| |
| |||||||
Log-Analyse und Auswertung: JS/Redirector.SY.1 auf Windows7Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
07.08.2012, 20:19
| #16 |
 |  JS/Redirector.SY.1 auf Windows7 OTL nach FIX Code:
ATTFilter All processes killed
========== OTL ==========
HKU\S-1-5-21-2605418324-2980670176-2094709680-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-2605418324-2980670176-2094709680-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKU\S-1-5-21-2605418324-2980670176-2094709680-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLinkedConnections deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aec968bb-df00-11e0-88f1-bc77371c8553}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aec968bb-df00-11e0-88f1-bc77371c8553}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aec968bb-df00-11e0-88f1-bc77371c8553}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aec968bb-df00-11e0-88f1-bc77371c8553}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aec968d3-df00-11e0-88f1-bc77371c8553}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aec968d3-df00-11e0-88f1-bc77371c8553}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aec968d3-df00-11e0-88f1-bc77371c8553}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aec968d3-df00-11e0-88f1-bc77371c8553}\ not found.
File F:\AutoRun.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Antje Note
->Temp folder emptied: 7387567 bytes
->Temporary Internet Files folder emptied: 109992297 bytes
->Java cache emptied: 167811 bytes
->FireFox cache emptied: 1105595384 bytes
->Flash cache emptied: 66020 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Dirk
->Temp folder emptied: 29555222 bytes
->Temporary Internet Files folder emptied: 62897061 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 358891748 bytes
->Flash cache emptied: 59680 bytes
User: Gast
->Temp folder emptied: 172174 bytes
->Temporary Internet Files folder emptied: 33651 bytes
->FireFox cache emptied: 113822815 bytes
->Flash cache emptied: 57643 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2219740 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 1213531 bytes
Total Files Cleaned = 1.709,00 mb
[EMPTYFLASH]
User: All Users
User: Antje Note
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Dirk
->Flash cache emptied: 0 bytes
User: Gast
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.56.0 log created on 08072012_210618
Files\Folders moved on Reboot...
C:\Users\Antje Note\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\Antje Note\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
|
|
08.08.2012, 19:53
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | JS/Redirector.SY.1 auf Windows7 Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
08.08.2012, 21:01
| #18 |
| | JS/Redirector.SY.1 auf Windows7Code:
ATTFilter 21:55:42.0565 2624 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:55:42.0862 2624 ============================================================
21:55:42.0862 2624 Current date / time: 2012/08/08 21:55:42.0862
21:55:42.0862 2624 SystemInfo:
21:55:42.0862 2624
21:55:42.0862 2624 OS Version: 6.1.7601 ServicePack: 1.0
21:55:42.0862 2624 Product type: Workstation
21:55:42.0862 2624 ComputerName: ANTJENOTE
21:55:42.0862 2624 UserName: Antje Note
21:55:42.0862 2624 Windows directory: C:\Windows
21:55:42.0862 2624 System windows directory: C:\Windows
21:55:42.0862 2624 Running under WOW64
21:55:42.0862 2624 Processor architecture: Intel x64
21:55:42.0862 2624 Number of processors: 4
21:55:42.0862 2624 Page size: 0x1000
21:55:42.0862 2624 Boot type: Normal boot
21:55:42.0862 2624 ============================================================
21:55:43.0408 2624 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:55:43.0423 2624 ============================================================
21:55:43.0423 2624 \Device\Harddisk0\DR0:
21:55:43.0423 2624 MBR partitions:
21:55:43.0423 2624 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32800
21:55:43.0423 2624 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x52313000
21:55:43.0454 2624 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x52346800, BlocksNum 0x4BFD000
21:55:43.0486 2624 ============================================================
21:55:43.0532 2624 C: <-> \Device\Harddisk0\DR0\Partition1
21:55:43.0595 2624 D: <-> \Device\Harddisk0\DR0\Partition2
21:55:43.0595 2624 ============================================================
21:55:43.0595 2624 Initialize success
21:55:43.0595 2624 ============================================================
21:56:38.0476 5064 ============================================================
21:56:38.0476 5064 Scan started
21:56:38.0476 5064 Mode: Manual; SigCheck; TDLFS;
21:56:38.0476 5064 ============================================================
21:56:38.0975 5064 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:56:39.0162 5064 1394ohci - ok
21:56:39.0225 5064 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:56:39.0256 5064 ACPI - ok
21:56:39.0287 5064 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:56:39.0381 5064 AcpiPmi - ok
21:56:39.0521 5064 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:56:39.0552 5064 AdobeARMservice - ok
21:56:39.0630 5064 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:56:39.0677 5064 adp94xx - ok
21:56:39.0739 5064 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:56:39.0771 5064 adpahci - ok
21:56:39.0802 5064 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:56:39.0817 5064 adpu320 - ok
21:56:39.0849 5064 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:56:40.0036 5064 AeLookupSvc - ok
21:56:40.0098 5064 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:56:40.0176 5064 AFD - ok
21:56:40.0223 5064 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:56:40.0239 5064 agp440 - ok
21:56:40.0301 5064 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:56:40.0379 5064 ALG - ok
21:56:40.0426 5064 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:56:40.0457 5064 aliide - ok
21:56:40.0488 5064 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:56:40.0504 5064 amdide - ok
21:56:40.0535 5064 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:56:40.0597 5064 AmdK8 - ok
21:56:40.0644 5064 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:56:40.0707 5064 AmdPPM - ok
21:56:40.0738 5064 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:56:40.0769 5064 amdsata - ok
21:56:40.0800 5064 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:56:40.0816 5064 amdsbs - ok
21:56:40.0847 5064 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:56:40.0863 5064 amdxata - ok
21:56:40.0909 5064 AMPPAL (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys
21:56:40.0987 5064 AMPPAL - ok
21:56:41.0003 5064 AMPPALP (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys
21:56:41.0034 5064 AMPPALP - ok
21:56:41.0143 5064 AMPPALR3 (83a0e7ba4ae616d3654e700d9c5ff9db) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:56:41.0206 5064 AMPPALR3 - ok
21:56:41.0315 5064 AmUStor (08d51900c07bae4f1fc82fc669b99b79) C:\Windows\system32\drivers\AmUStor.SYS
21:56:41.0393 5064 AmUStor - ok
21:56:41.0658 5064 AntiVirMailService (b9b5dfafea592bd4ca967824ebb42e3d) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
21:56:41.0689 5064 AntiVirMailService - ok
21:56:41.0736 5064 AntiVirSchedulerService (67b1d78711b4386c26241096326ee14a) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:56:41.0752 5064 AntiVirSchedulerService - ok
21:56:41.0799 5064 AntiVirService (845c4e7ae211edad5e0b832126f56932) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:56:41.0814 5064 AntiVirService - ok
21:56:41.0877 5064 AntiVirWebService (30d71e0c149943a8985d02ea0944f2fe) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
21:56:41.0908 5064 AntiVirWebService - ok
21:56:41.0970 5064 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:56:42.0064 5064 AppID - ok
21:56:42.0111 5064 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:56:42.0204 5064 AppIDSvc - ok
21:56:42.0267 5064 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:56:42.0345 5064 Appinfo - ok
21:56:42.0391 5064 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:56:42.0391 5064 arc - ok
21:56:42.0438 5064 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:56:42.0454 5064 arcsas - ok
21:56:42.0516 5064 ASLDRService (efd89582b55dd32dc79c1a4eb54612a1) C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
21:56:42.0532 5064 ASLDRService - ok
21:56:42.0594 5064 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:56:42.0672 5064 AsyncMac - ok
21:56:42.0703 5064 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:56:42.0719 5064 atapi - ok
21:56:42.0797 5064 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:56:42.0906 5064 AudioEndpointBuilder - ok
21:56:42.0906 5064 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:56:42.0953 5064 AudioSrv - ok
21:56:43.0000 5064 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
21:56:43.0031 5064 avgntflt - ok
21:56:43.0093 5064 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
21:56:43.0125 5064 avipbb - ok
21:56:43.0187 5064 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:56:43.0203 5064 avkmgr - ok
21:56:43.0265 5064 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:56:43.0327 5064 AxInstSV - ok
21:56:43.0405 5064 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:56:43.0483 5064 b06bdrv - ok
21:56:43.0546 5064 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:56:43.0593 5064 b57nd60a - ok
21:56:43.0671 5064 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:56:43.0733 5064 BDESVC - ok
21:56:43.0780 5064 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:56:43.0858 5064 Beep - ok
21:56:43.0951 5064 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:56:44.0029 5064 BFE - ok
21:56:44.0123 5064 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:56:44.0217 5064 BITS - ok
21:56:44.0279 5064 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
21:56:44.0341 5064 blbdrive - ok
21:56:44.0560 5064 Bluetooth Device Monitor (832314a5ac804dee429a009a3d41b99b) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:56:44.0591 5064 Bluetooth Device Monitor - ok
21:56:44.0685 5064 Bluetooth Media Service (35c701c5a286543973f0fc8bc195515e) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:56:44.0731 5064 Bluetooth Media Service - ok
21:56:44.0825 5064 Bluetooth OBEX Service (a475d68b03febf6c371f0d9644c2e12d) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:56:44.0872 5064 Bluetooth OBEX Service - ok
21:56:45.0012 5064 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:56:45.0075 5064 bowser - ok
21:56:45.0121 5064 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:56:45.0184 5064 BrFiltLo - ok
21:56:45.0215 5064 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:56:45.0246 5064 BrFiltUp - ok
21:56:45.0309 5064 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:56:45.0418 5064 Browser - ok
21:56:45.0480 5064 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:56:45.0558 5064 Brserid - ok
21:56:45.0605 5064 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:56:45.0652 5064 BrSerWdm - ok
21:56:45.0699 5064 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:56:45.0745 5064 BrUsbMdm - ok
21:56:45.0792 5064 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:56:45.0839 5064 BrUsbSer - ok
21:56:45.0886 5064 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
21:56:45.0964 5064 BthEnum - ok
21:56:46.0011 5064 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:56:46.0073 5064 BTHMODEM - ok
21:56:46.0120 5064 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:56:46.0151 5064 BthPan - ok
21:56:46.0260 5064 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
21:56:46.0291 5064 BTHPORT - ok
21:56:46.0354 5064 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:56:46.0416 5064 bthserv - ok
21:56:46.0479 5064 BTHSSecurityMgr (a5b3e8b2b78c7b3da56a0de490e6718c) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:56:46.0510 5064 BTHSSecurityMgr - ok
21:56:46.0557 5064 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
21:56:46.0635 5064 BTHUSB - ok
21:56:46.0697 5064 btmaux (ba554bfcbf21201d310738a42c9c19e1) C:\Windows\system32\DRIVERS\btmaux.sys
21:56:46.0713 5064 btmaux - ok
21:56:46.0744 5064 btmhsf (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys
21:56:46.0822 5064 btmhsf - ok
21:56:46.0869 5064 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:56:46.0962 5064 cdfs - ok
21:56:47.0025 5064 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:56:47.0087 5064 cdrom - ok
21:56:47.0134 5064 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:56:47.0212 5064 CertPropSvc - ok
21:56:47.0243 5064 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:56:47.0274 5064 circlass - ok
21:56:47.0337 5064 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:56:47.0383 5064 CLFS - ok
21:56:47.0430 5064 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:56:47.0446 5064 clr_optimization_v2.0.50727_32 - ok
21:56:47.0493 5064 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:56:47.0508 5064 clr_optimization_v2.0.50727_64 - ok
21:56:47.0602 5064 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:56:47.0617 5064 clr_optimization_v4.0.30319_32 - ok
21:56:47.0680 5064 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:56:47.0711 5064 clr_optimization_v4.0.30319_64 - ok
21:56:47.0758 5064 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
21:56:47.0758 5064 clwvd - ok
21:56:47.0805 5064 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:56:47.0836 5064 CmBatt - ok
21:56:47.0867 5064 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:56:47.0898 5064 cmdide - ok
21:56:47.0961 5064 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
21:56:48.0023 5064 CNG - ok
21:56:48.0148 5064 CnxtHdAudService (a260be645dd096d90318c8cf98536720) C:\Windows\system32\drivers\CHDRT64.sys
21:56:48.0179 5064 CnxtHdAudService - ok
21:56:48.0319 5064 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:56:48.0335 5064 Compbatt - ok
21:56:48.0382 5064 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:56:48.0429 5064 CompositeBus - ok
21:56:48.0444 5064 COMSysApp - ok
21:56:48.0475 5064 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:56:48.0491 5064 crcdisk - ok
21:56:48.0569 5064 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
21:56:48.0631 5064 CryptSvc - ok
21:56:48.0678 5064 CxAudMsg (f160b26b26ba4afe8cecc12ed5ac231e) C:\Windows\system32\CxAudMsg64.exe
21:56:48.0709 5064 CxAudMsg - ok
21:56:48.0787 5064 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:56:48.0865 5064 DcomLaunch - ok
21:56:49.0021 5064 DCService.exe (cc8b5c964b777f4ec3e89f13b4b5ff0f) C:\ProgramData\DatacardService\DCService.exe
21:56:49.0053 5064 DCService.exe ( UnsignedFile.Multi.Generic ) - warning
21:56:49.0053 5064 DCService.exe - detected UnsignedFile.Multi.Generic (1)
21:56:49.0115 5064 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:56:49.0193 5064 defragsvc - ok
21:56:49.0271 5064 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:56:49.0333 5064 DfsC - ok
21:56:49.0411 5064 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:56:49.0505 5064 Dhcp - ok
21:56:49.0552 5064 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:56:49.0630 5064 discache - ok
21:56:49.0692 5064 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:56:49.0723 5064 Disk - ok
21:56:49.0755 5064 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:56:49.0833 5064 Dnscache - ok
21:56:49.0879 5064 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:56:49.0973 5064 dot3svc - ok
21:56:50.0035 5064 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
21:56:50.0098 5064 Dot4 - ok
21:56:50.0145 5064 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:56:50.0191 5064 Dot4Print - ok
21:56:50.0207 5064 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
21:56:50.0223 5064 dot4usb - ok
21:56:50.0269 5064 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:56:50.0363 5064 DPS - ok
21:56:50.0410 5064 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:56:50.0457 5064 drmkaud - ok
21:56:50.0550 5064 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:56:50.0581 5064 DXGKrnl - ok
21:56:50.0628 5064 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:56:50.0706 5064 EapHost - ok
21:56:50.0909 5064 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:56:50.0987 5064 ebdrv - ok
21:56:51.0112 5064 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:56:51.0174 5064 EFS - ok
21:56:51.0283 5064 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:56:51.0377 5064 ehRecvr - ok
21:56:51.0439 5064 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:56:51.0502 5064 ehSched - ok
21:56:51.0611 5064 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:56:51.0642 5064 elxstor - ok
21:56:51.0673 5064 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:56:51.0705 5064 ErrDev - ok
21:56:51.0783 5064 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:56:51.0861 5064 EventSystem - ok
21:56:52.0063 5064 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:56:52.0126 5064 EvtEng - ok
21:56:52.0266 5064 ewusbnet (23b79b19f49a037eba4a9a3bb03ed91d) C:\Windows\system32\DRIVERS\ewusbnet.sys
21:56:52.0344 5064 ewusbnet - ok
21:56:52.0407 5064 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:56:52.0500 5064 exfat - ok
21:56:52.0500 5064 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:56:52.0563 5064 fastfat - ok
21:56:52.0656 5064 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:56:52.0719 5064 Fax - ok
21:56:52.0750 5064 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:56:52.0797 5064 fdc - ok
21:56:52.0843 5064 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:56:52.0937 5064 fdPHost - ok
21:56:52.0937 5064 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:56:52.0968 5064 FDResPub - ok
21:56:53.0015 5064 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:56:53.0015 5064 FileInfo - ok
21:56:53.0031 5064 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:56:53.0109 5064 Filetrace - ok
21:56:53.0140 5064 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:56:53.0155 5064 flpydisk - ok
21:56:53.0202 5064 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:56:53.0233 5064 FltMgr - ok
21:56:53.0327 5064 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:56:53.0421 5064 FontCache - ok
21:56:53.0499 5064 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:56:53.0514 5064 FontCache3.0.0.0 - ok
21:56:53.0577 5064 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:56:53.0592 5064 FsDepends - ok
21:56:53.0639 5064 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:56:53.0655 5064 Fs_Rec - ok
21:56:53.0717 5064 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:56:53.0748 5064 fvevol - ok
21:56:53.0779 5064 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:56:53.0795 5064 gagp30kx - ok
21:56:53.0935 5064 GFNEXSrv (ba9051d3745fa546de3660f5f2ef84a5) C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
21:56:53.0951 5064 GFNEXSrv - ok
21:56:54.0045 5064 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:56:54.0123 5064 gpsvc - ok
21:56:54.0216 5064 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:54.0247 5064 gupdate - ok
21:56:54.0263 5064 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:54.0279 5064 gupdatem - ok
21:56:54.0294 5064 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:56:54.0310 5064 gusvc - ok
21:56:54.0372 5064 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:56:54.0419 5064 hcw85cir - ok
21:56:54.0497 5064 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:56:54.0544 5064 HdAudAddService - ok
21:56:54.0606 5064 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:56:54.0669 5064 HDAudBus - ok
21:56:54.0700 5064 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:56:54.0731 5064 HidBatt - ok
21:56:54.0778 5064 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:56:54.0840 5064 HidBth - ok
21:56:54.0871 5064 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:56:54.0903 5064 HidIr - ok
21:56:54.0934 5064 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:56:55.0027 5064 hidserv - ok
21:56:55.0074 5064 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:56:55.0090 5064 HidUsb - ok
21:56:55.0137 5064 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:56:55.0230 5064 hkmsvc - ok
21:56:55.0293 5064 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:56:55.0371 5064 HomeGroupListener - ok
21:56:55.0417 5064 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:56:55.0464 5064 HomeGroupProvider - ok
21:56:55.0527 5064 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:56:55.0542 5064 HpSAMD - ok
21:56:55.0823 5064 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:56:55.0870 5064 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
21:56:55.0870 5064 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
21:56:55.0963 5064 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:56:56.0041 5064 HTTP - ok
21:56:56.0088 5064 huawei_enumerator (08b1a06a55f068a17a51ba26618cf50f) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
21:56:56.0151 5064 huawei_enumerator - ok
21:56:56.0213 5064 hwdatacard (6e5cd3984742a922d0c183c7e82c3c94) C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:56:56.0260 5064 hwdatacard - ok
21:56:56.0307 5064 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:56:56.0322 5064 hwpolicy - ok
21:56:56.0385 5064 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:56:56.0416 5064 i8042prt - ok
21:56:56.0494 5064 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys
21:56:56.0525 5064 iaStor - ok
21:56:56.0665 5064 IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:56:56.0681 5064 IAStorDataMgrSvc - ok
21:56:56.0759 5064 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:56:56.0775 5064 iaStorV - ok
21:56:56.0806 5064 iBtFltCoex (50b8ab6013ef9970ac85fdba0f622300) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
21:56:56.0853 5064 iBtFltCoex - ok
21:56:57.0009 5064 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:56:57.0040 5064 idsvc - ok
21:56:57.0679 5064 igfx (0089b53f1befd34b7d8ca4ab021335fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:56:58.0085 5064 igfx - ok
21:56:58.0241 5064 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:56:58.0272 5064 iirsp - ok
21:56:58.0366 5064 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:56:58.0444 5064 IKEEXT - ok
21:56:58.0506 5064 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys
21:56:58.0522 5064 intaud_WaveExtensible - ok
21:56:58.0600 5064 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:56:58.0662 5064 IntcDAud - ok
21:56:58.0693 5064 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:56:58.0709 5064 intelide - ok
21:56:58.0740 5064 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:56:58.0787 5064 intelppm - ok
21:56:58.0849 5064 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:56:58.0943 5064 IPBusEnum - ok
21:56:59.0005 5064 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:59.0083 5064 IpFilterDriver - ok
21:56:59.0161 5064 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:56:59.0239 5064 iphlpsvc - ok
21:56:59.0271 5064 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:56:59.0317 5064 IPMIDRV - ok
21:56:59.0333 5064 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:56:59.0411 5064 IPNAT - ok
21:56:59.0458 5064 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:56:59.0473 5064 IRENUM - ok
21:56:59.0520 5064 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:56:59.0520 5064 isapnp - ok
21:56:59.0583 5064 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:56:59.0598 5064 iScsiPrt - ok
21:56:59.0645 5064 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\drivers\iwdbus.sys
21:56:59.0645 5064 iwdbus - ok
21:56:59.0692 5064 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:56:59.0723 5064 kbdclass - ok
21:56:59.0754 5064 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:56:59.0801 5064 kbdhid - ok
21:56:59.0832 5064 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:56:59.0848 5064 KeyIso - ok
21:56:59.0895 5064 KMWDFILTER (07071c1e3cd8f0f9114aac8b072ca1e5) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
21:56:59.0910 5064 KMWDFILTER - ok
21:56:59.0957 5064 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
21:56:59.0988 5064 KSecDD - ok
21:57:00.0004 5064 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
21:57:00.0019 5064 KSecPkg - ok
21:57:00.0051 5064 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:57:00.0129 5064 ksthunk - ok
21:57:00.0191 5064 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:57:00.0285 5064 KtmRm - ok
21:57:00.0347 5064 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
21:57:00.0378 5064 L1C - ok
21:57:00.0441 5064 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:57:00.0534 5064 LanmanServer - ok
21:57:00.0581 5064 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:57:00.0675 5064 LanmanWorkstation - ok
21:57:00.0721 5064 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:57:00.0815 5064 lltdio - ok
21:57:00.0877 5064 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:57:00.0955 5064 lltdsvc - ok
21:57:00.0955 5064 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:57:01.0002 5064 lmhosts - ok
21:57:01.0158 5064 LMS (5456de5a8e11edbd68bf19c70b0a8f58) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:57:01.0189 5064 LMS - ok
21:57:01.0236 5064 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:57:01.0252 5064 LSI_FC - ok
21:57:01.0267 5064 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:57:01.0267 5064 LSI_SAS - ok
21:57:01.0283 5064 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:57:01.0299 5064 LSI_SAS2 - ok
21:57:01.0330 5064 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:57:01.0345 5064 LSI_SCSI - ok
21:57:01.0377 5064 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:57:01.0439 5064 luafv - ok
21:57:01.0455 5064 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:57:01.0470 5064 Mcx2Svc - ok
21:57:01.0501 5064 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:57:01.0517 5064 megasas - ok
21:57:01.0579 5064 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:57:01.0595 5064 MegaSR - ok
21:57:01.0642 5064 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
21:57:01.0657 5064 MEIx64 - ok
21:57:01.0689 5064 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:57:01.0751 5064 MMCSS - ok
21:57:01.0798 5064 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:57:01.0845 5064 Modem - ok
21:57:01.0876 5064 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:57:01.0923 5064 monitor - ok
21:57:01.0969 5064 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:57:02.0001 5064 mouclass - ok
21:57:02.0047 5064 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:57:02.0094 5064 mouhid - ok
21:57:02.0125 5064 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:57:02.0141 5064 mountmgr - ok
21:57:02.0297 5064 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:57:02.0313 5064 MozillaMaintenance - ok
21:57:02.0344 5064 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:57:02.0344 5064 mpio - ok
21:57:02.0375 5064 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:57:02.0422 5064 mpsdrv - ok
21:57:02.0500 5064 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:57:02.0562 5064 MpsSvc - ok
21:57:02.0578 5064 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:57:02.0640 5064 MRxDAV - ok
21:57:02.0687 5064 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:57:02.0781 5064 mrxsmb - ok
21:57:02.0827 5064 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:57:02.0874 5064 mrxsmb10 - ok
21:57:02.0921 5064 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:57:02.0968 5064 mrxsmb20 - ok
21:57:02.0999 5064 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:57:03.0015 5064 msahci - ok
21:57:03.0093 5064 MSCamSvc (41fb1d61df09c36ccab0b04eec66f6d5) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
21:57:03.0124 5064 MSCamSvc - ok
21:57:03.0171 5064 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:57:03.0186 5064 msdsm - ok
21:57:03.0217 5064 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:57:03.0249 5064 MSDTC - ok
21:57:03.0311 5064 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:57:03.0389 5064 Msfs - ok
21:57:03.0436 5064 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:57:03.0514 5064 mshidkmdf - ok
21:57:03.0576 5064 MSHUSBVideo (26668cc2920de2497a8e369b16e48ca3) C:\Windows\system32\Drivers\nx6000.sys
21:57:03.0639 5064 MSHUSBVideo - ok
21:57:03.0670 5064 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:57:03.0685 5064 msisadrv - ok
21:57:03.0748 5064 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:57:03.0795 5064 MSiSCSI - ok
21:57:03.0795 5064 msiserver - ok
21:57:03.0857 5064 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:57:03.0904 5064 MSKSSRV - ok
21:57:03.0919 5064 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:57:03.0966 5064 MSPCLOCK - ok
21:57:04.0013 5064 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:57:04.0091 5064 MSPQM - ok
21:57:04.0107 5064 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:57:04.0122 5064 MsRPC - ok
21:57:04.0169 5064 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:57:04.0185 5064 mssmbios - ok
21:57:04.0216 5064 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:57:04.0294 5064 MSTEE - ok
21:57:04.0325 5064 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:57:04.0372 5064 MTConfig - ok
21:57:04.0419 5064 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:57:04.0434 5064 Mup - ok
21:57:04.0528 5064 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:57:04.0559 5064 MyWiFiDHCPDNS - ok
21:57:04.0621 5064 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:57:04.0715 5064 napagent - ok
21:57:04.0777 5064 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:57:04.0840 5064 NativeWifiP - ok
21:57:04.0996 5064 NAUpdate (2989174df02e0aef54bae90674fb445f) C:\Program Files (x86)\Nero\Update\NASvc.exe
21:57:05.0027 5064 NAUpdate - ok
21:57:05.0121 5064 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:57:05.0167 5064 NDIS - ok
21:57:05.0183 5064 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:57:05.0230 5064 NdisCap - ok
21:57:05.0261 5064 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:57:05.0292 5064 NdisTapi - ok
21:57:05.0323 5064 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:57:05.0370 5064 Ndisuio - ok
21:57:05.0401 5064 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:57:05.0479 5064 NdisWan - ok
21:57:05.0526 5064 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:57:05.0573 5064 NDProxy - ok
21:57:05.0667 5064 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
21:57:05.0698 5064 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:57:05.0698 5064 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:57:05.0745 5064 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:57:05.0823 5064 NetBIOS - ok
21:57:05.0869 5064 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:57:05.0963 5064 NetBT - ok
21:57:05.0994 5064 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:57:06.0010 5064 Netlogon - ok
21:57:06.0072 5064 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:57:06.0150 5064 Netman - ok
21:57:06.0181 5064 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:57:06.0228 5064 netprofm - ok
21:57:06.0337 5064 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:57:06.0353 5064 NetTcpPortSharing - ok
21:57:06.0805 5064 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
21:57:07.0039 5064 NETwNs64 - ok
21:57:07.0164 5064 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:57:07.0180 5064 nfrd960 - ok
21:57:07.0258 5064 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:57:07.0336 5064 NlaSvc - ok
21:57:07.0383 5064 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:57:07.0445 5064 Npfs - ok
21:57:07.0461 5064 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:57:07.0539 5064 nsi - ok
21:57:07.0570 5064 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:57:07.0648 5064 nsiproxy - ok
21:57:07.0788 5064 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:57:07.0835 5064 Ntfs - ok
21:57:07.0975 5064 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:57:08.0053 5064 Null - ok
21:57:08.0116 5064 nusb3hub (01266516e6e88d183a2b58722eeb4443) C:\Windows\system32\drivers\nusb3hub.sys
21:57:08.0178 5064 nusb3hub - ok
21:57:08.0241 5064 nusb3xhc (5ec04f55cc5f165f21752712437df638) C:\Windows\system32\drivers\nusb3xhc.sys
21:57:08.0303 5064 nusb3xhc - ok
21:57:08.0350 5064 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:57:08.0365 5064 nvraid - ok
21:57:08.0412 5064 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:57:08.0443 5064 nvstor - ok
21:57:08.0490 5064 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:57:08.0490 5064 nv_agp - ok
21:57:08.0537 5064 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:57:08.0584 5064 ohci1394 - ok
21:57:08.0693 5064 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:57:08.0709 5064 ose - ok
21:57:09.0021 5064 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:57:09.0192 5064 osppsvc - ok
21:57:09.0301 5064 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:57:09.0379 5064 p2pimsvc - ok
21:57:09.0442 5064 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:57:09.0504 5064 p2psvc - ok
21:57:09.0567 5064 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:57:09.0629 5064 Parport - ok
21:57:09.0660 5064 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:57:09.0691 5064 partmgr - ok
21:57:09.0738 5064 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:57:09.0816 5064 PcaSvc - ok
21:57:09.0863 5064 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:57:09.0879 5064 pci - ok
21:57:09.0910 5064 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:57:09.0910 5064 pciide - ok
21:57:09.0972 5064 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:57:10.0003 5064 pcmcia - ok
21:57:10.0019 5064 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:57:10.0035 5064 pcw - ok
21:57:10.0050 5064 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:57:10.0113 5064 PEAUTH - ok
21:57:10.0237 5064 PEGAGFN (ee926c59cbd4dc4dc9fbb85014a2f1a5) C:\Program Files (x86)\PHotkey\PEGAGFN.sys
21:57:10.0253 5064 PEGAGFN - ok
21:57:10.0362 5064 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:57:10.0409 5064 PerfHost - ok
21:57:10.0581 5064 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:57:10.0659 5064 pla - ok
21:57:10.0737 5064 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:57:10.0815 5064 PlugPlay - ok
21:57:10.0893 5064 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
21:57:10.0924 5064 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:57:10.0924 5064 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:57:10.0971 5064 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:57:11.0002 5064 PNRPAutoReg - ok
21:57:11.0033 5064 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:57:11.0049 5064 PNRPsvc - ok
21:57:11.0111 5064 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:57:11.0189 5064 PolicyAgent - ok
21:57:11.0236 5064 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:57:11.0329 5064 Power - ok
21:57:11.0407 5064 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:57:11.0501 5064 PptpMiniport - ok
21:57:11.0532 5064 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:57:11.0563 5064 Processor - ok
21:57:11.0626 5064 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
21:57:11.0688 5064 ProfSvc - ok
21:57:11.0704 5064 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:57:11.0735 5064 ProtectedStorage - ok
21:57:11.0782 5064 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:57:11.0860 5064 Psched - ok
21:57:11.0985 5064 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:57:12.0000 5064 PSI_SVC_2 - ok
21:57:12.0125 5064 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:57:12.0172 5064 ql2300 - ok
21:57:12.0297 5064 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:57:12.0328 5064 ql40xx - ok
21:57:12.0359 5064 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:57:12.0375 5064 QWAVE - ok
21:57:12.0406 5064 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:57:12.0437 5064 QWAVEdrv - ok
21:57:12.0453 5064 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:57:12.0484 5064 RasAcd - ok
21:57:12.0531 5064 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:57:12.0609 5064 RasAgileVpn - ok
21:57:12.0655 5064 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:57:12.0765 5064 RasAuto - ok
21:57:12.0811 5064 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:57:12.0889 5064 Rasl2tp - ok
21:57:12.0983 5064 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:57:13.0077 5064 RasMan - ok
21:57:13.0108 5064 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:57:13.0170 5064 RasPppoe - ok
21:57:13.0186 5064 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:57:13.0264 5064 RasSstp - ok
21:57:13.0295 5064 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:57:13.0357 5064 rdbss - ok
21:57:13.0389 5064 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:57:13.0435 5064 rdpbus - ok
21:57:13.0467 5064 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:57:13.0513 5064 RDPCDD - ok
21:57:13.0576 5064 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:57:13.0638 5064 RDPENCDD - ok
21:57:13.0654 5064 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:57:13.0685 5064 RDPREFMP - ok
21:57:13.0732 5064 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
21:57:13.0794 5064 RDPWD - ok
21:57:13.0841 5064 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:57:13.0857 5064 rdyboost - ok
21:57:13.0997 5064 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:57:14.0044 5064 RegSrvc - ok
21:57:14.0091 5064 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:57:14.0184 5064 RemoteAccess - ok
21:57:14.0231 5064 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:57:14.0309 5064 RemoteRegistry - ok
21:57:14.0387 5064 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:57:14.0449 5064 RFCOMM - ok
21:57:14.0621 5064 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:57:14.0637 5064 RichVideo ( UnsignedFile.Multi.Generic ) - warning
21:57:14.0637 5064 RichVideo - detected UnsignedFile.Multi.Generic (1)
21:57:14.0668 5064 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:57:14.0761 5064 RpcEptMapper - ok
21:57:14.0793 5064 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:57:14.0824 5064 RpcLocator - ok
21:57:14.0886 5064 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:57:14.0949 5064 RpcSs - ok
21:57:14.0995 5064 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:57:15.0073 5064 rspndr - ok
21:57:15.0105 5064 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:57:15.0120 5064 SamSs - ok
21:57:15.0151 5064 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:57:15.0151 5064 sbp2port - ok
21:57:15.0198 5064 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:57:15.0261 5064 SCardSvr - ok
21:57:15.0307 5064 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:57:15.0370 5064 scfilter - ok
21:57:15.0463 5064 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:57:15.0541 5064 Schedule - ok
21:57:15.0588 5064 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:57:15.0651 5064 SCPolicySvc - ok
21:57:15.0682 5064 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:57:15.0744 5064 SDRSVC - ok
21:57:15.0822 5064 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:57:15.0900 5064 secdrv - ok
21:57:15.0916 5064 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:57:15.0994 5064 seclogon - ok
21:57:16.0041 5064 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:57:16.0119 5064 SENS - ok
21:57:16.0150 5064 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:57:16.0212 5064 SensrSvc - ok
21:57:16.0243 5064 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:57:16.0290 5064 Serenum - ok
21:57:16.0321 5064 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:57:16.0353 5064 Serial - ok
21:57:16.0368 5064 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:57:16.0384 5064 sermouse - ok
21:57:16.0446 5064 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:57:16.0493 5064 SessionEnv - ok
21:57:16.0524 5064 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:57:16.0571 5064 sffdisk - ok
21:57:16.0602 5064 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:57:16.0633 5064 sffp_mmc - ok
21:57:16.0665 5064 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:57:16.0711 5064 sffp_sd - ok
21:57:16.0758 5064 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:57:16.0805 5064 sfloppy - ok
21:57:16.0867 5064 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:57:16.0945 5064 SharedAccess - ok
21:57:17.0008 5064 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:57:17.0101 5064 ShellHWDetection - ok
21:57:17.0133 5064 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:57:17.0164 5064 SiSRaid2 - ok
21:57:17.0195 5064 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:57:17.0211 5064 SiSRaid4 - ok
21:57:17.0335 5064 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
21:57:17.0367 5064 SkypeUpdate - ok
21:57:17.0398 5064 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:57:17.0445 5064 Smb - ok
21:57:17.0507 5064 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:57:17.0538 5064 SNMPTRAP - ok
21:57:17.0585 5064 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:57:17.0601 5064 spldr - ok
21:57:17.0679 5064 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:57:17.0725 5064 Spooler - ok
21:57:17.0928 5064 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:57:18.0037 5064 sppsvc - ok
21:57:18.0162 5064 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:57:18.0209 5064 sppuinotify - ok
21:57:18.0271 5064 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:57:18.0334 5064 srv - ok
21:57:18.0381 5064 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:57:18.0412 5064 srv2 - ok
21:57:18.0427 5064 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:57:18.0459 5064 srvnet - ok
21:57:18.0521 5064 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:57:18.0615 5064 SSDPSRV - ok
21:57:18.0615 5064 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:57:18.0661 5064 SstpSvc - ok
21:57:18.0693 5064 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:57:18.0708 5064 stexstor - ok
21:57:18.0771 5064 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:57:18.0833 5064 stisvc - ok
21:57:18.0958 5064 STRATO HiDrive Service (a4533f6ee3dca68be5671c0571384e3a) C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive Service.exe
21:57:18.0958 5064 STRATO HiDrive Service ( UnsignedFile.Multi.Generic ) - warning
21:57:18.0958 5064 STRATO HiDrive Service - detected UnsignedFile.Multi.Generic (1)
21:57:19.0005 5064 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:57:19.0020 5064 swenum - ok
21:57:19.0083 5064 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:57:19.0145 5064 swprv - ok
21:57:19.0192 5064 SynTP (be2b928de9af2848289db7a54c7e2398) C:\Windows\system32\drivers\SynTP.sys
21:57:19.0223 5064 SynTP - ok
21:57:19.0348 5064 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:57:19.0426 5064 SysMain - ok
21:57:19.0551 5064 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:57:19.0582 5064 TabletInputService - ok
21:57:19.0644 5064 tap0901 (bcd6a90d6fd757ce9c29ddc850f7f231) C:\Windows\system32\DRIVERS\tap0901.sys
21:57:19.0707 5064 tap0901 - ok
21:57:19.0769 5064 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:57:19.0831 5064 TapiSrv - ok
21:57:19.0863 5064 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:57:19.0909 5064 TBS - ok
21:57:20.0065 5064 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:57:20.0112 5064 Tcpip - ok
21:57:20.0362 5064 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:57:20.0424 5064 TCPIP6 - ok
21:57:20.0549 5064 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:57:20.0611 5064 tcpipreg - ok
21:57:20.0611 5064 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:57:20.0658 5064 TDPIPE - ok
21:57:20.0689 5064 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:57:20.0721 5064 TDTCP - ok
21:57:20.0767 5064 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:57:20.0845 5064 tdx - ok
21:57:20.0877 5064 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:57:20.0892 5064 TermDD - ok
21:57:20.0970 5064 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:57:21.0048 5064 TermService - ok
21:57:21.0064 5064 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:57:21.0079 5064 Themes - ok
21:57:21.0126 5064 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:57:21.0157 5064 THREADORDER - ok
21:57:21.0204 5064 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:57:21.0251 5064 TrkWks - ok
21:57:21.0313 5064 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:57:21.0407 5064 TrustedInstaller - ok
21:57:21.0438 5064 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:57:21.0516 5064 tssecsrv - ok
21:57:21.0547 5064 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:57:21.0610 5064 TsUsbFlt - ok
21:57:21.0641 5064 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:57:21.0672 5064 TsUsbGD - ok
21:57:22.0000 5064 TuneUp.UtilitiesSvc (811a229718c85356bc81eb20f35eb7f6) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
21:57:22.0047 5064 TuneUp.UtilitiesSvc - ok
21:57:22.0265 5064 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
21:57:22.0296 5064 TuneUpUtilitiesDrv - ok
21:57:22.0437 5064 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:57:22.0515 5064 tunnel - ok
21:57:22.0546 5064 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:57:22.0546 5064 uagp35 - ok
21:57:22.0593 5064 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:57:22.0671 5064 udfs - ok
21:57:22.0717 5064 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:57:22.0764 5064 UI0Detect - ok
21:57:22.0811 5064 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:57:22.0842 5064 uliagpkx - ok
21:57:22.0873 5064 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:57:22.0905 5064 umbus - ok
21:57:22.0951 5064 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:57:22.0998 5064 UmPass - ok
21:57:23.0217 5064 UNS (d87fb12563f65088b1904871d86e5164) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:57:23.0279 5064 UNS - ok
21:57:23.0388 5064 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:57:23.0466 5064 upnphost - ok
21:57:23.0544 5064 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:57:23.0607 5064 usbaudio - ok
21:57:23.0638 5064 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:57:23.0685 5064 usbccgp - ok
21:57:23.0716 5064 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:57:23.0747 5064 usbcir - ok
21:57:23.0794 5064 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:57:23.0809 5064 usbehci - ok
21:57:23.0872 5064 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
21:57:23.0934 5064 usbhub - ok
21:57:23.0950 5064 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:57:23.0965 5064 usbohci - ok
21:57:24.0012 5064 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:57:24.0043 5064 usbprint - ok
21:57:24.0090 5064 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:57:24.0121 5064 usbscan - ok
21:57:24.0168 5064 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:57:24.0215 5064 USBSTOR - ok
21:57:24.0262 5064 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:57:24.0309 5064 usbuhci - ok
21:57:24.0340 5064 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
21:57:24.0402 5064 usbvideo - ok
21:57:24.0449 5064 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:57:24.0543 5064 UxSms - ok
21:57:24.0605 5064 UxTuneUp (5bf180f7f7c2f68ed6d5777840270bce) C:\Windows\System32\uxtuneup.dll
21:57:24.0621 5064 UxTuneUp - ok
21:57:24.0667 5064 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:57:24.0683 5064 VaultSvc - ok
21:57:24.0730 5064 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:57:24.0745 5064 vdrvroot - ok
21:57:24.0823 5064 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:57:24.0870 5064 vds - ok
21:57:24.0917 5064 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:57:24.0948 5064 vga - ok
21:57:24.0948 5064 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:57:25.0026 5064 VgaSave - ok
21:57:25.0089 5064 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:57:25.0104 5064 vhdmp - ok
21:57:25.0135 5064 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:57:25.0151 5064 viaide - ok
21:57:25.0182 5064 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:57:25.0198 5064 volmgr - ok
21:57:25.0245 5064 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:57:25.0276 5064 volmgrx - ok
21:57:25.0323 5064 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:57:25.0338 5064 volsnap - ok
21:57:25.0385 5064 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:57:25.0385 5064 vsmraid - ok
21:57:25.0525 5064 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:57:25.0603 5064 VSS - ok
21:57:25.0728 5064 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:57:25.0775 5064 vwifibus - ok
21:57:25.0822 5064 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:57:25.0869 5064 vwififlt - ok
21:57:25.0869 5064 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:57:25.0900 5064 vwifimp - ok
21:57:25.0962 5064 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:57:26.0025 5064 W32Time - ok
21:57:26.0056 5064 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:57:26.0087 5064 WacomPen - ok
21:57:26.0134 5064 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:57:26.0196 5064 WANARP - ok
21:57:26.0212 5064 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:57:26.0243 5064 Wanarpv6 - ok
21:57:26.0321 5064 watchmi (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe
21:57:26.0352 5064 watchmi ( UnsignedFile.Multi.Generic ) - warning
21:57:26.0352 5064 watchmi - detected UnsignedFile.Multi.Generic (1)
21:57:26.0461 5064 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:57:26.0555 5064 wbengine - ok
21:57:26.0680 5064 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:57:26.0711 5064 WbioSrvc - ok
21:57:26.0742 5064 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:57:26.0773 5064 wcncsvc - ok
21:57:26.0773 5064 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:57:26.0805 5064 WcsPlugInService - ok
21:57:26.0851 5064 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:57:26.0867 5064 Wd - ok
21:57:26.0929 5064 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:57:26.0961 5064 Wdf01000 - ok
21:57:26.0992 5064 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:57:27.0070 5064 WdiServiceHost - ok
21:57:27.0070 5064 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:57:27.0085 5064 WdiSystemHost - ok
21:57:27.0132 5064 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:57:27.0179 5064 WebClient - ok
21:57:27.0226 5064 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:57:27.0273 5064 Wecsvc - ok
21:57:27.0304 5064 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:57:27.0382 5064 wercplsupport - ok
21:57:27.0429 5064 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:57:27.0522 5064 WerSvc - ok
21:57:27.0585 5064 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:57:27.0647 5064 WfpLwf - ok
21:57:27.0678 5064 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:57:27.0678 5064 WIMMount - ok
21:57:27.0725 5064 WinDefend - ok
21:57:27.0725 5064 WinHttpAutoProxySvc - ok
21:57:27.0819 5064 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:57:27.0897 5064 Winmgmt - ok
21:57:28.0037 5064 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:57:28.0115 5064 WinRM - ok
21:57:28.0271 5064 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:57:28.0318 5064 WinUsb - ok
21:57:28.0411 5064 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:57:28.0474 5064 Wlansvc - ok
21:57:28.0552 5064 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:57:28.0583 5064 wlcrasvc - ok
21:57:28.0770 5064 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:57:28.0833 5064 wlidsvc - ok
21:57:28.0957 5064 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:57:29.0004 5064 WmiAcpi - ok
21:57:29.0098 5064 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:57:29.0145 5064 wmiApSrv - ok
21:57:29.0207 5064 WMPNetworkSvc - ok
21:57:29.0254 5064 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:57:29.0285 5064 WPCSvc - ok
21:57:29.0332 5064 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:57:29.0363 5064 WPDBusEnum - ok
21:57:29.0394 5064 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:57:29.0457 5064 ws2ifsl - ok
21:57:29.0488 5064 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
21:57:29.0550 5064 wscsvc - ok
21:57:29.0550 5064 WSearch - ok
21:57:29.0613 5064 wsvd (82e8f5aa03df7dbdb8a33f700d5d8cda) C:\Windows\system32\DRIVERS\wsvd.sys
21:57:29.0628 5064 wsvd - ok
21:57:29.0800 5064 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
21:57:29.0878 5064 wuauserv - ok
21:57:29.0987 5064 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:57:30.0065 5064 WudfPf - ok
21:57:30.0112 5064 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:57:30.0221 5064 WUDFRd - ok
21:57:30.0252 5064 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:57:30.0330 5064 wudfsvc - ok
21:57:30.0361 5064 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:57:30.0393 5064 WwanSvc - ok
21:57:30.0471 5064 MBR (0x1B8) (696e19d55ec5e8564af347109d7e796c) \Device\Harddisk0\DR0
21:57:33.0154 5064 \Device\Harddisk0\DR0 - ok
21:57:33.0169 5064 Boot (0x1200) (85038963bed499145e6016b491b3cfea) \Device\Harddisk0\DR0\Partition0
21:57:33.0169 5064 \Device\Harddisk0\DR0\Partition0 - ok
21:57:33.0201 5064 Boot (0x1200) (0772585bd7b06c5542afdd051753c3ca) \Device\Harddisk0\DR0\Partition1
21:57:33.0201 5064 \Device\Harddisk0\DR0\Partition1 - ok
21:57:33.0232 5064 Boot (0x1200) (2d981f8283248990b0dc6e276bfe164b) \Device\Harddisk0\DR0\Partition2
21:57:33.0232 5064 \Device\Harddisk0\DR0\Partition2 - ok
21:57:33.0232 5064 ============================================================
21:57:33.0232 5064 Scan finished
21:57:33.0232 5064 ============================================================
21:57:33.0247 2112 Detected object count: 7
21:57:33.0247 2112 Actual detected object count: 7
21:58:20.0578 2112 DCService.exe ( UnsignedFile.Multi.Generic ) - skipped by user
21:58:20.0578 2112 DCService.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:58:20.0578 2112 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
21:58:20.0578 2112 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:58:20.0578 2112 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:58:20.0578 2112 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:58:20.0578 2112 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:58:20.0578 2112 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:58:20.0594 2112 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
21:58:20.0594 2112 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:58:20.0594 2112 STRATO HiDrive Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:58:20.0594 2112 STRATO HiDrive Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:58:20.0594 2112 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user
21:58:20.0594 2112 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
09.08.2012, 15:42
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | JS/Redirector.SY.1 auf Windows7 Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.08.2012, 20:16
| #20 |
| | JS/Redirector.SY.1 auf Windows7 Combofix log Combofix Logfile: Code:
ATTFilter ComboFix 12-08-14.03 - Antje Note 14.08.2012 21:05:44.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4007.2613 [GMT 2:00]
ausgeführt von:: c:\users\Antje Note\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-14 bis 2012-08-14 ))))))))))))))))))))))))))))))
.
.
2012-08-14 19:10 . 2012-08-14 19:10 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-08-14 19:10 . 2012-08-14 19:10 -------- d-----w- c:\users\Dirk\AppData\Local\temp
2012-08-14 19:10 . 2012-08-14 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-07 19:22 . 2012-05-29 11:09 35680 ----a-w- c:\windows\system32\uxtuneup.dll
2012-08-07 19:22 . 2012-05-29 11:09 29024 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2012-08-07 19:06 . 2012-08-07 19:06 -------- d-----w- C:\_OTL
2012-07-30 21:34 . 2012-07-30 21:34 -------- d-----w- c:\program files (x86)\ESET
2012-07-29 20:52 . 2012-07-29 20:52 -------- d-----w- c:\program files (x86)\7-Zip
2012-07-29 20:36 . 2012-07-29 20:36 -------- d-----w- c:\users\Antje Note\AppData\Roaming\Malwarebytes
2012-07-29 20:36 . 2012-07-29 20:36 -------- d-----w- c:\programdata\Malwarebytes
2012-07-29 20:36 . 2012-07-29 20:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-29 20:36 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-29 08:13 . 2012-04-17 11:01 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-29 08:13 . 2011-05-14 18:10 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 13:58 . 2011-05-01 22:29 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-12 03:08 . 2012-07-11 14:02 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 13:27 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 13:27 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 13:27 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 13:27 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 13:27 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 13:27 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 13:27 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-25 17:07 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-25 17:07 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-25 17:07 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-25 17:07 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-25 17:07 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-25 17:07 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-25 17:07 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-25 17:07 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-25 17:07 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-11 13:57 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-11 13:57 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-11 13:57 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-11 13:57 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-11 13:57 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-11 13:57 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-11 13:57 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-11 13:57 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-11 13:57 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-11 13:57 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-11 13:57 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-11 13:57 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-11 13:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-11 13:57 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-11 13:57 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-11 13:57 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-11 13:57 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-11 13:57 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-11 13:57 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 13:27 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 13:27 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 13:27 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 13:27 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 13:27 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 13:27 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 13:27 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 13:27 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 13:27 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-29 11:09 . 2012-01-11 19:34 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2012-05-29 11:09 . 2012-01-11 19:34 25952 ----a-w- c:\windows\system32\authuitu.dll
2012-05-29 11:09 . 2012-01-11 19:34 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Synchronizer"="c:\program files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe" [2012-04-04 1261472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-02-03 506712]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-03-22 1406248]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
.
c:\users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
STRATO HiDrive.lnk - c:\program files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe [2011-7-5 449024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
watchmi tray.lnk - c:\windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe [2011-9-13 300416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2010-05-08 229376]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-13 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-10-23 46592]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-02-11 1304912]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-04-07 250368]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-13 136176]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-05-17 34200]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-30 113120]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-12-02 31744]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2010-09-23 129008]
R4 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R4 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R4 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe [2010-10-07 159752]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R4 STRATO HiDrive Service;STRATO HiDrive Service;c:\program files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive Service.exe [2011-07-05 32768]
R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R4 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe [2010-12-06 62464]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-09 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-05-14 375760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-14 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-14 465360]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-02-11 907600]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-02-11 997712]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-17 198784]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-01-14 572712]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys [2009-09-11 14344]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-01-24 58128]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-01-24 274944]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-04-14 31088]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-04-09 76288]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-01-24 59904]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys [2011-05-17 25496]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-20 56344]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2011-04-13 87552]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2011-04-13 207872]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-13 18:34]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-13 18:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Antje Note\AppData\Roaming\Mozilla\Firefox\Profiles\803lkaud.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-08-14 21:12:20
ComboFix-quarantined-files.txt 2012-08-14 19:12
.
Vor Suchlauf: 7 Verzeichnis(se), 635.824.201.728 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 636.173.221.888 Bytes frei
.
- - End Of File - - 2D949F02D6EAD800DF59EC9FD4105605
|
|
15.08.2012, 19:22
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | JS/Redirector.SY.1 auf Windows7 Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ --> JS/Redirector.SY.1 auf Windows7 |
|
| Themen zu JS/Redirector.SY.1 auf Windows7 |
| ahnung, anti-malware, antwort, avira, cache, computer, computern, dankbar, gefunde, große, lange, laufen, länger, malwarebytes, melde, meldet, nachfrage, nicht sicher, rechner, recht, runtergeladen, vermutlich, verschoben, virus, windows, wunder, wundern |
Linear-Darstellung
