| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.10.2012, 12:23
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? das war leider kein Customscan!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.10.2012, 17:20
| #17 |
 | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? Da hab ich mich wohl ein bisschen verklickt. Ist es so richtig?
__________________Code:
ATTFilter OTL logfile created on: 10.10.2012 18:19:47 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tobi\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,13 Gb Available Physical Memory | 56,39% Memory free 4,00 Gb Paging File | 2,98 Gb Available in Paging File | 74,50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 100,00 Gb Total Space | 39,82 Gb Free Space | 39,82% Space Free | Partition Type: NTFS Drive D: | 365,75 Gb Total Space | 333,21 Gb Free Space | 91,10% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: TOBIAS-PC | User Name: tobi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.10 18:19:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tobi\Downloads\OTL.exe PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012.03.01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.02.29 22:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012.02.29 22:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe PRC - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011.11.11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe ========== Modules (No Company Name) ========== MOD - [2012.10.04 03:16:00 | 000,460,312 | ---- | M] () -- C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll MOD - [2012.10.04 03:15:58 | 012,435,992 | ---- | M] () -- C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll MOD - [2012.10.04 03:15:56 | 004,005,912 | ---- | M] () -- C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\pdf.dll MOD - [2012.10.04 03:14:41 | 000,578,072 | ---- | M] () -- C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\libglesv2.dll MOD - [2012.10.04 03:14:40 | 000,123,928 | ---- | M] () -- C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\libegl.dll MOD - [2012.10.04 03:14:29 | 000,156,712 | ---- | M] () -- C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\avutil-51.dll MOD - [2012.10.04 03:14:27 | 000,275,496 | ---- | M] () -- C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\avformat-54.dll MOD - [2012.10.04 03:14:26 | 002,168,360 | ---- | M] () -- C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\avcodec-54.dll MOD - [2011.03.01 23:15:28 | 000,126,808 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2011.03.01 23:15:28 | 000,027,480 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2011.03.01 23:15:04 | 000,340,824 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2011.03.01 23:14:42 | 007,954,776 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2011.03.01 23:14:30 | 002,143,576 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QTCore4.dll ========== Services (SafeList) ========== SRV - [2012.10.09 01:25:10 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.05.08 20:20:27 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.08 20:20:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.03.01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.05.15 21:25:00 | 004,264,632 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva396.sys -- (XDva396) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva394.sys -- (XDva394) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva393.sys -- (XDva393) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva392.sys -- (XDva392) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva391.sys -- (XDva391) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.08.01 20:13:42 | 000,035,560 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\hssdrv6.sys -- (HssDRV6) DRV - [2012.08.01 20:13:40 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss) DRV - [2012.05.08 20:20:28 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.05.08 20:20:28 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.03.01 01:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012.01.18 08:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUVC.sys -- (LVUVC) DRV - [2012.01.18 08:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS) DRV - [2011.09.16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.11.01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Programme\IObit\Game Booster\Driver\WinRing0.sys -- (WinRing0_1_2_0) DRV - [2010.09.17 06:10:36 | 000,596,992 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su) DRV - [2010.08.12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET) DRV - [2010.08.04 21:17:00 | 001,143,920 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) DRV - [2009.06.28 18:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{131F6471-85EE-A581-8606-33A1069F7D1E}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.27010003&st=12&q={searchTerms}&barid={4EC70E52-06F7-4858-A5B8-B79C7BAEBEF1} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1740813220-741005101-994693073-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/ IE - HKU\S-1-5-21-1740813220-741005101-994693073-1005\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found IE - HKU\S-1-5-21-1740813220-741005101-994693073-1005\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9D 13 3C 43 99 83 CD 01 [binary data] IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.bing.com/search?q={searchTerms} IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.bing.com/search?q={searchTerms} IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\..\URLSearchHook: {b106b661-3e1b-4015-af5c-195e909f35c6} - No CLSID value found IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\..\SearchScopes\{131F6471-85EE-A581-8606-33A1069F7D1E}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.27010003&st=12&q={searchTerms}&barid={4EC70E52-06F7-4858-A5B8-B79C7BAEBEF1} IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\tobi\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\tobi\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) [2011.10.25 13:49:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.07.07 16:00:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} ========== Chrome ========== CHR - default_search_provider: Yahoo! Deutschland (Enabled) CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms} CHR - default_search_provider: suggest_url = hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\tobi\AppData\Local\Google\Chrome\Application\22.0.1229.92\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll CHR - plugin: Google Update (Enabled) = C:\Users\tobi\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - Extension: Angry Birds = C:\Users\tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Users\tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: busuu.com (de) = C:\Users\tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\epadnjldocmkadjbopkanclaamocokoo\2.0_0\ CHR - Extension: Autumn = C:\Users\tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncooeidkmfddiohbpfcfbenjdnpdkac\1.3_0\ CHR - Extension: Angry Birds = C:\Users\tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Users\tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: busuu.com (de) = C:\Users\tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\epadnjldocmkadjbopkanclaamocokoo\2.0_0\ CHR - Extension: Autumn = C:\Users\tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncooeidkmfddiohbpfcfbenjdnpdkac\1.3_0\ Hosts file not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - 10 - Reg Error: Value error. File not found O3 - HKU\S-1-5-21-1740813220-741005101-994693073-1006\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKU\S-1-5-21-1740813220-741005101-994693073-1006\..\Toolbar\WebBrowser: (no name) - {B106B661-3E1B-4015-AF5C-195E909F35C6} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1740813220-741005101-994693073-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A31FD043-45E1-4BFF-9118-DA9E3AEBAC0A}: NameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^Users^Tobi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - - File not found MsConfig - StartUpReg: Aeria Ignite - hkey= - key= - File not found MsConfig - StartUpReg: Speech Recognition - hkey= - key= - C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) MsConfig - StartUpReg: Steam - hkey= - key= - File not found MsConfig - StartUpReg: SweetIM - hkey= - key= - File not found MsConfig - StartUpReg: Sweetpacks Communicator - hkey= - key= - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - ActiveX: >{71EB8EDA-CA53-4ED1-B8F4-4EA1C043F44D} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1 [2012.10.09 12:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.10.07 15:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite [2012.10.07 15:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs [2012.10.07 00:39:19 | 000,000,000 | ---D | C] -- C:\Users\tobi\AppData\Roaming\Malwarebytes [2012.10.07 00:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.07 00:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.07 00:39:16 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.10.07 00:39:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.10.07 00:02:04 | 000,000,000 | ---D | C] -- C:\Users\tobi\Desktop\T-Board [2012.10.06 21:58:32 | 000,000,000 | ---D | C] -- C:\Users\tobi\AppData\Local\CRE [2012.10.06 21:57:54 | 000,000,000 | ---D | C] -- C:\Users\tobi\AppData\Roaming\NCH Software [2012.10.06 21:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software [2012.10.06 21:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software [2012.10.06 15:26:00 | 000,000,000 | ---D | C] -- C:\Users\tobi\AppData\Local\ElevatedDiagnostics [2012.09.26 22:37:41 | 000,000,000 | ---D | C] -- C:\Users\tobi\Documents\TmForever [2012.09.16 11:16:58 | 000,000,000 | ---D | C] -- C:\Riot Games [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.10 18:17:03 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1006UA.job [2012.10.10 18:15:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.10 18:15:45 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.10.10 18:15:41 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys [2012.10.10 13:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.10 12:09:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1004UA.job [2012.10.10 12:00:02 | 000,016,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.10 12:00:02 | 000,016,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.09 23:17:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1006Core.job [2012.10.09 17:21:25 | 000,002,479 | ---- | M] () -- C:\Users\tobi\Desktop\Google Chrome.lnk [2012.10.09 03:09:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1004Core.job [2012.10.07 15:03:22 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\NCH Tone Generator.lnk [2012.10.07 10:28:31 | 000,404,280 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.07 00:55:48 | 000,000,000 | ---- | M] () -- C:\Users\tobi\defogger_reenable [2012.10.07 00:21:49 | 000,295,546 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.07 00:21:49 | 000,035,608 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.07 00:03:37 | 000,141,086 | ---- | M] () -- C:\Users\tobi\AppData\Local\funmoods-speeddial_sf.crx [2012.10.06 21:58:45 | 000,000,009 | ---- | M] () -- C:\END [2012.10.06 21:57:58 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\MixPad Audiodatei-Mixer.lnk [2012.10.06 21:57:42 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\WavePad Audiobearbeitungs-Software.lnk [2012.09.16 11:22:16 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2012.09.16 11:13:37 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.07 15:03:22 | 000,001,096 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Tone Generator.lnk [2012.10.07 15:03:22 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\NCH Tone Generator.lnk [2012.10.07 00:55:48 | 000,000,000 | ---- | C] () -- C:\Users\tobi\defogger_reenable [2012.10.07 00:03:45 | 000,141,086 | ---- | C] () -- C:\Users\tobi\AppData\Local\funmoods-speeddial_sf.crx [2012.10.06 21:58:44 | 000,000,009 | ---- | C] () -- C:\END [2012.10.06 21:57:58 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\MixPad Audiodatei-Mixer.lnk [2012.10.06 21:57:57 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixPad Audiodatei-Mixer.lnk [2012.10.06 21:57:42 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\WavePad Audiobearbeitungs-Software.lnk [2012.10.06 21:57:41 | 000,001,819 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Audiobearbeitungs-Software.lnk [2012.10.04 20:39:55 | 000,404,280 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012.09.16 11:22:16 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2012.07.02 18:55:30 | 000,054,819 | ---- | C] () -- C:\Windows\War3Unin.dat [2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2012.01.18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2012.01.18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2012.01.18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2011.11.30 17:51:43 | 000,020,312 | ---- | C] () -- C:\Windows\System32\RegistryDefragBootTime.exe [2011.11.17 03:40:38 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2011.08.12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll [2011.07.22 22:00:02 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI [2011.07.09 12:59:24 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2011.07.08 17:25:15 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.07.07 12:29:08 | 000,006,136 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2011.12.14 19:39:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software [2012.07.03 14:20:49 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\DarksporeData [2012.07.16 20:01:50 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\LolClient [2012.10.10 01:51:13 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\TS3Client [2012.08.12 16:43:17 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\ts3overlay ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.08.02 16:14:20 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\Adobe [2012.07.02 18:32:06 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\Avira [2012.07.03 14:20:49 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\DarksporeData [2012.07.02 18:26:45 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\Identities [2012.07.16 20:01:50 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\LolClient [2012.07.02 18:45:27 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\Macromedia [2012.10.07 00:39:19 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\Malwarebytes [2009.07.14 10:55:41 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\Media Center Programs [2012.08.26 14:08:47 | 000,000,000 | --SD | M] -- C:\Users\tobi\AppData\Roaming\Microsoft [2012.08.26 13:44:58 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\mozilla [2012.10.07 15:04:57 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\NCH Software [2012.10.10 12:28:12 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\Skype [2012.10.10 01:51:13 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\TS3Client [2012.08.12 16:43:17 | 000,000,000 | ---D | M] -- C:\Users\tobi\AppData\Roaming\ts3overlay < %APPDATA%\*.exe /s > [2012.07.03 13:38:01 | 015,904,528 | ---- | M] (Maxis, a division of Electronic Arts Inc.) -- C:\Users\tobi\AppData\Roaming\DarksporeData\Patches\5.3.0.50_binary_1_all\Darkspore.exe < %SYSTEMDRIVE%\*.exe > [2012.08.30 01:15:30 | 003,782,214 | ---- | M] () -- C:\chatzum_nt.exe < MD5 for: AGP440.SYS > [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: IASTORV.SYS > [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > [2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2011.12.23 04:03:27 | 000,000,902 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1004Core.job [2011.12.23 04:03:28 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1004UA.job [2012.08.02 03:33:10 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.09.07 19:07:52 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1006Core.job [2012.09.07 19:07:55 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1006UA.job ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\Windows\$NtUninstallKB63775$] -> Error: Cannot create file handle -> Unknown point type < End of report > Geändert von Solitron (10.10.2012 um 18:08 Uhr) |
|
10.10.2012, 20:43
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Code:
ATTFilter :OTL
IE - HKLM\..\SearchScopes\{131F6471-85EE-A581-8606-33A1069F7D1E}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.27010003&st=12&q={searchTerms}&barid={4EC70E52-06F7-4858-A5B8-B79C7BAEBEF1}
IE - HKU\S-1-5-21-1740813220-741005101-994693073-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
IE - HKU\S-1-5-21-1740813220-741005101-994693073-1006\..\SearchScopes\{131F6471-85EE-A581-8606-33A1069F7D1E}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.27010003&st=12&q={searchTerms}&barid={4EC70E52-06F7-4858-A5B8-B79C7BAEBEF1}
O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - 10 - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1740813220-741005101-994693073-1006\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-1740813220-741005101-994693073-1006\..\Toolbar\WebBrowser: (no name) - {B106B661-3E1B-4015-AF5C-195E909F35C6} - No CLSID value found.
:Files
C:\chatzum_nt.exe
C:\Windows\$NtUninstallKB63775$
C:\Program Files\Common Files\Spigot
C:\Stormblade\launcher.exe
C:\Users\tobi\Downloads\SoftonicDownloader_fuer_funny-voice.exe
D:\Backup_Alt-PC\Warcraft III\Maps\Download\SoftonicDownloader51494.exe
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
|
10.10.2012, 21:24
| #19 |
| | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? Ich benutzte OTL, machte den Fix, und der Rechner wurde neugestartet. Nach dem Neustart war der Bildschirm ein paar Sekunden schwarz, dann öffnete sich folgendes: Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{131F6471-85EE-A581-8606-33A1069F7D1E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{131F6471-85EE-A581-8606-33A1069F7D1E}\ not found.
HKU\S-1-5-21-1740813220-741005101-994693073-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1740813220-741005101-994693073-1006\Software\Microsoft\Internet Explorer\SearchScopes\{131F6471-85EE-A581-8606-33A1069F7D1E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{131F6471-85EE-A581-8606-33A1069F7D1E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1740813220-741005101-994693073-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-21-1740813220-741005101-994693073-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B106B661-3E1B-4015-AF5C-195E909F35C6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B106B661-3E1B-4015-AF5C-195E909F35C6}\ not found.
========== FILES ==========
C:\chatzum_nt.exe moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB63775$\TxR scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB63775$\systemprofile\Documents folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\{DCD48218-E972-4d0c-9E5F-43462BC13E3B} folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\TuneUp Software\TU2012 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\TuneUp Software folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Windows folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Vault folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Speech\Files\UserLexicons folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Speech\Files folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Speech folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\rdm folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\WT98Z20X folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\N157A4F4 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\92K2Y3YV folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\5U45B3P5 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\Internet Explorer folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production\temp folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\IdentityCRL folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.scientology.org folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.localpages.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.gfcmarkets.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.ebuzzingvideo.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.blogtalkradio.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.admlm.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static9.cdn.ubi.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static3.filmannex.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.filmannex.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#sport-tube.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.ytimg.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#res.brandwire.tv folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#objects.tremormedia.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#mochiads.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#landingpages.bpcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#heias.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#games.mochiads.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#flash.quantserve.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#files.smeet.com.s3.amazonaws.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#core.videoegg.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#core.mochibot.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn-static.viddler.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bpid.bigpoint.net folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bourne.coronado.netdna-cdn.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#as1.suitesmart.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#a248.e.akamai.net folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\macromedia.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.scientology.org\sites\all\modules\gold_common_ui\swf\gcui_intro_anim2.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.scientology.org\sites\all\modules\gold_common_ui\swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.scientology.org\sites\all\modules\gold_common_ui folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.scientology.org\sites\all\modules folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.scientology.org\sites\all folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.scientology.org\sites folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.scientology.org folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.localpages.com\video\flowplayer-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.localpages.com\video folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.localpages.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.gfcmarkets.com\sites\all\files\SharedObjectProxy.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.gfcmarkets.com\sites\all\files folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.gfcmarkets.com\sites\all folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.gfcmarkets.com\sites folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.gfcmarkets.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.ebuzzingvideo.com\player_blog\static\swf\flowplayer.ebuzzing-3.2.6-2249.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.ebuzzingvideo.com\player_blog\static\swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.ebuzzingvideo.com\player_blog\static folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.ebuzzingvideo.com\player_blog folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.ebuzzingvideo.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.blogtalkradio.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.admlm.com\ads\images\5.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.admlm.com\ads\images folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.admlm.com\ads folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\www.admlm.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\viewster.com\flowplayer\flowplayer.commercial-3.2.7-3.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\viewster.com\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\static9.cdn.ubi.com\de-DE\images\common\flowplayer.unlimited-3.2.0.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\static9.cdn.ubi.com\de-DE\images\common folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\static9.cdn.ubi.com\de-DE\images folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\static9.cdn.ubi.com\de-DE folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\static9.cdn.ubi.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\static3.filmannex.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\static.filmannex.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\sport-tube.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\s.ytimg.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\res.brandwire.tv\scdn\content\brandwire\PublishingContainer.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\res.brandwire.tv\scdn\content\brandwire folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\res.brandwire.tv\scdn\content folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\res.brandwire.tv\scdn folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\res.brandwire.tv folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\player.viewster.com\landing-video\flowplayer\flowplayer.commercial-3.2.7-3.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\player.viewster.com\landing-video\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\player.viewster.com\landing-video folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\player.viewster.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\objects.tremormedia.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\mochiads.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\landingpages.bpcdn.net folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\heias.com\x\heias_sc.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\heias.com\x folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\heias.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\games.mochiads.com\c\g\yin-finds-yang\yin-finds-yang.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\games.mochiads.com\c\g\yin-finds-yang folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\games.mochiads.com\c\g\nom-nom-cat\main_mochi.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\games.mochiads.com\c\g\nom-nom-cat folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\games.mochiads.com\c\g\nobagamescom\Game.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\games.mochiads.com\c\g\nobagamescom folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\games.mochiads.com\c\g folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\games.mochiads.com\c folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\games.mochiads.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\flash.quantserve.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\files.smeet.com.s3.amazonaws.com\parasites\balloonbuster\balloonshooter_small.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\files.smeet.com.s3.amazonaws.com\parasites\balloonbuster folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\files.smeet.com.s3.amazonaws.com\parasites folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\files.smeet.com.s3.amazonaws.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\core.videoegg.com\#ve folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\core.videoegg.com\#com\videoegg folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\core.videoegg.com\#com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\core.videoegg.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\core.mochibot.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\cdn.hiro.tv folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\cdn-static.viddler.com\[[IMPORT]]\cdn.static.viddler.com\flash\as3\modules\localstorage.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\cdn-static.viddler.com\[[IMPORT]]\cdn.static.viddler.com\flash\as3\modules folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\cdn-static.viddler.com\[[IMPORT]]\cdn.static.viddler.com\flash\as3 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\cdn-static.viddler.com\[[IMPORT]]\cdn.static.viddler.com\flash folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\cdn-static.viddler.com\[[IMPORT]]\cdn.static.viddler.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\cdn-static.viddler.com\[[IMPORT]] folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\cdn-static.viddler.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\bpid.bigpoint.net folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\bourne.coronado.netdna-cdn.com\flowplayer\flowplayer-3.2.7.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\bourne.coronado.netdna-cdn.com\flowplayer folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\bourne.coronado.netdna-cdn.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\as1.suitesmart.com\_f5e.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\as1.suitesmart.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\a248.e.akamai.net\swf.soundcloud.com\player.swf folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\a248.e.akamai.net\swf.soundcloud.com folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7\a248.e.akamai.net folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\J3RPJ6M7 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia\Flash Player folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Macromedia folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\IObit folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Adobe\Flash Player\AssetCache\NP5ABHQA folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Adobe\Flash Player\AssetCache folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Adobe\Flash Player folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Adobe folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Sun\Java folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Sun folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Microsoft\Silverlight folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Microsoft folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Application Updater\temp folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow\Application Updater folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\LocalLow folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows Media\12.0 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows Media folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O3XM4GND folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBKSAD5Y folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DKKMNXZD folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZF0XVD5 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011112420111125 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\History folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\Explorer folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\Caches folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Vault folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Portable Devices folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZXZBZSB8 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\IHZAKKR2 folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\1LK3XPIH folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\0Z83KT7L folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Internet Explorer folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\IdentityCRL\production\temp folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\IdentityCRL\production folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\IdentityCRL folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Google\Update\Manifest\Initial folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Google\Update\Manifest folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Google\Update folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Google\CrashReports folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Google folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\CrashDumps folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\RegBack scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB63775$\Journal folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB63775$ scheduled to be moved on reboot.
File\Folder C:\Program Files\Common Files\Spigot not found.
C:\Stormblade\launcher.exe moved successfully.
C:\Users\tobi\Downloads\SoftonicDownloader_fuer_funny-voice.exe moved successfully.
D:\Backup_Alt-PC\Warcraft III\Maps\Download\SoftonicDownloader51494.exe moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\tobi\Desktop\cmd.bat deleted successfully.
C:\Users\tobi\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 717890 bytes
->Temporary Internet Files folder emptied: 549176 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: tobi
->Temp folder emptied: 217598 bytes
->Temporary Internet Files folder emptied: 4439283 bytes
->Java cache emptied: 1269526 bytes
->Google Chrome cache emptied: 7709513 bytes
->Flash cache emptied: 643 bytes
User: Tobias
User: UpdatusUser
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 711978 bytes
Total Files Cleaned = 15,00 mb
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.69.0 log created on 10102012_221911
Files\Folders moved on Reboot...
Folder move failed. C:\Windows\$NtUninstallKB63775$\TxR scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows\Caches folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft\Windows folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local\Microsoft folder moved successfully.
C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Local folder moved successfully.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\RegBack scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\TxR scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft\SystemCertificates scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming\Microsoft scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData\Roaming scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile\AppData scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\systemprofile scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$\RegBack scheduled to be moved on reboot.
Folder move failed. C:\Windows\$NtUninstallKB63775$ scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
11.10.2012, 13:38
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2012, 14:46
| #21 |
| | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt?Code:
ATTFilter 15:42:22.0821 2272 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:42:22.0931 2272 ============================================================
15:42:22.0932 2272 Current date / time: 2012/10/11 15:42:22.0931
15:42:22.0932 2272 SystemInfo:
15:42:22.0932 2272
15:42:22.0932 2272 OS Version: 6.1.7601 ServicePack: 1.0
15:42:22.0932 2272 Product type: Workstation
15:42:22.0932 2272 ComputerName: TOBIAS-PC
15:42:22.0932 2272 UserName: tobi
15:42:22.0932 2272 Windows directory: C:\Windows
15:42:22.0932 2272 System windows directory: C:\Windows
15:42:22.0932 2272 Processor architecture: Intel x86
15:42:22.0932 2272 Number of processors: 4
15:42:22.0932 2272 Page size: 0x1000
15:42:22.0932 2272 Boot type: Normal boot
15:42:22.0932 2272 ============================================================
15:42:23.0856 2272 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:42:23.0857 2272 ============================================================
15:42:23.0857 2272 \Device\Harddisk0\DR0:
15:42:23.0857 2272 MBR partitions:
15:42:23.0857 2272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC7FF53F
15:42:23.0873 2272 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC7FF5BD, BlocksNum 0x2DB817C3
15:42:23.0873 2272 ============================================================
15:42:23.0896 2272 C: <-> \Device\Harddisk0\DR0\Partition1
15:42:23.0908 2272 D: <-> \Device\Harddisk0\DR0\Partition2
15:42:23.0908 2272 ============================================================
15:42:23.0908 2272 Initialize success
15:42:23.0908 2272 ============================================================
15:43:31.0254 1424 ============================================================
15:43:31.0254 1424 Scan started
15:43:31.0254 1424 Mode: Manual; SigCheck; TDLFS;
15:43:31.0254 1424 ============================================================
15:43:32.0378 1424 ================ Scan system memory ========================
15:43:32.0378 1424 System memory - ok
15:43:32.0393 1424 ================ Scan services =============================
15:43:32.0487 1424 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:43:32.0596 1424 1394ohci - ok
15:43:32.0627 1424 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:43:32.0643 1424 ACPI - ok
15:43:32.0658 1424 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:43:32.0705 1424 AcpiPmi - ok
15:43:32.0752 1424 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:43:32.0768 1424 AdobeARMservice - ok
15:43:32.0830 1424 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:43:32.0846 1424 AdobeFlashPlayerUpdateSvc - ok
15:43:32.0861 1424 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:43:32.0892 1424 adp94xx - ok
15:43:32.0908 1424 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:43:32.0924 1424 adpahci - ok
15:43:32.0939 1424 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:43:32.0939 1424 adpu320 - ok
15:43:32.0970 1424 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:43:33.0002 1424 AeLookupSvc - ok
15:43:33.0033 1424 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:43:33.0080 1424 AFD - ok
15:43:33.0095 1424 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:43:33.0111 1424 agp440 - ok
15:43:33.0126 1424 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:43:33.0142 1424 aic78xx - ok
15:43:33.0158 1424 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:43:33.0204 1424 ALG - ok
15:43:33.0204 1424 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:43:33.0220 1424 aliide - ok
15:43:33.0220 1424 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:43:33.0236 1424 amdagp - ok
15:43:33.0251 1424 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:43:33.0267 1424 amdide - ok
15:43:33.0282 1424 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:43:33.0298 1424 AmdK8 - ok
15:43:33.0298 1424 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:43:33.0329 1424 AmdPPM - ok
15:43:33.0345 1424 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:43:33.0360 1424 amdsata - ok
15:43:33.0360 1424 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:43:33.0376 1424 amdsbs - ok
15:43:33.0392 1424 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:43:33.0407 1424 amdxata - ok
15:43:33.0470 1424 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:43:33.0470 1424 AntiVirSchedulerService - ok
15:43:33.0501 1424 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:43:33.0516 1424 AntiVirService - ok
15:43:33.0532 1424 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:43:33.0610 1424 AppID - ok
15:43:33.0626 1424 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:43:33.0657 1424 AppIDSvc - ok
15:43:33.0688 1424 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:43:33.0719 1424 Appinfo - ok
15:43:33.0735 1424 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:43:33.0750 1424 AppMgmt - ok
15:43:33.0766 1424 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:43:33.0782 1424 arc - ok
15:43:33.0797 1424 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:43:33.0844 1424 arcsas - ok
15:43:33.0875 1424 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:43:34.0016 1424 AsyncMac - ok
15:43:34.0031 1424 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:43:34.0047 1424 atapi - ok
15:43:34.0078 1424 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:43:34.0109 1424 AudioEndpointBuilder - ok
15:43:34.0109 1424 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:43:34.0140 1424 Audiosrv - ok
15:43:34.0172 1424 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:43:34.0187 1424 avgntflt - ok
15:43:34.0218 1424 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:43:34.0234 1424 avipbb - ok
15:43:34.0281 1424 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:43:34.0281 1424 avkmgr - ok
15:43:34.0312 1424 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:43:34.0359 1424 AxInstSV - ok
15:43:34.0374 1424 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:43:34.0421 1424 b06bdrv - ok
15:43:34.0437 1424 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:43:34.0452 1424 b57nd60x - ok
15:43:34.0468 1424 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:43:34.0515 1424 BDESVC - ok
15:43:34.0530 1424 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:43:34.0562 1424 Beep - ok
15:43:34.0593 1424 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:43:34.0624 1424 BFE - ok
15:43:34.0655 1424 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:43:34.0733 1424 BITS - ok
15:43:34.0749 1424 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:43:34.0780 1424 blbdrive - ok
15:43:34.0796 1424 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:43:34.0827 1424 bowser - ok
15:43:34.0842 1424 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:43:34.0889 1424 BrFiltLo - ok
15:43:34.0905 1424 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:43:34.0920 1424 BrFiltUp - ok
15:43:34.0952 1424 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
15:43:34.0998 1424 Browser - ok
15:43:35.0014 1424 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:43:35.0045 1424 Brserid - ok
15:43:35.0061 1424 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:43:35.0076 1424 BrSerWdm - ok
15:43:35.0108 1424 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:43:35.0123 1424 BrUsbMdm - ok
15:43:35.0139 1424 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:43:35.0170 1424 BrUsbSer - ok
15:43:35.0186 1424 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:43:35.0217 1424 BTHMODEM - ok
15:43:35.0248 1424 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:43:35.0264 1424 bthserv - ok
15:43:35.0279 1424 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:43:35.0310 1424 cdfs - ok
15:43:35.0342 1424 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:43:35.0342 1424 cdrom - ok
15:43:35.0373 1424 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:43:35.0388 1424 CertPropSvc - ok
15:43:35.0420 1424 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:43:35.0435 1424 circlass - ok
15:43:35.0451 1424 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:43:35.0451 1424 CLFS - ok
15:43:35.0498 1424 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:43:35.0513 1424 clr_optimization_v2.0.50727_32 - ok
15:43:35.0529 1424 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:43:35.0529 1424 CmBatt - ok
15:43:35.0560 1424 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:43:35.0560 1424 cmdide - ok
15:43:35.0591 1424 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
15:43:35.0607 1424 CNG - ok
15:43:35.0622 1424 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:43:35.0638 1424 Compbatt - ok
15:43:35.0654 1424 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:43:35.0685 1424 CompositeBus - ok
15:43:35.0700 1424 COMSysApp - ok
15:43:35.0716 1424 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:43:35.0716 1424 crcdisk - ok
15:43:35.0747 1424 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:43:35.0778 1424 CryptSvc - ok
15:43:35.0810 1424 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
15:43:35.0856 1424 CSC - ok
15:43:35.0872 1424 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
15:43:35.0903 1424 CscService - ok
15:43:35.0919 1424 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:43:35.0950 1424 DcomLaunch - ok
15:43:35.0981 1424 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:43:35.0997 1424 defragsvc - ok
15:43:36.0028 1424 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:43:36.0059 1424 DfsC - ok
15:43:36.0075 1424 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:43:36.0106 1424 Dhcp - ok
15:43:36.0122 1424 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:43:36.0153 1424 discache - ok
15:43:36.0168 1424 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:43:36.0184 1424 Disk - ok
15:43:36.0200 1424 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:43:36.0231 1424 Dnscache - ok
15:43:36.0262 1424 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:43:36.0293 1424 dot3svc - ok
15:43:36.0324 1424 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:43:36.0371 1424 DPS - ok
15:43:36.0402 1424 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:43:36.0418 1424 drmkaud - ok
15:43:36.0449 1424 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:43:36.0465 1424 DXGKrnl - ok
15:43:36.0480 1424 EagleXNt - ok
15:43:36.0496 1424 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:43:36.0527 1424 EapHost - ok
15:43:36.0590 1424 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:43:36.0668 1424 ebdrv - ok
15:43:36.0699 1424 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:43:36.0730 1424 EFS - ok
15:43:36.0777 1424 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:43:36.0808 1424 ehRecvr - ok
15:43:36.0839 1424 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:43:36.0870 1424 ehSched - ok
15:43:36.0886 1424 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:43:36.0917 1424 elxstor - ok
15:43:36.0933 1424 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:43:36.0948 1424 ErrDev - ok
15:43:36.0980 1424 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:43:37.0026 1424 EventSystem - ok
15:43:37.0042 1424 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:43:37.0073 1424 exfat - ok
15:43:37.0089 1424 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:43:37.0120 1424 fastfat - ok
15:43:37.0167 1424 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:43:37.0214 1424 Fax - ok
15:43:37.0229 1424 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:43:37.0245 1424 fdc - ok
15:43:37.0276 1424 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:43:37.0307 1424 fdPHost - ok
15:43:37.0323 1424 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:43:37.0354 1424 FDResPub - ok
15:43:37.0370 1424 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:43:37.0385 1424 FileInfo - ok
15:43:37.0385 1424 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:43:37.0416 1424 Filetrace - ok
15:43:37.0432 1424 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:43:37.0448 1424 flpydisk - ok
15:43:37.0463 1424 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:43:37.0479 1424 FltMgr - ok
15:43:37.0510 1424 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:43:37.0557 1424 FontCache - ok
15:43:37.0604 1424 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:43:37.0604 1424 FontCache3.0.0.0 - ok
15:43:37.0619 1424 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:43:37.0635 1424 FsDepends - ok
15:43:37.0650 1424 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:43:37.0666 1424 Fs_Rec - ok
15:43:37.0682 1424 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:43:37.0697 1424 fvevol - ok
15:43:37.0697 1424 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:43:37.0713 1424 gagp30kx - ok
15:43:37.0744 1424 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:43:37.0775 1424 gpsvc - ok
15:43:37.0791 1424 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:43:37.0822 1424 hcw85cir - ok
15:43:37.0853 1424 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:43:37.0884 1424 HdAudAddService - ok
15:43:37.0900 1424 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:43:37.0931 1424 HDAudBus - ok
15:43:37.0947 1424 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:43:37.0962 1424 HidBatt - ok
15:43:37.0962 1424 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:43:37.0994 1424 HidBth - ok
15:43:38.0009 1424 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:43:38.0025 1424 HidIr - ok
15:43:38.0040 1424 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:43:38.0056 1424 hidserv - ok
15:43:38.0087 1424 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:43:38.0087 1424 HidUsb - ok
15:43:38.0118 1424 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:43:38.0150 1424 hkmsvc - ok
15:43:38.0181 1424 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:43:38.0196 1424 HomeGroupListener - ok
15:43:38.0212 1424 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:43:38.0243 1424 HomeGroupProvider - ok
15:43:38.0274 1424 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:43:38.0274 1424 HpSAMD - ok
15:43:38.0337 1424 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
15:43:38.0337 1424 HssDRV6 - ok
15:43:38.0368 1424 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:43:38.0399 1424 HTTP - ok
15:43:38.0415 1424 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:43:38.0430 1424 hwpolicy - ok
15:43:38.0446 1424 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:43:38.0462 1424 i8042prt - ok
15:43:38.0477 1424 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:43:38.0493 1424 iaStorV - ok
15:43:38.0540 1424 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:43:38.0555 1424 idsvc - ok
15:43:38.0571 1424 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:43:38.0586 1424 iirsp - ok
15:43:38.0602 1424 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:43:38.0649 1424 IKEEXT - ok
15:43:38.0664 1424 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:43:38.0680 1424 intelide - ok
15:43:38.0696 1424 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:43:38.0711 1424 intelppm - ok
15:43:38.0727 1424 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:43:38.0774 1424 IPBusEnum - ok
15:43:38.0789 1424 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:43:38.0820 1424 IpFilterDriver - ok
15:43:38.0836 1424 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:43:38.0867 1424 iphlpsvc - ok
15:43:38.0883 1424 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:43:38.0898 1424 IPMIDRV - ok
15:43:38.0914 1424 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:43:38.0945 1424 IPNAT - ok
15:43:38.0961 1424 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:43:38.0992 1424 IRENUM - ok
15:43:38.0992 1424 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:43:39.0039 1424 isapnp - ok
15:43:39.0101 1424 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:43:39.0117 1424 iScsiPrt - ok
15:43:39.0132 1424 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:43:39.0148 1424 kbdclass - ok
15:43:39.0164 1424 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:43:39.0179 1424 kbdhid - ok
15:43:39.0195 1424 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:43:39.0210 1424 KeyIso - ok
15:43:39.0226 1424 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:43:39.0242 1424 KSecDD - ok
15:43:39.0257 1424 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:43:39.0273 1424 KSecPkg - ok
15:43:39.0304 1424 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:43:39.0335 1424 KtmRm - ok
15:43:39.0366 1424 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:43:39.0398 1424 LanmanServer - ok
15:43:39.0429 1424 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:43:39.0460 1424 LanmanWorkstation - ok
15:43:39.0491 1424 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:43:39.0522 1424 lltdio - ok
15:43:39.0554 1424 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:43:39.0585 1424 lltdsvc - ok
15:43:39.0600 1424 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:43:39.0616 1424 lmhosts - ok
15:43:39.0632 1424 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:43:39.0632 1424 LSI_FC - ok
15:43:39.0647 1424 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:43:39.0663 1424 LSI_SAS - ok
15:43:39.0678 1424 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:43:39.0678 1424 LSI_SAS2 - ok
15:43:39.0694 1424 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:43:39.0710 1424 LSI_SCSI - ok
15:43:39.0725 1424 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:43:39.0741 1424 luafv - ok
15:43:39.0756 1424 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
15:43:39.0772 1424 LVRS - ok
15:43:39.0850 1424 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
15:43:39.0959 1424 LVUVC - ok
15:43:39.0975 1424 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:43:39.0975 1424 MBAMProtector - ok
15:43:40.0006 1424 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:43:40.0022 1424 MBAMScheduler - ok
15:43:40.0053 1424 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:43:40.0068 1424 MBAMService - ok
15:43:40.0084 1424 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:43:40.0100 1424 Mcx2Svc - ok
15:43:40.0115 1424 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:43:40.0131 1424 megasas - ok
15:43:40.0146 1424 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:43:40.0162 1424 MegaSR - ok
15:43:40.0178 1424 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:43:40.0209 1424 MMCSS - ok
15:43:40.0224 1424 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:43:40.0256 1424 Modem - ok
15:43:40.0271 1424 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:43:40.0302 1424 monitor - ok
15:43:40.0318 1424 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
15:43:40.0318 1424 mouclass - ok
15:43:40.0334 1424 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:43:40.0349 1424 mouhid - ok
15:43:40.0380 1424 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:43:40.0396 1424 mountmgr - ok
15:43:40.0396 1424 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:43:40.0412 1424 mpio - ok
15:43:40.0427 1424 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:43:40.0458 1424 mpsdrv - ok
15:43:40.0490 1424 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:43:40.0536 1424 MpsSvc - ok
15:43:40.0568 1424 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:43:40.0583 1424 MRxDAV - ok
15:43:40.0599 1424 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:43:40.0630 1424 mrxsmb - ok
15:43:40.0661 1424 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:43:40.0677 1424 mrxsmb10 - ok
15:43:40.0708 1424 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:43:40.0708 1424 mrxsmb20 - ok
15:43:40.0724 1424 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:43:40.0739 1424 msahci - ok
15:43:40.0755 1424 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:43:40.0770 1424 msdsm - ok
15:43:40.0786 1424 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:43:40.0802 1424 MSDTC - ok
15:43:40.0817 1424 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:43:40.0848 1424 Msfs - ok
15:43:40.0864 1424 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:43:40.0895 1424 mshidkmdf - ok
15:43:40.0911 1424 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:43:40.0926 1424 msisadrv - ok
15:43:40.0942 1424 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:43:40.0973 1424 MSiSCSI - ok
15:43:40.0989 1424 msiserver - ok
15:43:41.0004 1424 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:43:41.0036 1424 MSKSSRV - ok
15:43:41.0036 1424 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:43:41.0082 1424 MSPCLOCK - ok
15:43:41.0082 1424 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:43:41.0114 1424 MSPQM - ok
15:43:41.0129 1424 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:43:41.0145 1424 MsRPC - ok
15:43:41.0160 1424 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:43:41.0160 1424 mssmbios - ok
15:43:41.0176 1424 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:43:41.0207 1424 MSTEE - ok
15:43:41.0207 1424 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:43:41.0223 1424 MTConfig - ok
15:43:41.0238 1424 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:43:41.0238 1424 Mup - ok
15:43:41.0270 1424 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:43:41.0285 1424 napagent - ok
15:43:41.0301 1424 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:43:41.0316 1424 NativeWifiP - ok
15:43:41.0348 1424 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:43:41.0363 1424 NDIS - ok
15:43:41.0379 1424 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:43:41.0410 1424 NdisCap - ok
15:43:41.0426 1424 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:43:41.0472 1424 NdisTapi - ok
15:43:41.0488 1424 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:43:41.0504 1424 Ndisuio - ok
15:43:41.0535 1424 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:43:41.0566 1424 NdisWan - ok
15:43:41.0582 1424 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:43:41.0613 1424 NDProxy - ok
15:43:41.0613 1424 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:43:41.0644 1424 NetBIOS - ok
15:43:41.0675 1424 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:43:41.0675 1424 Netlogon - ok
15:43:41.0706 1424 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:43:41.0738 1424 Netman - ok
15:43:41.0753 1424 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:43:41.0800 1424 netprofm - ok
15:43:41.0816 1424 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:43:41.0831 1424 NetTcpPortSharing - ok
15:43:41.0847 1424 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:43:41.0862 1424 nfrd960 - ok
15:43:41.0894 1424 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:43:41.0925 1424 NlaSvc - ok
15:43:41.0940 1424 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:43:41.0972 1424 Npfs - ok
15:43:41.0972 1424 npggsvc - ok
15:43:42.0003 1424 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:43:42.0018 1424 nsi - ok
15:43:42.0034 1424 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:43:42.0065 1424 nsiproxy - ok
15:43:42.0112 1424 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:43:42.0143 1424 Ntfs - ok
15:43:42.0159 1424 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:43:42.0190 1424 Null - ok
15:43:42.0206 1424 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
15:43:42.0221 1424 NVENETFD - ok
15:43:42.0408 1424 [ E891B3979F0CF2740C1B073F834221FE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:43:42.0658 1424 nvlddmkm - ok
15:43:42.0689 1424 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
15:43:42.0705 1424 NVNET - ok
15:43:42.0720 1424 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:43:42.0736 1424 nvraid - ok
15:43:42.0752 1424 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
15:43:42.0783 1424 nvsmu - ok
15:43:42.0798 1424 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:43:42.0814 1424 nvstor - ok
15:43:42.0845 1424 [ AE2DE8E165DCB93A66B21748E6F913DF ] nvsvc C:\Windows\system32\nvvsvc.exe
15:43:42.0876 1424 nvsvc - ok
15:43:42.0939 1424 [ C78581C14699C46FE0F0817416383134 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:43:42.0970 1424 nvUpdatusService - ok
15:43:43.0001 1424 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:43:43.0001 1424 nv_agp - ok
15:43:43.0032 1424 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:43:43.0048 1424 ohci1394 - ok
15:43:43.0079 1424 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:43:43.0110 1424 p2pimsvc - ok
15:43:43.0126 1424 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:43:43.0142 1424 p2psvc - ok
15:43:43.0157 1424 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:43:43.0188 1424 Parport - ok
15:43:43.0220 1424 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:43:43.0220 1424 partmgr - ok
15:43:43.0235 1424 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:43:43.0251 1424 Parvdm - ok
15:43:43.0282 1424 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:43:43.0298 1424 PcaSvc - ok
15:43:43.0313 1424 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:43:43.0329 1424 pci - ok
15:43:43.0344 1424 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:43:43.0360 1424 pciide - ok
15:43:43.0376 1424 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:43:43.0391 1424 pcmcia - ok
15:43:43.0407 1424 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:43:43.0407 1424 pcw - ok
15:43:43.0438 1424 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:43:43.0485 1424 PEAUTH - ok
15:43:43.0516 1424 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:43:43.0563 1424 PeerDistSvc - ok
15:43:43.0610 1424 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:43:43.0656 1424 pla - ok
15:43:43.0703 1424 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:43:43.0734 1424 PlugPlay - ok
15:43:43.0750 1424 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:43:43.0781 1424 PNRPAutoReg - ok
15:43:43.0797 1424 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:43:43.0812 1424 PNRPsvc - ok
15:43:43.0828 1424 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:43:43.0859 1424 PolicyAgent - ok
15:43:43.0875 1424 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:43:43.0906 1424 Power - ok
15:43:43.0922 1424 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:43:43.0937 1424 PptpMiniport - ok
15:43:43.0968 1424 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:43:43.0984 1424 Processor - ok
15:43:44.0000 1424 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:43:44.0046 1424 ProfSvc - ok
15:43:44.0046 1424 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:43:44.0062 1424 ProtectedStorage - ok
15:43:44.0078 1424 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:43:44.0093 1424 Psched - ok
15:43:44.0124 1424 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:43:44.0171 1424 ql2300 - ok
15:43:44.0187 1424 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:43:44.0202 1424 ql40xx - ok
15:43:44.0218 1424 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:43:44.0249 1424 QWAVE - ok
15:43:44.0265 1424 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:43:44.0280 1424 QWAVEdrv - ok
15:43:44.0296 1424 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:43:44.0312 1424 RasAcd - ok
15:43:44.0327 1424 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:43:44.0358 1424 RasAgileVpn - ok
15:43:44.0374 1424 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:43:44.0405 1424 RasAuto - ok
15:43:44.0421 1424 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:43:44.0452 1424 Rasl2tp - ok
15:43:44.0483 1424 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:43:44.0530 1424 RasMan - ok
15:43:44.0546 1424 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:43:44.0577 1424 RasPppoe - ok
15:43:44.0592 1424 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:43:44.0624 1424 RasSstp - ok
15:43:44.0639 1424 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:43:44.0670 1424 rdbss - ok
15:43:44.0686 1424 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:43:44.0702 1424 rdpbus - ok
15:43:44.0717 1424 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:43:44.0748 1424 RDPCDD - ok
15:43:44.0764 1424 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:43:44.0780 1424 RDPDR - ok
15:43:44.0795 1424 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:43:44.0811 1424 RDPENCDD - ok
15:43:44.0826 1424 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:43:44.0858 1424 RDPREFMP - ok
15:43:44.0873 1424 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:43:44.0920 1424 RDPWD - ok
15:43:44.0951 1424 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:43:44.0951 1424 rdyboost - ok
15:43:44.0982 1424 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:43:45.0154 1424 RemoteAccess - ok
15:43:45.0216 1424 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:43:45.0310 1424 RemoteRegistry - ok
15:43:45.0372 1424 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:43:45.0466 1424 RpcEptMapper - ok
15:43:45.0482 1424 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:43:45.0497 1424 RpcLocator - ok
15:43:45.0528 1424 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:43:45.0544 1424 RpcSs - ok
15:43:45.0560 1424 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:43:45.0591 1424 rspndr - ok
15:43:45.0622 1424 [ CD17C8E42D82BD0CB07B2DE00DABE202 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
15:43:45.0653 1424 RTL8192su - ok
15:43:45.0684 1424 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:43:45.0716 1424 s3cap - ok
15:43:45.0731 1424 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:43:45.0731 1424 SamSs - ok
15:43:45.0762 1424 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:43:45.0778 1424 sbp2port - ok
15:43:45.0794 1424 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:43:45.0825 1424 SCardSvr - ok
15:43:45.0840 1424 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:43:45.0872 1424 scfilter - ok
15:43:45.0903 1424 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:43:45.0950 1424 Schedule - ok
15:43:45.0965 1424 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:43:45.0981 1424 SCPolicySvc - ok
15:43:46.0012 1424 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:43:46.0043 1424 SDRSVC - ok
15:43:46.0059 1424 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:43:46.0074 1424 secdrv - ok
15:43:46.0106 1424 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:43:46.0137 1424 seclogon - ok
15:43:46.0152 1424 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:43:46.0168 1424 SENS - ok
15:43:46.0184 1424 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:43:46.0230 1424 SensrSvc - ok
15:43:46.0230 1424 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:43:46.0246 1424 Serenum - ok
15:43:46.0262 1424 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:43:46.0277 1424 Serial - ok
15:43:46.0308 1424 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:43:46.0324 1424 sermouse - ok
15:43:46.0355 1424 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:43:46.0402 1424 SessionEnv - ok
15:43:46.0418 1424 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:43:46.0449 1424 sffdisk - ok
15:43:46.0449 1424 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:43:46.0480 1424 sffp_mmc - ok
15:43:46.0496 1424 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:43:46.0511 1424 sffp_sd - ok
15:43:46.0527 1424 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:43:46.0542 1424 sfloppy - ok
15:43:46.0574 1424 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:43:46.0620 1424 SharedAccess - ok
15:43:46.0636 1424 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:43:46.0667 1424 ShellHWDetection - ok
15:43:46.0698 1424 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:43:46.0698 1424 sisagp - ok
15:43:46.0714 1424 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:43:46.0730 1424 SiSRaid2 - ok
15:43:46.0745 1424 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:43:46.0745 1424 SiSRaid4 - ok
15:43:46.0792 1424 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:43:46.0792 1424 SkypeUpdate - ok
15:43:46.0808 1424 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:43:46.0823 1424 Smb - ok
15:43:46.0854 1424 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:43:46.0854 1424 SNMPTRAP - ok
15:43:46.0870 1424 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:43:46.0886 1424 spldr - ok
15:43:46.0917 1424 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
15:43:46.0948 1424 Spooler - ok
15:43:46.0995 1424 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:43:47.0073 1424 sppsvc - ok
15:43:47.0088 1424 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:43:47.0120 1424 sppuinotify - ok
15:43:47.0151 1424 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:43:47.0182 1424 srv - ok
15:43:47.0213 1424 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:43:47.0229 1424 srv2 - ok
15:43:47.0260 1424 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:43:47.0276 1424 srvnet - ok
15:43:47.0291 1424 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:43:47.0322 1424 SSDPSRV - ok
15:43:47.0354 1424 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
15:43:47.0369 1424 ssmdrv - ok
15:43:47.0385 1424 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:43:47.0416 1424 SstpSvc - ok
15:43:47.0447 1424 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:43:47.0463 1424 Stereo Service - ok
15:43:47.0478 1424 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:43:47.0494 1424 stexstor - ok
15:43:47.0525 1424 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:43:47.0556 1424 StiSvc - ok
15:43:47.0588 1424 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:43:47.0588 1424 storflt - ok
15:43:47.0619 1424 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
15:43:47.0634 1424 StorSvc - ok
15:43:47.0634 1424 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:43:47.0650 1424 storvsc - ok
15:43:47.0666 1424 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:43:47.0666 1424 swenum - ok
15:43:47.0681 1424 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:43:47.0712 1424 swprv - ok
15:43:47.0744 1424 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:43:47.0790 1424 SysMain - ok
15:43:47.0806 1424 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:43:47.0822 1424 TabletInputService - ok
15:43:47.0853 1424 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
15:43:47.0853 1424 taphss - ok
15:43:47.0884 1424 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:43:47.0915 1424 TapiSrv - ok
15:43:47.0915 1424 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:43:47.0962 1424 TBS - ok
15:43:48.0009 1424 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:43:48.0040 1424 Tcpip - ok
15:43:48.0071 1424 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:43:48.0102 1424 TCPIP6 - ok
15:43:48.0134 1424 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:43:48.0165 1424 tcpipreg - ok
15:43:48.0196 1424 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:43:48.0227 1424 TDPIPE - ok
15:43:48.0243 1424 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:43:48.0274 1424 TDTCP - ok
15:43:48.0305 1424 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:43:48.0336 1424 tdx - ok
15:43:48.0399 1424 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
15:43:48.0477 1424 TeamViewer7 - ok
15:43:48.0492 1424 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:43:48.0508 1424 TermDD - ok
15:43:48.0539 1424 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:43:48.0570 1424 TermService - ok
15:43:48.0602 1424 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:43:48.0617 1424 Themes - ok
15:43:48.0633 1424 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:43:48.0664 1424 THREADORDER - ok
15:43:48.0664 1424 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:43:48.0711 1424 TrkWks - ok
15:43:48.0758 1424 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:43:48.0789 1424 TrustedInstaller - ok
15:43:48.0804 1424 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:43:48.0836 1424 tssecsrv - ok
15:43:48.0867 1424 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:43:48.0898 1424 TsUsbFlt - ok
15:43:48.0929 1424 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:43:48.0960 1424 tunnel - ok
15:43:48.0992 1424 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:43:48.0992 1424 uagp35 - ok
15:43:49.0023 1424 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:43:49.0054 1424 udfs - ok
15:43:49.0085 1424 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:43:49.0101 1424 UI0Detect - ok
15:43:49.0132 1424 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:43:49.0132 1424 uliagpkx - ok
15:43:49.0163 1424 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
15:43:49.0179 1424 umbus - ok
15:43:49.0179 1424 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:43:49.0194 1424 UmPass - ok
15:43:49.0210 1424 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
15:43:49.0241 1424 UmRdpService - ok
15:43:49.0288 1424 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
15:43:49.0304 1424 UMVPFSrv - ok
15:43:49.0319 1424 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:43:49.0366 1424 upnphost - ok
15:43:49.0397 1424 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:43:49.0413 1424 usbaudio - ok
15:43:49.0413 1424 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:43:49.0444 1424 usbccgp - ok
15:43:49.0475 1424 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:43:49.0491 1424 usbcir - ok
15:43:49.0506 1424 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:43:49.0522 1424 usbehci - ok
15:43:49.0538 1424 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:43:49.0553 1424 usbhub - ok
15:43:49.0569 1424 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:43:49.0600 1424 usbohci - ok
15:43:49.0616 1424 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:43:49.0631 1424 usbprint - ok
15:43:49.0631 1424 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:43:49.0662 1424 USBSTOR - ok
15:43:49.0662 1424 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:43:49.0678 1424 usbuhci - ok
15:43:49.0694 1424 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:43:49.0725 1424 usbvideo - ok
15:43:49.0740 1424 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:43:49.0772 1424 UxSms - ok
15:43:49.0772 1424 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:43:49.0787 1424 VaultSvc - ok
15:43:49.0803 1424 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:43:49.0803 1424 vdrvroot - ok
15:43:49.0834 1424 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:43:49.0881 1424 vds - ok
15:43:49.0896 1424 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:43:49.0928 1424 vga - ok
15:43:49.0928 1424 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:43:49.0959 1424 VgaSave - ok
15:43:49.0959 1424 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:43:49.0974 1424 vhdmp - ok
15:43:50.0006 1424 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:43:50.0006 1424 viaagp - ok
15:43:50.0021 1424 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:43:50.0037 1424 ViaC7 - ok
15:43:50.0084 1424 [ 0F0C96A570AB2B0164E04AB22CC8676A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
15:43:50.0130 1424 VIAHdAudAddService - ok
15:43:50.0146 1424 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:43:50.0162 1424 viaide - ok
15:43:50.0177 1424 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:43:50.0177 1424 vmbus - ok
15:43:50.0208 1424 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:43:50.0224 1424 VMBusHID - ok
15:43:50.0240 1424 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:43:50.0240 1424 volmgr - ok
15:43:50.0255 1424 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:43:50.0271 1424 volmgrx - ok
15:43:50.0318 1424 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:43:50.0333 1424 volsnap - ok
15:43:50.0349 1424 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:43:50.0349 1424 vsmraid - ok
15:43:50.0380 1424 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:43:50.0427 1424 VSS - ok
15:43:50.0442 1424 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:43:50.0458 1424 vwifibus - ok
15:43:50.0505 1424 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:43:50.0583 1424 vwififlt - ok
15:43:50.0630 1424 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:43:50.0676 1424 W32Time - ok
15:43:50.0723 1424 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:43:50.0770 1424 WacomPen - ok
15:43:50.0801 1424 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:43:50.0848 1424 WANARP - ok
15:43:50.0848 1424 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:43:50.0864 1424 Wanarpv6 - ok
15:43:50.0895 1424 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:43:50.0957 1424 wbengine - ok
15:43:50.0988 1424 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:43:51.0004 1424 WbioSrvc - ok
15:43:51.0035 1424 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:43:51.0066 1424 wcncsvc - ok
15:43:51.0082 1424 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:43:51.0113 1424 WcsPlugInService - ok
15:43:51.0129 1424 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:43:51.0144 1424 Wd - ok
15:43:51.0160 1424 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:43:51.0176 1424 Wdf01000 - ok
15:43:51.0191 1424 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:43:51.0238 1424 WdiServiceHost - ok
15:43:51.0238 1424 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:43:51.0254 1424 WdiSystemHost - ok
15:43:51.0269 1424 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:43:51.0285 1424 WebClient - ok
15:43:51.0300 1424 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:43:51.0332 1424 Wecsvc - ok
15:43:51.0347 1424 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:43:51.0378 1424 wercplsupport - ok
15:43:51.0394 1424 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:43:51.0410 1424 WerSvc - ok
15:43:51.0441 1424 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:43:51.0456 1424 WfpLwf - ok
15:43:51.0472 1424 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:43:51.0472 1424 WIMMount - ok
15:43:51.0519 1424 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:43:51.0550 1424 WinDefend - ok
15:43:51.0566 1424 WinHttpAutoProxySvc - ok
15:43:51.0597 1424 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:43:51.0628 1424 Winmgmt - ok
15:43:51.0675 1424 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\IObit\Game Booster\Driver\WinRing0.sys
15:43:51.0675 1424 WinRing0_1_2_0 - ok
15:43:51.0722 1424 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:43:51.0768 1424 WinRM - ok
15:43:51.0815 1424 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:43:51.0862 1424 Wlansvc - ok
15:43:51.0878 1424 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:43:51.0893 1424 WmiAcpi - ok
15:43:51.0924 1424 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:43:51.0940 1424 wmiApSrv - ok
15:43:51.0987 1424 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:43:52.0049 1424 WMPNetworkSvc - ok
15:43:52.0065 1424 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:43:52.0096 1424 WPCSvc - ok
15:43:52.0127 1424 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:43:52.0143 1424 WPDBusEnum - ok
15:43:52.0158 1424 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:43:52.0190 1424 ws2ifsl - ok
15:43:52.0205 1424 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:43:52.0236 1424 wscsvc - ok
15:43:52.0236 1424 WSearch - ok
15:43:52.0299 1424 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:43:52.0330 1424 wuauserv - ok
15:43:52.0346 1424 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:43:52.0361 1424 WudfPf - ok
15:43:52.0377 1424 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:43:52.0408 1424 WUDFRd - ok
15:43:52.0424 1424 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:43:52.0439 1424 wudfsvc - ok
15:43:52.0455 1424 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:43:52.0502 1424 WwanSvc - ok
15:43:52.0517 1424 XDva391 - ok
15:43:52.0533 1424 XDva392 - ok
15:43:52.0548 1424 XDva393 - ok
15:43:52.0564 1424 XDva394 - ok
15:43:52.0564 1424 XDva396 - ok
15:43:52.0580 1424 XDva397 - ok
15:43:52.0595 1424 ================ Scan global ===============================
15:43:52.0626 1424 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:43:52.0642 1424 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:43:52.0658 1424 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:43:52.0673 1424 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:43:52.0689 1424 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:43:52.0689 1424 [Global] - ok
15:43:52.0689 1424 ================ Scan MBR ==================================
15:43:52.0704 1424 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:43:52.0845 1424 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:43:52.0845 1424 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:43:52.0845 1424 ================ Scan VBR ==================================
15:43:52.0860 1424 [ CE7E4C994241055B51F883EF36C1DCDF ] \Device\Harddisk0\DR0\Partition1
15:43:52.0860 1424 \Device\Harddisk0\DR0\Partition1 - ok
15:43:52.0876 1424 [ E3B69FCBFF7A9A8E76540AF6837AB7AB ] \Device\Harddisk0\DR0\Partition2
15:43:52.0876 1424 \Device\Harddisk0\DR0\Partition2 - ok
15:43:52.0876 1424 ============================================================
15:43:52.0876 1424 Scan finished
15:43:52.0876 1424 ============================================================
15:43:52.0892 3956 Detected object count: 1
15:43:52.0892 3956 Actual detected object count: 1
15:44:02.0829 3956 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:44:02.0829 3956 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
11.10.2012, 15:24
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt?Code:
ATTFilter \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
Um das zu tun musst du den TDSS-Killer neu starten und einen neuen Scan machen. Wenn du danach die Ergebnisse siehst, stellst du bitte diesen Eintrag auf CURE bzw. DELETE (je nachdem was dir angeboten wird, alle anderen bitte auf SKIP lassen! ) und klickst dann unten rechts auf continue Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2012, 16:38
| #23 |
| | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt?Code:
ATTFilter 17:36:36.0059 3516 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:36:36.0195 3516 ============================================================
17:36:36.0195 3516 Current date / time: 2012/10/11 17:36:36.0195
17:36:36.0195 3516 SystemInfo:
17:36:36.0195 3516
17:36:36.0195 3516 OS Version: 6.1.7601 ServicePack: 1.0
17:36:36.0195 3516 Product type: Workstation
17:36:36.0195 3516 ComputerName: TOBIAS-PC
17:36:36.0195 3516 UserName: tobi
17:36:36.0195 3516 Windows directory: C:\Windows
17:36:36.0195 3516 System windows directory: C:\Windows
17:36:36.0195 3516 Processor architecture: Intel x86
17:36:36.0195 3516 Number of processors: 4
17:36:36.0195 3516 Page size: 0x1000
17:36:36.0195 3516 Boot type: Normal boot
17:36:36.0195 3516 ============================================================
17:36:36.0981 3516 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:36:36.0983 3516 ============================================================
17:36:36.0983 3516 \Device\Harddisk0\DR0:
17:36:36.0983 3516 MBR partitions:
17:36:36.0983 3516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC7FF53F
17:36:36.0999 3516 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC7FF5BD, BlocksNum 0x2DB817C3
17:36:36.0999 3516 ============================================================
17:36:37.0030 3516 C: <-> \Device\Harddisk0\DR0\Partition1
17:36:37.0042 3516 D: <-> \Device\Harddisk0\DR0\Partition2
17:36:37.0042 3516 ============================================================
17:36:37.0042 3516 Initialize success
17:36:37.0042 3516 ============================================================
17:37:08.0786 3320 ============================================================
17:37:08.0786 3320 Scan started
17:37:08.0786 3320 Mode: Manual; SigCheck; TDLFS;
17:37:08.0786 3320 ============================================================
17:37:09.0407 3320 ================ Scan system memory ========================
17:37:09.0407 3320 System memory - ok
17:37:09.0407 3320 ================ Scan services =============================
17:37:09.0493 3320 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:37:09.0530 3320 1394ohci - ok
17:37:09.0549 3320 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:37:09.0562 3320 ACPI - ok
17:37:09.0571 3320 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:37:09.0582 3320 AcpiPmi - ok
17:37:09.0637 3320 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:37:09.0645 3320 AdobeARMservice - ok
17:37:09.0716 3320 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:37:09.0727 3320 AdobeFlashPlayerUpdateSvc - ok
17:37:09.0753 3320 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:37:09.0769 3320 adp94xx - ok
17:37:09.0786 3320 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:37:09.0800 3320 adpahci - ok
17:37:09.0826 3320 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:37:09.0837 3320 adpu320 - ok
17:37:09.0858 3320 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:37:09.0868 3320 AeLookupSvc - ok
17:37:09.0900 3320 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
17:37:09.0913 3320 AFD - ok
17:37:09.0940 3320 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:37:09.0950 3320 agp440 - ok
17:37:09.0964 3320 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:37:09.0974 3320 aic78xx - ok
17:37:09.0986 3320 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:37:09.0997 3320 ALG - ok
17:37:10.0010 3320 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:37:10.0019 3320 aliide - ok
17:37:10.0025 3320 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:37:10.0036 3320 amdagp - ok
17:37:10.0045 3320 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:37:10.0055 3320 amdide - ok
17:37:10.0071 3320 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:37:10.0081 3320 AmdK8 - ok
17:37:10.0097 3320 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:37:10.0107 3320 AmdPPM - ok
17:37:10.0122 3320 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:37:10.0132 3320 amdsata - ok
17:37:10.0148 3320 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:37:10.0160 3320 amdsbs - ok
17:37:10.0177 3320 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:37:10.0186 3320 amdxata - ok
17:37:10.0254 3320 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:37:10.0264 3320 AntiVirSchedulerService - ok
17:37:10.0286 3320 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:37:10.0295 3320 AntiVirService - ok
17:37:10.0314 3320 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:37:10.0333 3320 AppID - ok
17:37:10.0355 3320 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:37:10.0375 3320 AppIDSvc - ok
17:37:10.0401 3320 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
17:37:10.0421 3320 Appinfo - ok
17:37:10.0434 3320 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
17:37:10.0445 3320 AppMgmt - ok
17:37:10.0464 3320 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:37:10.0474 3320 arc - ok
17:37:10.0492 3320 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:37:10.0502 3320 arcsas - ok
17:37:10.0509 3320 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:37:10.0530 3320 AsyncMac - ok
17:37:10.0554 3320 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:37:10.0564 3320 atapi - ok
17:37:10.0587 3320 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:37:10.0612 3320 AudioEndpointBuilder - ok
17:37:10.0620 3320 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:37:10.0644 3320 Audiosrv - ok
17:37:10.0678 3320 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:37:10.0691 3320 avgntflt - ok
17:37:10.0716 3320 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:37:10.0726 3320 avipbb - ok
17:37:10.0742 3320 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:37:10.0751 3320 avkmgr - ok
17:37:10.0778 3320 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:37:10.0791 3320 AxInstSV - ok
17:37:10.0814 3320 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:37:10.0838 3320 b06bdrv - ok
17:37:10.0860 3320 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:37:10.0871 3320 b57nd60x - ok
17:37:10.0895 3320 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:37:10.0905 3320 BDESVC - ok
17:37:10.0917 3320 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
17:37:10.0937 3320 Beep - ok
17:37:10.0966 3320 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
17:37:10.0990 3320 BFE - ok
17:37:11.0007 3320 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
17:37:11.0033 3320 BITS - ok
17:37:11.0046 3320 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:37:11.0056 3320 blbdrive - ok
17:37:11.0077 3320 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:37:11.0087 3320 bowser - ok
17:37:11.0097 3320 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:37:11.0108 3320 BrFiltLo - ok
17:37:11.0121 3320 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:37:11.0132 3320 BrFiltUp - ok
17:37:11.0157 3320 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
17:37:11.0177 3320 Browser - ok
17:37:11.0195 3320 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:37:11.0207 3320 Brserid - ok
17:37:11.0218 3320 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:37:11.0230 3320 BrSerWdm - ok
17:37:11.0242 3320 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:37:11.0253 3320 BrUsbMdm - ok
17:37:11.0268 3320 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:37:11.0279 3320 BrUsbSer - ok
17:37:11.0289 3320 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:37:11.0302 3320 BTHMODEM - ok
17:37:11.0325 3320 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:37:11.0347 3320 bthserv - ok
17:37:11.0358 3320 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:37:11.0380 3320 cdfs - ok
17:37:11.0402 3320 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:37:11.0414 3320 cdrom - ok
17:37:11.0439 3320 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:37:11.0460 3320 CertPropSvc - ok
17:37:11.0475 3320 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:37:11.0486 3320 circlass - ok
17:37:11.0502 3320 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:37:11.0514 3320 CLFS - ok
17:37:11.0558 3320 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:37:11.0569 3320 clr_optimization_v2.0.50727_32 - ok
17:37:11.0580 3320 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:37:11.0590 3320 CmBatt - ok
17:37:11.0603 3320 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:37:11.0614 3320 cmdide - ok
17:37:11.0638 3320 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
17:37:11.0659 3320 CNG - ok
17:37:11.0672 3320 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:37:11.0682 3320 Compbatt - ok
17:37:11.0709 3320 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:37:11.0721 3320 CompositeBus - ok
17:37:11.0727 3320 COMSysApp - ok
17:37:11.0734 3320 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:37:11.0744 3320 crcdisk - ok
17:37:11.0773 3320 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:37:11.0786 3320 CryptSvc - ok
17:37:11.0809 3320 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
17:37:11.0830 3320 CSC - ok
17:37:11.0851 3320 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
17:37:11.0868 3320 CscService - ok
17:37:11.0891 3320 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:37:11.0915 3320 DcomLaunch - ok
17:37:11.0938 3320 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:37:11.0963 3320 defragsvc - ok
17:37:11.0984 3320 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:37:12.0004 3320 DfsC - ok
17:37:12.0022 3320 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:37:12.0046 3320 Dhcp - ok
17:37:12.0063 3320 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:37:12.0085 3320 discache - ok
17:37:12.0094 3320 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:37:12.0105 3320 Disk - ok
17:37:12.0122 3320 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:37:12.0145 3320 Dnscache - ok
17:37:12.0177 3320 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:37:12.0203 3320 dot3svc - ok
17:37:12.0232 3320 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:37:12.0254 3320 DPS - ok
17:37:12.0280 3320 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:37:12.0292 3320 drmkaud - ok
17:37:12.0323 3320 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:37:12.0345 3320 DXGKrnl - ok
17:37:12.0351 3320 EagleXNt - ok
17:37:12.0372 3320 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:37:12.0395 3320 EapHost - ok
17:37:12.0452 3320 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:37:12.0517 3320 ebdrv - ok
17:37:12.0543 3320 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:37:12.0561 3320 EFS - ok
17:37:12.0606 3320 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:37:12.0623 3320 ehRecvr - ok
17:37:12.0644 3320 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:37:12.0656 3320 ehSched - ok
17:37:12.0675 3320 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:37:12.0693 3320 elxstor - ok
17:37:12.0713 3320 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:37:12.0723 3320 ErrDev - ok
17:37:12.0761 3320 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:37:12.0786 3320 EventSystem - ok
17:37:12.0801 3320 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:37:12.0824 3320 exfat - ok
17:37:12.0838 3320 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:37:12.0861 3320 fastfat - ok
17:37:12.0888 3320 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:37:12.0905 3320 Fax - ok
17:37:12.0920 3320 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:37:12.0931 3320 fdc - ok
17:37:12.0947 3320 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:37:12.0968 3320 fdPHost - ok
17:37:12.0980 3320 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:37:13.0002 3320 FDResPub - ok
17:37:13.0016 3320 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:37:13.0026 3320 FileInfo - ok
17:37:13.0041 3320 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:37:13.0062 3320 Filetrace - ok
17:37:13.0078 3320 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:37:13.0088 3320 flpydisk - ok
17:37:13.0100 3320 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:37:13.0113 3320 FltMgr - ok
17:37:13.0149 3320 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
17:37:13.0178 3320 FontCache - ok
17:37:13.0215 3320 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:37:13.0225 3320 FontCache3.0.0.0 - ok
17:37:13.0242 3320 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:37:13.0252 3320 FsDepends - ok
17:37:13.0268 3320 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:37:13.0278 3320 Fs_Rec - ok
17:37:13.0294 3320 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:37:13.0309 3320 fvevol - ok
17:37:13.0321 3320 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:37:13.0332 3320 gagp30kx - ok
17:37:13.0358 3320 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:37:13.0386 3320 gpsvc - ok
17:37:13.0403 3320 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:37:13.0414 3320 hcw85cir - ok
17:37:13.0448 3320 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:37:13.0462 3320 HdAudAddService - ok
17:37:13.0475 3320 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:37:13.0488 3320 HDAudBus - ok
17:37:13.0504 3320 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:37:13.0515 3320 HidBatt - ok
17:37:13.0527 3320 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:37:13.0540 3320 HidBth - ok
17:37:13.0551 3320 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:37:13.0563 3320 HidIr - ok
17:37:13.0583 3320 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
17:37:13.0604 3320 hidserv - ok
17:37:13.0626 3320 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:37:13.0637 3320 HidUsb - ok
17:37:13.0654 3320 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:37:13.0676 3320 hkmsvc - ok
17:37:13.0699 3320 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:37:13.0720 3320 HomeGroupListener - ok
17:37:13.0749 3320 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:37:13.0760 3320 HomeGroupProvider - ok
17:37:13.0778 3320 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:37:13.0789 3320 HpSAMD - ok
17:37:13.0839 3320 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
17:37:13.0848 3320 HssDRV6 - ok
17:37:13.0880 3320 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:37:13.0907 3320 HTTP - ok
17:37:13.0927 3320 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:37:13.0937 3320 hwpolicy - ok
17:37:13.0957 3320 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:37:13.0969 3320 i8042prt - ok
17:37:13.0988 3320 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:37:14.0003 3320 iaStorV - ok
17:37:14.0043 3320 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:37:14.0066 3320 idsvc - ok
17:37:14.0084 3320 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:37:14.0094 3320 iirsp - ok
17:37:14.0124 3320 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:37:14.0154 3320 IKEEXT - ok
17:37:14.0178 3320 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:37:14.0189 3320 intelide - ok
17:37:14.0203 3320 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:37:14.0214 3320 intelppm - ok
17:37:14.0239 3320 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:37:14.0263 3320 IPBusEnum - ok
17:37:14.0275 3320 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:37:14.0298 3320 IpFilterDriver - ok
17:37:14.0332 3320 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:37:14.0357 3320 iphlpsvc - ok
17:37:14.0378 3320 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:37:14.0389 3320 IPMIDRV - ok
17:37:14.0401 3320 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:37:14.0424 3320 IPNAT - ok
17:37:14.0442 3320 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:37:14.0455 3320 IRENUM - ok
17:37:14.0473 3320 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:37:14.0485 3320 isapnp - ok
17:37:14.0500 3320 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:37:14.0513 3320 iScsiPrt - ok
17:37:14.0529 3320 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:37:14.0539 3320 kbdclass - ok
17:37:14.0567 3320 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:37:14.0577 3320 kbdhid - ok
17:37:14.0590 3320 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:37:14.0600 3320 KeyIso - ok
17:37:14.0622 3320 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:37:14.0633 3320 KSecDD - ok
17:37:14.0649 3320 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:37:14.0661 3320 KSecPkg - ok
17:37:14.0688 3320 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:37:14.0715 3320 KtmRm - ok
17:37:14.0742 3320 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
17:37:14.0765 3320 LanmanServer - ok
17:37:14.0790 3320 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:37:14.0813 3320 LanmanWorkstation - ok
17:37:14.0834 3320 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:37:14.0856 3320 lltdio - ok
17:37:14.0874 3320 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:37:14.0899 3320 lltdsvc - ok
17:37:14.0925 3320 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
17:37:14.0946 3320 lmhosts - ok
17:37:14.0967 3320 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:37:14.0979 3320 LSI_FC - ok
17:37:14.0999 3320 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:37:15.0011 3320 LSI_SAS - ok
17:37:15.0029 3320 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:37:15.0040 3320 LSI_SAS2 - ok
17:37:15.0053 3320 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:37:15.0065 3320 LSI_SCSI - ok
17:37:15.0083 3320 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:37:15.0106 3320 luafv - ok
17:37:15.0129 3320 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
17:37:15.0143 3320 LVRS - ok
17:37:15.0220 3320 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
17:37:15.0321 3320 LVUVC - ok
17:37:15.0354 3320 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:37:15.0363 3320 MBAMProtector - ok
17:37:15.0389 3320 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:37:15.0404 3320 MBAMScheduler - ok
17:37:15.0422 3320 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:37:15.0441 3320 MBAMService - ok
17:37:15.0469 3320 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:37:15.0481 3320 Mcx2Svc - ok
17:37:15.0501 3320 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:37:15.0511 3320 megasas - ok
17:37:15.0532 3320 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:37:15.0545 3320 MegaSR - ok
17:37:15.0563 3320 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:37:15.0585 3320 MMCSS - ok
17:37:15.0597 3320 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:37:15.0618 3320 Modem - ok
17:37:15.0633 3320 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:37:15.0644 3320 monitor - ok
17:37:15.0656 3320 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
17:37:15.0666 3320 mouclass - ok
17:37:15.0677 3320 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:37:15.0688 3320 mouhid - ok
17:37:15.0696 3320 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:37:15.0707 3320 mountmgr - ok
17:37:15.0718 3320 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:37:15.0730 3320 mpio - ok
17:37:15.0747 3320 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:37:15.0768 3320 mpsdrv - ok
17:37:15.0804 3320 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:37:15.0832 3320 MpsSvc - ok
17:37:15.0862 3320 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:37:15.0876 3320 MRxDAV - ok
17:37:15.0896 3320 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:37:15.0915 3320 mrxsmb - ok
17:37:15.0942 3320 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:37:15.0954 3320 mrxsmb10 - ok
17:37:15.0976 3320 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:37:15.0987 3320 mrxsmb20 - ok
17:37:16.0004 3320 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:37:16.0015 3320 msahci - ok
17:37:16.0034 3320 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:37:16.0046 3320 msdsm - ok
17:37:16.0055 3320 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:37:16.0068 3320 MSDTC - ok
17:37:16.0081 3320 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:37:16.0102 3320 Msfs - ok
17:37:16.0114 3320 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:37:16.0135 3320 mshidkmdf - ok
17:37:16.0153 3320 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:37:16.0162 3320 msisadrv - ok
17:37:16.0184 3320 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:37:16.0207 3320 MSiSCSI - ok
17:37:16.0212 3320 msiserver - ok
17:37:16.0222 3320 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:37:16.0244 3320 MSKSSRV - ok
17:37:16.0258 3320 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:37:16.0280 3320 MSPCLOCK - ok
17:37:16.0285 3320 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:37:16.0307 3320 MSPQM - ok
17:37:16.0325 3320 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:37:16.0337 3320 MsRPC - ok
17:37:16.0353 3320 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:37:16.0363 3320 mssmbios - ok
17:37:16.0379 3320 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:37:16.0400 3320 MSTEE - ok
17:37:16.0406 3320 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:37:16.0416 3320 MTConfig - ok
17:37:16.0429 3320 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:37:16.0439 3320 Mup - ok
17:37:16.0472 3320 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:37:16.0497 3320 napagent - ok
17:37:16.0511 3320 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:37:16.0527 3320 NativeWifiP - ok
17:37:16.0548 3320 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:37:16.0569 3320 NDIS - ok
17:37:16.0580 3320 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:37:16.0602 3320 NdisCap - ok
17:37:16.0613 3320 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:37:16.0633 3320 NdisTapi - ok
17:37:16.0655 3320 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:37:16.0676 3320 Ndisuio - ok
17:37:16.0698 3320 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:37:16.0720 3320 NdisWan - ok
17:37:16.0733 3320 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:37:16.0754 3320 NDProxy - ok
17:37:16.0765 3320 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:37:16.0785 3320 NetBIOS - ok
17:37:16.0795 3320 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:37:16.0805 3320 Netlogon - ok
17:37:16.0830 3320 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:37:16.0855 3320 Netman - ok
17:37:16.0867 3320 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:37:16.0894 3320 netprofm - ok
17:37:16.0920 3320 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:37:16.0930 3320 NetTcpPortSharing - ok
17:37:16.0940 3320 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:37:16.0951 3320 nfrd960 - ok
17:37:16.0978 3320 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:37:17.0001 3320 NlaSvc - ok
17:37:17.0012 3320 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:37:17.0033 3320 Npfs - ok
17:37:17.0046 3320 npggsvc - ok
17:37:17.0063 3320 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:37:17.0085 3320 nsi - ok
17:37:17.0097 3320 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:37:17.0118 3320 nsiproxy - ok
17:37:17.0164 3320 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:37:17.0200 3320 Ntfs - ok
17:37:17.0209 3320 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:37:17.0230 3320 Null - ok
17:37:17.0258 3320 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
17:37:17.0272 3320 NVENETFD - ok
17:37:17.0441 3320 [ E891B3979F0CF2740C1B073F834221FE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:37:17.0675 3320 nvlddmkm - ok
17:37:17.0713 3320 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
17:37:17.0727 3320 NVNET - ok
17:37:17.0743 3320 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:37:17.0755 3320 nvraid - ok
17:37:17.0775 3320 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
17:37:17.0789 3320 nvsmu - ok
17:37:17.0802 3320 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:37:17.0814 3320 nvstor - ok
17:37:17.0855 3320 [ AE2DE8E165DCB93A66B21748E6F913DF ] nvsvc C:\Windows\system32\nvvsvc.exe
17:37:17.0875 3320 nvsvc - ok
17:37:17.0944 3320 [ C78581C14699C46FE0F0817416383134 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:37:18.0004 3320 nvUpdatusService - ok
17:37:18.0017 3320 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:37:18.0028 3320 nv_agp - ok
17:37:18.0047 3320 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:37:18.0058 3320 ohci1394 - ok
17:37:18.0082 3320 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:37:18.0101 3320 p2pimsvc - ok
17:37:18.0116 3320 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
17:37:18.0132 3320 p2psvc - ok
17:37:18.0160 3320 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:37:18.0171 3320 Parport - ok
17:37:18.0194 3320 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:37:18.0204 3320 partmgr - ok
17:37:18.0215 3320 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:37:18.0225 3320 Parvdm - ok
17:37:18.0241 3320 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:37:18.0256 3320 PcaSvc - ok
17:37:18.0280 3320 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
17:37:18.0292 3320 pci - ok
17:37:18.0307 3320 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
17:37:18.0316 3320 pciide - ok
17:37:18.0328 3320 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:37:18.0341 3320 pcmcia - ok
17:37:18.0351 3320 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
17:37:18.0361 3320 pcw - ok
17:37:18.0377 3320 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:37:18.0403 3320 PEAUTH - ok
17:37:18.0430 3320 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:37:18.0462 3320 PeerDistSvc - ok
17:37:18.0509 3320 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
17:37:18.0561 3320 pla - ok
17:37:18.0595 3320 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:37:18.0610 3320 PlugPlay - ok
17:37:18.0621 3320 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:37:18.0632 3320 PNRPAutoReg - ok
17:37:18.0648 3320 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:37:18.0661 3320 PNRPsvc - ok
17:37:18.0678 3320 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:37:18.0703 3320 PolicyAgent - ok
17:37:18.0724 3320 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
17:37:18.0747 3320 Power - ok
17:37:18.0760 3320 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:37:18.0782 3320 PptpMiniport - ok
17:37:18.0806 3320 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:37:18.0817 3320 Processor - ok
17:37:18.0845 3320 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
17:37:18.0866 3320 ProfSvc - ok
17:37:18.0874 3320 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:37:18.0884 3320 ProtectedStorage - ok
17:37:18.0896 3320 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:37:18.0919 3320 Psched - ok
17:37:18.0947 3320 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:37:18.0992 3320 ql2300 - ok
17:37:19.0008 3320 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:37:19.0020 3320 ql40xx - ok
17:37:19.0038 3320 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
17:37:19.0055 3320 QWAVE - ok
17:37:19.0066 3320 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:37:19.0079 3320 QWAVEdrv - ok
17:37:19.0092 3320 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:37:19.0113 3320 RasAcd - ok
17:37:19.0132 3320 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:37:19.0152 3320 RasAgileVpn - ok
17:37:19.0168 3320 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
17:37:19.0191 3320 RasAuto - ok
17:37:19.0204 3320 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:37:19.0227 3320 Rasl2tp - ok
17:37:19.0255 3320 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
17:37:19.0280 3320 RasMan - ok
17:37:19.0295 3320 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:37:19.0318 3320 RasPppoe - ok
17:37:19.0325 3320 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:37:19.0346 3320 RasSstp - ok
17:37:19.0362 3320 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:37:19.0385 3320 rdbss - ok
17:37:19.0398 3320 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:37:19.0410 3320 rdpbus - ok
17:37:19.0431 3320 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:37:19.0451 3320 RDPCDD - ok
17:37:19.0470 3320 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:37:19.0482 3320 RDPDR - ok
17:37:19.0499 3320 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:37:19.0519 3320 RDPENCDD - ok
17:37:19.0528 3320 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:37:19.0549 3320 RDPREFMP - ok
17:37:19.0577 3320 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:37:19.0597 3320 RDPWD - ok
17:37:19.0626 3320 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:37:19.0638 3320 rdyboost - ok
17:37:19.0662 3320 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
17:37:19.0684 3320 RemoteAccess - ok
17:37:19.0701 3320 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:37:19.0725 3320 RemoteRegistry - ok
17:37:19.0739 3320 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:37:19.0762 3320 RpcEptMapper - ok
17:37:19.0776 3320 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
17:37:19.0787 3320 RpcLocator - ok
17:37:19.0804 3320 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
17:37:19.0828 3320 RpcSs - ok
17:37:19.0854 3320 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:37:19.0876 3320 rspndr - ok
17:37:19.0910 3320 [ CD17C8E42D82BD0CB07B2DE00DABE202 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
17:37:19.0933 3320 RTL8192su - ok
17:37:19.0956 3320 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:37:19.0978 3320 s3cap - ok
17:37:19.0990 3320 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
17:37:19.0999 3320 SamSs - ok
17:37:20.0028 3320 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:37:20.0040 3320 sbp2port - ok
17:37:20.0061 3320 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:37:20.0084 3320 SCardSvr - ok
17:37:20.0089 3320 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:37:20.0110 3320 scfilter - ok
17:37:20.0146 3320 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
17:37:20.0177 3320 Schedule - ok
17:37:20.0192 3320 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:37:20.0212 3320 SCPolicySvc - ok
17:37:20.0236 3320 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:37:20.0249 3320 SDRSVC - ok
17:37:20.0264 3320 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:37:20.0286 3320 secdrv - ok
17:37:20.0295 3320 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
17:37:20.0318 3320 seclogon - ok
17:37:20.0329 3320 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
17:37:20.0352 3320 SENS - ok
17:37:20.0362 3320 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:37:20.0379 3320 SensrSvc - ok
17:37:20.0389 3320 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:37:20.0399 3320 Serenum - ok
17:37:20.0409 3320 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:37:20.0420 3320 Serial - ok
17:37:20.0449 3320 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:37:20.0460 3320 sermouse - ok
17:37:20.0491 3320 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
17:37:20.0513 3320 SessionEnv - ok
17:37:20.0530 3320 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:37:20.0551 3320 sffdisk - ok
17:37:20.0568 3320 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:37:20.0578 3320 sffp_mmc - ok
17:37:20.0592 3320 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:37:20.0603 3320 sffp_sd - ok
17:37:20.0615 3320 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:37:20.0626 3320 sfloppy - ok
17:37:20.0666 3320 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:37:20.0692 3320 SharedAccess - ok
17:37:20.0705 3320 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:37:20.0730 3320 ShellHWDetection - ok
17:37:20.0757 3320 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:37:20.0767 3320 sisagp - ok
17:37:20.0777 3320 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:37:20.0788 3320 SiSRaid2 - ok
17:37:20.0803 3320 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:37:20.0814 3320 SiSRaid4 - ok
17:37:20.0852 3320 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:37:20.0861 3320 SkypeUpdate - ok
17:37:20.0870 3320 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:37:20.0892 3320 Smb - ok
17:37:20.0921 3320 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:37:20.0933 3320 SNMPTRAP - ok
17:37:20.0949 3320 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
17:37:20.0958 3320 spldr - ok
17:37:20.0991 3320 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
17:37:21.0016 3320 Spooler - ok
17:37:21.0074 3320 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
17:37:21.0158 3320 sppsvc - ok
17:37:21.0177 3320 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:37:21.0199 3320 sppuinotify - ok
17:37:21.0224 3320 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:37:21.0240 3320 srv - ok
17:37:21.0269 3320 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:37:21.0282 3320 srv2 - ok
17:37:21.0299 3320 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:37:21.0310 3320 srvnet - ok
17:37:21.0326 3320 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:37:21.0350 3320 SSDPSRV - ok
17:37:21.0386 3320 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
17:37:21.0394 3320 ssmdrv - ok
17:37:21.0410 3320 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:37:21.0432 3320 SstpSvc - ok
17:37:21.0467 3320 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:37:21.0483 3320 Stereo Service - ok
17:37:21.0499 3320 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:37:21.0509 3320 stexstor - ok
17:37:21.0534 3320 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
17:37:21.0555 3320 StiSvc - ok
17:37:21.0579 3320 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:37:21.0589 3320 storflt - ok
17:37:21.0601 3320 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
17:37:21.0615 3320 StorSvc - ok
17:37:21.0628 3320 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:37:21.0639 3320 storvsc - ok
17:37:21.0650 3320 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
17:37:21.0660 3320 swenum - ok
17:37:21.0673 3320 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
17:37:21.0700 3320 swprv - ok
17:37:21.0739 3320 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
17:37:21.0783 3320 SysMain - ok
17:37:21.0798 3320 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:37:21.0813 3320 TabletInputService - ok
17:37:21.0836 3320 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
17:37:21.0845 3320 taphss - ok
17:37:21.0873 3320 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
17:37:21.0898 3320 TapiSrv - ok
17:37:21.0911 3320 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
17:37:21.0934 3320 TBS - ok
17:37:21.0974 3320 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:37:22.0019 3320 Tcpip - ok
17:37:22.0049 3320 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:37:22.0075 3320 TCPIP6 - ok
17:37:22.0102 3320 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:37:22.0124 3320 tcpipreg - ok
17:37:22.0168 3320 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:37:22.0186 3320 TDPIPE - ok
17:37:22.0205 3320 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:37:22.0216 3320 TDTCP - ok
17:37:22.0230 3320 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:37:22.0251 3320 tdx - ok
17:37:22.0338 3320 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
17:37:22.0408 3320 TeamViewer7 - ok
17:37:22.0434 3320 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:37:22.0445 3320 TermDD - ok
17:37:22.0473 3320 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
17:37:22.0499 3320 TermService - ok
17:37:22.0519 3320 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
17:37:22.0534 3320 Themes - ok
17:37:22.0551 3320 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
17:37:22.0573 3320 THREADORDER - ok
17:37:22.0585 3320 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
17:37:22.0608 3320 TrkWks - ok
17:37:22.0650 3320 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:37:22.0672 3320 TrustedInstaller - ok
17:37:22.0696 3320 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:37:22.0717 3320 tssecsrv - ok
17:37:22.0738 3320 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:37:22.0758 3320 TsUsbFlt - ok
17:37:22.0786 3320 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:37:22.0808 3320 tunnel - ok
17:37:22.0841 3320 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:37:22.0851 3320 uagp35 - ok
17:37:22.0876 3320 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:37:22.0899 3320 udfs - ok
17:37:22.0924 3320 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:37:22.0937 3320 UI0Detect - ok
17:37:22.0958 3320 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:37:22.0969 3320 uliagpkx - ok
17:37:22.0992 3320 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
17:37:23.0003 3320 umbus - ok
17:37:23.0023 3320 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:37:23.0034 3320 UmPass - ok
17:37:23.0047 3320 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
17:37:23.0061 3320 UmRdpService - ok
17:37:23.0103 3320 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:37:23.0119 3320 UMVPFSrv - ok
17:37:23.0148 3320 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
17:37:23.0174 3320 upnphost - ok
17:37:23.0193 3320 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:37:23.0206 3320 usbaudio - ok
17:37:23.0214 3320 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:37:23.0231 3320 usbccgp - ok
17:37:23.0259 3320 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:37:23.0272 3320 usbcir - ok
17:37:23.0285 3320 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:37:23.0295 3320 usbehci - ok
17:37:23.0310 3320 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:37:23.0323 3320 usbhub - ok
17:37:23.0335 3320 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:37:23.0345 3320 usbohci - ok
17:37:23.0363 3320 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:37:23.0375 3320 usbprint - ok
17:37:23.0393 3320 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:37:23.0404 3320 USBSTOR - ok
17:37:23.0417 3320 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:37:23.0427 3320 usbuhci - ok
17:37:23.0438 3320 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:37:23.0451 3320 usbvideo - ok
17:37:23.0468 3320 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
17:37:23.0490 3320 UxSms - ok
17:37:23.0495 3320 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
17:37:23.0505 3320 VaultSvc - ok
17:37:23.0519 3320 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:37:23.0529 3320 vdrvroot - ok
17:37:23.0559 3320 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
17:37:23.0587 3320 vds - ok
17:37:23.0596 3320 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:37:23.0608 3320 vga - ok
17:37:23.0613 3320 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:37:23.0635 3320 VgaSave - ok
17:37:23.0646 3320 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:37:23.0658 3320 vhdmp - ok
17:37:23.0678 3320 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:37:23.0689 3320 viaagp - ok
17:37:23.0704 3320 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:37:23.0715 3320 ViaC7 - ok
17:37:23.0745 3320 [ 0F0C96A570AB2B0164E04AB22CC8676A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:37:23.0787 3320 VIAHdAudAddService - ok
17:37:23.0811 3320 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
17:37:23.0822 3320 viaide - ok
17:37:23.0835 3320 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:37:23.0848 3320 vmbus - ok
17:37:23.0865 3320 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:37:23.0874 3320 VMBusHID - ok
17:37:23.0883 3320 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:37:23.0894 3320 volmgr - ok
17:37:23.0904 3320 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:37:23.0919 3320 volmgrx - ok
17:37:23.0944 3320 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:37:23.0958 3320 volsnap - ok
17:37:23.0974 3320 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:37:23.0986 3320 vsmraid - ok
17:37:24.0023 3320 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
17:37:24.0058 3320 VSS - ok
17:37:24.0068 3320 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:37:24.0079 3320 vwifibus - ok
17:37:24.0100 3320 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:37:24.0113 3320 vwififlt - ok
17:37:24.0139 3320 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
17:37:24.0164 3320 W32Time - ok
17:37:24.0182 3320 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:37:24.0193 3320 WacomPen - ok
17:37:24.0212 3320 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:37:24.0233 3320 WANARP - ok
17:37:24.0237 3320 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:37:24.0256 3320 Wanarpv6 - ok
17:37:24.0283 3320 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
17:37:24.0323 3320 wbengine - ok
17:37:24.0337 3320 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:37:24.0353 3320 WbioSrvc - ok
17:37:24.0375 3320 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:37:24.0393 3320 wcncsvc - ok
17:37:24.0409 3320 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:37:24.0431 3320 WcsPlugInService - ok
17:37:24.0444 3320 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:37:24.0454 3320 Wd - ok
17:37:24.0471 3320 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:37:24.0488 3320 Wdf01000 - ok
17:37:24.0504 3320 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:37:24.0518 3320 WdiServiceHost - ok
17:37:24.0522 3320 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:37:24.0535 3320 WdiSystemHost - ok
17:37:24.0555 3320 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
17:37:24.0572 3320 WebClient - ok
17:37:24.0586 3320 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:37:24.0611 3320 Wecsvc - ok
17:37:24.0621 3320 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:37:24.0643 3320 wercplsupport - ok
17:37:24.0655 3320 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
17:37:24.0678 3320 WerSvc - ok
17:37:24.0690 3320 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:37:24.0712 3320 WfpLwf - ok
17:37:24.0723 3320 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:37:24.0733 3320 WIMMount - ok
17:37:24.0779 3320 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:37:24.0801 3320 WinDefend - ok
17:37:24.0814 3320 WinHttpAutoProxySvc - ok
17:37:24.0856 3320 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:37:24.0878 3320 Winmgmt - ok
17:37:24.0923 3320 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\IObit\Game Booster\Driver\WinRing0.sys
17:37:24.0933 3320 WinRing0_1_2_0 - ok
17:37:24.0972 3320 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
17:37:25.0021 3320 WinRM - ok
17:37:25.0058 3320 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:37:25.0082 3320 Wlansvc - ok
17:37:25.0104 3320 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:37:25.0113 3320 WmiAcpi - ok
17:37:25.0141 3320 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:37:25.0153 3320 wmiApSrv - ok
17:37:25.0209 3320 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:37:25.0240 3320 WMPNetworkSvc - ok
17:37:25.0254 3320 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:37:25.0266 3320 WPCSvc - ok
17:37:25.0287 3320 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:37:25.0300 3320 WPDBusEnum - ok
17:37:25.0321 3320 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:37:25.0342 3320 ws2ifsl - ok
17:37:25.0359 3320 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
17:37:25.0374 3320 wscsvc - ok
17:37:25.0379 3320 WSearch - ok
17:37:25.0439 3320 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
17:37:25.0497 3320 wuauserv - ok
17:37:25.0516 3320 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:37:25.0537 3320 WudfPf - ok
17:37:25.0553 3320 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:37:25.0574 3320 WUDFRd - ok
17:37:25.0598 3320 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:37:25.0620 3320 wudfsvc - ok
17:37:25.0631 3320 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:37:25.0647 3320 WwanSvc - ok
17:37:25.0670 3320 XDva391 - ok
17:37:25.0684 3320 XDva392 - ok
17:37:25.0696 3320 XDva393 - ok
17:37:25.0707 3320 XDva394 - ok
17:37:25.0714 3320 XDva396 - ok
17:37:25.0724 3320 XDva397 - ok
17:37:25.0745 3320 ================ Scan global ===============================
17:37:25.0770 3320 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:37:25.0810 3320 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:37:25.0819 3320 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:37:25.0840 3320 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:37:25.0852 3320 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:37:25.0856 3320 [Global] - ok
17:37:25.0856 3320 ================ Scan MBR ==================================
17:37:25.0869 3320 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:37:26.0014 3320 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:37:26.0014 3320 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:37:26.0014 3320 ================ Scan VBR ==================================
17:37:26.0017 3320 [ CE7E4C994241055B51F883EF36C1DCDF ] \Device\Harddisk0\DR0\Partition1
17:37:26.0019 3320 \Device\Harddisk0\DR0\Partition1 - ok
17:37:26.0045 3320 [ E3B69FCBFF7A9A8E76540AF6837AB7AB ] \Device\Harddisk0\DR0\Partition2
17:37:26.0046 3320 \Device\Harddisk0\DR0\Partition2 - ok
17:37:26.0047 3320 ============================================================
17:37:26.0047 3320 Scan finished
17:37:26.0047 3320 ============================================================
17:37:26.0058 3044 Detected object count: 1
17:37:26.0058 3044 Actual detected object count: 1
17:37:48.0874 3044 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
17:37:48.0878 3044 \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
17:37:48.0880 3044 \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
17:37:48.0890 3044 \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
17:37:48.0890 3044 \Device\Harddisk0\DR0\TDLFS - deleted
17:37:48.0890 3044 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
|
|
11.10.2012, 16:43
| #24 |
| | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? neues log: Code:
ATTFilter 17:41:55.0255 2964 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:41:55.0318 2964 ============================================================
17:41:55.0318 2964 Current date / time: 2012/10/11 17:41:55.0318
17:41:55.0318 2964 SystemInfo:
17:41:55.0318 2964
17:41:55.0318 2964 OS Version: 6.1.7601 ServicePack: 1.0
17:41:55.0318 2964 Product type: Workstation
17:41:55.0318 2964 ComputerName: TOBIAS-PC
17:41:55.0318 2964 UserName: tobi
17:41:55.0318 2964 Windows directory: C:\Windows
17:41:55.0318 2964 System windows directory: C:\Windows
17:41:55.0318 2964 Processor architecture: Intel x86
17:41:55.0318 2964 Number of processors: 4
17:41:55.0318 2964 Page size: 0x1000
17:41:55.0318 2964 Boot type: Normal boot
17:41:55.0318 2964 ============================================================
17:41:57.0143 2964 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:41:57.0143 2964 ============================================================
17:41:57.0143 2964 \Device\Harddisk0\DR0:
17:41:57.0143 2964 MBR partitions:
17:41:57.0143 2964 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC7FF53F
17:41:57.0158 2964 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC7FF5BD, BlocksNum 0x2DB817C3
17:41:57.0158 2964 ============================================================
17:41:57.0174 2964 C: <-> \Device\Harddisk0\DR0\Partition1
17:41:57.0190 2964 D: <-> \Device\Harddisk0\DR0\Partition2
17:41:57.0190 2964 ============================================================
17:41:57.0190 2964 Initialize success
17:41:57.0190 2964 ============================================================
17:42:01.0682 3068 ============================================================
17:42:01.0682 3068 Scan started
17:42:01.0682 3068 Mode: Manual; SigCheck; TDLFS;
17:42:01.0682 3068 ============================================================
17:42:02.0650 3068 ================ Scan system memory ========================
17:42:02.0650 3068 System memory - ok
17:42:02.0650 3068 ================ Scan services =============================
17:42:02.0743 3068 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:42:02.0821 3068 1394ohci - ok
17:42:02.0837 3068 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:42:02.0852 3068 ACPI - ok
17:42:02.0868 3068 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:42:02.0915 3068 AcpiPmi - ok
17:42:02.0962 3068 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:42:02.0977 3068 AdobeARMservice - ok
17:42:03.0040 3068 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:42:03.0055 3068 AdobeFlashPlayerUpdateSvc - ok
17:42:03.0071 3068 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:42:03.0102 3068 adp94xx - ok
17:42:03.0118 3068 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:42:03.0118 3068 adpahci - ok
17:42:03.0149 3068 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:42:03.0149 3068 adpu320 - ok
17:42:03.0180 3068 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:42:03.0211 3068 AeLookupSvc - ok
17:42:03.0242 3068 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
17:42:03.0289 3068 AFD - ok
17:42:03.0320 3068 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:42:03.0320 3068 agp440 - ok
17:42:03.0352 3068 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:42:03.0352 3068 aic78xx - ok
17:42:03.0367 3068 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:42:03.0414 3068 ALG - ok
17:42:03.0414 3068 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:42:03.0430 3068 aliide - ok
17:42:03.0430 3068 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:42:03.0445 3068 amdagp - ok
17:42:03.0461 3068 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:42:03.0461 3068 amdide - ok
17:42:03.0476 3068 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:42:03.0492 3068 AmdK8 - ok
17:42:03.0508 3068 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:42:03.0523 3068 AmdPPM - ok
17:42:03.0554 3068 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:42:03.0554 3068 amdsata - ok
17:42:03.0570 3068 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:42:03.0570 3068 amdsbs - ok
17:42:03.0586 3068 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:42:03.0601 3068 amdxata - ok
17:42:03.0648 3068 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:42:03.0679 3068 AntiVirSchedulerService - ok
17:42:03.0695 3068 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:42:03.0710 3068 AntiVirService - ok
17:42:03.0726 3068 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:42:03.0820 3068 AppID - ok
17:42:03.0835 3068 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:42:03.0866 3068 AppIDSvc - ok
17:42:03.0898 3068 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
17:42:03.0929 3068 Appinfo - ok
17:42:03.0944 3068 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
17:42:03.0976 3068 AppMgmt - ok
17:42:03.0991 3068 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:42:04.0007 3068 arc - ok
17:42:04.0022 3068 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:42:04.0038 3068 arcsas - ok
17:42:04.0054 3068 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:42:04.0116 3068 AsyncMac - ok
17:42:04.0132 3068 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:42:04.0132 3068 atapi - ok
17:42:04.0194 3068 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:42:04.0225 3068 AudioEndpointBuilder - ok
17:42:04.0241 3068 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:42:04.0272 3068 Audiosrv - ok
17:42:04.0303 3068 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:42:04.0319 3068 avgntflt - ok
17:42:04.0350 3068 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:42:04.0366 3068 avipbb - ok
17:42:04.0381 3068 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:42:04.0381 3068 avkmgr - ok
17:42:04.0412 3068 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:42:04.0459 3068 AxInstSV - ok
17:42:04.0475 3068 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:42:04.0522 3068 b06bdrv - ok
17:42:04.0537 3068 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:42:04.0553 3068 b57nd60x - ok
17:42:04.0568 3068 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:42:04.0600 3068 BDESVC - ok
17:42:04.0615 3068 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
17:42:04.0646 3068 Beep - ok
17:42:04.0678 3068 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
17:42:04.0724 3068 BFE - ok
17:42:04.0756 3068 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
17:42:04.0849 3068 BITS - ok
17:42:04.0865 3068 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:42:04.0880 3068 blbdrive - ok
17:42:04.0912 3068 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:42:04.0943 3068 bowser - ok
17:42:04.0958 3068 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:42:05.0005 3068 BrFiltLo - ok
17:42:05.0005 3068 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:42:05.0036 3068 BrFiltUp - ok
17:42:05.0052 3068 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
17:42:05.0099 3068 Browser - ok
17:42:05.0114 3068 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:42:05.0161 3068 Brserid - ok
17:42:05.0161 3068 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:42:05.0192 3068 BrSerWdm - ok
17:42:05.0208 3068 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:42:05.0239 3068 BrUsbMdm - ok
17:42:05.0255 3068 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:42:05.0270 3068 BrUsbSer - ok
17:42:05.0302 3068 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:42:05.0317 3068 BTHMODEM - ok
17:42:05.0348 3068 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:42:05.0364 3068 bthserv - ok
17:42:05.0380 3068 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:42:05.0411 3068 cdfs - ok
17:42:05.0442 3068 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:42:05.0458 3068 cdrom - ok
17:42:05.0489 3068 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:42:05.0504 3068 CertPropSvc - ok
17:42:05.0520 3068 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:42:05.0536 3068 circlass - ok
17:42:05.0551 3068 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:42:05.0567 3068 CLFS - ok
17:42:05.0614 3068 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:42:05.0614 3068 clr_optimization_v2.0.50727_32 - ok
17:42:05.0629 3068 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:42:05.0645 3068 CmBatt - ok
17:42:05.0660 3068 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:42:05.0676 3068 cmdide - ok
17:42:05.0692 3068 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
17:42:05.0723 3068 CNG - ok
17:42:05.0754 3068 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:42:05.0754 3068 Compbatt - ok
17:42:05.0785 3068 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:42:05.0816 3068 CompositeBus - ok
17:42:05.0816 3068 COMSysApp - ok
17:42:05.0832 3068 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:42:05.0832 3068 crcdisk - ok
17:42:05.0863 3068 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:42:05.0894 3068 CryptSvc - ok
17:42:05.0926 3068 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
17:42:05.0957 3068 CSC - ok
17:42:05.0988 3068 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
17:42:06.0004 3068 CscService - ok
17:42:06.0019 3068 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:42:06.0050 3068 DcomLaunch - ok
17:42:06.0082 3068 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:42:06.0113 3068 defragsvc - ok
17:42:06.0128 3068 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:42:06.0175 3068 DfsC - ok
17:42:06.0191 3068 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:42:06.0222 3068 Dhcp - ok
17:42:06.0253 3068 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:42:06.0269 3068 discache - ok
17:42:06.0284 3068 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:42:06.0284 3068 Disk - ok
17:42:06.0316 3068 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:42:06.0347 3068 Dnscache - ok
17:42:06.0378 3068 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:42:06.0425 3068 dot3svc - ok
17:42:06.0456 3068 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:42:06.0487 3068 DPS - ok
17:42:06.0518 3068 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:42:06.0550 3068 drmkaud - ok
17:42:06.0581 3068 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:42:06.0596 3068 DXGKrnl - ok
17:42:06.0612 3068 EagleXNt - ok
17:42:06.0643 3068 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:42:06.0674 3068 EapHost - ok
17:42:06.0737 3068 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:42:06.0815 3068 ebdrv - ok
17:42:06.0830 3068 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:42:06.0877 3068 EFS - ok
17:42:06.0908 3068 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:42:06.0955 3068 ehRecvr - ok
17:42:06.0986 3068 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:42:07.0018 3068 ehSched - ok
17:42:07.0049 3068 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:42:07.0064 3068 elxstor - ok
17:42:07.0080 3068 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:42:07.0096 3068 ErrDev - ok
17:42:07.0142 3068 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:42:07.0189 3068 EventSystem - ok
17:42:07.0205 3068 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:42:07.0236 3068 exfat - ok
17:42:07.0252 3068 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:42:07.0283 3068 fastfat - ok
17:42:07.0298 3068 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:42:07.0345 3068 Fax - ok
17:42:07.0376 3068 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:42:07.0392 3068 fdc - ok
17:42:07.0408 3068 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:42:07.0439 3068 fdPHost - ok
17:42:07.0470 3068 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:42:07.0501 3068 FDResPub - ok
17:42:07.0517 3068 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:42:07.0532 3068 FileInfo - ok
17:42:07.0532 3068 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:42:07.0548 3068 Filetrace - ok
17:42:07.0564 3068 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:42:07.0595 3068 flpydisk - ok
17:42:07.0610 3068 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:42:07.0626 3068 FltMgr - ok
17:42:07.0657 3068 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
17:42:07.0704 3068 FontCache - ok
17:42:07.0735 3068 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:42:07.0751 3068 FontCache3.0.0.0 - ok
17:42:07.0766 3068 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:42:07.0782 3068 FsDepends - ok
17:42:07.0798 3068 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:42:07.0798 3068 Fs_Rec - ok
17:42:07.0813 3068 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:42:07.0829 3068 fvevol - ok
17:42:07.0844 3068 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:42:07.0860 3068 gagp30kx - ok
17:42:07.0876 3068 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:42:07.0922 3068 gpsvc - ok
17:42:07.0938 3068 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:42:07.0969 3068 hcw85cir - ok
17:42:08.0000 3068 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:42:08.0032 3068 HdAudAddService - ok
17:42:08.0047 3068 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:42:08.0063 3068 HDAudBus - ok
17:42:08.0094 3068 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:42:08.0094 3068 HidBatt - ok
17:42:08.0110 3068 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:42:08.0141 3068 HidBth - ok
17:42:08.0156 3068 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:42:08.0172 3068 HidIr - ok
17:42:08.0203 3068 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
17:42:08.0234 3068 hidserv - ok
17:42:08.0250 3068 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:42:08.0266 3068 HidUsb - ok
17:42:08.0281 3068 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:42:08.0312 3068 hkmsvc - ok
17:42:08.0344 3068 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:42:08.0375 3068 HomeGroupListener - ok
17:42:08.0406 3068 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:42:08.0437 3068 HomeGroupProvider - ok
17:42:08.0468 3068 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:42:08.0468 3068 HpSAMD - ok
17:42:08.0515 3068 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
17:42:08.0531 3068 HssDRV6 - ok
17:42:08.0562 3068 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:42:08.0593 3068 HTTP - ok
17:42:08.0609 3068 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:42:08.0624 3068 hwpolicy - ok
17:42:08.0640 3068 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:42:08.0656 3068 i8042prt - ok
17:42:08.0671 3068 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:42:08.0687 3068 iaStorV - ok
17:42:08.0718 3068 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:42:08.0749 3068 idsvc - ok
17:42:08.0765 3068 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:42:08.0780 3068 iirsp - ok
17:42:08.0812 3068 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:42:08.0843 3068 IKEEXT - ok
17:42:08.0874 3068 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:42:08.0874 3068 intelide - ok
17:42:08.0890 3068 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:42:08.0905 3068 intelppm - ok
17:42:08.0936 3068 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:42:08.0968 3068 IPBusEnum - ok
17:42:08.0983 3068 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:42:09.0014 3068 IpFilterDriver - ok
17:42:09.0046 3068 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:42:09.0077 3068 iphlpsvc - ok
17:42:09.0092 3068 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:42:09.0092 3068 IPMIDRV - ok
17:42:09.0108 3068 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:42:09.0139 3068 IPNAT - ok
17:42:09.0155 3068 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:42:09.0186 3068 IRENUM - ok
17:42:09.0202 3068 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:42:09.0217 3068 isapnp - ok
17:42:09.0233 3068 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:42:09.0233 3068 iScsiPrt - ok
17:42:09.0248 3068 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:42:09.0264 3068 kbdclass - ok
17:42:09.0280 3068 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:42:09.0311 3068 kbdhid - ok
17:42:09.0326 3068 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:42:09.0326 3068 KeyIso - ok
17:42:09.0358 3068 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:42:09.0373 3068 KSecDD - ok
17:42:09.0389 3068 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:42:09.0389 3068 KSecPkg - ok
17:42:09.0420 3068 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:42:09.0467 3068 KtmRm - ok
17:42:09.0482 3068 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
17:42:09.0514 3068 LanmanServer - ok
17:42:09.0545 3068 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:42:09.0576 3068 LanmanWorkstation - ok
17:42:09.0607 3068 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:42:09.0638 3068 lltdio - ok
17:42:09.0670 3068 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:42:09.0701 3068 lltdsvc - ok
17:42:09.0716 3068 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
17:42:09.0732 3068 lmhosts - ok
17:42:09.0748 3068 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:42:09.0748 3068 LSI_FC - ok
17:42:09.0763 3068 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:42:09.0779 3068 LSI_SAS - ok
17:42:09.0794 3068 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:42:09.0794 3068 LSI_SAS2 - ok
17:42:09.0810 3068 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:42:09.0826 3068 LSI_SCSI - ok
17:42:09.0841 3068 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:42:09.0857 3068 luafv - ok
17:42:09.0872 3068 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
17:42:09.0888 3068 LVRS - ok
17:42:09.0966 3068 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
17:42:10.0028 3068 LVUVC - ok
17:42:10.0060 3068 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:42:10.0075 3068 MBAMProtector - ok
17:42:10.0091 3068 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:42:10.0106 3068 MBAMScheduler - ok
17:42:10.0138 3068 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:42:10.0153 3068 MBAMService - ok
17:42:10.0169 3068 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:42:10.0184 3068 Mcx2Svc - ok
17:42:10.0200 3068 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:42:10.0216 3068 megasas - ok
17:42:10.0231 3068 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:42:10.0231 3068 MegaSR - ok
17:42:10.0262 3068 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:42:10.0294 3068 MMCSS - ok
17:42:10.0309 3068 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:42:10.0340 3068 Modem - ok
17:42:10.0356 3068 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:42:10.0387 3068 monitor - ok
17:42:10.0403 3068 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
17:42:10.0403 3068 mouclass - ok
17:42:10.0418 3068 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:42:10.0434 3068 mouhid - ok
17:42:10.0465 3068 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:42:10.0481 3068 mountmgr - ok
17:42:10.0481 3068 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:42:10.0496 3068 mpio - ok
17:42:10.0512 3068 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:42:10.0543 3068 mpsdrv - ok
17:42:10.0590 3068 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:42:10.0621 3068 MpsSvc - ok
17:42:10.0652 3068 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:42:10.0668 3068 MRxDAV - ok
17:42:10.0684 3068 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:42:10.0730 3068 mrxsmb - ok
17:42:10.0746 3068 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:42:10.0777 3068 mrxsmb10 - ok
17:42:10.0793 3068 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:42:10.0808 3068 mrxsmb20 - ok
17:42:10.0824 3068 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:42:10.0840 3068 msahci - ok
17:42:10.0855 3068 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:42:10.0871 3068 msdsm - ok
17:42:10.0871 3068 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:42:10.0902 3068 MSDTC - ok
17:42:10.0918 3068 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:42:10.0933 3068 Msfs - ok
17:42:10.0949 3068 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:42:10.0980 3068 mshidkmdf - ok
17:42:11.0011 3068 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:42:11.0011 3068 msisadrv - ok
17:42:11.0042 3068 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:42:11.0074 3068 MSiSCSI - ok
17:42:11.0074 3068 msiserver - ok
17:42:11.0089 3068 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:42:11.0120 3068 MSKSSRV - ok
17:42:11.0136 3068 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:42:11.0167 3068 MSPCLOCK - ok
17:42:11.0167 3068 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:42:11.0198 3068 MSPQM - ok
17:42:11.0214 3068 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:42:11.0230 3068 MsRPC - ok
17:42:11.0245 3068 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:42:11.0261 3068 mssmbios - ok
17:42:11.0261 3068 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:42:11.0292 3068 MSTEE - ok
17:42:11.0292 3068 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:42:11.0308 3068 MTConfig - ok
17:42:11.0308 3068 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:42:11.0323 3068 Mup - ok
17:42:11.0354 3068 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:42:11.0370 3068 napagent - ok
17:42:11.0386 3068 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:42:11.0401 3068 NativeWifiP - ok
17:42:11.0432 3068 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:42:11.0448 3068 NDIS - ok
17:42:11.0464 3068 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:42:11.0495 3068 NdisCap - ok
17:42:11.0510 3068 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:42:11.0542 3068 NdisTapi - ok
17:42:11.0573 3068 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:42:11.0588 3068 Ndisuio - ok
17:42:11.0604 3068 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:42:11.0620 3068 NdisWan - ok
17:42:11.0635 3068 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:42:11.0666 3068 NDProxy - ok
17:42:11.0682 3068 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:42:11.0713 3068 NetBIOS - ok
17:42:11.0744 3068 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:42:11.0760 3068 Netlogon - ok
17:42:11.0776 3068 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:42:11.0807 3068 Netman - ok
17:42:11.0822 3068 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:42:11.0869 3068 netprofm - ok
17:42:11.0885 3068 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:42:11.0900 3068 NetTcpPortSharing - ok
17:42:11.0916 3068 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:42:11.0932 3068 nfrd960 - ok
17:42:11.0947 3068 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:42:11.0994 3068 NlaSvc - ok
17:42:12.0010 3068 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:42:12.0041 3068 Npfs - ok
17:42:12.0041 3068 npggsvc - ok
17:42:12.0072 3068 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:42:12.0088 3068 nsi - ok
17:42:12.0103 3068 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:42:12.0134 3068 nsiproxy - ok
17:42:12.0181 3068 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:42:12.0212 3068 Ntfs - ok
17:42:12.0212 3068 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:42:12.0244 3068 Null - ok
17:42:12.0275 3068 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
17:42:12.0290 3068 NVENETFD - ok
17:42:12.0462 3068 [ E891B3979F0CF2740C1B073F834221FE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:42:12.0602 3068 nvlddmkm - ok
17:42:12.0634 3068 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
17:42:12.0649 3068 NVNET - ok
17:42:12.0649 3068 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:42:12.0665 3068 nvraid - ok
17:42:12.0680 3068 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
17:42:12.0712 3068 nvsmu - ok
17:42:12.0727 3068 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:42:12.0743 3068 nvstor - ok
17:42:12.0790 3068 [ AE2DE8E165DCB93A66B21748E6F913DF ] nvsvc C:\Windows\system32\nvvsvc.exe
17:42:12.0805 3068 nvsvc - ok
17:42:12.0868 3068 [ C78581C14699C46FE0F0817416383134 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:42:12.0930 3068 nvUpdatusService - ok
17:42:12.0930 3068 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:42:12.0946 3068 nv_agp - ok
17:42:12.0961 3068 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:42:12.0992 3068 ohci1394 - ok
17:42:13.0024 3068 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:42:13.0055 3068 p2pimsvc - ok
17:42:13.0070 3068 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
17:42:13.0086 3068 p2psvc - ok
17:42:13.0102 3068 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:42:13.0133 3068 Parport - ok
17:42:13.0148 3068 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:42:13.0164 3068 partmgr - ok
17:42:13.0180 3068 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:42:13.0195 3068 Parvdm - ok
17:42:13.0211 3068 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:42:13.0226 3068 PcaSvc - ok
17:42:13.0258 3068 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
17:42:13.0273 3068 pci - ok
17:42:13.0273 3068 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
17:42:13.0289 3068 pciide - ok
17:42:13.0304 3068 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:42:13.0304 3068 pcmcia - ok
17:42:13.0320 3068 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
17:42:13.0336 3068 pcw - ok
17:42:13.0351 3068 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:42:13.0382 3068 PEAUTH - ok
17:42:13.0429 3068 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:42:13.0476 3068 PeerDistSvc - ok
17:42:13.0523 3068 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
17:42:13.0570 3068 pla - ok
17:42:13.0601 3068 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:42:13.0648 3068 PlugPlay - ok
17:42:13.0663 3068 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:42:13.0694 3068 PNRPAutoReg - ok
17:42:13.0710 3068 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:42:13.0726 3068 PNRPsvc - ok
17:42:13.0741 3068 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:42:13.0757 3068 PolicyAgent - ok
17:42:13.0772 3068 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
17:42:13.0804 3068 Power - ok
17:42:13.0819 3068 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:42:13.0850 3068 PptpMiniport - ok
17:42:13.0866 3068 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:42:13.0882 3068 Processor - ok
17:42:13.0913 3068 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
17:42:13.0944 3068 ProfSvc - ok
17:42:13.0944 3068 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:42:13.0960 3068 ProtectedStorage - ok
17:42:13.0960 3068 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:42:13.0991 3068 Psched - ok
17:42:14.0038 3068 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:42:14.0084 3068 ql2300 - ok
17:42:14.0100 3068 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:42:14.0100 3068 ql40xx - ok
17:42:14.0131 3068 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
17:42:14.0147 3068 QWAVE - ok
17:42:14.0162 3068 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:42:14.0178 3068 QWAVEdrv - ok
17:42:14.0194 3068 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:42:14.0209 3068 RasAcd - ok
17:42:14.0225 3068 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:42:14.0256 3068 RasAgileVpn - ok
17:42:14.0287 3068 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
17:42:14.0303 3068 RasAuto - ok
17:42:14.0318 3068 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:42:14.0350 3068 Rasl2tp - ok
17:42:14.0381 3068 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
17:42:14.0428 3068 RasMan - ok
17:42:14.0443 3068 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:42:14.0474 3068 RasPppoe - ok
17:42:14.0490 3068 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:42:14.0521 3068 RasSstp - ok
17:42:14.0537 3068 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:42:14.0568 3068 rdbss - ok
17:42:14.0584 3068 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:42:14.0599 3068 rdpbus - ok
17:42:14.0615 3068 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:42:14.0630 3068 RDPCDD - ok
17:42:14.0662 3068 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:42:14.0677 3068 RDPDR - ok
17:42:14.0693 3068 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:42:14.0708 3068 RDPENCDD - ok
17:42:14.0708 3068 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:42:14.0740 3068 RDPREFMP - ok
17:42:14.0771 3068 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:42:14.0802 3068 RDPWD - ok
17:42:14.0833 3068 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:42:14.0849 3068 rdyboost - ok
17:42:14.0880 3068 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
17:42:14.0911 3068 RemoteAccess - ok
17:42:14.0927 3068 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:42:14.0958 3068 RemoteRegistry - ok
17:42:14.0989 3068 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:42:15.0005 3068 RpcEptMapper - ok
17:42:15.0020 3068 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
17:42:15.0036 3068 RpcLocator - ok
17:42:15.0052 3068 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
17:42:15.0083 3068 RpcSs - ok
17:42:15.0098 3068 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:42:15.0114 3068 rspndr - ok
17:42:15.0161 3068 [ CD17C8E42D82BD0CB07B2DE00DABE202 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
17:42:15.0192 3068 RTL8192su - ok
17:42:15.0223 3068 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:42:15.0254 3068 s3cap - ok
17:42:15.0254 3068 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
17:42:15.0270 3068 SamSs - ok
17:42:15.0301 3068 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:42:15.0317 3068 sbp2port - ok
17:42:15.0332 3068 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:42:15.0364 3068 SCardSvr - ok
17:42:15.0364 3068 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:42:15.0395 3068 scfilter - ok
17:42:15.0442 3068 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
17:42:15.0473 3068 Schedule - ok
17:42:15.0504 3068 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:42:15.0520 3068 SCPolicySvc - ok
17:42:15.0535 3068 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:42:15.0582 3068 SDRSVC - ok
17:42:15.0598 3068 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:42:15.0613 3068 secdrv - ok
17:42:15.0629 3068 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
17:42:15.0660 3068 seclogon - ok
17:42:15.0691 3068 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
17:42:15.0707 3068 SENS - ok
17:42:15.0722 3068 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:42:15.0754 3068 SensrSvc - ok
17:42:15.0769 3068 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:42:15.0785 3068 Serenum - ok
17:42:15.0785 3068 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:42:15.0800 3068 Serial - ok
17:42:15.0832 3068 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:42:15.0863 3068 sermouse - ok
17:42:15.0894 3068 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
17:42:15.0925 3068 SessionEnv - ok
17:42:15.0956 3068 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:42:15.0988 3068 sffdisk - ok
17:42:15.0988 3068 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:42:16.0019 3068 sffp_mmc - ok
17:42:16.0034 3068 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:42:16.0034 3068 sffp_sd - ok
17:42:16.0066 3068 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:42:16.0066 3068 sfloppy - ok
17:42:16.0097 3068 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:42:16.0128 3068 SharedAccess - ok
17:42:16.0159 3068 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:42:16.0190 3068 ShellHWDetection - ok
17:42:16.0206 3068 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:42:16.0222 3068 sisagp - ok
17:42:16.0237 3068 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:42:16.0237 3068 SiSRaid2 - ok
17:42:16.0253 3068 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:42:16.0268 3068 SiSRaid4 - ok
17:42:16.0300 3068 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:42:16.0315 3068 SkypeUpdate - ok
17:42:16.0331 3068 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:42:16.0346 3068 Smb - ok
17:42:16.0362 3068 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:42:16.0378 3068 SNMPTRAP - ok
17:42:16.0393 3068 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
17:42:16.0393 3068 spldr - ok
17:42:16.0424 3068 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
17:42:16.0456 3068 Spooler - ok
17:42:16.0518 3068 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
17:42:16.0612 3068 sppsvc - ok
17:42:16.0627 3068 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:42:16.0658 3068 sppuinotify - ok
17:42:16.0690 3068 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:42:16.0721 3068 srv - ok
17:42:16.0752 3068 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:42:16.0768 3068 srv2 - ok
17:42:16.0799 3068 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:42:16.0799 3068 srvnet - ok
17:42:16.0814 3068 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:42:16.0861 3068 SSDPSRV - ok
17:42:16.0892 3068 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
17:42:16.0908 3068 ssmdrv - ok
17:42:16.0924 3068 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:42:16.0955 3068 SstpSvc - ok
17:42:17.0002 3068 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:42:17.0002 3068 Stereo Service - ok
17:42:17.0033 3068 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:42:17.0033 3068 stexstor - ok
17:42:17.0064 3068 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
17:42:17.0095 3068 StiSvc - ok
17:42:17.0126 3068 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:42:17.0142 3068 storflt - ok
17:42:17.0158 3068 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
17:42:17.0173 3068 StorSvc - ok
17:42:17.0189 3068 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:42:17.0189 3068 storvsc - ok
17:42:17.0204 3068 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
17:42:17.0220 3068 swenum - ok
17:42:17.0220 3068 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
17:42:17.0251 3068 swprv - ok
17:42:17.0282 3068 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
17:42:17.0314 3068 SysMain - ok
17:42:17.0345 3068 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:42:17.0360 3068 TabletInputService - ok
17:42:17.0376 3068 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
17:42:17.0392 3068 taphss - ok
17:42:17.0423 3068 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
17:42:17.0438 3068 TapiSrv - ok
17:42:17.0454 3068 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
17:42:17.0485 3068 TBS - ok
17:42:17.0532 3068 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:42:17.0579 3068 Tcpip - ok
17:42:17.0610 3068 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:42:17.0641 3068 TCPIP6 - ok
17:42:17.0657 3068 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:42:17.0704 3068 tcpipreg - ok
17:42:17.0735 3068 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:42:17.0766 3068 TDPIPE - ok
17:42:17.0782 3068 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:42:17.0813 3068 TDTCP - ok
17:42:17.0828 3068 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:42:17.0860 3068 tdx - ok
17:42:17.0938 3068 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
17:42:17.0969 3068 TeamViewer7 - ok
17:42:18.0000 3068 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:42:18.0000 3068 TermDD - ok
17:42:18.0031 3068 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
17:42:18.0078 3068 TermService - ok
17:42:18.0094 3068 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
17:42:18.0109 3068 Themes - ok
17:42:18.0125 3068 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
17:42:18.0140 3068 THREADORDER - ok
17:42:18.0156 3068 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
17:42:18.0187 3068 TrkWks - ok
17:42:18.0234 3068 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:42:18.0265 3068 TrustedInstaller - ok
17:42:18.0281 3068 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:42:18.0312 3068 tssecsrv - ok
17:42:18.0343 3068 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:42:18.0359 3068 TsUsbFlt - ok
17:42:18.0390 3068 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:42:18.0421 3068 tunnel - ok
17:42:18.0452 3068 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:42:18.0452 3068 uagp35 - ok
17:42:18.0484 3068 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:42:18.0515 3068 udfs - ok
17:42:18.0546 3068 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:42:18.0562 3068 UI0Detect - ok
17:42:18.0593 3068 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:42:18.0593 3068 uliagpkx - ok
17:42:18.0624 3068 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
17:42:18.0640 3068 umbus - ok
17:42:18.0655 3068 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:42:18.0655 3068 UmPass - ok
17:42:18.0671 3068 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
17:42:18.0702 3068 UmRdpService - ok
17:42:18.0749 3068 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:42:18.0764 3068 UMVPFSrv - ok
17:42:18.0780 3068 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
17:42:18.0811 3068 upnphost - ok
17:42:18.0842 3068 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:42:18.0858 3068 usbaudio - ok
17:42:18.0858 3068 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:42:18.0874 3068 usbccgp - ok
17:42:18.0905 3068 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:42:18.0920 3068 usbcir - ok
17:42:18.0936 3068 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:42:18.0936 3068 usbehci - ok
17:42:18.0952 3068 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:42:18.0983 3068 usbhub - ok
17:42:18.0998 3068 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:42:19.0014 3068 usbohci - ok
17:42:19.0045 3068 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:42:19.0061 3068 usbprint - ok
17:42:19.0061 3068 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:42:19.0076 3068 USBSTOR - ok
17:42:19.0092 3068 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:42:19.0108 3068 usbuhci - ok
17:42:19.0139 3068 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:42:19.0170 3068 usbvideo - ok
17:42:19.0186 3068 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
17:42:19.0217 3068 UxSms - ok
17:42:19.0217 3068 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
17:42:19.0232 3068 VaultSvc - ok
17:42:19.0232 3068 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:42:19.0248 3068 vdrvroot - ok
17:42:19.0279 3068 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
17:42:19.0310 3068 vds - ok
17:42:19.0342 3068 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:42:19.0373 3068 vga - ok
17:42:19.0373 3068 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:42:19.0388 3068 VgaSave - ok
17:42:19.0404 3068 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:42:19.0420 3068 vhdmp - ok
17:42:19.0435 3068 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:42:19.0451 3068 viaagp - ok
17:42:19.0451 3068 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:42:19.0482 3068 ViaC7 - ok
17:42:19.0529 3068 [ 0F0C96A570AB2B0164E04AB22CC8676A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:42:19.0560 3068 VIAHdAudAddService - ok
17:42:19.0576 3068 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
17:42:19.0591 3068 viaide - ok
17:42:19.0607 3068 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:42:19.0622 3068 vmbus - ok
17:42:19.0638 3068 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:42:19.0654 3068 VMBusHID - ok
17:42:19.0669 3068 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:42:19.0685 3068 volmgr - ok
17:42:19.0685 3068 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:42:19.0700 3068 volmgrx - ok
17:42:19.0732 3068 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:42:19.0747 3068 volsnap - ok
17:42:19.0763 3068 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:42:19.0778 3068 vsmraid - ok
17:42:19.0810 3068 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
17:42:19.0856 3068 VSS - ok
17:42:19.0872 3068 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:42:19.0888 3068 vwifibus - ok
17:42:19.0919 3068 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:42:19.0934 3068 vwififlt - ok
17:42:19.0966 3068 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
17:42:19.0981 3068 W32Time - ok
17:42:19.0997 3068 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:42:20.0028 3068 WacomPen - ok
17:42:20.0044 3068 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:42:20.0090 3068 WANARP - ok
17:42:20.0090 3068 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:42:20.0106 3068 Wanarpv6 - ok
17:42:20.0137 3068 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
17:42:20.0184 3068 wbengine - ok
17:42:20.0215 3068 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:42:20.0231 3068 WbioSrvc - ok
17:42:20.0262 3068 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:42:20.0293 3068 wcncsvc - ok
17:42:20.0309 3068 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:42:20.0340 3068 WcsPlugInService - ok
17:42:20.0356 3068 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:42:20.0371 3068 Wd - ok
17:42:20.0387 3068 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:42:20.0402 3068 Wdf01000 - ok
17:42:20.0418 3068 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:42:20.0465 3068 WdiServiceHost - ok
17:42:20.0465 3068 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:42:20.0480 3068 WdiSystemHost - ok
17:42:20.0496 3068 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
17:42:20.0512 3068 WebClient - ok
17:42:20.0527 3068 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:42:20.0558 3068 Wecsvc - ok
17:42:20.0574 3068 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:42:20.0605 3068 wercplsupport - ok
17:42:20.0621 3068 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
17:42:20.0652 3068 WerSvc - ok
17:42:20.0668 3068 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:42:20.0683 3068 WfpLwf - ok
17:42:20.0699 3068 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:42:20.0714 3068 WIMMount - ok
17:42:20.0761 3068 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:42:20.0792 3068 WinDefend - ok
17:42:20.0792 3068 WinHttpAutoProxySvc - ok
17:42:20.0839 3068 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:42:20.0855 3068 Winmgmt - ok
17:42:20.0902 3068 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\IObit\Game Booster\Driver\WinRing0.sys
17:42:20.0917 3068 WinRing0_1_2_0 - ok
17:42:20.0948 3068 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
17:42:21.0011 3068 WinRM - ok
17:42:21.0042 3068 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:42:21.0089 3068 Wlansvc - ok
17:42:21.0104 3068 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:42:21.0120 3068 WmiAcpi - ok
17:42:21.0151 3068 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:42:21.0151 3068 wmiApSrv - ok
17:42:21.0214 3068 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:42:21.0245 3068 WMPNetworkSvc - ok
17:42:21.0276 3068 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:42:21.0307 3068 WPCSvc - ok
17:42:21.0338 3068 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:42:21.0338 3068 WPDBusEnum - ok
17:42:21.0370 3068 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:42:21.0401 3068 ws2ifsl - ok
17:42:21.0416 3068 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
17:42:21.0448 3068 wscsvc - ok
17:42:21.0448 3068 WSearch - ok
17:42:21.0510 3068 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
17:42:21.0572 3068 wuauserv - ok
17:42:21.0588 3068 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:42:21.0604 3068 WudfPf - ok
17:42:21.0619 3068 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:42:21.0650 3068 WUDFRd - ok
17:42:21.0666 3068 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:42:21.0697 3068 wudfsvc - ok
17:42:21.0697 3068 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:42:21.0744 3068 WwanSvc - ok
17:42:21.0775 3068 XDva391 - ok
17:42:21.0791 3068 XDva392 - ok
17:42:21.0806 3068 XDva393 - ok
17:42:21.0806 3068 XDva394 - ok
17:42:21.0822 3068 XDva396 - ok
17:42:21.0822 3068 XDva397 - ok
17:42:21.0853 3068 ================ Scan global ===============================
17:42:21.0869 3068 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:42:21.0900 3068 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:42:21.0900 3068 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:42:21.0931 3068 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:42:21.0947 3068 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:42:21.0947 3068 [Global] - ok
17:42:21.0947 3068 ================ Scan MBR ==================================
17:42:21.0962 3068 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:42:22.0165 3068 \Device\Harddisk0\DR0 - ok
17:42:22.0165 3068 ================ Scan VBR ==================================
17:42:22.0165 3068 [ CE7E4C994241055B51F883EF36C1DCDF ] \Device\Harddisk0\DR0\Partition1
17:42:22.0165 3068 \Device\Harddisk0\DR0\Partition1 - ok
17:42:22.0181 3068 [ E3B69FCBFF7A9A8E76540AF6837AB7AB ] \Device\Harddisk0\DR0\Partition2
17:42:22.0181 3068 \Device\Harddisk0\DR0\Partition2 - ok
17:42:22.0181 3068 ============================================================
17:42:22.0181 3068 Scan finished
17:42:22.0181 3068 ============================================================
17:42:22.0196 3072 Detected object count: 0
17:42:22.0196 3072 Actual detected object count: 0
|
|
11.10.2012, 18:44
| #25 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? Ok, gut  Dann bitte jetzt CF ausführen:ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2012, 00:48
| #26 |
| | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt?Code:
ATTFilter ComboFix 12-10-11.03 - tobi 12.10.2012 1:34.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.2047.1096 [GMT 2:00]
ausgeführt von:: c:\users\tobi\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\NOTEPAD.EXE-x.txt
c:\programdata\RUNDLL32.EXE-x.txt
c:\windows\$NtUninstallKB63775$
c:\windows\$NtUninstallKB63775$\1460465868
c:\windows\$NtUninstallKB63775$\2513923272\@
c:\windows\$NtUninstallKB63775$\2513923272\bckfg.tmp
c:\windows\$NtUninstallKB63775$\2513923272\cfg.ini
c:\windows\$NtUninstallKB63775$\2513923272\Desktop.ini
c:\windows\$NtUninstallKB63775$\2513923272\keywords
c:\windows\$NtUninstallKB63775$\2513923272\kwrd.dll
c:\windows\$NtUninstallKB63775$\2513923272\L\xadqgnnk
c:\windows\$NtUninstallKB63775$\2513923272\U\00000001.@
c:\windows\$NtUninstallKB63775$\2513923272\U\00000002.@
c:\windows\$NtUninstallKB63775$\2513923272\U\00000004.@
c:\windows\$NtUninstallKB63775$\2513923272\U\80000000.@
c:\windows\$NtUninstallKB63775$\2513923272\U\80000004.@
c:\windows\$NtUninstallKB63775$\2513923272\U\80000032.@
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-11 bis 2012-10-11 ))))))))))))))))))))))))))))))
.
.
2012-10-11 23:39 . 2012-10-11 23:43 -------- d-----w- c:\users\tobi\AppData\Local\temp
2012-10-11 15:37 . 2012-10-11 15:37 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-11 12:29 . 2012-10-11 12:29 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-10 20:29 . 2012-07-16 00:41 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D1669C8C-C62C-42C0-AB07-86430A8A8F67}\mpengine.dll
2012-10-10 20:19 . 2012-10-10 20:19 -------- d-----w- C:\_OTL
2012-10-09 10:23 . 2012-10-09 10:23 -------- d-----w- c:\program files\Common Files\Java
2012-10-09 10:22 . 2012-10-11 12:29 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-06 22:39 . 2012-10-06 22:39 -------- d-----w- c:\users\tobi\AppData\Roaming\Malwarebytes
2012-10-06 22:39 . 2012-10-06 22:39 -------- d-----w- c:\programdata\Malwarebytes
2012-10-06 22:39 . 2012-10-06 22:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-06 22:39 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-06 19:58 . 2012-10-06 19:58 -------- d-----w- c:\users\tobi\AppData\Local\CRE
2012-10-06 19:57 . 2012-10-07 13:04 -------- d-----w- c:\users\tobi\AppData\Roaming\NCH Software
2012-10-06 19:57 . 2012-10-07 13:04 -------- d-----w- c:\programdata\NCH Software
2012-10-06 19:57 . 2012-10-07 13:03 -------- d-----w- c:\program files\NCH Software
2012-10-06 13:26 . 2012-10-06 13:26 -------- d-----w- c:\users\tobi\AppData\Local\ElevatedDiagnostics
2012-09-16 09:16 . 2012-09-16 09:16 -------- d-----w- C:\Riot Games
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 12:29 . 2011-07-07 14:00 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-08 23:25 . 2012-08-02 01:33 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-08 23:25 . 2011-07-07 19:03 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-01 18:13 . 2012-08-01 18:13 35560 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-08-01 18:13 . 2012-08-01 18:13 33512 ----a-w- c:\windows\system32\drivers\taphss.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 1690224]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Tobi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Speech Recognition]
2009-07-14 01:14 51712 ----a-w- c:\windows\Speech\Common\sapisvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster\Driver\WinRing0.sys [x]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
R3 XDva392;XDva392;c:\windows\system32\XDva392.sys [x]
R3 XDva393;XDva393;c:\windows\system32\XDva393.sys [x]
R3 XDva394;XDva394;c:\windows\system32\XDva394.sys [x]
R3 XDva396;XDva396;c:\windows\system32\XDva396.sys [x]
R3 XDva397;XDva397;c:\windows\system32\XDva397.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-02 23:25]
.
2012-10-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1006Core.job
- c:\users\tobi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-07 17:07]
.
2012-10-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1006UA.job
- c:\users\tobi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-07 17:07]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: Interfaces\{A31FD043-45E1-4BFF-9118-DA9E3AEBAC0A}: NameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{b106b661-3e1b-4015-af5c-195e909f35c6} - (no file)
MSConfigStartUp-Aeria Ignite - c:\program files\Aeria Games\Ignite\aeriaignite.exe
MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe
MSConfigStartUp-SweetIM - c:\program files\SweetIM\Messenger\SweetIM.exe
MSConfigStartUp-Sweetpacks Communicator - c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-12 01:45:08 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-10-11 23:45
.
Vor Suchlauf: 16 Verzeichnis(se), 41.979.547.648 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 41.945.759.744 Bytes frei
.
- - End Of File - - E4FB3D9EE0CECAA3AEDEE38B62CFA862
|
|
12.10.2012, 12:20
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2012, 14:10
| #28 |
| | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt?Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 14:57:19 on 12.10.2012 OS: Windows 7 Service Pack 1 (Build 7601), 32-bit Default Browser: Google Inc. Google Chrome 22.0.1229.94 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1006Core.job" - "Google Inc." - C:\Users\tobi\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-1740813220-741005101-994693073-1006UA.job" - "Google Inc." - C:\Users\tobi\AppData\Local\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\tobi\AppData\Local\Temp\catchme.sys (File not found) "EagleXNt" (EagleXNt) - ? - C:\Windows\system32\drivers\EagleXNt.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "VIA High Definition Audio Driver Service" (VIAHdAudAddService) - "VIA Technologies, Inc." - C:\Windows\System32\drivers\viahduaa.sys "WinRing0_1_2_0" (WinRing0_1_2_0) - "OpenLibSys.org" - C:\Program Files\IObit\Game Booster\Driver\WinRing0.sys "XDva391" (XDva391) - ? - C:\Windows\system32\XDva391.sys (File not found) "XDva392" (XDva392) - ? - C:\Windows\system32\XDva392.sys (File not found) "XDva393" (XDva393) - ? - C:\Windows\system32\XDva393.sys (File not found) "XDva394" (XDva394) - ? - C:\Windows\system32\XDva394.sys (File not found) "XDva396" (XDva396) - ? - C:\Windows\system32\XDva396.sys (File not found) "XDva397" (XDva397) - ? - C:\Windows\system32\XDva397.sys (File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {EBDF1F20-C829-11D1-8233-0020AF3E97A9} "4shared_Desktop" - ? - (File not found | COM-object registry key not found) {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_11_4_402_287.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "HDAudDeck" - "VIA" - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r "LWS" - "Logitech Inc." - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe "NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe "TeamViewer 7" (TeamViewer7) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-12 14:58:30
-----------------------------
14:58:30.489 OS Version: Windows 6.1.7601 Service Pack 1
14:58:30.489 Number of processors: 4 586 0x502
14:58:30.489 ComputerName: TOBIAS-PC UserName: tobi
14:58:42.828 Initialize success
14:59:48.869 AVAST engine defs: 12101200
15:00:10.398 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
15:00:10.400 Disk 0 Vendor: ST3500418AS CC38 Size: 476940MB BusType: 3
15:00:10.410 Disk 0 MBR read successfully
15:00:10.412 Disk 0 MBR scan
15:00:10.417 Disk 0 Windows 7 default MBR code
15:00:10.419 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102398 MB offset 63
15:00:10.424 Disk 0 Partition - 00 0F Extended LBA 374531 MB offset 209712510
15:00:10.444 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 374530 MB offset 209712573
15:00:10.450 Disk 0 scanning sectors +976752000
15:00:10.509 Disk 0 scanning C:\Windows\system32\drivers
15:00:19.764 Service scanning
15:00:36.121 Modules scanning
15:00:39.849 Disk 0 trace - called modules:
15:00:40.380 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:00:40.380 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85aeb348]
15:00:40.395 3 CLASSPNP.SYS[88fde59e] -> nt!IofCallDriver -> [0x855e5918]
15:00:40.395 5 ACPI.sys[833ab3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x855ed3d0]
15:00:41.981 AVAST engine scan C:\Windows
15:00:43.541 AVAST engine scan C:\Windows\system32
15:03:01.704 AVAST engine scan C:\Windows\system32\drivers
15:03:12.296 AVAST engine scan C:\Users\tobi
15:04:20.827 AVAST engine scan C:\ProgramData
15:05:27.891 Scan finished successfully
15:05:50.217 Disk 0 MBR has been saved successfully to "C:\Users\tobi\Desktop\MBR.dat"
15:05:50.233 The log file has been saved successfully to "C:\Users\tobi\Desktop\aswMBR.txt"
|
|
12.10.2012, 15:32
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? gmer ging nicht?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2012, 17:56
| #30 |
| | Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? ne ging nicht  |
|
| Themen zu Chatzum Toolbar lässt sich nicht entfernen!/ Ist mein Computer verunreinigt? |
| ccleaner, chatzum, compu, computer, entferne, entfernen, gelöscht, glaube, google, ist mein computer 'verunreinigt'?, jedesmal, kleine, logfiles, lässt sich nicht entfernen, lösen, probleme, toolbar, toolbar lässt sich nicht deinstallieren, öffnet |
