45:48.0676 4832 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:45:48.0722 4832 LanmanWorkstation - ok
19:45:48.0754 4832 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:45:48.0800 4832 lltdio - ok
19:45:48.0832 4832 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:45:48.0878 4832 lltdsvc - ok
19:45:48.0894 4832 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:45:48.0941 4832 lmhosts - ok
19:45:48.0956 4832 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:45:48.0956 4832 LSI_FC - ok
19:45:48.0972 4832 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:45:48.0988 4832 LSI_SAS - ok
19:45:49.0003 4832 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:45:49.0019 4832 LSI_SAS2 - ok
19:45:49.0019 4832 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:45:49.0034 4832 LSI_SCSI - ok
19:45:49.0050 4832 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
19:45:49.0097 4832 luafv - ok
19:45:49.0128 4832 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:45:49.0159 4832 Mcx2Svc - ok
19:45:49.0159 4832 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:45:49.0175 4832 megasas - ok
19:45:49.0190 4832 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:45:49.0206 4832 MegaSR - ok
19:45:49.0237 4832 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
19:45:49.0284 4832 MMCSS - ok
19:45:49.0300 4832 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:45:49.0346 4832 Modem - ok
19:45:49.0346 4832 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:45:49.0378 4832 monitor - ok
19:45:49.0409 4832 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:45:49.0424 4832 mouclass - ok
19:45:49.0440 4832 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:45:49.0456 4832 mouhid - ok
19:45:49.0487 4832 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:45:49.0502 4832 mountmgr - ok
19:45:49.0580 4832 [ 15d5398eed42c2504bb3d4fc875c15d1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:45:49.0596 4832 MozillaMaintenance - ok
19:45:49.0627 4832 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:45:49.0643 4832 mpio - ok
19:45:49.0674 4832 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:45:49.0736 4832 mpsdrv - ok
19:45:49.0768 4832 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:45:49.0830 4832 MpsSvc - ok
19:45:49.0861 4832 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:45:49.0908 4832 MRxDAV - ok
19:45:49.0939 4832 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:45:49.0986 4832 mrxsmb - ok
19:45:50.0002 4832 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:45:50.0048 4832 mrxsmb10 - ok
19:45:50.0080 4832 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:45:50.0095 4832 mrxsmb20 - ok
19:45:50.0142 4832 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:45:50.0158 4832 msahci - ok
19:45:50.0158 4832 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:45:50.0173 4832 msdsm - ok
19:45:50.0204 4832 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
19:45:50.0220 4832 MSDTC - ok
19:45:50.0236 4832 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:45:50.0282 4832 Msfs - ok
19:45:50.0298 4832 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:45:50.0329 4832 mshidkmdf - ok
19:45:50.0376 4832 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:45:50.0392 4832 msisadrv - ok
19:45:50.0423 4832 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:45:50.0470 4832 MSiSCSI - ok
19:45:50.0470 4832 msiserver - ok
19:45:50.0485 4832 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:45:50.0532 4832 MSKSSRV - ok
19:45:50.0548 4832 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:45:50.0594 4832 MSPCLOCK - ok
19:45:50.0610 4832 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:45:50.0657 4832 MSPQM - ok
19:45:50.0704 4832 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:45:50.0719 4832 MsRPC - ok
19:45:50.0735 4832 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:45:50.0750 4832 mssmbios - ok
19:45:50.0750 4832 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:45:50.0797 4832 MSTEE - ok
19:45:50.0813 4832 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:45:50.0828 4832 MTConfig - ok
19:45:50.0844 4832 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:45:50.0860 4832 Mup - ok
19:45:50.0906 4832 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
19:45:50.0953 4832 napagent - ok
19:45:50.0984 4832 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:45:51.0031 4832 NativeWifiP - ok
19:45:51.0078 4832 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
19:45:51.0109 4832 NDIS - ok
19:45:51.0125 4832 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:45:51.0172 4832 NdisCap - ok
19:45:51.0187 4832 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:45:51.0218 4832 NdisTapi - ok
19:45:51.0265 4832 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:45:51.0328 4832 Ndisuio - ok
19:45:51.0359 4832 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:45:51.0406 4832 NdisWan - ok
19:45:51.0437 4832 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:45:51.0515 4832 NDProxy - ok
19:45:51.0546 4832 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:45:51.0624 4832 NetBIOS - ok
19:45:51.0718 4832 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:45:51.0764 4832 NetBT - ok
19:45:51.0780 4832 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
19:45:51.0796 4832 Netlogon - ok
19:45:51.0842 4832 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
19:45:51.0889 4832 Netman - ok
19:45:51.0936 4832 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:51.0936 4832 NetMsmqActivator - ok
19:45:51.0952 4832 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:51.0952 4832 NetPipeActivator - ok
19:45:51.0983 4832 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
19:45:52.0030 4832 netprofm - ok
19:45:52.0061 4832 [ 44d4bd55191624c82a2745296ba42814 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
19:45:52.0108 4832 netr28x - ok
19:45:52.0108 4832 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:52.0123 4832 NetTcpActivator - ok
19:45:52.0123 4832 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:52.0139 4832 NetTcpPortSharing - ok
19:45:52.0139 4832 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:45:52.0154 4832 nfrd960 - ok
19:45:52.0186 4832 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:45:52.0248 4832 NlaSvc - ok
19:45:52.0248 4832 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:45:52.0279 4832 Npfs - ok
19:45:52.0310 4832 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:45:52.0357 4832 nsi - ok
19:45:52.0373 4832 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:45:52.0404 4832 nsiproxy - ok
19:45:52.0466 4832 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:45:52.0544 4832 Ntfs - ok
19:45:52.0560 4832 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
19:45:52.0622 4832 Null - ok
19:45:52.0825 4832 [ 2218c0f9d4c694460340f2f8adccc9c0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:45:53.0137 4832 nvlddmkm - ok
19:45:53.0184 4832 [ 9c3024e48db4c98e50af7d8b72d0ef89 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
19:45:53.0200 4832 NVNET - ok
19:45:53.0231 4832 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:45:53.0262 4832 nvraid - ok
19:45:53.0278 4832 [ afde3015bb8d76e26bec3b287c5443a0 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
19:45:53.0293 4832 nvsmu - ok
19:45:53.0309 4832 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:45:53.0324 4832 nvstor - ok
19:45:53.0340 4832 [ 6ba747b1a9297a6c0271700d12fdd495 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
19:45:53.0356 4832 nvstor64 - ok
19:45:53.0387 4832 [ 5218967e54dbc9cb4aaea53247a0f275 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:45:53.0402 4832 nvsvc - ok
19:45:53.0434 4832 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:45:53.0449 4832 nv_agp - ok
19:45:53.0465 4832 [ 1a71763dd0df7ab7b435efa1dde710c6 ] NW1950 C:\Windows\system32\DRIVERS\NW1950.sys
19:45:53.0480 4832 NW1950 - ok
19:45:53.0512 4832 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:45:53.0543 4832 ohci1394 - ok
19:45:53.0605 4832 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:45:53.0621 4832 ose - ok
19:45:53.0746 4832 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:45:53.0917 4832 osppsvc - ok
19:45:53.0948 4832 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:45:53.0995 4832 p2pimsvc - ok
19:45:54.0011 4832 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:45:54.0026 4832 p2psvc - ok
19:45:54.0058 4832 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:45:54.0073 4832 Parport - ok
19:45:54.0104 4832 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:45:54.0120 4832 partmgr - ok
19:45:54.0136 4832 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:45:54.0182 4832 PcaSvc - ok
19:45:54.0214 4832 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
19:45:54.0229 4832 pci - ok
19:45:54.0229 4832 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
19:45:54.0245 4832 pciide - ok
19:45:54.0260 4832 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:45:54.0292 4832 pcmcia - ok
19:45:54.0307 4832 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:45:54.0323 4832 pcw - ok
19:45:54.0338 4832 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:45:54.0385 4832 PEAUTH - ok
19:45:54.0463 4832 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:45:54.0494 4832 PerfHost - ok
19:45:54.0572 4832 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
19:45:54.0635 4832 pla - ok
19:45:54.0682 4832 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:45:54.0697 4832 PlugPlay - ok
19:45:54.0728 4832 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:45:54.0760 4832 PNRPAutoReg - ok
19:45:54.0775 4832 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:45:54.0791 4832 PNRPsvc - ok
19:45:54.0822 4832 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:45:54.0869 4832 PolicyAgent - ok
19:45:54.0916 4832 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
19:45:54.0962 4832 Power - ok
19:45:54.0994 4832 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:45:55.0040 4832 PptpMiniport - ok
19:45:55.0072 4832 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:45:55.0087 4832 Processor - ok
19:45:55.0134 4832 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:45:55.0181 4832 ProfSvc - ok
19:45:55.0181 4832 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:45:55.0196 4832 ProtectedStorage - ok
19:45:55.0243 4832 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:45:55.0306 4832 Psched - ok
19:45:55.0368 4832 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:45:55.0415 4832 ql2300 - ok
19:45:55.0446 4832 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:45:55.0462 4832 ql40xx - ok
19:45:55.0493 4832 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
19:45:55.0508 4832 QWAVE - ok
19:45:55.0540 4832 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:45:55.0571 4832 QWAVEdrv - ok
19:45:55.0586 4832 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:45:55.0618 4832 RasAcd - ok
19:45:55.0649 4832 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:45:55.0711 4832 RasAgileVpn - ok
19:45:55.0711 4832 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
19:45:55.0758 4832 RasAuto - ok
19:45:55.0789 4832 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:45:55.0852 4832 Rasl2tp - ok
19:45:55.0898 4832 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
19:45:55.0930 4832 RasMan - ok
19:45:55.0945 4832 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:45:55.0992 4832 RasPppoe - ok
19:45:56.0008 4832 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:45:56.0054 4832 RasSstp - ok
19:45:56.0101 4832 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:45:56.0132 4832 rdbss - ok
19:45:56.0148 4832 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:45:56.0164 4832 rdpbus - ok
19:45:56.0179 4832 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:45:56.0226 4832 RDPCDD - ok
19:45:56.0257 4832 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:45:56.0304 4832 RDPENCDD - ok
19:45:56.0320 4832 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:45:56.0351 4832 RDPREFMP - ok
19:45:56.0398 4832 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:45:56.0429 4832 RDPWD - ok
19:45:56.0460 4832 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:45:56.0491 4832 rdyboost - ok
19:45:56.0507 4832 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:45:56.0569 4832 RemoteAccess - ok
19:45:56.0600 4832 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:45:56.0663 4832 RemoteRegistry - ok
19:45:56.0694 4832 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:45:56.0725 4832 RFCOMM - ok
19:45:56.0803 4832 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:45:56.0897 4832 RpcEptMapper - ok
19:45:56.0912 4832 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
19:45:56.0944 4832 RpcLocator - ok
19:45:56.0990 4832 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
19:45:57.0037 4832 RpcSs - ok
19:45:57.0053 4832 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:45:57.0100 4832 rspndr - ok
19:45:57.0100 4832 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
19:45:57.0115 4832 SamSs - ok
19:45:57.0146 4832 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:45:57.0162 4832 sbp2port - ok
19:45:57.0178 4832 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:45:57.0240 4832 SCardSvr - ok
19:45:57.0271 4832 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:45:57.0349 4832 scfilter - ok
19:45:57.0396 4832 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
19:45:57.0443 4832 Schedule - ok
19:45:57.0490 4832 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
19:45:57.0521 4832 SCPolicySvc - ok
19:45:57.0552 4832 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:45:57.0583 4832 SDRSVC - ok
19:45:57.0599 4832 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:45:57.0661 4832 secdrv - ok
19:45:57.0708 4832 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
19:45:57.0755 4832 seclogon - ok
19:45:57.0755 4832 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
19:45:57.0817 4832 SENS - ok
19:45:57.0848 4832 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:45:57.0895 4832 SensrSvc - ok
19:45:57.0911 4832 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:45:57.0926 4832 Serenum - ok
19:45:57.0958 4832 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:45:57.0989 4832 Serial - ok
19:45:58.0020 4832 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:45:58.0036 4832 sermouse - ok
19:45:58.0082 4832 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:45:58.0114 4832 SessionEnv - ok
19:45:58.0145 4832 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:45:58.0192 4832 sffdisk - ok
19:45:58.0207 4832 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:45:58.0223 4832 sffp_mmc - ok
19:45:58.0254 4832 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:45:58.0285 4832 sffp_sd - ok
19:45:58.0301 4832 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:45:58.0316 4832 sfloppy - ok
19:45:58.0348 4832 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:45:58.0410 4832 SharedAccess - ok
19:45:58.0457 4832 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:45:58.0519 4832 ShellHWDetection - ok
19:45:58.0535 4832 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:45:58.0550 4832 SiSRaid2 - ok
19:45:58.0550 4832 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:45:58.0566 4832 SiSRaid4 - ok
19:45:58.0597 4832 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:45:58.0644 4832 Smb - ok
19:45:58.0691 4832 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:45:58.0706 4832 SNMPTRAP - ok
19:45:58.0722 4832 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:45:58.0738 4832 spldr - ok
19:45:58.0784 4832 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:45:58.0831 4832 Spooler - ok
19:45:58.0909 4832 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
19:45:59.0034 4832 sppsvc - ok
19:45:59.0065 4832 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:45:59.0112 4832 sppuinotify - ok
19:45:59.0159 4832 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
19:45:59.0206 4832 srv - ok
19:45:59.0252 4832 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:45:59.0284 4832 srv2 - ok
19:45:59.0330 4832 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:45:59.0346 4832 srvnet - ok
19:45:59.0377 4832 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:45:59.0440 4832 SSDPSRV - ok
19:45:59.0455 4832 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:45:59.0486 4832 SstpSvc - ok
19:45:59.0518 4832 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:45:59.0533 4832 stexstor - ok
19:45:59.0564 4832 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
19:45:59.0611 4832 stisvc - ok
19:45:59.0642 4832 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:45:59.0658 4832 swenum - ok
19:45:59.0689 4832 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
19:45:59.0736 4832 swprv - ok
19:45:59.0798 4832 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
19:45:59.0892 4832 SysMain - ok
19:45:59.0923 4832 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:45:59.0939 4832 TabletInputService - ok
19:45:59.0986 4832 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:46:00.0048 4832 TapiSrv - ok
19:46:00.0079 4832 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
19:46:00.0110 4832 TBS - ok
19:46:00.0188 4832 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:46:00.0282 4832 Tcpip - ok
19:46:00.0329 4832 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:46:00.0376 4832 TCPIP6 - ok
19:46:00.0407 4832 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:46:00.0454 4832 tcpipreg - ok
19:46:00.0500 4832 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:46:00.0532 4832 TDPIPE - ok
19:46:00.0563 4832 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:46:00.0578 4832 TDTCP - ok
19:46:00.0610 4832 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:46:00.0656 4832 tdx - ok
19:46:00.0672 4832 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:46:00.0688 4832 TermDD - ok
19:46:00.0734 4832 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
19:46:00.0766 4832 TermService - ok
19:46:00.0781 4832 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
19:46:00.0828 4832 Themes - ok
19:46:00.0844 4832 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
19:46:00.0875 4832 THREADORDER - ok
19:46:00.0890 4832 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
19:46:00.0953 4832 TrkWks - ok
19:46:01.0015 4832 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:46:01.0078 4832 TrustedInstaller - ok
19:46:01.0109 4832 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:46:01.0156 4832 tssecsrv - ok
19:46:01.0187 4832 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:46:01.0202 4832 TsUsbFlt - ok
19:46:01.0234 4832 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:46:01.0280 4832 tunnel - ok
19:46:01.0327 4832 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:46:01.0343 4832 uagp35 - ok
19:46:01.0358 4832 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:46:01.0436 4832 udfs - ok
19:46:01.0468 4832 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:46:01.0499 4832 UI0Detect - ok
19:46:01.0546 4832 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:46:01.0561 4832 uliagpkx - ok
19:46:01.0608 4832 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:46:01.0639 4832 umbus - ok
19:46:01.0639 4832 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:46:01.0670 4832 UmPass - ok
19:46:01.0702 4832 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
19:46:01.0748 4832 upnphost - ok
19:46:01.0795 4832 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:46:01.0826 4832 USBAAPL64 - ok
19:46:01.0858 4832 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:46:01.0904 4832 usbccgp - ok
19:46:01.0951 4832 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:46:01.0982 4832 usbcir - ok
19:46:01.0982 4832 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:46:02.0014 4832 usbehci - ok
19:46:02.0045 4832 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:46:02.0076 4832 usbhub - ok
19:46:02.0107 4832 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:46:02.0138 4832 usbohci - ok
19:46:02.0154 4832 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:46:02.0201 4832 usbprint - ok
19:46:02.0232 4832 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:46:02.0248 4832 usbscan - ok
19:46:02.0263 4832 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
19:46:02.0279 4832 USBSTOR - ok
19:46:02.0310 4832 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:46:02.0341 4832 usbuhci - ok
19:46:02.0357 4832 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:46:02.0372 4832 usbvideo - ok
19:46:02.0388 4832 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
19:46:02.0435 4832 UxSms - ok
19:46:02.0450 4832 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
19:46:02.0466 4832 VaultSvc - ok
19:46:02.0513 4832 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:46:02.0528 4832 vdrvroot - ok
19:46:02.0575 4832 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
19:46:02.0606 4832 vds - ok
19:46:02.0622 4832 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:46:02.0638 4832 vga - ok
19:46:02.0653 4832 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
19:46:02.0716 4832 VgaSave - ok
19:46:02.0731 4832 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:46:02.0747 4832 vhdmp - ok
19:46:02.0778 4832 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:46:02.0778 4832 viaide - ok
19:46:02.0794 4832 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:46:02.0809 4832 volmgr - ok
19:46:02.0840 4832 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:46:02.0856 4832 volmgrx - ok
19:46:02.0872 4832 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:46:02.0887 4832 volsnap - ok
19:46:02.0903 4832 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:46:02.0918 4832 vsmraid - ok
19:46:02.0981 4832 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
19:46:03.0059 4832 VSS - ok
19:46:03.0059 4832 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:46:03.0090 4832 vwifibus - ok
19:46:03.0106 4832 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:46:03.0121 4832 vwififlt - ok
19:46:03.0137 4832 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:46:03.0168 4832 vwifimp - ok
19:46:03.0199 4832 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
19:46:03.0246 4832 W32Time - ok
19:46:03.0277 4832 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:46:03.0277 4832 WacomPen - ok
19:46:03.0324 4832 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:46:03.0371 4832 WANARP - ok
19:46:03.0386 4832 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:46:03.0418 4832 Wanarpv6 - ok
19:46:03.0496 4832 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
19:46:03.0574 4832 wbengine - ok
19:46:03.0589 4832 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:46:03.0605 4832 WbioSrvc - ok
19:46:03.0652 4832 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:46:03.0667 4832 wcncsvc - ok
19:46:03.0683 4832 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:46:03.0698 4832 WcsPlugInService - ok
19:46:03.0730 4832 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:46:03.0745 4832 Wd - ok
19:46:03.0761 4832 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:46:03.0792 4832 Wdf01000 - ok
19:46:03.0823 4832 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:46:03.0870 4832 WdiServiceHost - ok
19:46:03.0870 4832 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:46:03.0901 4832 WdiSystemHost - ok
19:46:03.0932 4832 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:46:03.0979 4832 WebClient - ok
19:46:03.0995 4832 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:46:04.0042 4832 Wecsvc - ok
19:46:04.0073 4832 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:46:04.0120 4832 wercplsupport - ok
19:46:04.0135 4832 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:46:04.0182 4832 WerSvc - ok
19:46:04.0198 4832 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:46:04.0229 4832 WfpLwf - ok
19:46:04.0244 4832 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:46:04.0260 4832 WIMMount - ok
19:46:04.0276 4832 WinDefend - ok
19:46:04.0291 4832 WinHttpAutoProxySvc - ok
19:46:04.0354 4832 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:46:04.0400 4832 Winmgmt - ok
19:46:04.0463 4832 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
19:46:04.0572 4832 WinRM - ok
19:46:04.0634 4832 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:46:04.0650 4832 WinUsb - ok
19:46:04.0681 4832 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
19:46:04.0712 4832 Wlansvc - ok
19:46:04.0744 4832 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:46:04.0759 4832 WmiAcpi - ok
19:46:04.0790 4832 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:46:04.0822 4832 wmiApSrv - ok
19:46:04.0822 4832 WMPNetworkSvc - ok
19:46:04.0837 4832 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:46:04.0868 4832 WPCSvc - ok
19:46:04.0900 4832 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:46:04.0931 4832 WPDBusEnum - ok
19:46:04.0931 4832 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:46:04.0978 4832 ws2ifsl - ok
19:46:04.0993 4832 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\System32\wscsvc.dll
19:46:05.0024 4832 wscsvc - ok
19:46:05.0024 4832 WSearch - ok
19:46:05.0102 4832 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:46:05.0180 4832 wuauserv - ok
19:46:05.0196 4832 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:46:05.0258 4832 WudfPf - ok
19:46:05.0290 4832 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:46:05.0336 4832 WUDFRd - ok
19:46:05.0368 4832 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:46:05.0399 4832 wudfsvc - ok
19:46:05.0430 4832 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
19:46:05.0446 4832 WwanSvc - ok
19:46:05.0539 4832 [ 74983addca2d9618512c088d856d6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
19:46:05.0555 4832 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
19:46:05.0570 4832 ================ Scan global ===============================
19:46:05.0602 4832 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
19:46:05.0648 4832 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
19:46:05.0648 4832 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
19:46:05.0680 4832 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
19:46:05.0695 4832 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
19:46:05.0695 4832 [Global] - ok
19:46:05.0695 4832 ================ Scan MBR ==================================
19:46:05.0711 4832 MBR (0x1B8) (554b9336f98a5767cf95768a24d70cf2) \Device\Harddisk0\DR0
19:46:05.0960 4832 \Device\Harddisk0\DR0 - ok
19:46:05.0960 4832 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
19:46:08.0690 4832 \Device\Harddisk1\DR1 - ok
19:46:08.0706 4832 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk2\DR2
19:46:08.0831 4832 \Device\Harddisk2\DR2 - ok
19:46:08.0831 4832 ================ Scan VBR ==================================
19:46:08.0831 4832 Boot (0x1200) (85785ba33ea2be67d545e1583f4a1a2e) \Device\Harddisk0\DR0\Partition1
19:46:08.0846 4832 \Device\Harddisk0\DR0\Partition1 - ok
19:46:08.0862 4832 Boot (0x1200) (3b4aad1a4e27fe92f8059d385aee1a77) \Device\Harddisk0\DR0\Partition2
19:46:08.0862 4832 \Device\Harddisk0\DR0\Partition2 - ok
19:46:08.0893 4832 Boot (0x1200) (7b11cd15d42d8eb4294fd60bfaed6839) \Device\Harddisk0\DR0\Partition3
19:46:08.0893 4832 \Device\Harddisk0\DR0\Partition3 - ok
19:46:08.0909 4832 Boot (0x1200) (9cb232ecd3e5276b161a300765521b3b) \Device\Harddisk1\DR1\Partition1
19:46:08.0909 4832 \Device\Harddisk1\DR1\Partition1 - ok
19:46:08.0909 4832 Boot (0x1200) (479a96cfb2ad7c1ca990383e22e3d242) \Device\Harddisk2\DR2\Partition1
19:46:08.0909 4832 \Device\Harddisk2\DR2\Partition1 - ok
19:46:08.0909 4832 ============================================================
19:46:08.0909 4832 Scan finished
19:46:08.0909 4832 ============================================================
19:46:08.0924 11848 Detected object count: 1
19:46:08.0924 11848 Actual detected object count: 1
19:47:27.0080 11848 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:47:27.0080 11848 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.08.2012, 16:28
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
25.08.2012, 14:36
| #19 |
| | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom RechnerCode:
ATTFilter ComboFix 12-08-25.04 - Melanie 25.08.2012 14:30:29.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2767 [GMT 2:00]
ausgeführt von:: c:\users\Melanie\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\inf\autorun.inf
c:\windows\inf\win32
c:\windows\inf\win32\0x0404.ini
c:\windows\inf\win32\0x0405.ini
c:\windows\inf\win32\0x0406.ini
c:\windows\inf\win32\0x0407.ini
c:\windows\inf\win32\0x0408.ini
c:\windows\inf\win32\0x0409.ini
c:\windows\inf\win32\0x040a.ini
c:\windows\inf\win32\0x040b.ini
c:\windows\inf\win32\0x040c.ini
c:\windows\inf\win32\0x040e.ini
c:\windows\inf\win32\0x0410.ini
c:\windows\inf\win32\0x0411.ini
c:\windows\inf\win32\0x0412.ini
c:\windows\inf\win32\0x0413.ini
c:\windows\inf\win32\0x0414.ini
c:\windows\inf\win32\0x0415.ini
c:\windows\inf\win32\0x0416.ini
c:\windows\inf\win32\0x0418.ini
c:\windows\inf\win32\0x0419.ini
c:\windows\inf\win32\0x041a.ini
c:\windows\inf\win32\0x041d.ini
c:\windows\inf\win32\0x041f.ini
c:\windows\inf\win32\0x0804.ini
c:\windows\inf\win32\0x0816.ini
c:\windows\inf\win32\1028.mst
c:\windows\inf\win32\1029.mst
c:\windows\inf\win32\1030.mst
c:\windows\inf\win32\1031.mst
c:\windows\inf\win32\1032.mst
c:\windows\inf\win32\1033.mst
c:\windows\inf\win32\1034.mst
c:\windows\inf\win32\1035.mst
c:\windows\inf\win32\1036.mst
c:\windows\inf\win32\1038.mst
c:\windows\inf\win32\1040.mst
c:\windows\inf\win32\1041.mst
c:\windows\inf\win32\1042.mst
c:\windows\inf\win32\1043.mst
c:\windows\inf\win32\1044.mst
c:\windows\inf\win32\1045.mst
c:\windows\inf\win32\1046.mst
c:\windows\inf\win32\1048.mst
c:\windows\inf\win32\1049.mst
c:\windows\inf\win32\1050.mst
c:\windows\inf\win32\1053.mst
c:\windows\inf\win32\1055.mst
c:\windows\inf\win32\2052.mst
c:\windows\inf\win32\2070.mst
c:\windows\inf\win32\BBalloon.dll
c:\windows\inf\win32\brcmVista\bcbthid32.cat
c:\windows\inf\win32\brcmVista\bcbthid32.inf
c:\windows\inf\win32\brcmVista\bcbtums-win7x86-brcm.cat
c:\windows\inf\win32\brcmVista\Bcbtums-Win7x86-brcm.inf
c:\windows\inf\win32\brcmVista\btusbflt.sys
c:\windows\inf\win32\brcmVista\DPInst.exe
c:\windows\inf\win32\brcmWin7\bcbthid32.cat
c:\windows\inf\win32\brcmWin7\bcbthid32.inf
c:\windows\inf\win32\brcmWin7\bcbtums-win7x86-brcm.cat
c:\windows\inf\win32\brcmWin7\Bcbtums-Win7x86-brcm.inf
c:\windows\inf\win32\brcmWin7\btusbflt.sys
c:\windows\inf\win32\brcmWin7\DPInst.exe
c:\windows\inf\win32\BtSetup.dll
c:\windows\inf\win32\BTW.msi
c:\windows\inf\win32\btw_ci.dll
c:\windows\inf\win32\btwaudio.cat
c:\windows\inf\win32\btwaudio.inf
c:\windows\inf\win32\btwaudio.sys
c:\windows\inf\win32\btwavdt.cat
c:\windows\inf\win32\btwavdt.inf
c:\windows\inf\win32\btwavdt.sys
c:\windows\inf\win32\btwl2cap.cat
c:\windows\inf\win32\btwl2cap.inf
c:\windows\inf\win32\BTWL2CAP.sys
c:\windows\inf\win32\BtwMM.exe
c:\windows\inf\win32\btwprofpack.dll
c:\windows\inf\win32\btwrchid.cat
c:\windows\inf\win32\btwrchid.inf
c:\windows\inf\win32\btwrchid.sys
c:\windows\inf\win32\BtwRSupport.dll
c:\windows\inf\win32\Data1.cab
c:\windows\inf\win32\Inst.exe
c:\windows\inf\win32\instmsia.exe
c:\windows\inf\win32\instmsiw.exe
c:\windows\inf\win32\Setup.exe
c:\windows\inf\win32\Setup.ini
c:\windows\inf\win32\svcpack\SvcPack.ini
c:\windows\SysWow64\pt
c:\windows\SysWow64\pt\Lagoon.resources.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ACPIService
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-25 bis 2012-08-25 ))))))))))))))))))))))))))))))
.
.
2012-08-24 05:44 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C9F68855-1556-477A-ACBC-59AB9D7345E5}\mpengine.dll
2012-08-17 01:06 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-16 07:00 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-16 07:00 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-16 07:00 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-16 07:00 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-16 07:00 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-16 07:00 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-16 07:00 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 07:00 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-16 07:00 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-16 07:00 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-16 07:00 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-16 07:00 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-14 21:24 . 2012-08-14 21:24 -------- d-----w- C:\_OTL
2012-08-11 11:37 . 2012-08-11 11:37 -------- d-----w- c:\program files (x86)\Advanced MP3 Converter
2012-08-07 16:16 . 2012-08-17 01:01 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-07 16:03 . 2012-08-07 16:03 -------- d-----w- c:\windows\system32\SPReview
2012-08-07 16:01 . 2012-08-07 16:01 -------- d-----w- c:\windows\system32\EventProviders
2012-08-03 12:34 . 2012-08-03 12:34 -------- d-----w- c:\users\Melanie\temp
2012-08-03 12:34 . 2012-08-03 12:49 -------- d-----w- c:\users\Melanie\AppData\Roaming\TeamViewer
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 06:41 . 2012-07-08 20:49 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 06:41 . 2012-07-08 20:49 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-07 16:13 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-08-07 16:13 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-13 23:29 . 2012-07-13 23:29 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-07-13 23:29 . 2012-07-13 23:29 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-07-13 23:29 . 2012-07-13 23:29 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-07-13 23:29 . 2012-07-13 23:29 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-07-13 23:29 . 2012-07-13 23:29 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-07-13 23:29 . 2012-07-13 23:29 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-07-13 23:29 . 2012-07-13 23:29 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-07-13 23:29 . 2012-07-13 23:29 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-07-13 23:29 . 2012-07-13 23:29 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-07-13 23:29 . 2012-07-13 23:29 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-07-13 23:29 . 2012-07-13 23:29 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-07-13 23:29 . 2012-07-13 23:29 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-07-13 23:29 . 2012-07-13 23:29 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-07-13 23:29 . 2012-07-13 23:29 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-07-13 23:29 . 2012-07-13 23:29 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-07-13 23:29 . 2012-07-13 23:29 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-07-13 23:29 . 2012-07-13 23:29 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-07-13 23:29 . 2012-07-13 23:29 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-07-13 23:29 . 2012-07-13 23:29 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-07-13 23:29 . 2012-07-13 23:29 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-07-13 23:29 . 2012-07-13 23:29 82432 ----a-w- c:\windows\system32\icardie.dll
2012-07-13 23:29 . 2012-07-13 23:29 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-07-13 23:29 . 2012-07-13 23:29 697344 ----a-w- c:\windows\system32\msfeeds.dll
2012-07-13 23:29 . 2012-07-13 23:29 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-07-13 23:29 . 2012-07-13 23:29 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-07-13 23:29 . 2012-07-13 23:29 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-07-13 23:29 . 2012-07-13 23:29 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-07-13 23:29 . 2012-07-13 23:29 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-07-13 23:29 . 2012-07-13 23:29 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-07-13 23:29 . 2012-07-13 23:29 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-07-13 23:29 . 2012-07-13 23:29 448512 ----a-w- c:\windows\system32\html.iec
2012-07-13 23:29 . 2012-07-13 23:29 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-07-13 23:29 . 2012-07-13 23:29 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-07-13 23:29 . 2012-07-13 23:29 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-07-13 23:29 . 2012-07-13 23:29 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-13 23:29 . 2012-07-13 23:29 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-07-13 23:29 . 2012-07-13 23:29 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-07-13 23:29 . 2012-07-13 23:29 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-07-13 23:29 . 2012-07-13 23:29 222208 ----a-w- c:\windows\system32\msls31.dll
2012-07-13 23:29 . 2012-07-13 23:29 197120 ----a-w- c:\windows\system32\msrating.dll
2012-07-13 23:29 . 2012-07-13 23:29 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-07-13 23:29 . 2012-07-13 23:29 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-07-13 23:29 . 2012-07-13 23:29 160256 ----a-w- c:\windows\system32\wextract.exe
2012-07-13 23:29 . 2012-07-13 23:29 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-07-13 23:29 . 2012-07-13 23:29 149504 ----a-w- c:\windows\system32\occache.dll
2012-07-13 23:29 . 2012-07-13 23:29 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-07-13 23:29 . 2012-07-13 23:29 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-07-13 23:29 . 2012-07-13 23:29 12288 ----a-w- c:\windows\system32\mshta.exe
2012-07-13 23:29 . 2012-07-13 23:29 114176 ----a-w- c:\windows\system32\admparse.dll
2012-07-13 23:29 . 2012-07-13 23:29 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-07-13 23:29 . 2012-07-13 23:29 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-07-13 23:29 . 2012-07-13 23:29 103936 ----a-w- c:\windows\system32\inseng.dll
2012-07-09 11:32 . 2012-07-08 20:36 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-07-09 11:32 . 2012-07-08 20:36 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-07-08 21:51 . 2012-07-08 21:51 2300696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-07-08 21:51 . 2012-07-08 21:51 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-07-08 21:51 . 2012-07-08 21:51 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-07-08 12:57 . 2009-10-08 17:44 588472 ----a-w- c:\windows\SysWow64\ezsvc7x.dll
2012-07-03 11:46 . 2012-07-08 20:43 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-09 05:43 . 2012-07-12 03:31 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-12 03:31 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-12 03:31 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-12 03:31 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-12 03:31 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-12 03:31 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-12 03:31 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-07-08 12:39 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-07-08 12:39 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-07-08 12:39 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-07-08 12:39 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-07-08 12:39 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-07-08 12:39 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-07-08 12:39 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-07-08 12:38 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-07-08 12:38 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:50 . 2012-07-12 03:31 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-12 03:31 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-12 03:31 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-12 03:31 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-12 03:31 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-12 03:31 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-12 03:31 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-12 03:31 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-12 03:31 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2012-07-08 12:44 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-07-15 1668664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP KEYBOARDx"="c:\program files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" [2009-07-15 715264]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"Buttons & OSDs control application gen3"="c:\program files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe" [2009-07-03 212992]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-05-12 581480]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-06-22 60464]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-31 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 hidkmdf;Microsoft HID Class Shim for KMDF;c:\windows\system32\DRIVERS\hidkmdf.sys [2009-07-29 13816]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/08 19:20];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-07-23 18:45 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-03-31 92160]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-07-09 375760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-09 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-07-09 465360]
S2 CalendarSynchService;CalendarSynchService;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2009-07-09 21560]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 AVerAVF2;AVerAVF2;c:\windows\system32\DRIVERS\AVerAVF2.sys [2009-08-04 1019776]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-05-19 702976]
S3 NW1950;NextWindow 1950 Touch Screen;c:\windows\system32\DRIVERS\NW1950.sys [2009-07-29 24568]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 06:41]
.
2012-08-09 c:\windows\Tasks\HPCeeScheduleForMelanie.job
- c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-10-08 12:38]
.
2012-07-08 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-31 16336416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de/
uLocal Page = c:\windows\system32\blank.htm
mStart Page =
mLocal Page =
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 62.109.123.196 213.191.74.18
FF - ProfilePath - c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\qisd9gez.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-25 15:20:24 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-25 13:20
.
Vor Suchlauf: 10 Verzeichnis(se), 830.935.130.112 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 831.285.145.600 Bytes frei
.
- - End Of File - - A375C1D0441349B219BF7BF27C93F194
|
|
30.08.2012, 14:33
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.08.2012, 20:41
| #21 |
| | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner Hallo, bevor ich das alles mach wollte ich Dir noch folgendes mitteilen. Es kommt momentan immer folgende Fehlermeldung nach dem Start von Windows. |
|
30.08.2012, 21:46
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner JAN2OSD ist irgendwas von HP Poste die anderen Logs bitte
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2012, 07:30
| #23 |
| | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom RechnerCode:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 08:00:16 on 05.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 13.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "HPCeeScheduleForMelanie.job" - "Hewlett-Packard" - C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "PCDRScheduledMaintenance.job" - "PC-Doctor, Inc." - C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~4\Office14\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {E54729E8-BB3D-4270-9D49-7389EA579090} "EasyBits ShellExecute Hook" - "EasyBits Software Corp." - C:\Windows\SysWow64\EZUPBH~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~4\Office14\MLSHEXT.DLL {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll "Senden an Bluetooth" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "Bluetooth.lnk" - ? - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File not found) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "HPADVISOR" - "Hewlett-Packard" - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "Buttons & OSDs control application gen3" - "Hewlett-Packard" - c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe "DivXUpdate" - ? - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "Easybits Recovery" - "EasyBits Software AS" - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe "HP KEYBOARDx" - "Hewlett-Packard" - "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" "HP Remote Solution" - ? - %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe "HP Software Update" - "Hewlett-Packard" - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe "hpsysdrv" - "Hewlett-Packard" - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe "iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "NortonOnlineBackupReminder" - "Symantec Corporation" - "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED "UpdatePRCShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe "Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Email Schutz" (AntiVirMailService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe "CalendarSynchService" (CalendarSynchService) - "Hewlett-Packard" - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Easybits Shared Services for Windows" (ezSharedSvc) - ? - C:\Windows\System32\ezsvc7.dll (File not found) "GameConsoleService" (GameConsoleService) - "WildTangent, Inc." - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe "HP Health Check Service" (HP Health Check Service) - "Hewlett-Packard" - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe "hpqwmiex" (hpqwmiex) - "Hewlett-Packard Development Company, L.P." - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "AVSDA" - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-05 08:22:51
-----------------------------
08:22:51.260 OS Version: Windows x64 6.1.7601 Service Pack 1
08:22:51.260 Number of processors: 2 586 0x170A
08:22:51.260 ComputerName: HOMEBASE UserName: Melanie
08:22:52.970 Initialize success
08:22:59.059 AVAST engine defs: 12090401
08:23:34.152 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
08:23:34.152 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
08:23:34.246 Disk 0 MBR read successfully
08:23:34.246 Disk 0 MBR scan
08:23:34.246 Disk 0 unknown MBR code
08:23:34.246 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:23:34.262 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 938419 MB offset 206848
08:23:34.308 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15348 MB offset 1922088960
08:23:34.355 Disk 0 scanning C:\Windows\system32\drivers
08:23:46.367 Service scanning
08:24:05.742 Modules scanning
08:24:05.742 Disk 0 trace - called modules:
08:24:05.758 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
08:24:05.774 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80041c8060]
08:24:05.774 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa800405e4b0]
08:24:05.789 5 ACPI.sys[fffff88000f9f7a1] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa800405e8f0]
08:24:05.805 Scan finished successfully
08:25:23.820 Disk 0 MBR has been saved successfully to "C:\Users\Melanie\Desktop\MBR.dat"
08:25:23.820 The log file has been saved successfully to "C:\Users\Melanie\Desktop\aswMBR.txt"
|
|
05.09.2012, 14:21
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner Was ist mit GMER?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.09.2012, 21:12
| #25 |
| | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner Das hängt sich regelmäßig auf. Hab das dann sein lassen, so wie beschrieben. |
|
07.09.2012, 09:17
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.09.2012, 14:14
| #27 |
| | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom RechnerCode:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-08 15:05:44
-----------------------------
15:05:44.302 OS Version: Windows x64 6.1.7601 Service Pack 1
15:05:44.302 Number of processors: 2 586 0x170A
15:05:44.302 ComputerName: HOMEBASE UserName: Melanie
15:05:45.799 Initialize success
15:05:52.055 AVAST engine defs: 12090800
15:06:42.615 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
15:06:42.615 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
15:06:42.630 Disk 0 MBR read successfully
15:06:42.630 Disk 0 MBR scan
15:06:42.646 Disk 0 Windows 7 default MBR code
15:06:42.646 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:06:42.661 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 938419 MB offset 206848
15:06:42.708 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15348 MB offset 1922088960
15:06:42.755 Disk 0 scanning C:\Windows\system32\drivers
15:06:53.472 Service scanning
15:07:14.267 Modules scanning
15:07:14.267 Disk 0 trace - called modules:
15:07:14.283 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
15:07:14.298 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800454a1a0]
15:07:14.298 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa800407b040]
15:07:14.298 5 ACPI.sys[fffff88000f577a1] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa800407b660]
15:07:14.314 Scan finished successfully
15:11:50.356 Disk 0 MBR has been saved successfully to "C:\Users\Melanie\Desktop\MBR.dat"
15:11:50.356 The log file has been saved successfully to "C:\Users\Melanie\Desktop\aswMBR.txt"
|
|
10.09.2012, 15:01
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.09.2012, 06:49
| #29 |
| | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom RechnerCode:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.10.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Melanie :: HOMEBASE [Administrator] 10.09.2012 22:23:29 mbam-log-2012-09-10 (22-23-29).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|H:\|I:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 387755 Laufzeit: 1 Stunde(n), 59 Minute(n), 20 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/11/2012 at 00:15 AM
Application Version : 5.5.1016
Core Rules Database Version : 9202
Trace Rules Database Version: 7014
Scan type : Complete Scan
Total Scan Time : 01:51:57
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 666
Memory threats detected : 0
Registry items scanned : 65522
Registry threats detected : 0
File items scanned : 53736
File threats detected : 5
Adware.Tracking Cookie
cdn1.image.freeporn.com [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CWRTHTTL ]
hellporno.com [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CWRTHTTL ]
s0.2mdn.net [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CWRTHTTL ]
www.alphaporno.com [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CWRTHTTL ]
www.porntube.com [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CWRTHTTL ]
|
|
11.09.2012, 16:01
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom RechnerCode:
ATTFilter UAC On - Limited User
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu mystart.incredibar.com/mb167?a=6OyHKtQsfR&loc=FF_NT >> wie bekomme ich das wieder vom Rechner |
| hallo zusammen, helft, heuristiks/extra, heuristiks/shuriken, installation, installiere, installieren, nicht mehr, nichts, pup.bundleinstaller.somoto, rechner, runter, schonmal, versuch, versucht, zusammen |
Linear-Darstellung
