| |
| |||||||
Log-Analyse und Auswertung: claro-search in Firefox und IEWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
26.10.2012, 11:21
| #1 |
 |  claro-search in Firefox und IE Hallo Experten, ich habe ein (wahrscheinlich bekaqnntes) Problem. In meinem Firefox Browser (und IE) erscheint immer wieder Claro-Search. Dieses ist einfach nicht weg zu bekommen. Habe alles versucht, über Systemsteuerung deinstalliert, jedesmal im Firefox neue Startseite eingestellt, mit Spybot - Search & Destroy gescannt und gekillt (eben nicht !). Nachdem mein Kaspersky dann auch noch regelmäßig "Datenbank defekt" meldete, trotz mehrfachen Update-Versuchen wurde ich doch unruhig (Obwohl das Problem am nächsten tag nicht mehr vorhanden war !). Ich habe mich dann an eure Anweisung gehalten und zunächst defrogger laufen lassen und dann OTL, das Ergebnis seht ihr im Anhang. Ich hoffe mir ist zu helfen !! Vielen Dank Ralf |
|
26.10.2012, 13:53
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | claro-search in Firefox und IECode:
ATTFilter C:\Autodesk -- [ NTFS ]
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
__________________ |
|
26.10.2012, 15:16
| #3 |
| | claro-search in Firefox und IE Hallo Cosinus,
__________________Ich bin Freiberufler ohne Mitarbeiter und der Rechner steht hier bei mir zu Hause. Gruß Ralf |
|
26.10.2012, 18:04
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | claro-search in Firefox und IE Ich frag deswegen nach: http://www.trojaner-board.de/108422-...-anfragen.html Beachte v.a. den letzten Satz in der Zitattextbox Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
27.10.2012, 16:43
| #5 |
| | claro-search in Firefox und IE Habe das mit dem gewerblichen Rechner nicht gewußt, sonst hätte ich Euch das von Anfang an gesagt. Da ich hinsichtlich der "heiklen Daten" nicht so ängstlich bin, bitte ich Euch mir trotzdem zu helfen, da ich keine eigene IT-Abteilung habe und mir im Moment nicht mehr zu helfen weiß. Danke ! |
|
27.10.2012, 19:56
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | claro-search in Firefox und IE 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> claro-search in Firefox und IE |
|
29.10.2012, 09:28
| #7 |
| | claro-search in Firefox und IE Hier, bitte schön, die erwünschten Logfiles |
|
29.10.2012, 11:04
| #8 |
| | claro-search in Firefox und IE Nachdem ich grade in einem anderen Post gelesen habe, dass Ihr die Logs lieber direkt in der Antwort hättet, hier noch einmal so : aswMBR : Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-29 09:15:08
-----------------------------
09:15:08.804 OS Version: Windows x64 6.1.7601 Service Pack 1
09:15:08.804 Number of processors: 4 586 0x2A07
09:15:08.804 ComputerName: RALFW7 UserName:
09:15:10.333 Initialize success
09:15:14.966 AVAST engine defs: 12102801
09:15:25.418 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:15:25.418 Disk 0 Vendor: WDC_WD10EARS-00Y5B1 80.00A80 Size: 953869MB BusType: 11
09:15:25.433 Disk 0 MBR read successfully
09:15:25.433 Disk 0 MBR scan
09:15:25.433 Disk 0 Windows 7 default MBR code
09:15:25.449 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 953557 MB offset 2048
09:15:25.465 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 1952886784
09:15:25.511 Disk 0 scanning C:\Windows\system32\drivers
09:15:35.168 Service scanning
09:15:51.720 Modules scanning
09:15:51.720 Disk 0 trace - called modules:
09:15:51.751 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
09:15:51.751 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80076d0060]
09:15:51.751 3 CLASSPNP.SYS[fffff88001e0143f] -> nt!IofCallDriver -> [0xfffffa8006528c50]
09:15:51.766 5 ACPI.sys[fffff88000f6c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007436680]
09:15:51.766 Scan finished successfully
09:16:17.163 Disk 0 MBR has been saved successfully to "C:\Users\Admin\Desktop\MBR.dat"
09:16:17.163 The log file has been saved successfully to "C:\Users\Admin\Desktop\aswMBR.txt"
Code:
ATTFilter 09:20:31.0802 9212 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
09:20:32.0004 9212 ============================================================
09:20:32.0004 9212 Current date / time: 2012/10/29 09:20:32.0004
09:20:32.0004 9212 SystemInfo:
09:20:32.0004 9212
09:20:32.0004 9212 OS Version: 6.1.7601 ServicePack: 1.0
09:20:32.0004 9212 Product type: Workstation
09:20:32.0004 9212 ComputerName: RALFW7
09:20:32.0004 9212 UserName: ***
09:20:32.0004 9212 Windows directory: C:\Windows
09:20:32.0004 9212 System windows directory: C:\Windows
09:20:32.0004 9212 Running under WOW64
09:20:32.0004 9212 Processor architecture: Intel x64
09:20:32.0004 9212 Number of processors: 4
09:20:32.0004 9212 Page size: 0x1000
09:20:32.0004 9212 Boot type: Normal boot
09:20:32.0004 9212 ============================================================
09:20:34.0516 9212 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:20:34.0532 9212 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:20:39.0914 9212 ============================================================
09:20:39.0914 9212 \Device\Harddisk0\DR0:
09:20:39.0914 9212 MBR partitions:
09:20:39.0914 9212 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7466A800
09:20:39.0914 9212 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7466B000, BlocksNum 0x96000
09:20:39.0914 9212 \Device\Harddisk1\DR1:
09:20:39.0914 9212 MBR partitions:
09:20:39.0914 9212 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8D46DE
09:20:39.0914 9212 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xE8D475C, BlocksNum 0xDB416E8
09:20:39.0945 9212 \Device\Harddisk1\DR1\Partition3: MBR, Type 0xB, StartLBA 0x1C415E83, BlocksNum 0xDAE6FE
09:20:39.0945 9212 ============================================================
09:20:39.0976 9212 C: <-> \Device\Harddisk0\DR0\Partition1
09:20:40.0007 9212 I: <-> \Device\Harddisk1\DR1\Partition1
09:20:40.0038 9212 K: <-> \Device\Harddisk1\DR1\Partition2
09:20:40.0038 9212 L: <-> \Device\Harddisk1\DR1\Partition3
09:20:40.0038 9212 ============================================================
09:20:40.0038 9212 Initialize success
09:20:40.0038 9212 ============================================================
09:21:12.0393 5728 ============================================================
09:21:12.0393 5728 Scan started
09:21:12.0393 5728 Mode: Manual; SigCheck; TDLFS;
09:21:12.0393 5728 ============================================================
09:21:13.0266 5728 ================ Scan system memory ========================
09:21:13.0266 5728 System memory - ok
09:21:13.0266 5728 ================ Scan services =============================
09:21:13.0407 5728 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:21:13.0532 5728 1394ohci - ok
09:21:13.0547 5728 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:21:13.0563 5728 ACPI - ok
09:21:13.0578 5728 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:21:13.0625 5728 AcpiPmi - ok
09:21:13.0719 5728 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:21:13.0750 5728 AdobeARMservice - ok
09:21:13.0781 5728 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:21:13.0797 5728 adp94xx - ok
09:21:13.0844 5728 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:21:13.0859 5728 adpahci - ok
09:21:13.0906 5728 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:21:13.0922 5728 adpu320 - ok
09:21:13.0968 5728 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:21:14.0140 5728 AeLookupSvc - ok
09:21:14.0202 5728 [ D5B031C308A409A0A576BFF4CF083D30 ] AFD C:\Windows\system32\drivers\afd.sys
09:21:14.0499 5728 AFD - ok
09:21:14.0904 5728 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:21:14.0920 5728 agp440 - ok
09:21:14.0967 5728 AirPrint - ok
09:21:15.0123 5728 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
09:21:15.0123 5728 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
09:21:15.0138 5728 Akamai ( HiddenFile.Multi.Generic ) - warning
09:21:15.0138 5728 Akamai - detected HiddenFile.Multi.Generic (1)
09:21:15.0154 5728 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:21:15.0201 5728 ALG - ok
09:21:15.0216 5728 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:21:15.0232 5728 aliide - ok
09:21:15.0263 5728 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:21:15.0279 5728 amdide - ok
09:21:15.0279 5728 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:21:15.0326 5728 AmdK8 - ok
09:21:15.0326 5728 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:21:15.0372 5728 AmdPPM - ok
09:21:15.0404 5728 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:21:15.0435 5728 amdsata - ok
09:21:15.0450 5728 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:21:15.0482 5728 amdsbs - ok
09:21:15.0482 5728 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:21:15.0497 5728 amdxata - ok
09:21:15.0513 5728 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:21:15.0638 5728 AppID - ok
09:21:15.0638 5728 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:21:15.0669 5728 AppIDSvc - ok
09:21:15.0684 5728 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:21:15.0716 5728 Appinfo - ok
09:21:15.0809 5728 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:21:15.0825 5728 Apple Mobile Device - ok
09:21:15.0840 5728 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:21:15.0872 5728 AppMgmt - ok
09:21:15.0887 5728 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:21:15.0903 5728 arc - ok
09:21:15.0918 5728 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:21:15.0934 5728 arcsas - ok
09:21:15.0965 5728 Aspi32 - ok
09:21:16.0043 5728 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:21:16.0074 5728 aspnet_state - ok
09:21:16.0090 5728 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:21:16.0137 5728 AsyncMac - ok
09:21:16.0152 5728 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:21:16.0168 5728 atapi - ok
09:21:16.0184 5728 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:21:16.0230 5728 AudioEndpointBuilder - ok
09:21:16.0246 5728 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:21:16.0277 5728 AudioSrv - ok
09:21:16.0386 5728 [ EA2D28BBE98256654397CD1F6EAEBDD8 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
09:21:16.0402 5728 Autodesk Licensing Service - ok
09:21:16.0449 5728 AVP - ok
09:21:16.0464 5728 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:21:16.0511 5728 AxInstSV - ok
09:21:16.0542 5728 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:21:16.0589 5728 b06bdrv - ok
09:21:16.0605 5728 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:21:16.0636 5728 b57nd60a - ok
09:21:16.0667 5728 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:21:16.0698 5728 BDESVC - ok
09:21:16.0730 5728 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:21:16.0761 5728 Beep - ok
09:21:16.0808 5728 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:21:16.0854 5728 BFE - ok
09:21:16.0886 5728 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:21:16.0932 5728 BITS - ok
09:21:16.0948 5728 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:21:16.0964 5728 blbdrive - ok
09:21:17.0042 5728 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:21:17.0073 5728 Bonjour Service - ok
09:21:17.0088 5728 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:21:17.0120 5728 bowser - ok
09:21:17.0151 5728 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:21:17.0182 5728 BrFiltLo - ok
09:21:17.0198 5728 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:21:17.0229 5728 BrFiltUp - ok
09:21:17.0244 5728 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
09:21:17.0276 5728 Browser - ok
09:21:17.0432 5728 [ 07B19ACAE32C01D545E253FDE99600DC ] Browser Manager C:\ProgramData\Browser Manager\2.3.811.154\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
09:21:17.0510 5728 Browser Manager - ok
09:21:17.0510 5728 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:21:17.0556 5728 Brserid - ok
09:21:17.0572 5728 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:21:17.0588 5728 BrSerWdm - ok
09:21:17.0603 5728 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:21:17.0619 5728 BrUsbMdm - ok
09:21:17.0619 5728 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:21:17.0634 5728 BrUsbSer - ok
09:21:17.0666 5728 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:21:17.0712 5728 BTHMODEM - ok
09:21:17.0728 5728 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:21:17.0775 5728 bthserv - ok
09:21:17.0790 5728 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:21:17.0837 5728 cdfs - ok
09:21:17.0868 5728 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:21:17.0884 5728 cdrom - ok
09:21:17.0900 5728 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:21:17.0931 5728 CertPropSvc - ok
09:21:17.0931 5728 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:21:17.0946 5728 circlass - ok
09:21:17.0962 5728 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:21:17.0978 5728 CLFS - ok
09:21:18.0024 5728 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:21:18.0040 5728 clr_optimization_v2.0.50727_32 - ok
09:21:18.0071 5728 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:21:18.0087 5728 clr_optimization_v2.0.50727_64 - ok
09:21:18.0180 5728 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:21:18.0196 5728 clr_optimization_v4.0.30319_32 - ok
09:21:18.0212 5728 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:21:18.0227 5728 clr_optimization_v4.0.30319_64 - ok
09:21:18.0227 5728 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:21:18.0243 5728 CmBatt - ok
09:21:18.0258 5728 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:21:18.0258 5728 cmdide - ok
09:21:18.0305 5728 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys
09:21:18.0383 5728 CNG - ok
09:21:18.0414 5728 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:21:18.0430 5728 Compbatt - ok
09:21:18.0461 5728 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:21:18.0508 5728 CompositeBus - ok
09:21:18.0508 5728 COMSysApp - ok
09:21:18.0586 5728 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:21:18.0602 5728 crcdisk - ok
09:21:18.0633 5728 crlscsi - ok
09:21:18.0648 5728 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:21:18.0742 5728 CryptSvc - ok
09:21:18.0773 5728 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:21:18.0836 5728 CSC - ok
09:21:18.0851 5728 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:21:18.0882 5728 CscService - ok
09:21:18.0914 5728 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:21:18.0976 5728 DcomLaunch - ok
09:21:19.0007 5728 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:21:19.0038 5728 defragsvc - ok
09:21:19.0054 5728 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:21:19.0101 5728 DfsC - ok
09:21:19.0116 5728 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:21:19.0148 5728 Dhcp - ok
09:21:19.0163 5728 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:21:19.0194 5728 discache - ok
09:21:19.0241 5728 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:21:19.0241 5728 Disk - ok
09:21:19.0257 5728 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:21:19.0272 5728 dmvsc - ok
09:21:19.0304 5728 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:21:19.0350 5728 Dnscache - ok
09:21:19.0366 5728 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:21:19.0397 5728 dot3svc - ok
09:21:19.0413 5728 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:21:19.0460 5728 DPS - ok
09:21:19.0506 5728 [ 5F6B9858815DA69146A0249D4E83C8FD ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
09:21:19.0522 5728 DragonSvc - ok
09:21:19.0553 5728 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:21:19.0584 5728 drmkaud - ok
09:21:19.0600 5728 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:21:19.0616 5728 DXGKrnl - ok
09:21:19.0631 5728 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
09:21:19.0787 5728 e1cexpress - ok
09:21:19.0818 5728 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:21:19.0881 5728 EapHost - ok
09:21:20.0021 5728 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:21:20.0099 5728 ebdrv - ok
09:21:20.0130 5728 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
09:21:20.0146 5728 EFS - ok
09:21:20.0193 5728 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:21:20.0240 5728 ehRecvr - ok
09:21:20.0240 5728 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:21:20.0271 5728 ehSched - ok
09:21:20.0302 5728 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:21:20.0318 5728 elxstor - ok
09:21:20.0349 5728 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:21:20.0380 5728 ErrDev - ok
09:21:20.0411 5728 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:21:20.0474 5728 EventSystem - ok
09:21:20.0489 5728 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:21:20.0536 5728 exfat - ok
09:21:20.0552 5728 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:21:20.0583 5728 fastfat - ok
09:21:20.0598 5728 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:21:20.0630 5728 Fax - ok
09:21:20.0645 5728 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:21:20.0676 5728 fdc - ok
09:21:20.0692 5728 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:21:20.0723 5728 fdPHost - ok
09:21:20.0739 5728 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:21:20.0770 5728 FDResPub - ok
09:21:20.0786 5728 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:21:20.0801 5728 FileInfo - ok
09:21:20.0848 5728 [ CB39FBA98BE4CC9FE3FC2897E70A5D74 ] FileOpenManagerSvc C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe
09:21:20.0864 5728 FileOpenManagerSvc - ok
09:21:20.0879 5728 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:21:20.0926 5728 Filetrace - ok
09:21:21.0035 5728 [ A1FAA2868AA9B53C02C1DC24B45E6C0E ] FJTWMKSV C:\Windows\twain_32\fjscan32\FJTWMKSV.exe
09:21:21.0035 5728 FJTWMKSV ( UnsignedFile.Multi.Generic ) - warning
09:21:21.0035 5728 FJTWMKSV - detected UnsignedFile.Multi.Generic (1)
09:21:21.0066 5728 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:21:21.0082 5728 flpydisk - ok
09:21:21.0098 5728 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:21:21.0113 5728 FltMgr - ok
09:21:21.0176 5728 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:21:21.0222 5728 FontCache - ok
09:21:21.0238 5728 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:21:21.0238 5728 FontCache3.0.0.0 - ok
09:21:21.0254 5728 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:21:21.0269 5728 FsDepends - ok
09:21:21.0285 5728 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:21:21.0300 5728 Fs_Rec - ok
09:21:21.0316 5728 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:21:21.0332 5728 fvevol - ok
09:21:21.0332 5728 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:21:21.0347 5728 gagp30kx - ok
09:21:21.0378 5728 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:21:21.0378 5728 GEARAspiWDM - ok
09:21:21.0410 5728 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:21:21.0441 5728 gpsvc - ok
09:21:21.0503 5728 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:21:21.0519 5728 gupdate - ok
09:21:21.0550 5728 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:21:21.0566 5728 gupdatem - ok
09:21:21.0581 5728 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:21:21.0628 5728 hcw85cir - ok
09:21:21.0659 5728 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:21:21.0690 5728 HdAudAddService - ok
09:21:21.0722 5728 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:21:21.0753 5728 HDAudBus - ok
09:21:21.0768 5728 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:21:21.0800 5728 HidBatt - ok
09:21:21.0815 5728 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:21:21.0846 5728 HidBth - ok
09:21:21.0878 5728 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:21:21.0893 5728 HidIr - ok
09:21:21.0909 5728 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:21:21.0940 5728 hidserv - ok
09:21:21.0956 5728 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:21:21.0971 5728 HidUsb - ok
09:21:21.0987 5728 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:21:22.0018 5728 hkmsvc - ok
09:21:22.0034 5728 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:21:22.0049 5728 HomeGroupListener - ok
09:21:22.0080 5728 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:21:22.0096 5728 HomeGroupProvider - ok
09:21:22.0143 5728 [ 5EC8B1C0650FBF96DB55964CE5923069 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys
09:21:22.0158 5728 hotcore3 - ok
09:21:22.0174 5728 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:21:22.0190 5728 HpSAMD - ok
09:21:22.0205 5728 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:21:22.0252 5728 HTTP - ok
09:21:22.0268 5728 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:21:22.0268 5728 hwpolicy - ok
09:21:22.0283 5728 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:21:22.0299 5728 i8042prt - ok
09:21:22.0330 5728 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:21:22.0346 5728 iaStorV - ok
09:21:22.0392 5728 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:21:22.0392 5728 IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:21:22.0392 5728 IDriverT - detected UnsignedFile.Multi.Generic (1)
09:21:22.0439 5728 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:21:22.0470 5728 idsvc - ok
09:21:22.0533 5728 [ E28602C9E17B0DDCE9F5DEB3B3E2A635 ] IGDCTRL C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE
09:21:22.0548 5728 IGDCTRL - ok
09:21:22.0564 5728 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:21:22.0580 5728 iirsp - ok
09:21:22.0611 5728 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:21:22.0673 5728 IKEEXT - ok
09:21:22.0736 5728 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:21:22.0814 5728 IntcAzAudAddService - ok
09:21:22.0845 5728 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:21:22.0845 5728 intelide - ok
09:21:22.0876 5728 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:21:22.0907 5728 intelppm - ok
09:21:22.0923 5728 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:21:22.0970 5728 IPBusEnum - ok
09:21:23.0001 5728 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:21:23.0048 5728 IpFilterDriver - ok
09:21:23.0063 5728 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:21:23.0110 5728 iphlpsvc - ok
09:21:23.0141 5728 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:21:23.0157 5728 IPMIDRV - ok
09:21:23.0157 5728 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:21:23.0204 5728 IPNAT - ok
09:21:23.0250 5728 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:21:23.0266 5728 iPod Service - ok
09:21:23.0282 5728 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:21:23.0297 5728 IRENUM - ok
09:21:23.0328 5728 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:21:23.0344 5728 isapnp - ok
09:21:23.0360 5728 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:21:23.0375 5728 iScsiPrt - ok
09:21:23.0375 5728 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:21:23.0391 5728 kbdclass - ok
09:21:23.0406 5728 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:21:23.0422 5728 kbdhid - ok
09:21:23.0438 5728 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
09:21:23.0453 5728 KeyIso - ok
09:21:23.0484 5728 [ 8B5219318DF5895ABD230C373F2DF18A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
09:21:23.0500 5728 KL1 - ok
09:21:23.0547 5728 [ 8191BB24F61EBCAF84719993C7F7B5C6 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
09:21:23.0578 5728 KLIF - ok
09:21:23.0609 5728 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
09:21:23.0625 5728 KLIM6 - ok
09:21:23.0672 5728 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
09:21:23.0687 5728 klkbdflt - ok
09:21:23.0703 5728 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
09:21:23.0718 5728 klmouflt - ok
09:21:23.0750 5728 [ FFC0501A1EA742406F1904A0CFE3BFE2 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
09:21:23.0750 5728 kltdi - ok
09:21:23.0765 5728 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
09:21:23.0781 5728 kneps - ok
09:21:23.0781 5728 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:21:23.0796 5728 KSecDD - ok
09:21:23.0812 5728 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:21:23.0828 5728 KSecPkg - ok
09:21:23.0828 5728 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:21:23.0859 5728 ksthunk - ok
09:21:23.0890 5728 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:21:23.0921 5728 KtmRm - ok
09:21:23.0952 5728 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:21:24.0015 5728 LanmanServer - ok
09:21:24.0030 5728 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:21:24.0062 5728 LanmanWorkstation - ok
09:21:24.0186 5728 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
09:21:24.0218 5728 LBTServ - ok
09:21:24.0296 5728 [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
09:21:24.0311 5728 LEqdUsb - ok
09:21:24.0327 5728 [ 3267BC698E29474A8381E68904EB0390 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
09:21:24.0342 5728 LHidEqd - ok
09:21:24.0358 5728 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:21:24.0358 5728 LHidFilt - ok
09:21:24.0374 5728 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:21:24.0452 5728 lltdio - ok
09:21:24.0530 5728 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:21:24.0592 5728 lltdsvc - ok
09:21:24.0608 5728 lmab_device - ok
09:21:24.0608 5728 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:21:24.0639 5728 lmhosts - ok
09:21:24.0654 5728 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:21:24.0654 5728 LMouFilt - ok
09:21:24.0686 5728 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:21:24.0701 5728 LSI_FC - ok
09:21:24.0732 5728 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:21:24.0748 5728 LSI_SAS - ok
09:21:24.0764 5728 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:21:24.0779 5728 LSI_SAS2 - ok
09:21:24.0795 5728 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:21:24.0810 5728 LSI_SCSI - ok
09:21:24.0826 5728 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:21:24.0857 5728 luafv - ok
09:21:24.0951 5728 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
09:21:24.0966 5728 McComponentHostService - ok
09:21:24.0982 5728 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:21:24.0998 5728 Mcx2Svc - ok
09:21:25.0013 5728 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:21:25.0029 5728 megasas - ok
09:21:25.0044 5728 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:21:25.0060 5728 MegaSR - ok
09:21:25.0060 5728 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:21:25.0091 5728 MMCSS - ok
09:21:25.0107 5728 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:21:25.0138 5728 Modem - ok
09:21:25.0185 5728 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:21:25.0200 5728 monitor - ok
09:21:25.0247 5728 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:21:25.0263 5728 mouclass - ok
09:21:25.0310 5728 [ 21B7ACEA1BB49C3371DD5427BF309D6A ] moufiltr C:\Windows\system32\DRIVERS\moufiltr.sys
09:21:25.0325 5728 moufiltr - ok
09:21:25.0341 5728 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:21:25.0356 5728 mouhid - ok
09:21:25.0388 5728 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:21:25.0403 5728 mountmgr - ok
09:21:25.0481 5728 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:21:25.0481 5728 MozillaMaintenance - ok
09:21:25.0512 5728 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:21:25.0528 5728 mpio - ok
09:21:25.0544 5728 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:21:25.0575 5728 mpsdrv - ok
09:21:25.0606 5728 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:21:25.0637 5728 MpsSvc - ok
09:21:25.0653 5728 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:21:25.0700 5728 MRxDAV - ok
09:21:25.0731 5728 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:21:25.0762 5728 mrxsmb - ok
09:21:25.0793 5728 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:21:25.0824 5728 mrxsmb10 - ok
09:21:25.0824 5728 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:21:25.0856 5728 mrxsmb20 - ok
09:21:25.0871 5728 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:21:25.0887 5728 msahci - ok
09:21:25.0902 5728 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:21:25.0918 5728 msdsm - ok
09:21:25.0934 5728 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:21:25.0965 5728 MSDTC - ok
09:21:25.0980 5728 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:21:26.0027 5728 Msfs - ok
09:21:26.0043 5728 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:21:26.0074 5728 mshidkmdf - ok
09:21:26.0090 5728 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:21:26.0090 5728 msisadrv - ok
09:21:26.0105 5728 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:21:26.0152 5728 MSiSCSI - ok
09:21:26.0152 5728 msiserver - ok
09:21:26.0168 5728 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:21:26.0214 5728 MSKSSRV - ok
09:21:26.0230 5728 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:21:26.0277 5728 MSPCLOCK - ok
09:21:26.0277 5728 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:21:26.0292 5728 MSPQM - ok
09:21:26.0355 5728 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:21:26.0386 5728 MsRPC - ok
09:21:26.0417 5728 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:21:26.0433 5728 mssmbios - ok
09:21:26.0448 5728 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:21:26.0464 5728 MSTEE - ok
09:21:26.0511 5728 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:21:26.0526 5728 MTConfig - ok
09:21:26.0589 5728 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:21:26.0604 5728 Mup - ok
09:21:26.0636 5728 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:21:26.0729 5728 napagent - ok
09:21:26.0760 5728 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:21:26.0792 5728 NativeWifiP - ok
09:21:26.0838 5728 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
09:21:26.0870 5728 NDIS - ok
09:21:26.0885 5728 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:21:26.0916 5728 NdisCap - ok
09:21:26.0932 5728 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:21:26.0963 5728 NdisTapi - ok
09:21:26.0963 5728 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:21:26.0994 5728 Ndisuio - ok
09:21:27.0010 5728 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:21:27.0041 5728 NdisWan - ok
09:21:27.0057 5728 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:21:27.0088 5728 NDProxy - ok
09:21:27.0119 5728 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
09:21:27.0166 5728 Netaapl - ok
09:21:27.0182 5728 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:21:27.0228 5728 NetBIOS - ok
09:21:27.0244 5728 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:21:27.0275 5728 NetBT - ok
09:21:27.0291 5728 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
09:21:27.0306 5728 Netlogon - ok
09:21:27.0322 5728 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:21:27.0353 5728 Netman - ok
09:21:27.0416 5728 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:21:27.0431 5728 NetMsmqActivator - ok
09:21:27.0431 5728 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:21:27.0447 5728 NetPipeActivator - ok
09:21:27.0447 5728 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:21:27.0478 5728 netprofm - ok
09:21:27.0509 5728 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:21:27.0509 5728 NetTcpActivator - ok
09:21:27.0509 5728 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:21:27.0525 5728 NetTcpPortSharing - ok
09:21:27.0556 5728 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:21:27.0556 5728 nfrd960 - ok
09:21:27.0587 5728 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:21:27.0618 5728 NlaSvc - ok
09:21:27.0634 5728 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:21:27.0665 5728 Npfs - ok
09:21:27.0681 5728 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:21:27.0712 5728 nsi - ok
09:21:27.0728 5728 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:21:27.0759 5728 nsiproxy - ok
09:21:27.0806 5728 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:21:27.0868 5728 Ntfs - ok
09:21:27.0884 5728 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:21:27.0915 5728 Null - ok
09:21:27.0915 5728 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
09:21:27.0930 5728 nusb3hub - ok
09:21:27.0946 5728 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:21:27.0977 5728 nusb3xhc - ok
09:21:28.0024 5728 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:21:28.0055 5728 NVHDA - ok
09:21:28.0258 5728 [ B34E9BFBD9C61048EF6281C3E7EC210A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:21:28.0539 5728 nvlddmkm - ok
09:21:28.0570 5728 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:21:28.0601 5728 nvraid - ok
09:21:28.0617 5728 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:21:28.0632 5728 nvstor - ok
09:21:28.0664 5728 [ DFDA089BB2CD0FF7E789E2EF6BA1E4BA ] NVSvc C:\Windows\system32\nvvsvc.exe
09:21:28.0710 5728 NVSvc - ok
09:21:28.0773 5728 [ E7818CD4FB51284C948D68A7A85A69B8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
09:21:28.0851 5728 nvUpdatusService - ok
09:21:28.0882 5728 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:21:28.0898 5728 nv_agp - ok
09:21:28.0913 5728 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:21:28.0929 5728 ohci1394 - ok
09:21:28.0976 5728 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:21:28.0991 5728 ose - ok
09:21:29.0163 5728 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:21:29.0272 5728 osppsvc - ok
09:21:29.0303 5728 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:21:29.0366 5728 p2pimsvc - ok
09:21:29.0381 5728 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:21:29.0397 5728 p2psvc - ok
09:21:29.0490 5728 [ 332048AC9BFEC1C4B060DF70670DB7B0 ] Paragon System Backup Dienst C:\System64\Paragon Software\Paragon Backup Home and Office 2011\program\dbhservice.exe
09:21:29.0506 5728 Paragon System Backup Dienst - ok
09:21:29.0522 5728 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:21:29.0537 5728 Parport - ok
09:21:29.0553 5728 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:21:29.0568 5728 partmgr - ok
09:21:29.0568 5728 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:21:29.0600 5728 PcaSvc - ok
09:21:29.0615 5728 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:21:29.0631 5728 pci - ok
09:21:29.0646 5728 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:21:29.0646 5728 pciide - ok
09:21:29.0662 5728 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:21:29.0678 5728 pcmcia - ok
09:21:29.0693 5728 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:21:29.0709 5728 pcw - ok
09:21:29.0802 5728 [ 9981ABDB739599CF2D61B5B61B21FEC6 ] PDFProFiltSrv C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe
09:21:29.0818 5728 PDFProFiltSrv - ok
09:21:29.0927 5728 [ CA54B6236093ED0E18201D1EC34F61F3 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
09:21:29.0943 5728 PDFProFiltSrvPP - ok
09:21:29.0958 5728 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:21:30.0005 5728 PEAUTH - ok
09:21:30.0036 5728 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:21:30.0083 5728 PeerDistSvc - ok
09:21:30.0161 5728 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:21:30.0177 5728 PerfHost - ok
09:21:30.0208 5728 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:21:30.0286 5728 pla - ok
09:21:30.0349 5728 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:21:30.0380 5728 PlugPlay - ok
09:21:30.0380 5728 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:21:30.0411 5728 PNRPAutoReg - ok
09:21:30.0427 5728 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:21:30.0442 5728 PNRPsvc - ok
09:21:30.0473 5728 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:21:30.0536 5728 PolicyAgent - ok
09:21:30.0567 5728 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:21:30.0614 5728 Power - ok
09:21:30.0629 5728 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:21:30.0661 5728 PptpMiniport - ok
09:21:30.0676 5728 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:21:30.0692 5728 Processor - ok
09:21:30.0707 5728 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
09:21:30.0754 5728 ProfSvc - ok
09:21:30.0770 5728 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
09:21:30.0785 5728 ProtectedStorage - ok
09:21:30.0801 5728 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:21:30.0832 5728 Psched - ok
09:21:30.0926 5728 [ 788CB65D49D1162C5EE6814AFE5B0A70 ] PSI_SVC_2_x64 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
09:21:30.0941 5728 PSI_SVC_2_x64 - ok
09:21:30.0988 5728 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:21:31.0051 5728 ql2300 - ok
09:21:31.0082 5728 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:21:31.0082 5728 ql40xx - ok
09:21:31.0113 5728 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:21:31.0129 5728 QWAVE - ok
09:21:31.0129 5728 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:21:31.0144 5728 QWAVEdrv - ok
09:21:31.0285 5728 [ B40AA9BE30D62B288DBF4AAA83FB2A49 ] Radio.fx C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
09:21:31.0394 5728 Radio.fx - ok
09:21:31.0409 5728 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:21:31.0441 5728 RasAcd - ok
09:21:31.0456 5728 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:21:31.0487 5728 RasAgileVpn - ok
09:21:31.0503 5728 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:21:31.0534 5728 RasAuto - ok
09:21:31.0550 5728 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:21:31.0581 5728 Rasl2tp - ok
09:21:31.0581 5728 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:21:31.0612 5728 RasMan - ok
09:21:31.0628 5728 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:21:31.0659 5728 RasPppoe - ok
09:21:31.0675 5728 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:21:31.0690 5728 RasSstp - ok
09:21:31.0706 5728 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:21:31.0737 5728 rdbss - ok
09:21:31.0753 5728 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:21:31.0768 5728 rdpbus - ok
09:21:31.0784 5728 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:21:31.0799 5728 RDPCDD - ok
09:21:31.0831 5728 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:21:31.0846 5728 RDPDR - ok
09:21:31.0862 5728 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:21:31.0893 5728 RDPENCDD - ok
09:21:31.0909 5728 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:21:31.0924 5728 RDPREFMP - ok
09:21:31.0955 5728 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:21:31.0971 5728 RDPWD - ok
09:21:32.0002 5728 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:21:32.0002 5728 rdyboost - ok
09:21:32.0033 5728 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:21:32.0065 5728 RemoteAccess - ok
09:21:32.0080 5728 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:21:32.0096 5728 RemoteRegistry - ok
09:21:32.0111 5728 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:21:32.0143 5728 RpcEptMapper - ok
09:21:32.0174 5728 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:21:32.0205 5728 RpcLocator - ok
09:21:32.0221 5728 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:21:32.0252 5728 RpcSs - ok
09:21:32.0267 5728 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:21:32.0299 5728 rspndr - ok
09:21:32.0314 5728 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:21:32.0330 5728 s3cap - ok
09:21:32.0330 5728 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
09:21:32.0345 5728 SamSs - ok
09:21:32.0361 5728 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:21:32.0377 5728 sbp2port - ok
09:21:32.0486 5728 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
09:21:32.0517 5728 SBSDWSCService - ok
09:21:32.0533 5728 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:21:32.0564 5728 SCardSvr - ok
09:21:32.0564 5728 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:21:32.0611 5728 scfilter - ok
09:21:32.0626 5728 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:21:32.0673 5728 Schedule - ok
09:21:32.0689 5728 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:21:32.0720 5728 SCPolicySvc - ok
09:21:32.0735 5728 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:21:32.0767 5728 SDRSVC - ok
09:21:32.0782 5728 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:21:32.0813 5728 secdrv - ok
09:21:32.0829 5728 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:21:32.0860 5728 seclogon - ok
09:21:32.0860 5728 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:21:32.0891 5728 SENS - ok
09:21:32.0907 5728 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:21:32.0938 5728 SensrSvc - ok
09:21:32.0954 5728 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:21:32.0969 5728 Serenum - ok
09:21:32.0985 5728 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:21:32.0985 5728 Serial - ok
09:21:33.0016 5728 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:21:33.0047 5728 sermouse - ok
09:21:33.0063 5728 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:21:33.0094 5728 SessionEnv - ok
09:21:33.0110 5728 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:21:33.0125 5728 sffdisk - ok
09:21:33.0141 5728 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:21:33.0188 5728 sffp_mmc - ok
09:21:33.0188 5728 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:21:33.0219 5728 sffp_sd - ok
09:21:33.0235 5728 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:21:33.0250 5728 sfloppy - ok
09:21:33.0281 5728 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:21:33.0313 5728 SharedAccess - ok
09:21:33.0328 5728 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:21:33.0375 5728 ShellHWDetection - ok
09:21:33.0437 5728 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:21:33.0453 5728 SiSRaid2 - ok
09:21:33.0453 5728 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:21:33.0469 5728 SiSRaid4 - ok
09:21:33.0500 5728 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:21:33.0531 5728 Smb - ok
09:21:33.0547 5728 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:21:33.0562 5728 SNMPTRAP - ok
09:21:33.0578 5728 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:21:33.0593 5728 spldr - ok
09:21:33.0609 5728 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
09:21:33.0640 5728 Spooler - ok
09:21:33.0890 5728 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:21:34.0015 5728 sppsvc - ok
09:21:34.0046 5728 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:21:34.0139 5728 sppuinotify - ok
09:21:34.0311 5728 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:21:34.0358 5728 srv - ok
09:21:34.0373 5728 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:21:34.0420 5728 srv2 - ok
09:21:34.0436 5728 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:21:34.0451 5728 srvnet - ok
09:21:34.0529 5728 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:21:34.0592 5728 SSDPSRV - ok
09:21:34.0592 5728 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:21:34.0623 5728 SstpSvc - ok
09:21:34.0701 5728 [ 6086B60F2E36D06A063CB07ED0524332 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:21:34.0717 5728 Stereo Service - ok
09:21:34.0748 5728 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:21:34.0748 5728 stexstor - ok
09:21:34.0779 5728 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:21:34.0810 5728 stisvc - ok
09:21:34.0841 5728 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:21:34.0841 5728 storflt - ok
09:21:34.0873 5728 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:21:34.0888 5728 StorSvc - ok
09:21:34.0904 5728 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:21:34.0919 5728 storvsc - ok
09:21:34.0935 5728 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:21:34.0935 5728 swenum - ok
09:21:34.0966 5728 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:21:34.0997 5728 swprv - ok
09:21:35.0029 5728 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:21:35.0075 5728 SysMain - ok
09:21:35.0091 5728 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:21:35.0107 5728 TabletInputService - ok
09:21:35.0122 5728 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:21:35.0185 5728 TapiSrv - ok
09:21:35.0216 5728 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
09:21:35.0216 5728 tbhsd - ok
09:21:35.0231 5728 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:21:35.0247 5728 TBS - ok
09:21:35.0294 5728 [ BB7C91D0E97AA8126212838D32DCC83C ] tclondrv C:\Windows\system32\DRIVERS\tclondrv.sys
09:21:35.0294 5728 tclondrv - ok
09:21:35.0356 5728 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:21:35.0434 5728 Tcpip - ok
09:21:35.0481 5728 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:21:35.0528 5728 TCPIP6 - ok
09:21:35.0543 5728 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:21:35.0575 5728 tcpipreg - ok
09:21:35.0590 5728 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:21:35.0637 5728 TDPIPE - ok
09:21:35.0653 5728 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:21:35.0668 5728 TDTCP - ok
09:21:35.0684 5728 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:21:35.0715 5728 tdx - ok
09:21:35.0809 5728 [ 74FC70AE64A7B7DABEC9697CE0A1F4FA ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
09:21:35.0887 5728 TeamViewer7 - ok
09:21:35.0918 5728 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:21:35.0933 5728 TermDD - ok
09:21:35.0965 5728 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:21:36.0027 5728 TermService - ok
09:21:36.0043 5728 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:21:36.0058 5728 Themes - ok
09:21:36.0074 5728 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:21:36.0105 5728 THREADORDER - ok
09:21:36.0121 5728 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:21:36.0152 5728 TrkWks - ok
09:21:36.0199 5728 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:21:36.0261 5728 TrustedInstaller - ok
09:21:36.0292 5728 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:21:36.0323 5728 tssecsrv - ok
09:21:36.0386 5728 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:21:36.0417 5728 TsUsbFlt - ok
09:21:36.0448 5728 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:21:36.0464 5728 TsUsbGD - ok
09:21:36.0495 5728 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:21:36.0542 5728 tunnel - ok
09:21:36.0589 5728 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:21:36.0589 5728 uagp35 - ok
09:21:36.0620 5728 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:21:36.0713 5728 udfs - ok
09:21:36.0760 5728 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:21:36.0776 5728 UI0Detect - ok
09:21:36.0791 5728 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:21:36.0807 5728 uliagpkx - ok
09:21:36.0823 5728 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:21:36.0838 5728 umbus - ok
09:21:36.0885 5728 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:21:36.0916 5728 UmPass - ok
09:21:37.0135 5728 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:21:37.0353 5728 UmRdpService - ok
09:21:37.0540 5728 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
09:21:37.0556 5728 UnlockerDriver5 - ok
09:21:37.0571 5728 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:21:37.0618 5728 upnphost - ok
09:21:37.0665 5728 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:21:37.0696 5728 USBAAPL64 - ok
09:21:37.0727 5728 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:21:37.0759 5728 usbaudio - ok
09:21:37.0805 5728 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:21:37.0821 5728 usbccgp - ok
09:21:37.0837 5728 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:21:37.0852 5728 usbcir - ok
09:21:37.0868 5728 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:21:37.0899 5728 usbehci - ok
09:21:37.0915 5728 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:21:37.0946 5728 usbhub - ok
09:21:37.0977 5728 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:21:38.0008 5728 usbohci - ok
09:21:38.0024 5728 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:21:38.0055 5728 usbprint - ok
09:21:38.0086 5728 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:21:38.0117 5728 usbscan - ok
09:21:38.0133 5728 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:21:38.0180 5728 USBSTOR - ok
09:21:38.0195 5728 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:21:38.0227 5728 usbuhci - ok
09:21:38.0242 5728 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:21:38.0273 5728 UxSms - ok
09:21:38.0273 5728 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
09:21:38.0289 5728 VaultSvc - ok
09:21:38.0305 5728 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:21:38.0305 5728 vdrvroot - ok
09:21:38.0336 5728 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:21:38.0367 5728 vds - ok
09:21:38.0383 5728 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:21:38.0398 5728 vga - ok
09:21:38.0414 5728 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:21:38.0429 5728 VgaSave - ok
09:21:38.0461 5728 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:21:38.0476 5728 vhdmp - ok
09:21:38.0507 5728 [ 68F6A83C8848875AD027D038637A5BE0 ] vhidmini C:\Windows\system32\DRIVERS\walvhid.sys
09:21:38.0539 5728 vhidmini - ok
09:21:38.0554 5728 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:21:38.0570 5728 viaide - ok
09:21:38.0601 5728 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:21:38.0601 5728 vmbus - ok
09:21:38.0617 5728 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:21:38.0632 5728 VMBusHID - ok
09:21:38.0663 5728 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:21:38.0663 5728 volmgr - ok
09:21:38.0679 5728 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:21:38.0695 5728 volmgrx - ok
09:21:38.0710 5728 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:21:38.0726 5728 volsnap - ok
09:21:38.0741 5728 [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
09:21:38.0773 5728 vpcbus - ok
09:21:38.0804 5728 [ 8ACDA395841538CE9713A67FE8B2A3EB ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
09:21:38.0804 5728 vpcnfltr - ok
09:21:38.0819 5728 [ 31924E31BC315773E6D149B157DB46D5 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
09:21:38.0835 5728 vpcusb - ok
09:21:38.0866 5728 [ C5B651E52540E6F46DA66574C74B4898 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
09:21:38.0882 5728 vpcvmm - ok
09:21:38.0897 5728 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:21:38.0913 5728 vsmraid - ok
09:21:38.0960 5728 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:21:39.0022 5728 VSS - ok
09:21:39.0038 5728 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:21:39.0053 5728 vwifibus - ok
09:21:39.0085 5728 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:21:39.0116 5728 W32Time - ok
09:21:39.0131 5728 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:21:39.0147 5728 WacomPen - ok
09:21:39.0163 5728 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:21:39.0194 5728 WANARP - ok
09:21:39.0194 5728 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:21:39.0225 5728 Wanarpv6 - ok
09:21:39.0256 5728 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:21:39.0303 5728 wbengine - ok
09:21:39.0319 5728 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:21:39.0334 5728 WbioSrvc - ok
09:21:39.0350 5728 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:21:39.0381 5728 wcncsvc - ok
09:21:39.0397 5728 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:21:39.0412 5728 WcsPlugInService - ok
09:21:39.0428 5728 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:21:39.0443 5728 Wd - ok
09:21:39.0459 5728 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:21:39.0475 5728 Wdf01000 - ok
09:21:39.0506 5728 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:21:39.0584 5728 WdiServiceHost - ok
09:21:39.0584 5728 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:21:39.0615 5728 WdiSystemHost - ok
09:21:39.0631 5728 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:21:39.0662 5728 WebClient - ok
09:21:39.0677 5728 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:21:39.0724 5728 Wecsvc - ok
09:21:39.0724 5728 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:21:39.0755 5728 wercplsupport - ok
09:21:39.0787 5728 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:21:39.0818 5728 WerSvc - ok
09:21:39.0818 5728 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:21:39.0849 5728 WfpLwf - ok
09:21:39.0865 5728 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:21:39.0880 5728 WIMMount - ok
09:21:39.0896 5728 WinDefend - ok
09:21:39.0896 5728 WinHttpAutoProxySvc - ok
09:21:39.0943 5728 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:21:39.0974 5728 Winmgmt - ok
09:21:40.0021 5728 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:21:40.0114 5728 WinRM - ok
09:21:40.0161 5728 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:21:40.0192 5728 WinUsb - ok
09:21:40.0223 5728 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:21:40.0270 5728 Wlansvc - ok
09:21:40.0301 5728 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:21:40.0317 5728 WmiAcpi - ok
09:21:40.0333 5728 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:21:40.0364 5728 wmiApSrv - ok
09:21:40.0395 5728 WMPNetworkSvc - ok
09:21:40.0395 5728 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:21:40.0426 5728 WPCSvc - ok
09:21:40.0442 5728 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:21:40.0473 5728 WPDBusEnum - ok
09:21:40.0489 5728 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:21:40.0520 5728 ws2ifsl - ok
09:21:40.0535 5728 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:21:40.0551 5728 wscsvc - ok
09:21:40.0582 5728 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:21:40.0613 5728 WSDPrintDevice - ok
09:21:40.0613 5728 WSearch - ok
09:21:40.0613 5728 WTService - ok
09:21:40.0676 5728 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:21:40.0754 5728 wuauserv - ok
09:21:40.0769 5728 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:21:40.0801 5728 WudfPf - ok
09:21:40.0816 5728 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:21:40.0847 5728 WUDFRd - ok
09:21:40.0863 5728 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:21:40.0894 5728 wudfsvc - ok
09:21:40.0910 5728 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:21:40.0925 5728 WwanSvc - ok
09:21:40.0941 5728 ================ Scan global ===============================
09:21:40.0972 5728 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:21:41.0003 5728 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:21:41.0019 5728 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:21:41.0035 5728 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:21:41.0050 5728 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:21:41.0050 5728 [Global] - ok
09:21:41.0050 5728 ================ Scan MBR ==================================
09:21:41.0066 5728 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:21:41.0284 5728 \Device\Harddisk0\DR0 - ok
09:21:41.0300 5728 [ 1BEFDA48DD8E42A2C8A6ADD9BCA37E35 ] \Device\Harddisk1\DR1
09:21:41.0659 5728 \Device\Harddisk1\DR1 - ok
09:21:41.0659 5728 ================ Scan VBR ==================================
09:21:41.0659 5728 [ 99F213B987A1BA6632C142FF38626D09 ] \Device\Harddisk0\DR0\Partition1
09:21:41.0659 5728 \Device\Harddisk0\DR0\Partition1 - ok
09:21:41.0674 5728 [ 721549EF3CF9CCC92FD2E050D94DB6D5 ] \Device\Harddisk0\DR0\Partition2
09:21:41.0674 5728 \Device\Harddisk0\DR0\Partition2 - ok
09:21:41.0674 5728 [ AEEFBEB5DEC6D80FA4330B647E2DD932 ] \Device\Harddisk1\DR1\Partition1
09:21:41.0674 5728 \Device\Harddisk1\DR1\Partition1 - ok
09:21:41.0674 5728 [ 0A75D76B3988AE8610041B5F05A0C783 ] \Device\Harddisk1\DR1\Partition2
09:21:41.0674 5728 \Device\Harddisk1\DR1\Partition2 - ok
09:21:41.0690 5728 [ 99F114F865FB55F73BAE2A3D42A66556 ] \Device\Harddisk1\DR1\Partition3
09:21:41.0690 5728 \Device\Harddisk1\DR1\Partition3 - ok
09:21:41.0690 5728 ============================================================
09:21:41.0690 5728 Scan finished
09:21:41.0690 5728 ============================================================
09:21:41.0705 4932 Detected object count: 3
09:21:41.0705 4932 Actual detected object count: 3
09:22:28.0147 4932 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
09:22:28.0147 4932 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
09:22:28.0147 4932 FJTWMKSV ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:28.0147 4932 FJTWMKSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:22:28.0147 4932 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:22:28.0147 4932 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
29.10.2012, 14:02
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | claro-search in Firefox und IE Lt. Logs ist da nur Werbemüll/Toolbarschrott drin  adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.10.2012, 15:12
| #10 |
| | claro-search in Firefox und IE Bitte sehr : Code:
ATTFilter # AdwCleaner v2.005 - Datei am 29/10/2012 um 15:09:17 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : *** - RALFW7
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Admin\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
Gefunden : Browser Manager
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\ProgramData\IBUpdaterService
Ordner Gefunden : C:\Users\Admin\AppData\Local\Temp\AskSearch
Ordner Gefunden : C:\Users\Admin\AppData\LocalLow\pdfforge
Ordner Gefunden : C:\Users\Admin\AppData\LocalLow\Search Settings
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\pdfforge
***** [Registrierungsdatenbank] *****
Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23811~1.154\{61d8b~1\browse~1.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gefunden : HKCU\Software\pdfforge
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gefunden : HKLM\Software\pdfforge
Schlüssel Gefunden : HKLM\Software\Search Settings
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-1863823037-3307881229-1473239087-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-1863823037-3307881229-1473239087-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-1863823037-3307881229-1473239087-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D0F4A166-B8D4-48b8-9D63-80849FE137CB}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v16.0.1 (de)
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
*************************
AdwCleaner[R1].txt - [5743 octets] - [29/10/2012 15:09:17]
########## EOF - C:\AdwCleaner[R1].txt - [5803 octets] ##########
|
|
29.10.2012, 15:21
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | claro-search in Firefox und IE Versuch bitte alle im adwCleaner-Log erwähnten Einträge über die Systemsteuerung zu deinstallieren, danach ein neues Suchlog mit dem adwCleaner machen. Reste und was sich sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.10.2012, 20:25
| #12 |
| | claro-search in Firefox und IE Das einzige, was ich finden konnte war "pdfforge". "Ask" umnd "Babylon" hatte ich schon vor einigen Tagen deinstalliert, hat aber nichts genutzt. Code:
ATTFilter # AdwCleaner v2.005 - Datei am 29/10/2012 um 20:18:05 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : *** - RALFW7
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Admin\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
Gefunden : Browser Manager
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\ProgramData\IBUpdaterService
Ordner Gefunden : C:\Users\Admin\AppData\Local\Temp\AskSearch
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\pdfforge
***** [Registrierungsdatenbank] *****
Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23811~1.154\{61d8b~1\browse~1.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-1863823037-3307881229-1473239087-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-1863823037-3307881229-1473239087-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-1863823037-3307881229-1473239087-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D0F4A166-B8D4-48b8-9D63-80849FE137CB}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
*************************
AdwCleaner[R1].txt - [5858 octets] - [29/10/2012 15:09:17]
AdwCleaner[R2].txt - [5639 octets] - [29/10/2012 16:40:43]
AdwCleaner[R3].txt - [5457 octets] - [29/10/2012 20:18:05]
########## EOF - C:\AdwCleaner[R3].txt - [5517 octets] ##########
Code:
ATTFilter # AdwCleaner v2.005 - Datei am 29/10/2012 um 20:26:48 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : *** - RALFW7
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Admin\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : Browser Manager
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Gelöscht mit Neustart : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\pdfforge
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23811~1.154\{61d8b~1\browse~1.dll
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKU\S-1-5-21-1863823037-3307881229-1473239087-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\user.js ... Gelöscht !
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
[OK] Die Datei ist sauber.
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
[OK] Die Datei ist sauber.
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [5858 octets] - [29/10/2012 15:09:17]
AdwCleaner[R2].txt - [5639 octets] - [29/10/2012 16:40:43]
AdwCleaner[R3].txt - [5563 octets] - [29/10/2012 20:18:05]
AdwCleaner[S2].txt - [5077 octets] - [29/10/2012 20:26:48]
########## EOF - C:\AdwCleaner[S2].txt - [5137 octets] ##########
Code:
ATTFilter # AdwCleaner v2.005 - Datei am 29/10/2012 um 21:51:42 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : *** - RALFW7
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Admin\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gefunden : C:\ProgramData\Browser Manager
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
[OK] Die Datei ist sauber.
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
[OK] Die Datei ist sauber.
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
[OK] Die Datei ist sauber.
Profilname : default
Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\q8v94u8j.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [5858 octets] - [29/10/2012 15:09:17]
AdwCleaner[R2].txt - [5639 octets] - [29/10/2012 16:40:43]
AdwCleaner[R3].txt - [5563 octets] - [29/10/2012 20:18:05]
AdwCleaner[S2].txt - [5192 octets] - [29/10/2012 20:26:48]
AdwCleaner[R4].txt - [1600 octets] - [29/10/2012 21:51:42]
########## EOF - C:\AdwCleaner[R4].txt - [1660 octets] ##########
Ist jetzt alles gut ??? |
|
31.10.2012, 16:15
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | claro-search in Firefox und IE Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.11.2012, 14:33
| #14 |
| | claro-search in Firefox und IE Bitte sehr, wo kommen die jetzt noch alle her ??  Hier zunächst Malwarebytes : Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.02.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 *** :: RALFW7 [Administrator] 02.11.2012 05:53:19 mbam-log-2012-11-02 (06-01-18).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 281878 Laufzeit: 6 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 4 C:\Users\Admin\Downloads\installer_my_video_converter_1_5_1_Deutsch.exe (PUP.SmsPay.PGen) -> Keine Aktion durchgeführt. C:\Users\Admin\Downloads\SoftonicDownloader_fuer_easy-video-downloader.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt. C:\Users\Admin\Downloads\SoftonicDownloader_fuer_free-video-to-ipod-converter.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt. C:\Users\Admin\Downloads\SoftonicDownloader_fuer_free-youtube-to-mp3-converter.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fc94b2889e8b784bae5dc46df85a0bdb
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-11-02 11:37:53
# local_time=2012-11-02 12:37:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1280 16777215 100 0 5568359 5568359 0 0
# compatibility_mode=5893 16776574 100 94 0 103463032 0 0
# compatibility_mode=8192 67108863 100 0 4170 4170 0 0
# scanned=810851
# found=21
# cleaned=0
# scan_time=23091
C:\Lea\OS\Users\Lea\Downloads\SoftonicDownloader29287.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Lea\OS\Users\Lea\Downloads\SoftonicDownloader64308.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Desktop\ssk_claro.exe a variant of Win32/InstallBrain.L application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\installer_magic_dvd_copier_7_1_0_Deutsch.exe Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\installer_my_video_converter_1_5_1_Deutsch.exe Win32/Toggle application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\installer_smartripper_2_41_Deutsch_Deutsch.exe Win32/Toggle application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\PDFCreator-1_2_1_setup.exe Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\PDFCreator-1_2_3_setup.exe Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\SoftonicDownloader_fuer_easy-video-downloader.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\SoftonicDownloader_fuer_free-video-to-ipod-converter.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\SoftonicDownloader_fuer_free-youtube-to-mp3-converter.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\SoftonicDownloader_fuer_mediajoin.exe a variant of Win32/SoftonicDownloader.E application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\Unlocker1.9.1-x64.exe Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Downloads\Unlocker1.9.1.exe Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I
I:\Virtual\Untrusted\M_\0-PDF zum verteilen\0-Temporär für E-Akten\Neuer Ordner (4)\CRAAGLE 1.91\Craagle.exe Win32/Adware.Craagle application (unable to clean) 00000000000000000000000000000000 I
K:\Downloads\ZIP\Acces_Video02.zip probably a variant of Win32/Dialer.CDDial application (unable to clean) 00000000000000000000000000000000 I
K:\Downloads\ZIP\adobesngen.zip probably a variant of Win32/Agent.DJCWQUQ trojan (unable to clean) 00000000000000000000000000000000 I
K:\Downloads\ZIP\eif001.exe a variant of Win32/Dialer.Q application (unable to clean) 00000000000000000000000000000000 I
K:\Downloads\ZIP\ExcelRecovery_v3[1].0.zip probably a variant of Win32/Agent.KQBXBMW trojan (unable to clean) 00000000000000000000000000000000 I
K:\Downloads\ZIP\grosse_pipe.exe probably a variant of Win32/Dialer.CDDial application (unable to clean) 00000000000000000000000000000000 I
K:\Downloads\ZIP\Undelete.exe a variant of Win32/Dialer.StarDialer application (unable to clean) 00000000000000000000000000000000 I
|
|
03.11.2012, 16:28
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | claro-search in Firefox und IE Vllt mal auf dei Pfade und Dateinamen achten?  Das sind im Grunde alles Dateien, die du selbst auf den Rechner runtergeladen hast wie zB Zitat:
 Finger weg von Softonic!!  Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller oder von Filepony aber nicht von solchen Toolbarklitschen wie Softonic!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu claro-search in Firefox und IE |
| anweisung, browser, claro-search, datenbank, defekt, deinstalliert, destroy, einfach, eingestellt, ergebnis, experten, firefox, gekillt, kaspersky, laufen, melde, neue, nicht mehr, seite, spybot, startseite, systemsteuerung, trotz, versucht, vorhanden, wahrscheinlich |
Linear-Darstellung
