Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Überreste von SMART HDD oder ähnlichem

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.10.2012, 18:20   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Hm, da ist immer noch Toolbar-Müll drin
Bitte mal den aktuellen adwCleaner runterladen, also die alte adwcleaner löschen und neu runterladen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.10.2012, 21:44   #17
p.eter
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



ok, hier der Inhalt der Logdatei:

Code:
ATTFilter
# AdwCleaner v2.005 - Datei am 16/10/2012 um 22:41:46 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzer : aaa - AAA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\aaa\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default 
Datei : C:\Users\aaa\AppData\Roaming\Mozilla\Firefox\Profiles\8y3gmv8h.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [4645 octets] - [13/10/2012 01:37:00]
AdwCleaner[S1].txt - [4396 octets] - [14/10/2012 23:38:22]
AdwCleaner[R2].txt - [1146 octets] - [15/10/2012 14:42:34]
AdwCleaner[R3].txt - [1077 octets] - [16/10/2012 22:41:46]

########## EOF - C:\AdwCleaner[R3].txt - [1137 octets] ##########
         
__________________


Alt 17.10.2012, 14:12   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
Code:
ATTFilter
:OTL
IE - HKU\S-1-5-21-902293500-3212092362-2107603150-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.hotspotshield.com/g/?c=h
IE - HKU\S-1-5-21-902293500-3212092362-2107603150-1001\..\URLSearchHook: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files (x86)\FreeRIP Toolbar\IE\6.3\freeripToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files (x86)\FreeRIP Toolbar\IE\6.3\freeripToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
:Files
C:\Program Files (x86)\FreeRIP Toolbar
C:\ProgramData\-VEouSso7jyCKJKr
C:\ProgramData\-VEouSso7jyCKJK
C:\ProgramData\VEouSso7jyCKJK
C:\Program Files (x86)\Common Files\Spigot
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache
D:\install\DM-238.exe
D:\install\freeripmp3.61-setup.exe
G:\save\01.09.12\all-inkl\wp-content\uploads\hellc0me.php
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
__________________

Alt 17.10.2012, 18:47   #19
p.eter
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Ich habe den OTL-Fix durchgeführt. Hier der Inhalt des Logfiles:

Code:
ATTFilter
All processes killed
========== OTL ==========
HKU\S-1-5-21-902293500-3212092362-2107603150-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-902293500-3212092362-2107603150-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E634228A-03CF-4BC8-B0AB-668257F1FD8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully.
C:\Program Files (x86)\FreeRIP Toolbar\IE\6.3\freeripToolbarIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ not found.
File C:\Program Files (x86)\FreeRIP Toolbar\IE\6.3\freeripToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== FILES ==========
C:\Program Files (x86)\FreeRIP Toolbar\Res\Lang folder moved successfully.
C:\Program Files (x86)\FreeRIP Toolbar\Res folder moved successfully.
C:\Program Files (x86)\FreeRIP Toolbar\IE\6.3 folder moved successfully.
C:\Program Files (x86)\FreeRIP Toolbar\IE folder moved successfully.
C:\Program Files (x86)\FreeRIP Toolbar\FF\chrome folder moved successfully.
C:\Program Files (x86)\FreeRIP Toolbar\FF folder moved successfully.
C:\Program Files (x86)\FreeRIP Toolbar folder moved successfully.
C:\ProgramData\-VEouSso7jyCKJKr moved successfully.
C:\ProgramData\-VEouSso7jyCKJK moved successfully.
C:\ProgramData\VEouSso7jyCKJK moved successfully.
File\Folder C:\Program Files (x86)\Common Files\Spigot not found.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\aaa\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
D:\install\DM-238.exe moved successfully.
D:\install\freeripmp3.61-setup.exe moved successfully.
File\Folder G:\save\01.09.12\all-inkl\wp-content\uploads\hellc0me.php not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\aaa\Desktop\cmd.bat deleted successfully.
C:\Users\aaa\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: aaa
->Temp folder emptied: 134911235 bytes
->Temporary Internet Files folder emptied: 127924775 bytes
->FireFox cache emptied: 1155126404 bytes
->Google Chrome cache emptied: 182143562 bytes
->Flash cache emptied: 15298790 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56478 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 193350982 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84417 bytes
RecycleBin emptied: 1744816 bytes
 
Total Files Cleaned = 1.727,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 10172012_194013

Files\Folders moved on Reboot...
C:\Users\aaa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         

Alt 17.10.2012, 19:52   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!


__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.10.2012, 20:33   #21
p.eter
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Hier das Log:

Code:
ATTFilter
21:29:43.0559 229792  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
21:29:43.0759 229792  ============================================================
21:29:43.0759 229792  Current date / time: 2012/10/17 21:29:43.0759
21:29:43.0759 229792  SystemInfo:
21:29:43.0759 229792  
21:29:43.0759 229792  OS Version: 6.1.7600 ServicePack: 0.0
21:29:43.0759 229792  Product type: Workstation
21:29:43.0759 229792  ComputerName: AAA-PC
21:29:43.0759 229792  UserName: aaa
21:29:43.0759 229792  Windows directory: C:\Windows
21:29:43.0759 229792  System windows directory: C:\Windows
21:29:43.0759 229792  Running under WOW64
21:29:43.0759 229792  Processor architecture: Intel x64
21:29:43.0759 229792  Number of processors: 4
21:29:43.0759 229792  Page size: 0x1000
21:29:43.0759 229792  Boot type: Normal boot
21:29:43.0759 229792  ============================================================
21:29:44.0268 229792  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:29:44.0298 229792  ============================================================
21:29:44.0298 229792  \Device\Harddisk0\DR0:
21:29:44.0298 229792  MBR partitions:
21:29:44.0298 229792  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x1749C000
21:29:44.0328 229792  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A69D000, BlocksNum 0x1FCE8800
21:29:44.0328 229792  ============================================================
21:29:44.0368 229792  C: <-> \Device\Harddisk0\DR0\Partition1
21:29:44.0398 229792  D: <-> \Device\Harddisk0\DR0\Partition2
21:29:44.0398 229792  ============================================================
21:29:44.0398 229792  Initialize success
21:29:44.0398 229792  ============================================================
21:30:30.0146 195592  ============================================================
21:30:30.0146 195592  Scan started
21:30:30.0147 195592  Mode: Manual; SigCheck; TDLFS; 
21:30:30.0147 195592  ============================================================
21:30:31.0277 195592  ================ Scan system memory ========================
21:30:31.0277 195592  System memory - ok
21:30:31.0277 195592  ================ Scan services =============================
21:30:31.0449 195592  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:30:31.0605 195592  1394ohci - ok
21:30:31.0636 195592  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
21:30:31.0651 195592  ACPI - ok
21:30:31.0698 195592  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
21:30:31.0776 195592  AcpiPmi - ok
21:30:31.0885 195592  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:30:31.0917 195592  AdobeFlashPlayerUpdateSvc - ok
21:30:31.0976 195592  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:30:31.0998 195592  adp94xx - ok
21:30:32.0029 195592  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:30:32.0046 195592  adpahci - ok
21:30:32.0061 195592  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:30:32.0075 195592  adpu320 - ok
21:30:32.0104 195592  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:30:32.0249 195592  AeLookupSvc - ok
21:30:32.0311 195592  [ 079CBA3C5C9AB11B2B4E6BD729A860F2 ] AFBAgent        C:\Windows\system32\FBAgent.exe
21:30:32.0374 195592  AFBAgent - ok
21:30:32.0452 195592  [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD             C:\Windows\system32\drivers\afd.sys
21:30:32.0561 195592  AFD - ok
21:30:32.0608 195592  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
21:30:32.0639 195592  agp440 - ok
21:30:32.0686 195592  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:30:32.0795 195592  ALG - ok
21:30:32.0811 195592  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
21:30:32.0842 195592  aliide - ok
21:30:32.0873 195592  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
21:30:32.0889 195592  amdide - ok
21:30:32.0920 195592  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:30:32.0951 195592  AmdK8 - ok
21:30:32.0988 195592  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:30:33.0017 195592  AmdPPM - ok
21:30:33.0060 195592  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:30:33.0073 195592  amdsata - ok
21:30:33.0107 195592  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:30:33.0122 195592  amdsbs - ok
21:30:33.0141 195592  [ DB27766102C7BF7E95140A2AA81D042E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:30:33.0154 195592  amdxata - ok
21:30:33.0264 195592  [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
21:30:33.0295 195592  Amsp - ok
21:30:33.0373 195592  [ 9C7F164B49CADC658D1B3C575782F346 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
21:30:33.0451 195592  AmUStor - ok
21:30:33.0482 195592  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
21:30:33.0638 195592  AppID - ok
21:30:33.0669 195592  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:30:33.0732 195592  AppIDSvc - ok
21:30:33.0779 195592  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
21:30:33.0841 195592  Appinfo - ok
21:30:33.0888 195592  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:30:33.0919 195592  arc - ok
21:30:33.0935 195592  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:30:33.0950 195592  arcsas - ok
21:30:34.0043 195592  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:30:34.0057 195592  ASLDRService - ok
21:30:34.0086 195592  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:30:34.0097 195592  ASMMAP64 - ok
21:30:34.0142 195592  [ DF59B8E8DF0BD2E0E303778A3806A17D ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
21:30:34.0155 195592  aswFsBlk - ok
21:30:34.0171 195592  [ F8E6AB4F876FEFF69250F2E0C29EF004 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:30:34.0185 195592  aswMonFlt - ok
21:30:34.0220 195592  [ AA92BC4BCBA40CA3AA3FFD1BE24F0C09 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
21:30:34.0231 195592  aswRdr - ok
21:30:34.0268 195592  [ F06E230E1E8CA9437A6474B7B551CD37 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:30:34.0315 195592  aswSnx - ok
21:30:34.0330 195592  [ 3610CA74A69E380424F0452DEC5C1317 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:30:34.0346 195592  aswSP - ok
21:30:34.0362 195592  [ 87DE3E31CB0091D22351349869324065 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
21:30:34.0377 195592  aswTdi - ok
21:30:34.0408 195592  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:30:34.0486 195592  AsyncMac - ok
21:30:34.0533 195592  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
21:30:34.0564 195592  atapi - ok
21:30:34.0611 195592  [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
21:30:34.0627 195592  AthBTPort - ok
21:30:34.0674 195592  [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
21:30:34.0705 195592  Atheros Bt&Wlan Coex Agent - ok
21:30:34.0720 195592  [ 21753130331188C4B474E1D3B396E629 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
21:30:34.0736 195592  AtherosSvc - ok
21:30:34.0798 195592  [ DE8B9C3E0E09D918B394207F34AC16DD ] athr            C:\Windows\system32\DRIVERS\athrx.sys
21:30:34.0939 195592  athr - ok
21:30:34.0954 195592  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:30:34.0970 195592  ATKGFNEXSrv - ok
21:30:35.0011 195592  [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
21:30:35.0023 195592  ATKWMIACPIIO - ok
21:30:35.0068 195592  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:30:35.0145 195592  AudioEndpointBuilder - ok
21:30:35.0177 195592  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:30:35.0213 195592  AudioSrv - ok
21:30:35.0268 195592  [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:30:35.0274 195592  avast! Antivirus - ok
21:30:35.0336 195592  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:30:35.0430 195592  AxInstSV - ok
21:30:35.0476 195592  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:30:35.0523 195592  b06bdrv - ok
21:30:35.0570 195592  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:30:35.0617 195592  b57nd60a - ok
21:30:35.0695 195592  [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
21:30:35.0726 195592  BBSvc - ok
21:30:35.0773 195592  [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
21:30:35.0820 195592  BBUpdate - ok
21:30:35.0851 195592  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:30:35.0882 195592  BDESVC - ok
21:30:35.0913 195592  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:30:35.0997 195592  Beep - ok
21:30:36.0049 195592  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
21:30:36.0126 195592  BFE - ok
21:30:36.0166 195592  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
21:30:36.0243 195592  BITS - ok
21:30:36.0270 195592  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:30:36.0301 195592  blbdrive - ok
21:30:36.0348 195592  [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
21:30:36.0395 195592  Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
21:30:36.0395 195592  Bonjour Service - detected UnsignedFile.Multi.Generic (1)
21:30:36.0441 195592  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:30:36.0519 195592  bowser - ok
21:30:36.0566 195592  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:30:36.0613 195592  BrFiltLo - ok
21:30:36.0629 195592  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:30:36.0644 195592  BrFiltUp - ok
21:30:36.0675 195592  [ 6B054C67AAA87843504E8E3C09102009 ] Browser         C:\Windows\System32\browser.dll
21:30:36.0753 195592  Browser - ok
21:30:36.0785 195592  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:30:36.0863 195592  Brserid - ok
21:30:36.0878 195592  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:30:36.0909 195592  BrSerWdm - ok
21:30:36.0925 195592  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:30:36.0987 195592  BrUsbMdm - ok
21:30:37.0031 195592  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:30:37.0061 195592  BrUsbSer - ok
21:30:37.0102 195592  [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
21:30:37.0120 195592  BTATH_A2DP - ok
21:30:37.0147 195592  [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
21:30:37.0154 195592  BTATH_BUS - ok
21:30:37.0168 195592  [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
21:30:37.0179 195592  BTATH_HCRP - ok
21:30:37.0196 195592  [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
21:30:37.0204 195592  BTATH_LWFLT - ok
21:30:37.0217 195592  [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
21:30:37.0228 195592  BTATH_RCP - ok
21:30:37.0257 195592  [ AA0F5AFCF077C5246589B32ECEEAE566 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
21:30:37.0270 195592  BtFilter - ok
21:30:37.0319 195592  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:30:37.0444 195592  BthEnum - ok
21:30:37.0459 195592  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:30:37.0506 195592  BTHMODEM - ok
21:30:37.0537 195592  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:30:37.0584 195592  BthPan - ok
21:30:37.0615 195592  [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:30:37.0693 195592  BTHPORT - ok
21:30:37.0724 195592  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:30:37.0834 195592  bthserv - ok
21:30:37.0912 195592  [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:30:37.0974 195592  BTHUSB - ok
21:30:38.0005 195592  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:30:38.0099 195592  cdfs - ok
21:30:38.0224 195592  [ D6696435EEFD7BBDB4226C60A5B343DC ] CDMA Device Service C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
21:30:38.0270 195592  CDMA Device Service ( UnsignedFile.Multi.Generic ) - warning
21:30:38.0270 195592  CDMA Device Service - detected UnsignedFile.Multi.Generic (1)
21:30:38.0317 195592  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:30:38.0380 195592  cdrom - ok
21:30:38.0426 195592  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:30:38.0520 195592  CertPropSvc - ok
21:30:38.0567 195592  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:30:38.0614 195592  circlass - ok
21:30:38.0645 195592  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:30:38.0676 195592  CLFS - ok
21:30:38.0738 195592  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:30:38.0754 195592  clr_optimization_v2.0.50727_32 - ok
21:30:38.0801 195592  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:30:38.0816 195592  clr_optimization_v2.0.50727_64 - ok
21:30:38.0879 195592  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:30:38.0926 195592  clr_optimization_v4.0.30319_32 - ok
21:30:39.0004 195592  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:30:39.0022 195592  clr_optimization_v4.0.30319_64 - ok
21:30:39.0050 195592  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:30:39.0079 195592  CmBatt - ok
21:30:39.0100 195592  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
21:30:39.0112 195592  cmdide - ok
21:30:39.0151 195592  [ CA7720B73446FDDEC5C69519C1174C98 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:30:39.0177 195592  CNG - ok
21:30:39.0218 195592  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:30:39.0230 195592  Compbatt - ok
21:30:39.0239 195592  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:30:39.0284 195592  CompositeBus - ok
21:30:39.0291 195592  COMSysApp - ok
21:30:39.0307 195592  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:30:39.0322 195592  crcdisk - ok
21:30:39.0369 195592  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:30:39.0432 195592  CryptSvc - ok
21:30:39.0463 195592  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:30:39.0541 195592  DcomLaunch - ok
21:30:39.0572 195592  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:30:39.0619 195592  defragsvc - ok
21:30:39.0681 195592  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:30:39.0759 195592  DfsC - ok
21:30:39.0806 195592  [ F551CBB5DB009B980A03F64B09946F75 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:30:39.0837 195592  dg_ssudbus - ok
21:30:39.0900 195592  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:30:40.0048 195592  Dhcp - ok
21:30:40.0073 195592  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:30:40.0136 195592  discache - ok
21:30:40.0197 195592  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:30:40.0208 195592  Disk - ok
21:30:40.0238 195592  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:30:40.0282 195592  Dnscache - ok
21:30:40.0309 195592  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
21:30:40.0356 195592  dot3svc - ok
21:30:40.0372 195592  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
21:30:40.0434 195592  DPS - ok
21:30:40.0465 195592  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:30:40.0512 195592  drmkaud - ok
21:30:40.0559 195592  [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:30:40.0590 195592  dtsoftbus01 - ok
21:30:40.0637 195592  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:30:40.0684 195592  DXGKrnl - ok
21:30:40.0715 195592  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:30:40.0777 195592  EapHost - ok
21:30:40.0886 195592  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:30:41.0011 195592  ebdrv - ok
21:30:41.0075 195592  [ 156F6159457D0AA7E59B62681B56EB90 ] EFS             C:\Windows\System32\lsass.exe
21:30:41.0115 195592  EFS - ok
21:30:41.0162 195592  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:30:41.0219 195592  ehRecvr - ok
21:30:41.0236 195592  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:30:41.0294 195592  ehSched - ok
21:30:41.0341 195592  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:30:41.0387 195592  elxstor - ok
21:30:41.0387 195592  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
21:30:41.0434 195592  ErrDev - ok
21:30:41.0481 195592  [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
21:30:41.0528 195592  ETD - ok
21:30:41.0559 195592  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:30:41.0637 195592  EventSystem - ok
21:30:41.0684 195592  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:30:41.0715 195592  exfat - ok
21:30:41.0762 195592  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:30:41.0855 195592  fastfat - ok
21:30:41.0902 195592  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
21:30:42.0011 195592  Fax - ok
21:30:42.0041 195592  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:30:42.0069 195592  fdc - ok
21:30:42.0091 195592  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:30:42.0136 195592  fdPHost - ok
21:30:42.0156 195592  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:30:42.0198 195592  FDResPub - ok
21:30:42.0219 195592  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:30:42.0230 195592  FileInfo - ok
21:30:42.0250 195592  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:30:42.0302 195592  Filetrace - ok
21:30:42.0380 195592  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:30:42.0427 195592  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
21:30:42.0427 195592  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
21:30:42.0458 195592  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:30:42.0489 195592  flpydisk - ok
21:30:42.0536 195592  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:30:42.0567 195592  FltMgr - ok
21:30:42.0645 195592  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache       C:\Windows\system32\FntCache.dll
21:30:42.0770 195592  FontCache - ok
21:30:42.0817 195592  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:30:42.0848 195592  FontCache3.0.0.0 - ok
21:30:42.0864 195592  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:30:42.0879 195592  FsDepends - ok
21:30:42.0926 195592  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:30:42.0942 195592  fssfltr - ok
21:30:43.0073 195592  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:30:43.0138 195592  fsssvc - ok
21:30:43.0178 195592  [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:30:43.0188 195592  Fs_Rec - ok
21:30:43.0238 195592  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:30:43.0255 195592  fvevol - ok
21:30:43.0278 195592  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:30:43.0290 195592  gagp30kx - ok
21:30:43.0313 195592  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
21:30:43.0391 195592  gpsvc - ok
21:30:43.0453 195592  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:30:43.0469 195592  gupdate - ok
21:30:43.0500 195592  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:30:43.0516 195592  gupdatem - ok
21:30:43.0531 195592  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:30:43.0547 195592  gusvc - ok
21:30:43.0578 195592  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:30:43.0640 195592  hcw85cir - ok
21:30:43.0672 195592  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:30:43.0703 195592  HdAudAddService - ok
21:30:43.0750 195592  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:30:43.0828 195592  HDAudBus - ok
21:30:43.0859 195592  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:30:43.0874 195592  HidBatt - ok
21:30:43.0921 195592  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:30:43.0999 195592  HidBth - ok
21:30:44.0030 195592  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:30:44.0078 195592  HidIr - ok
21:30:44.0105 195592  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:30:44.0147 195592  hidserv - ok
21:30:44.0189 195592  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:30:44.0202 195592  HidUsb - ok
21:30:44.0232 195592  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:30:44.0280 195592  hkmsvc - ok
21:30:44.0301 195592  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:30:44.0331 195592  HomeGroupListener - ok
21:30:44.0346 195592  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:30:44.0393 195592  HomeGroupProvider - ok
21:30:44.0409 195592  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
21:30:44.0455 195592  HpSAMD - ok
21:30:44.0502 195592  [ 4F6BA9FF6C5145F52F0D0648E3DEC39F ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
21:30:44.0549 195592  hshld - ok
21:30:44.0596 195592  [ 2CFEA9C337B699ACA38487E8A7438F35 ] HssSrv          C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
21:30:44.0627 195592  HssSrv - ok
21:30:44.0658 195592  [ 9455DCB1DFE31EACC721AC4A427D1A45 ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
21:30:44.0658 195592  HssTrayService - ok
21:30:44.0689 195592  HssWd - ok
21:30:44.0736 195592  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:30:44.0830 195592  HTTP - ok
21:30:44.0861 195592  [ D96A290F699081AE737390C0FE329D7C ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:30:44.0892 195592  hwdatacard - ok
21:30:44.0908 195592  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:30:44.0923 195592  hwpolicy - ok
21:30:44.0955 195592  [ E0C7255498640FC64B19AAE17FD6F965 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
21:30:45.0001 195592  hwusbdev - ok
21:30:45.0068 195592  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:30:45.0087 195592  i8042prt - ok
21:30:45.0128 195592  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:30:45.0143 195592  iaStor - ok
21:30:45.0181 195592  [ B75E45C564E944A2657167D197AB29DA ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:30:45.0200 195592  iaStorV - ok
21:30:45.0246 195592  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:30:45.0283 195592  idsvc - ok
21:30:45.0552 195592  [ EFE5A0AF39A8E179624117C521F1E012 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:30:45.0942 195592  igfx - ok
21:30:45.0973 195592  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:30:46.0020 195592  iirsp - ok
21:30:46.0051 195592  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
21:30:46.0138 195592  IKEEXT - ok
21:30:46.0250 195592  [ C15A21B1E2291952424F361093734F95 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:30:46.0336 195592  IntcAzAudAddService - ok
21:30:46.0398 195592  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:30:46.0461 195592  IntcDAud - ok
21:30:46.0492 195592  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
21:30:46.0508 195592  intelide - ok
21:30:46.0539 195592  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:30:46.0586 195592  intelppm - ok
21:30:46.0617 195592  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:30:46.0679 195592  IPBusEnum - ok
21:30:46.0695 195592  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:30:46.0726 195592  IpFilterDriver - ok
21:30:46.0773 195592  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:30:46.0882 195592  iphlpsvc - ok
21:30:46.0913 195592  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:30:46.0929 195592  IPMIDRV - ok
21:30:46.0944 195592  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:30:46.0991 195592  IPNAT - ok
21:30:47.0022 195592  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:30:47.0054 195592  IRENUM - ok
21:30:47.0098 195592  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
21:30:47.0109 195592  isapnp - ok
21:30:47.0127 195592  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:30:47.0141 195592  iScsiPrt - ok
21:30:47.0166 195592  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:30:47.0178 195592  kbdclass - ok
21:30:47.0195 195592  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:30:47.0232 195592  kbdhid - ok
21:30:47.0286 195592  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
21:30:47.0295 195592  kbfiltr - ok
21:30:47.0304 195592  [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso          C:\Windows\system32\lsass.exe
21:30:47.0316 195592  KeyIso - ok
21:30:47.0352 195592  [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:30:47.0367 195592  KSecDD - ok
21:30:47.0367 195592  [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:30:47.0383 195592  KSecPkg - ok
21:30:47.0414 195592  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:30:47.0508 195592  ksthunk - ok
21:30:47.0539 195592  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:30:47.0617 195592  KtmRm - ok
21:30:47.0664 195592  [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
21:30:47.0695 195592  L1C - ok
21:30:47.0726 195592  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:30:47.0820 195592  LanmanServer - ok
21:30:47.0835 195592  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:30:47.0913 195592  LanmanWorkstation - ok
21:30:47.0945 195592  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:30:48.0023 195592  lltdio - ok
21:30:48.0054 195592  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:30:48.0111 195592  lltdsvc - ok
21:30:48.0146 195592  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:30:48.0180 195592  lmhosts - ok
21:30:48.0238 195592  [ 0803906D607A9B83184447B75B60ECC2 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:30:48.0268 195592  LMS - ok
21:30:48.0296 195592  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:30:48.0308 195592  LSI_FC - ok
21:30:48.0320 195592  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:30:48.0332 195592  LSI_SAS - ok
21:30:48.0338 195592  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:30:48.0354 195592  LSI_SAS2 - ok
21:30:48.0370 195592  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:30:48.0385 195592  LSI_SCSI - ok
21:30:48.0401 195592  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:30:48.0448 195592  luafv - ok
21:30:48.0526 195592  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:30:48.0557 195592  MBAMProtector - ok
21:30:48.0650 195592  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:30:48.0697 195592  MBAMScheduler - ok
21:30:48.0728 195592  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:30:48.0760 195592  MBAMService - ok
21:30:48.0791 195592  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:30:48.0869 195592  Mcx2Svc - ok
21:30:48.0884 195592  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:30:48.0900 195592  megasas - ok
21:30:48.0931 195592  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:30:48.0962 195592  MegaSR - ok
21:30:48.0978 195592  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:30:48.0994 195592  MEIx64 - ok
21:30:49.0025 195592  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:30:49.0107 195592  MMCSS - ok
21:30:49.0123 195592  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:30:49.0166 195592  Modem - ok
21:30:49.0197 195592  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:30:49.0227 195592  monitor - ok
21:30:49.0256 195592  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:30:49.0267 195592  mouclass - ok
21:30:49.0288 195592  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:30:49.0316 195592  mouhid - ok
21:30:49.0338 195592  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:30:49.0339 195592  mountmgr - ok
21:30:49.0385 195592  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:30:49.0417 195592  MozillaMaintenance - ok
21:30:49.0448 195592  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
21:30:49.0463 195592  mpio - ok
21:30:49.0479 195592  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:30:49.0510 195592  mpsdrv - ok
21:30:49.0541 195592  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:30:49.0619 195592  MpsSvc - ok
21:30:49.0619 195592  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:30:49.0651 195592  MRxDAV - ok
21:30:49.0682 195592  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:30:49.0744 195592  mrxsmb - ok
21:30:49.0775 195592  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:30:49.0822 195592  mrxsmb10 - ok
21:30:49.0853 195592  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:30:49.0900 195592  mrxsmb20 - ok
21:30:49.0931 195592  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
21:30:49.0963 195592  msahci - ok
21:30:49.0994 195592  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
21:30:50.0009 195592  msdsm - ok
21:30:50.0025 195592  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:30:50.0056 195592  MSDTC - ok
21:30:50.0085 195592  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:30:50.0133 195592  Msfs - ok
21:30:50.0162 195592  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:30:50.0193 195592  mshidkmdf - ok
21:30:50.0204 195592  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
21:30:50.0215 195592  msisadrv - ok
21:30:50.0246 195592  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:30:50.0281 195592  MSiSCSI - ok
21:30:50.0284 195592  msiserver - ok
21:30:50.0299 195592  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:30:50.0340 195592  MSKSSRV - ok
21:30:50.0355 195592  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:30:50.0402 195592  MSPCLOCK - ok
21:30:50.0433 195592  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:30:50.0480 195592  MSPQM - ok
21:30:50.0496 195592  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:30:50.0511 195592  MsRPC - ok
21:30:50.0527 195592  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:30:50.0543 195592  mssmbios - ok
21:30:50.0558 195592  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:30:50.0605 195592  MSTEE - ok
21:30:50.0605 195592  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:30:50.0636 195592  MTConfig - ok
21:30:50.0667 195592  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:30:50.0683 195592  Mup - ok
21:30:50.0714 195592  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
21:30:50.0792 195592  napagent - ok
21:30:50.0823 195592  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:30:50.0870 195592  NativeWifiP - ok
21:30:50.0933 195592  [ A3151B3463EEA7E47F618F115D0D142E ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:30:50.0995 195592  NDIS - ok
21:30:51.0011 195592  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:30:51.0057 195592  NdisCap - ok
21:30:51.0073 195592  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:30:51.0134 195592  NdisTapi - ok
21:30:51.0167 195592  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:30:51.0217 195592  Ndisuio - ok
21:30:51.0238 195592  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:30:51.0272 195592  NdisWan - ok
21:30:51.0287 195592  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:30:51.0333 195592  NDProxy - ok
21:30:51.0374 195592  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:30:51.0452 195592  NetBIOS - ok
21:30:51.0467 195592  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:30:51.0530 195592  NetBT - ok
21:30:51.0561 195592  [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon        C:\Windows\system32\lsass.exe
21:30:51.0561 195592  Netlogon - ok
21:30:51.0623 195592  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:30:51.0670 195592  Netman - ok
21:30:51.0686 195592  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:30:51.0733 195592  netprofm - ok
21:30:51.0764 195592  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:30:51.0764 195592  NetTcpPortSharing - ok
21:30:51.0779 195592  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:30:51.0795 195592  nfrd960 - ok
21:30:51.0889 195592  [ C312343F397E37F47C932833904C8A1E ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
21:30:51.0935 195592  NitroDriverReadSpool2 - ok
21:30:52.0029 195592  [ 3CC771FDB4FAAFD49B5925545FC158D6 ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
21:30:52.0060 195592  NitroReaderDriverReadSpool2 - ok
21:30:52.0112 195592  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:30:52.0221 195592  NlaSvc - ok
21:30:52.0244 195592  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:30:52.0314 195592  Npfs - ok
21:30:52.0334 195592  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:30:52.0396 195592  nsi - ok
21:30:52.0412 195592  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:30:52.0459 195592  nsiproxy - ok
21:30:52.0521 195592  [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:30:52.0599 195592  Ntfs - ok
21:30:52.0615 195592  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:30:52.0661 195592  Null - ok
21:30:52.0989 195592  [ 41A7C6ED2BAB4C304633B785C884A912 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:30:53.0359 195592  nvlddmkm - ok
21:30:53.0375 195592  [ D542153CB23459B8AAD88CF17E36B670 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
21:30:53.0391 195592  nvpciflt - ok
21:30:53.0406 195592  [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:30:53.0422 195592  nvraid - ok
21:30:53.0469 195592  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:30:53.0515 195592  nvstor - ok
21:30:53.0578 195592  [ 558490B65557A15193E56C44DCF67B64 ] NVSvc           C:\Windows\system32\nvvsvc.exe
21:30:53.0671 195592  NVSvc - ok
21:30:53.0718 195592  [ FC968EF459601BB3D18A40BB85EC5193 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:30:53.0812 195592  nvUpdatusService - ok
21:30:53.0843 195592  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
21:30:53.0843 195592  nv_agp - ok
21:30:53.0859 195592  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
21:30:53.0905 195592  ohci1394 - ok
21:30:53.0968 195592  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:30:53.0999 195592  ose - ok
21:30:54.0030 195592  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:30:54.0114 195592  p2pimsvc - ok
21:30:54.0151 195592  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:30:54.0184 195592  p2psvc - ok
21:30:54.0207 195592  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:30:54.0232 195592  Parport - ok
21:30:54.0263 195592  [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:30:54.0275 195592  partmgr - ok
21:30:54.0305 195592  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:30:54.0339 195592  PcaSvc - ok
21:30:54.0360 195592  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
21:30:54.0363 195592  pci - ok
21:30:54.0378 195592  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:30:54.0378 195592  pciide - ok
21:30:54.0394 195592  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:30:54.0409 195592  pcmcia - ok
21:30:54.0425 195592  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:30:54.0441 195592  pcw - ok
21:30:54.0472 195592  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:30:54.0519 195592  PEAUTH - ok
21:30:54.0581 195592  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:30:54.0643 195592  PerfHost - ok
21:30:54.0706 195592  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
21:30:54.0784 195592  pla - ok
21:30:54.0846 195592  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:30:54.0940 195592  PlugPlay - ok
21:30:54.0971 195592  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:30:55.0002 195592  PNRPAutoReg - ok
21:30:55.0018 195592  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:30:55.0049 195592  PNRPsvc - ok
21:30:55.0097 195592  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:30:55.0171 195592  PolicyAgent - ok
21:30:55.0205 195592  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:30:55.0260 195592  Power - ok
21:30:55.0296 195592  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:30:55.0347 195592  PptpMiniport - ok
21:30:55.0364 195592  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:30:55.0395 195592  Processor - ok
21:30:55.0426 195592  [ 97293447431311C06703368AD0F6C4BE ] ProfSvc         C:\Windows\system32\profsvc.dll
21:30:55.0504 195592  ProfSvc - ok
21:30:55.0535 195592  [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:30:55.0551 195592  ProtectedStorage - ok
21:30:55.0582 195592  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:30:55.0660 195592  Psched - ok
21:30:55.0723 195592  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:30:55.0769 195592  ql2300 - ok
21:30:55.0785 195592  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:30:55.0801 195592  ql40xx - ok
21:30:55.0832 195592  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:30:55.0847 195592  QWAVE - ok
21:30:55.0863 195592  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:30:55.0925 195592  QWAVEdrv - ok
21:30:55.0925 195592  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:30:55.0972 195592  RasAcd - ok
21:30:56.0019 195592  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:30:56.0066 195592  RasAgileVpn - ok
21:30:56.0097 195592  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:30:56.0147 195592  RasAuto - ok
21:30:56.0180 195592  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:30:56.0230 195592  Rasl2tp - ok
21:30:56.0284 195592  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
21:30:56.0355 195592  RasMan - ok
21:30:56.0364 195592  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:30:56.0413 195592  RasPppoe - ok
21:30:56.0460 195592  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:30:56.0569 195592  RasSstp - ok
21:30:56.0616 195592  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:30:56.0694 195592  rdbss - ok
21:30:56.0709 195592  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:30:56.0740 195592  rdpbus - ok
21:30:56.0772 195592  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:30:56.0803 195592  RDPCDD - ok
21:30:56.0818 195592  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:30:56.0865 195592  RDPENCDD - ok
21:30:56.0896 195592  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:30:56.0912 195592  RDPREFMP - ok
21:30:56.0959 195592  [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:30:56.0990 195592  RDPWD - ok
21:30:57.0021 195592  [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:30:57.0068 195592  rdyboost - ok
21:30:57.0084 195592  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:30:57.0141 195592  RemoteAccess - ok
21:30:57.0177 195592  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:30:57.0224 195592  RemoteRegistry - ok
21:30:57.0260 195592  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:30:57.0291 195592  RFCOMM - ok
21:30:57.0314 195592  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:30:57.0377 195592  RpcEptMapper - ok
21:30:57.0399 195592  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:30:57.0446 195592  RpcLocator - ok
21:30:57.0477 195592  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
21:30:57.0524 195592  RpcSs - ok
21:30:57.0555 195592  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:30:57.0602 195592  rspndr - ok
21:30:57.0618 195592  [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs           C:\Windows\system32\lsass.exe
21:30:57.0633 195592  SamSs - ok
21:30:57.0649 195592  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
21:30:57.0665 195592  sbp2port - ok
21:30:57.0727 195592  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
21:30:57.0789 195592  SBSDWSCService - ok
21:30:57.0805 195592  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:30:57.0852 195592  SCardSvr - ok
21:30:57.0852 195592  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:30:57.0914 195592  scfilter - ok
21:30:57.0945 195592  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
21:30:58.0055 195592  Schedule - ok
21:30:58.0086 195592  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:30:58.0150 195592  SCPolicySvc - ok
21:30:58.0186 195592  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:30:58.0237 195592  SDRSVC - ok
21:30:58.0263 195592  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:30:58.0311 195592  secdrv - ok
21:30:58.0334 195592  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
21:30:58.0383 195592  seclogon - ok
21:30:58.0400 195592  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:30:58.0462 195592  SENS - ok
21:30:58.0478 195592  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:30:58.0509 195592  SensrSvc - ok
21:30:58.0540 195592  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:30:58.0571 195592  Serenum - ok
21:30:58.0618 195592  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:30:58.0665 195592  Serial - ok
21:30:58.0696 195592  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:30:58.0712 195592  sermouse - ok
21:30:58.0758 195592  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
21:30:58.0805 195592  SessionEnv - ok
21:30:58.0805 195592  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
21:30:58.0836 195592  sffdisk - ok
21:30:58.0852 195592  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:30:58.0883 195592  sffp_mmc - ok
21:30:58.0899 195592  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
21:30:58.0930 195592  sffp_sd - ok
21:30:58.0946 195592  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:30:58.0961 195592  sfloppy - ok
21:30:58.0992 195592  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:30:59.0024 195592  SharedAccess - ok
21:30:59.0070 195592  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:30:59.0143 195592  ShellHWDetection - ok
21:30:59.0157 195592  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
21:30:59.0185 195592  SiSGbeLH - ok
21:30:59.0210 195592  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:30:59.0222 195592  SiSRaid2 - ok
21:30:59.0233 195592  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:30:59.0245 195592  SiSRaid4 - ok
21:30:59.0311 195592  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:30:59.0324 195592  SkypeUpdate - ok
21:30:59.0356 195592  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:30:59.0390 195592  Smb - ok
21:30:59.0418 195592  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:30:59.0434 195592  SNMPTRAP - ok
21:30:59.0450 195592  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:30:59.0465 195592  spldr - ok
21:30:59.0496 195592  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler         C:\Windows\System32\spoolsv.exe
21:30:59.0559 195592  Spooler - ok
21:30:59.0668 195592  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:30:59.0824 195592  sppsvc - ok
21:30:59.0855 195592  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:30:59.0886 195592  sppuinotify - ok
21:30:59.0933 195592  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:31:00.0027 195592  srv - ok
21:31:00.0058 195592  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:31:00.0105 195592  srv2 - ok
21:31:00.0139 195592  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:31:00.0170 195592  srvnet - ok
21:31:00.0205 195592  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:31:00.0258 195592  SSDPSRV - ok
21:31:00.0280 195592  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:31:00.0315 195592  SstpSvc - ok
21:31:00.0361 195592  [ 90C3D4D7B7F8F4B722EBF40B2304AB66 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:31:00.0374 195592  ssudmdm - ok
21:31:00.0404 195592  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:31:00.0404 195592  stexstor - ok
21:31:00.0435 195592  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
21:31:00.0482 195592  stisvc - ok
21:31:00.0498 195592  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:31:00.0513 195592  swenum - ok
21:31:00.0529 195592  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:31:00.0576 195592  swprv - ok
21:31:00.0607 195592  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
21:31:00.0732 195592  SysMain - ok
21:31:00.0763 195592  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:31:00.0778 195592  TabletInputService - ok
21:31:00.0810 195592  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:31:00.0856 195592  TapiSrv - ok
21:31:00.0888 195592  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:31:00.0919 195592  TBS - ok
21:31:00.0997 195592  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:31:01.0106 195592  Tcpip - ok
21:31:01.0170 195592  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:31:01.0205 195592  TCPIP6 - ok
21:31:01.0229 195592  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:31:01.0279 195592  tcpipreg - ok
21:31:01.0300 195592  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:31:01.0338 195592  TDPIPE - ok
21:31:01.0363 195592  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:31:01.0410 195592  TDTCP - ok
21:31:01.0422 195592  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:31:01.0469 195592  tdx - ok
21:31:01.0484 195592  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:31:01.0500 195592  TermDD - ok
21:31:01.0531 195592  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
21:31:01.0593 195592  TermService - ok
21:31:01.0640 195592  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:31:01.0656 195592  Themes - ok
21:31:01.0671 195592  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:31:01.0703 195592  THREADORDER - ok
21:31:01.0765 195592  [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService   C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
21:31:01.0796 195592  TiMiniService - ok
21:31:01.0827 195592  [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
21:31:01.0843 195592  tmactmon - ok
21:31:01.0859 195592  [ 360E61217D4E1E333583D0C721057F70 ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
21:31:01.0874 195592  tmcomm - ok
21:31:01.0890 195592  [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
21:31:01.0905 195592  tmevtmgr - ok
21:31:01.0937 195592  [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
21:31:01.0952 195592  tmtdi - ok
21:31:01.0968 195592  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:31:02.0030 195592  TrkWks - ok
21:31:02.0093 195592  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:31:02.0139 195592  TrustedInstaller - ok
21:31:02.0155 195592  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:31:02.0203 195592  tssecsrv - ok
21:31:02.0235 195592  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:31:02.0291 195592  tunnel - ok
21:31:02.0351 195592  [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
21:31:02.0366 195592  TurboB - ok
21:31:02.0384 195592  [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:31:02.0397 195592  TurboBoost - ok
21:31:02.0412 195592  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:31:02.0428 195592  uagp35 - ok
21:31:02.0459 195592  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:31:02.0506 195592  udfs - ok
21:31:02.0537 195592  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:31:02.0552 195592  UI0Detect - ok
21:31:02.0568 195592  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
21:31:02.0584 195592  uliagpkx - ok
21:31:02.0599 195592  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:31:02.0630 195592  umbus - ok
21:31:02.0646 195592  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:31:02.0662 195592  UmPass - ok
21:31:02.0786 195592  [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:31:02.0849 195592  UNS - ok
21:31:02.0880 195592  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:31:02.0927 195592  upnphost - ok
21:31:02.0958 195592  [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:31:03.0020 195592  usbccgp - ok
21:31:03.0052 195592  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
21:31:03.0114 195592  usbcir - ok
21:31:03.0145 195592  [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:31:03.0185 195592  usbehci - ok
21:31:03.0212 195592  [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:31:03.0247 195592  usbhub - ok
21:31:03.0268 195592  [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:31:03.0292 195592  usbohci - ok
21:31:03.0330 195592  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:31:03.0361 195592  usbprint - ok
21:31:03.0394 195592  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:31:03.0428 195592  usbscan - ok
21:31:03.0442 195592  [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:31:03.0489 195592  USBSTOR - ok
21:31:03.0520 195592  [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:31:03.0551 195592  usbuhci - ok
21:31:03.0613 195592  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:31:03.0660 195592  usbvideo - ok
21:31:03.0691 195592  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:31:03.0769 195592  UxSms - ok
21:31:03.0785 195592  [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc        C:\Windows\system32\lsass.exe
21:31:03.0801 195592  VaultSvc - ok
21:31:03.0816 195592  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
21:31:03.0832 195592  vdrvroot - ok
21:31:03.0847 195592  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
21:31:03.0894 195592  vds - ok
21:31:03.0925 195592  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:31:03.0941 195592  vga - ok
21:31:03.0957 195592  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:31:04.0003 195592  VgaSave - ok
21:31:04.0019 195592  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
21:31:04.0035 195592  vhdmp - ok
21:31:04.0050 195592  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
21:31:04.0066 195592  viaide - ok
21:31:04.0081 195592  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
21:31:04.0097 195592  volmgr - ok
21:31:04.0113 195592  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:31:04.0128 195592  volmgrx - ok
21:31:04.0175 195592  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
21:31:04.0199 195592  volsnap - ok
21:31:04.0219 195592  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:31:04.0233 195592  vsmraid - ok
21:31:04.0288 195592  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
21:31:04.0369 195592  VSS - ok
21:31:04.0381 195592  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:31:04.0409 195592  vwifibus - ok
21:31:04.0428 195592  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:31:04.0467 195592  vwififlt - ok
21:31:04.0483 195592  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:31:04.0546 195592  W32Time - ok
21:31:04.0561 195592  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:31:04.0592 195592  WacomPen - ok
21:31:04.0624 195592  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:31:04.0670 195592  WANARP - ok
21:31:04.0670 195592  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:31:04.0702 195592  Wanarpv6 - ok
21:31:04.0795 195592  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:31:04.0873 195592  WatAdminSvc - ok
21:31:04.0920 195592  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
21:31:05.0045 195592  wbengine - ok
21:31:05.0060 195592  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:31:05.0123 195592  WbioSrvc - ok
21:31:05.0154 195592  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:31:05.0263 195592  wcncsvc - ok
21:31:05.0295 195592  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:31:05.0341 195592  WcsPlugInService - ok
21:31:05.0357 195592  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:31:05.0373 195592  Wd - ok
21:31:05.0404 195592  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:31:05.0419 195592  Wdf01000 - ok
21:31:05.0435 195592  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:31:05.0466 195592  WdiServiceHost - ok
21:31:05.0466 195592  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:31:05.0482 195592  WdiSystemHost - ok
21:31:05.0513 195592  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient       C:\Windows\System32\webclnt.dll
21:31:05.0560 195592  WebClient - ok
21:31:05.0591 195592  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:31:05.0638 195592  Wecsvc - ok
21:31:05.0653 195592  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:31:05.0700 195592  wercplsupport - ok
21:31:05.0731 195592  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:31:05.0778 195592  WerSvc - ok
21:31:05.0794 195592  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:31:05.0887 195592  WfpLwf - ok
21:31:05.0919 195592  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
21:31:05.0934 195592  WimFltr - ok
21:31:05.0950 195592  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:31:05.0950 195592  WIMMount - ok
21:31:05.0981 195592  WinDefend - ok
21:31:05.0981 195592  WinHttpAutoProxySvc - ok
21:31:06.0043 195592  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:31:06.0121 195592  Winmgmt - ok
21:31:06.0222 195592  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:31:06.0325 195592  WinRM - ok
21:31:06.0391 195592  [ 4D52C872018AF7E18D078978DCC3F6F2 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:31:06.0427 195592  WinUsb - ok
21:31:06.0478 195592  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:31:06.0556 195592  Wlansvc - ok
21:31:06.0603 195592  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:31:06.0634 195592  wlcrasvc - ok
21:31:06.0743 195592  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:31:06.0821 195592  wlidsvc - ok
21:31:06.0852 195592  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:31:06.0899 195592  WmiAcpi - ok
21:31:06.0930 195592  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:31:06.0977 195592  wmiApSrv - ok
21:31:07.0008 195592  WMPNetworkSvc - ok
21:31:07.0055 195592  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:31:07.0086 195592  WPCSvc - ok
21:31:07.0118 195592  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:31:07.0196 195592  WPDBusEnum - ok
21:31:07.0223 195592  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:31:07.0270 195592  ws2ifsl - ok
21:31:07.0293 195592  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:31:07.0334 195592  wscsvc - ok
21:31:07.0336 195592  WSearch - ok
21:31:07.0443 195592  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:31:07.0511 195592  wuauserv - ok
21:31:07.0543 195592  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:31:07.0589 195592  WudfPf - ok
21:31:07.0636 195592  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:31:07.0699 195592  WUDFRd - ok
21:31:07.0730 195592  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:31:07.0777 195592  wudfsvc - ok
21:31:07.0823 195592  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:31:07.0886 195592  WwanSvc - ok
21:31:07.0917 195592  ================ Scan global ===============================
21:31:07.0933 195592  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:31:07.0964 195592  [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
21:31:07.0995 195592  [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
21:31:08.0026 195592  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:31:08.0089 195592  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:31:08.0104 195592  [Global] - ok
21:31:08.0104 195592  ================ Scan MBR ==================================
21:31:08.0120 195592  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:31:08.0528 195592  \Device\Harddisk0\DR0 - ok
21:31:08.0528 195592  ================ Scan VBR ==================================
21:31:08.0528 195592  [ 7851B65E3BA1A652E8EF0447861F70AC ] \Device\Harddisk0\DR0\Partition1
21:31:08.0528 195592  \Device\Harddisk0\DR0\Partition1 - ok
21:31:08.0559 195592  [ 07A965B20EF0C35BE4AF33D6794A63E2 ] \Device\Harddisk0\DR0\Partition2
21:31:08.0559 195592  \Device\Harddisk0\DR0\Partition2 - ok
21:31:08.0559 195592  ============================================================
21:31:08.0559 195592  Scan finished
21:31:08.0559 195592  ============================================================
21:31:08.0575 231856  Detected object count: 3
21:31:08.0575 231856  Actual detected object count: 3
21:32:48.0662 231856  Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:32:48.0662 231856  Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:32:48.0662 231856  CDMA Device Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:32:48.0662 231856  CDMA Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:32:48.0662 231856  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:32:48.0662 231856  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 17.10.2012, 21:16   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.10.2012, 22:58   #23
p.eter
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Hier der Inhalt des Logfiles: (Die Datei, die automatisch geöffnet wurde heißt allerdings "log". Combofix.txt gibt es auch unter c:\ und scheint den selben Inhalt zu haben)

Code:
ATTFilter
ComboFix 12-10-17.05 - aaa 17.10.2012  23:05:21.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.4008.2439 [GMT 2:00]
ausgeführt von:: c:\users\aaa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\aaa\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NVSvc
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-09-17 bis 2012-10-17  ))))))))))))))))))))))))))))))
.
.
2012-10-17 21:16 . 2012-10-17 21:16	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-10-17 17:40 . 2012-10-17 17:40	--------	d-----w-	C:\_OTL
2012-10-10 21:19 . 2012-08-24 18:05	220160	----a-w-	c:\windows\system32\wintrust.dll
2012-10-10 21:19 . 2012-08-24 17:10	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-10-10 21:19 . 2012-09-14 19:23	2048	----a-w-	c:\windows\system32\tzres.dll
2012-10-10 21:19 . 2012-09-14 18:30	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-10-10 21:19 . 2012-08-11 00:53	714752	----a-w-	c:\windows\system32\kerberos.dll
2012-10-10 21:19 . 2012-08-10 23:54	541184	----a-w-	c:\windows\SysWow64\kerberos.dll
2012-10-10 21:19 . 2012-06-02 05:25	1462784	----a-w-	c:\windows\system32\crypt32.dll
2012-10-10 21:19 . 2012-06-02 05:25	182272	----a-w-	c:\windows\system32\cryptsvc.dll
2012-10-10 21:19 . 2012-06-02 05:25	140288	----a-w-	c:\windows\system32\cryptnet.dll
2012-10-10 21:19 . 2012-06-02 04:45	139264	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2012-10-10 21:19 . 2012-06-02 04:45	1157632	----a-w-	c:\windows\SysWow64\crypt32.dll
2012-10-10 21:19 . 2012-06-02 04:45	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2012-10-03 00:34 . 2012-10-03 00:34	--------	d-----w-	c:\users\aaa\AppData\Roaming\Apple Computer
2012-10-03 00:34 . 2012-10-03 00:34	--------	d-----w-	c:\users\aaa\AppData\Local\Apple Computer
2012-10-03 00:34 . 2012-10-03 00:34	--------	d-----w-	c:\users\aaa\AppData\Roaming\Artisteer
2012-10-03 00:32 . 2012-10-03 00:32	--------	d-----w-	c:\program files (x86)\Artisteer 4
2012-09-23 01:00 . 2012-08-24 10:14	816640	----a-w-	c:\windows\system32\jscript.dll
2012-09-23 01:00 . 2012-08-24 10:13	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-09-23 01:00 . 2012-08-24 10:12	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-09-23 01:00 . 2012-08-24 10:24	499200	----a-w-	c:\program files\Internet Explorer\jsdbgui.dll
2012-09-23 01:00 . 2012-08-24 06:53	678912	----a-w-	c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-09-23 01:00 . 2012-08-24 06:52	387584	----a-w-	c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-09-23 01:00 . 2012-08-24 10:25	887296	----a-w-	c:\program files\Internet Explorer\iedvtool.dll
2012-09-23 01:00 . 2012-08-24 11:15	17810944	----a-w-	c:\windows\system32\mshtml.dll
2012-09-23 01:00 . 2012-08-24 10:39	10925568	----a-w-	c:\windows\system32\ieframe.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-17 17:44 . 2011-07-22 04:14	45056	----a-w-	c:\windows\system32\acovcnt.exe
2012-10-12 23:32 . 2012-04-15 12:07	696760	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-12 23:32 . 2011-09-04 12:15	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-07 15:04 . 2012-03-29 23:48	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-09-07 11:01 . 2012-09-07 11:01	95208	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-07 11:01 . 2012-09-07 11:02	821736	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-09-07 11:01 . 2011-07-26 11:58	746984	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-08-18 11:19 . 2012-10-10 21:20	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-08-02 17:55 . 2012-09-12 10:04	574464	----a-w-	c:\windows\system32\d3d10level9.dll
2012-08-02 17:05 . 2012-09-12 10:04	490496	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2012-07-26 18:26 . 2012-08-05 18:03	17928	----a-w-	c:\windows\system32\nitrolocalui2.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-22 20880]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-08-22 958352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-1-12 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-7-26 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 135664]
R2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2011-11-23 330072]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-12 250808]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-08-11 95544]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 135664]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-06-22 113792]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-08-11 203320]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-16 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-02-08 25960]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-22 279616]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-11-30 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S2 CDMA Device Service;CDMA Device Service;c:\program files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-08-02 159232]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2011-11-23 329544]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2012-07-26 216072]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-06-25 216080]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-08 2009704]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 23:32]
.
2012-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 15:50]
.
2012-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 15:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21	133400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-10 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-10 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-10 418328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-08-22 3507088]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2780776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = 
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = about:blank
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\aaa\AppData\Roaming\Mozilla\Firefox\Profiles\8y3gmv8h.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=386496&p=
FF - ExtSQL: 2012-10-07 23:44; ich@maltegoetz.de; c:\users\aaa\AppData\Roaming\Mozilla\Firefox\Profiles\8y3gmv8h.default\extensions\ich@maltegoetz.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-{E634228A-03CF-4BC8-B0AB-668257F1FD8C} - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\&'*]
"7040110900063D11C8EF10054038389C"="C?\\Windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrustedInstaller\Security]
@DACL=(02 0000)
@SACL=
"Security"=hex:01,00,14,80,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,
   00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-17  23:54:29 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-10-17 21:54
.
Vor Suchlauf: 14 Verzeichnis(se), 129.717.391.360 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 128.949.067.776 Bytes frei
.
- - End Of File - - FA591534D88053660029A7A21920579E
         

Geändert von p.eter (17.10.2012 um 23:04 Uhr)

Alt 18.10.2012, 09:34   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Code:
ATTFilter
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
         
Ist da tatsächlich Avast und TrendMicro parallel installiert?!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 18.10.2012, 14:40   #25
p.eter
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Ja sind beide installiert. Welches soll ich löschen?

Alt 18.10.2012, 14:59   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Ich würde TrendMicro deinstallieren
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 18.10.2012, 15:22   #27
p.eter
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Ok, ich habe TrendMicro deinstalliert. Bei avast hatte ich den Echtzeit-Schutz wegen der ganzen Behandlung ausgeschaltet. Soll ich wieder einschalten? Und ist der Computer jetzt bereinigt?

Alt 18.10.2012, 15:56   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 18.10.2012, 17:26   #29
p.eter
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



GMER hat kurz etwas gemacht und dann kam nichts mehr, es war allerdings nichts eingefroren.

Hier das OSAM Log:

Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:05:10 on 18.10.2012

OS: Windows 7 Home Premium Edition (Build 7600), 64-bit
Default Browser: Mozilla Corporation Firefox 15.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ASMMAP64" (ASMMAP64) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
"aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys
"aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys
"aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\System32\Drivers\aswrdr2.sys
"aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys
"aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys
"ATKWMIACPI Driver" (ATKWMIACPIIO) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
"avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\OFFICE11\msohev.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\OFFICE11\MLSHEXT.DLL
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\OFFICE11\OLKFSTUB.DLL
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? -   (File not found | COM-object registry key not found)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? -   (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? -   (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "ClsidExtension" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "avast! WebRep" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
{E634228A-03CF-4BC8-B0AB-668257F1FD8C} "FreeRIP Toolbar" - ? -   (File not found | COM-object registry key not found)
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "CIESpeechBHO Class" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} "Google Dictionary Compression sdch" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} "{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" - ? -   (File not found | COM-object registry key not found)

[Known DLLs]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )-----
"advapi32" - "Microsoft Corporation" - C:\Windows\system32\advapi32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"clbcatq" - "Microsoft Corporation" - C:\Windows\system32\clbcatq.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"COMDLG32" - "Microsoft Corporation" - C:\Windows\system32\COMDLG32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"DifxApi" - "Microsoft Corporation" - C:\Windows\system32\difxapi.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"gdi32" - "Microsoft Corporation" - C:\Windows\system32\gdi32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"IERTUTIL" - "Microsoft Corporation" - C:\Windows\system32\IERTUTIL.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"IMAGEHLP" - "Microsoft Corporation" - C:\Windows\system32\IMAGEHLP.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"IMM32" - "Microsoft Corporation" - C:\Windows\system32\IMM32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"kernel32" - "Microsoft Corporation" - C:\Windows\system32\kernel32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"LPK" - "Microsoft Corporation" - C:\Windows\system32\LPK.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"MSCTF" - "Microsoft Corporation" - C:\Windows\system32\MSCTF.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"MSVCRT" - "Microsoft Corporation" - C:\Windows\system32\MSVCRT.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"NORMALIZ" - "Microsoft Corporation" - C:\Windows\system32\NORMALIZ.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"NSI" - "Microsoft Corporation" - C:\Windows\system32\NSI.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"ole32" - "Microsoft Corporation" - C:\Windows\system32\ole32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"OLEAUT32" - "Microsoft Corporation" - C:\Windows\system32\OLEAUT32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"PSAPI" - "Microsoft Corporation" - C:\Windows\system32\PSAPI.DLL  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"rpcrt4" - "Microsoft Corporation" - C:\Windows\system32\rpcrt4.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"sechost" - "Microsoft Corporation" - C:\Windows\system32\sechost.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"Setupapi" - "Microsoft Corporation" - C:\Windows\system32\Setupapi.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"SHELL32" - "Microsoft Corporation" - C:\Windows\system32\SHELL32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"SHLWAPI" - "Microsoft Corporation" - C:\Windows\system32\SHLWAPI.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"URLMON" - "Microsoft Corporation" - C:\Windows\system32\URLMON.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"user32" - "Microsoft Corporation" - C:\Windows\system32\user32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"USP10" - "Microsoft Corporation" - C:\Windows\system32\USP10.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"WININET" - "Microsoft Corporation" - C:\Windows\system32\WININET.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"WLDAP32" - "Microsoft Corporation" - C:\Windows\system32\WLDAP32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"WS2_32" - "Microsoft Corporation" - C:\Windows\system32\WS2_32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Intel(R) Turbo Boost Technology Monitor 2.0.lnk" - ? - C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk  (Shortcut exists | File not found)
"OpenOffice.org 3.3.lnk" - ? - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"AsusVibeLauncher.lnk" - ? - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"FancyStart daemon.lnk" - "ASUSTeK Computer Inc." - C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"DAEMON Tools Lite" - "DT Soft Ltd" - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"KiesPDLR" - ? - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
"SpybotSD TeaTimer" - "Safer-Networking Ltd." - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
"Syncables" - "syncables, LLC" - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"ATKMEDIA" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
"ATKOSD2" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
"avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
"HControlUser" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
"KiesHelper" - "Samsung" - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
"Nuance PDF Reader-reminder" - "Nuance Communications, Inc." - "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"UpdateLBPShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"UpdateP2GoShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
"WinampAgent" - "Nullsoft, Inc." - "C:\Program Files (x86)\Winamp\winampa.exe"
"Wireless Console 3" - ? - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Nitro PDF Port Monitor" - "Nitro PDF Software" - C:\Windows\system32\nitrolocalmon2.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##" (Bonjour Service) - "Apple Computer, Inc." - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll  (File not found)
"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe"  (File not found)
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"AFBAgent" (AFBAgent) - "ASUSTeK Computer Inc." - C:\Windows\system32\FBAgent.exe
"ASLDR Service" (ASLDRService) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
"Atheros Bt&Wlan Coex Agent" (Atheros Bt&Wlan Coex Agent) - "Atheros" - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
"AtherosSvc" (AtherosSvc) - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
"ATKGFNEX Service" (ATKGFNEXSrv) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
"avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
"BBUpdate" (BBUpdate) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
"BingBar Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
"CDMA Device Service" (CDMA Device Service) - ? - C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Hotspot Shield Monitoring Service" (HssWd) - ? - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe  (File found, but it contains no detailed information)
"Hotspot Shield Routing Service" (HssSrv) - ? - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
"Hotspot Shield Service" (hshld) - ? - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe  (File found, but it contains no detailed information)
"Hotspot Shield Tray Service" (HssTrayService) - ? - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE  (File found, but it contains no detailed information)
"Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
"Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
"Intel(R) Turbo Boost Technology Monitor 2.0" (TurboBoost) - "Intel(R) Corporation" - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
"MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
"NitroPDFDriverCreatorReadSpool2" (NitroDriverReadSpool2) - "Nitro PDF Software" - C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
"NitroPDFReaderDriverCreatorReadSpool2" (NitroReaderDriverReadSpool2) - "Nitro PDF Software" - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
"NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"SBSD Security Center Service" (SBSDWSCService) - "Safer Networking Ltd." - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe
"Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Computer, Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
         
Und hier der Inhalt von aswMBR.txt:

Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-18 18:06:47
-----------------------------
18:06:47.882    OS Version: Windows x64 6.1.7600 
18:06:47.882    Number of processors: 4 586 0x2A07
18:06:47.882    ComputerName: AAA-PC  UserName: aaa
18:06:48.676    Initialize success
18:06:48.783    AVAST engine defs: 12101801
18:07:01.910    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:07:01.916    Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3
18:07:01.984    Disk 0 MBR read successfully
18:07:01.989    Disk 0 MBR scan
18:07:01.997    Disk 0 Windows 7 default MBR code
18:07:02.008    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    25600 MB offset 2048
18:07:02.023    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       190776 MB offset 52430848
18:07:02.029    Disk 0 Partition - 00     0F Extended LBA            260562 MB offset 443140096
18:07:02.064    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       260561 MB offset 443142144
18:07:02.126    Disk 0 scanning C:\Windows\system32\drivers
18:07:12.150    Service scanning
18:07:40.652    Modules scanning
18:07:40.667    Disk 0 trace - called modules:
18:07:40.730    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
18:07:40.745    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006966060]
18:07:40.761    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8004afd800]
18:07:40.777    5 ACPI.sys[fffff88000e0b781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b03050]
18:07:41.358    AVAST engine scan C:\Windows
18:07:44.363    AVAST engine scan C:\Windows\system32
18:10:02.721    AVAST engine scan C:\Windows\system32\drivers
18:10:13.893    AVAST engine scan C:\Users\aaa
18:13:39.449    AVAST engine scan C:\ProgramData
18:16:55.224    Scan finished successfully
18:21:54.040    Disk 0 MBR has been saved successfully to "C:\Users\aaa\Desktop\MBR.dat"
18:21:54.056    The log file has been saved successfully to "C:\Users\aaa\Desktop\aswMBR.txt"
         

Alt 18.10.2012, 19:50   #30
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Überreste von SMART HDD oder ähnlichem - Standard

Überreste von SMART HDD oder ähnlichem



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Überreste von SMART HDD oder ähnlichem
andere, anderen, befallen, behandlung, board, computer, einstellung, gen, gesuch, gesucht, hilfesuche, hänger, individuelle, langsamer, laufen, logfiles, lösungen, nicht mehr, poste, posten, smart, tools, veränderungen, viren, wähle, Überreste



Ähnliche Themen: Überreste von SMART HDD oder ähnlichem


  1. Plus500 Smart Installer - Malware oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 27.07.2015 (2)
  2. Rechner in Netzwerk mit ähnlichem Problem (Werbung, wo keine sein sollte)
    Plagegeister aller Art und deren Bekämpfung - 23.12.2014 (3)
  3. Überreste von AV's sowie Adware.
    Log-Analyse und Auswertung - 22.04.2014 (11)
  4. System mit BKA-Trojaner ähnlichem Schädling infiziert (Win7 Home Premium)
    Log-Analyse und Auswertung - 17.04.2014 (7)
  5. Vista: schwerwiegender Trojanerbefall von Necrus!A und ähnlichem
    Log-Analyse und Auswertung - 27.01.2014 (23)
  6. Vermeintliche Links in Texten entpuppen sich als Werbefenster oder ähnlichem
    Plagegeister aller Art und deren Bekämpfung - 22.10.2013 (14)
  7. Überreste von JS/exploit.Blacole.ec
    Plagegeister aller Art und deren Bekämpfung - 01.08.2012 (11)
  8. Infizierung mit Csrss oder ähnlichem?
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (16)
  9. Unbekannte Vireninfektion (möglicherweise Smart Fortress 2012) - Gelöst oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 30.05.2012 (3)
  10. Überreste - Antivirus Action
    Plagegeister aller Art und deren Bekämpfung - 19.10.2010 (1)
  11. ESET Smart Security oder ESET NOD32 Antivirus?
    Antiviren-, Firewall- und andere Schutzprogramme - 18.10.2010 (1)
  12. Male War Doctor.. | Überreste
    Plagegeister aller Art und deren Bekämpfung - 04.05.2010 (2)
  13. Überreste von Bifrost?
    Log-Analyse und Auswertung - 24.09.2009 (23)
  14. Überreste von Virus
    Log-Analyse und Auswertung - 27.07.2009 (12)
  15. Trojaner Überreste? 1.tmp
    Log-Analyse und Auswertung - 07.03.2007 (1)
  16. Überreste des MSN Wurms ?
    Log-Analyse und Auswertung - 10.09.2006 (4)
  17. E-Mails unterwegs mit PDA oder Ähnlichem
    Netzwerk und Hardware - 04.01.2003 (2)

Zum Thema Überreste von SMART HDD oder ähnlichem - Hm, da ist immer noch Toolbar-Müll drin Bitte mal den aktuellen adwCleaner runterladen, also die alte adwcleaner löschen und neu runterladen adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir - Überreste von SMART HDD oder ähnlichem...
Archiv
Du betrachtest: Überreste von SMART HDD oder ähnlichem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.