Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Exploit Drop GS und trojaner.agent gefunden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.02.2013, 14:30   #1
FeKu
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Hallo an die Helfer,

bei einem Quick Scan mit Malwarebytes wurde eploitdropgs gefunden, nach einem vollständigen scan noch trojan.agent. Ich poste mal beide logfiles.

Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.21.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
FeKu :: FEKU-VAIO [Administrator]

Schutz: Aktiviert

21.02.2013 11:51:07
MBAM-log-2013-02-21 (12-06-33).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 212372
Laufzeit: 15 Minute(n),

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\FeKu\AppData\Local\Temp\roper0dun.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.

(Ende)


Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.21.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
FeKu :: FEKU-VAIO [Administrator]

Schutz: Aktiviert

21.02.2013 12:23:43
MBAM-log-2013-02-21 (13-50-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 406564
Laufzeit: 1 Stunde(n), 25 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\AeriaGames\Shaiya-DE\game.exe (Trojan.Agent) -> Keine Aktion durchgeführt.

(Ende)



Wäre nett, wenn ich nun von euch weitere Anweisungen bekomme.
Ich danke euch schon mal im Voraus.


LG FeKu

Alt 21.02.2013, 14:38   #2
markusg
/// Malware-holic
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 21.02.2013, 17:51   #3
FeKu
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Hi Markus

hier OTL.txt und Extras.txt im Anhang.

FeKu
__________________

Alt 21.02.2013, 19:28   #4
markusg
/// Malware-holic
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Hi,
otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-205 207 Series" /EF "HKCU" File not found
O4 - HKLM..\Run: []  File not found
:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 21.02.2013, 20:04   #5
FeKu
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Hi,

hier der Text:

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Overwolf deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EPLTarget\P0000000000000001 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: FeKu
->Temp folder emptied: 1327805364 bytes
->Temporary Internet Files folder emptied: 383751696 bytes
->Java cache emptied: 5977291 bytes
->FireFox cache emptied: 479791332 bytes
->Flash cache emptied: 191836 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 117802035 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 119620 bytes
RecycleBin emptied: 8308863494 bytes

Total Files Cleaned = 10.132,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02212013_195307

Files\Folders moved on Reboot...
C:\Users\FeKu\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

(Ende)

Danke.


Alt 21.02.2013, 20:05   #6
markusg
/// Malware-holic
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Exploit Drop GS und trojaner.agent gefunden

Alt 21.02.2013, 20:56   #7
FeKu
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Hi,

20:39:25.0727 5224 Scan started
20:39:25.0727 5224 Mode: Manual; SigCheck; TDLFS;
20:39:25.0727 5224 ============================================================
20:39:25.0945 5224 ================ Scan system memory ========================
20:39:25.0945 5224 System memory - ok
20:39:25.0945 5224 ================ Scan services =============================
20:39:26.0117 5224 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:39:26.0273 5224 1394ohci - ok
20:39:26.0398 5224 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
20:39:26.0429 5224 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
20:39:26.0476 5224 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:39:26.0554 5224 ACDaemon - ok
20:39:26.0601 5224 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:39:26.0616 5224 ACPI - ok
20:39:26.0632 5224 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:39:26.0710 5224 AcpiPmi - ok
20:39:26.0788 5224 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
20:39:26.0788 5224 AdobeActiveFileMonitor9.0 - ok
20:39:26.0850 5224 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:39:26.0866 5224 adp94xx - ok
20:39:26.0897 5224 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:39:26.0913 5224 adpahci - ok
20:39:26.0944 5224 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:39:26.0959 5224 adpu320 - ok
20:39:26.0991 5224 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:39:27.0162 5224 AeLookupSvc - ok
20:39:27.0225 5224 [ D5B031C308A409A0A576BFF4CF083D30 ] AFD C:\Windows\system32\drivers\afd.sys
20:39:27.0287 5224 AFD - ok
20:39:27.0318 5224 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:39:27.0334 5224 agp440 - ok
20:39:27.0365 5224 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:39:27.0443 5224 ALG - ok
20:39:27.0459 5224 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:39:27.0474 5224 aliide - ok
20:39:27.0521 5224 [ DC604B6A002D90B657E54EA6BD29601F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:39:27.0615 5224 AMD External Events Utility - ok
20:39:27.0646 5224 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:39:27.0661 5224 amdide - ok
20:39:27.0677 5224 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:39:27.0708 5224 AmdK8 - ok
20:39:27.0911 5224 [ 4FC4BEA9FAD50BE6EA73F2290A5DF4C3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:39:28.0145 5224 amdkmdag - ok
20:39:28.0176 5224 [ A182E7C06CA05AEDF016DCB5DF03CE79 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:39:28.0239 5224 amdkmdap - ok
20:39:28.0270 5224 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:39:28.0301 5224 AmdPPM - ok
20:39:28.0332 5224 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:39:28.0332 5224 amdsata - ok
20:39:28.0363 5224 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:39:28.0379 5224 amdsbs - ok
20:39:28.0379 5224 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:39:28.0395 5224 amdxata - ok
20:39:28.0457 5224 [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:39:28.0473 5224 AntiVirSchedulerService - ok
20:39:28.0520 5224 [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:39:28.0520 5224 AntiVirService - ok
20:39:28.0566 5224 [ D05B3EB1F1C8C7199D84C9D68D35FD78 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:39:28.0598 5224 AntiVirWebService - ok
20:39:28.0613 5224 [ 9DC1A45BA81C923DB68A162B0F0D0149 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys
20:39:28.0629 5224 ApfiltrService - ok
20:39:28.0644 5224 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:39:28.0800 5224 AppID - ok
20:39:28.0832 5224 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:39:28.0894 5224 AppIDSvc - ok
20:39:28.0910 5224 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:39:28.0972 5224 Appinfo - ok
20:39:29.0066 5224 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:39:29.0066 5224 Apple Mobile Device - ok
20:39:29.0097 5224 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:39:29.0112 5224 arc - ok
20:39:29.0128 5224 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:39:29.0144 5224 arcsas - ok
20:39:29.0159 5224 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:39:29.0175 5224 ArcSoftKsUFilter - ok
20:39:29.0253 5224 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:39:29.0253 5224 aspnet_state - ok
20:39:29.0268 5224 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:39:29.0331 5224 AsyncMac - ok
20:39:29.0362 5224 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:39:29.0378 5224 atapi - ok
20:39:29.0409 5224 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:39:29.0456 5224 athr - ok
20:39:29.0502 5224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:39:29.0580 5224 AudioEndpointBuilder - ok
20:39:29.0580 5224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:39:29.0627 5224 AudioSrv - ok
20:39:29.0674 5224 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:39:29.0674 5224 avgntflt - ok
20:39:29.0690 5224 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:39:29.0705 5224 avipbb - ok
20:39:29.0721 5224 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:39:29.0736 5224 avkmgr - ok
20:39:29.0768 5224 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:39:29.0861 5224 AxInstSV - ok
20:39:29.0892 5224 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:39:29.0970 5224 b06bdrv - ok
20:39:30.0048 5224 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:39:30.0080 5224 b57nd60a - ok
20:39:30.0142 5224 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:39:30.0158 5224 BBSvc - ok
20:39:30.0173 5224 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:39:30.0220 5224 BDESVC - ok
20:39:30.0236 5224 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:39:30.0298 5224 Beep - ok
20:39:30.0345 5224 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:39:30.0407 5224 BFE - ok
20:39:30.0438 5224 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:39:30.0501 5224 BITS - ok
20:39:30.0548 5224 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:39:30.0563 5224 blbdrive - ok
20:39:30.0641 5224 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:39:30.0657 5224 Bonjour Service - ok
20:39:30.0704 5224 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:39:30.0750 5224 bowser - ok
20:39:30.0782 5224 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:39:30.0813 5224 BrFiltLo - ok
20:39:30.0828 5224 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:39:30.0844 5224 BrFiltUp - ok
20:39:30.0875 5224 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
20:39:30.0922 5224 Browser - ok
20:39:30.0969 5224 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:39:31.0031 5224 Brserid - ok
20:39:31.0047 5224 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:39:31.0078 5224 BrSerWdm - ok
20:39:31.0094 5224 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:39:31.0140 5224 BrUsbMdm - ok
20:39:31.0156 5224 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:39:31.0203 5224 BrUsbSer - ok
20:39:31.0234 5224 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:39:31.0281 5224 BthEnum - ok
20:39:31.0296 5224 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:39:31.0343 5224 BTHMODEM - ok
20:39:31.0359 5224 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:39:31.0406 5224 BthPan - ok
20:39:31.0437 5224 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:39:31.0468 5224 BTHPORT - ok
20:39:31.0499 5224 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:39:31.0530 5224 bthserv - ok
20:39:31.0546 5224 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:39:31.0577 5224 BTHUSB - ok
20:39:31.0608 5224 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
20:39:31.0624 5224 btwampfl - ok
20:39:31.0640 5224 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:39:31.0655 5224 btwaudio - ok
20:39:31.0686 5224 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
20:39:31.0686 5224 btwavdt - ok
20:39:31.0733 5224 [ 692F8648D7686D91E34A65AC698019D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:39:31.0764 5224 btwdins - ok
20:39:31.0780 5224 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:39:31.0796 5224 btwl2cap - ok
20:39:31.0811 5224 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:39:31.0827 5224 btwrchid - ok
20:39:31.0842 5224 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:39:31.0889 5224 cdfs - ok
20:39:31.0920 5224 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:39:31.0936 5224 cdrom - ok
20:39:31.0952 5224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:39:32.0014 5224 CertPropSvc - ok
20:39:32.0045 5224 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:39:32.0076 5224 circlass - ok
20:39:32.0108 5224 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:39:32.0123 5224 CLFS - ok
20:39:32.0186 5224 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:39:32.0201 5224 clr_optimization_v2.0.50727_32 - ok
20:39:32.0217 5224 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:39:32.0232 5224 clr_optimization_v2.0.50727_64 - ok
20:39:32.0279 5224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:39:32.0295 5224 clr_optimization_v4.0.30319_32 - ok
20:39:32.0310 5224 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:39:32.0310 5224 clr_optimization_v4.0.30319_64 - ok
20:39:32.0326 5224 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:39:32.0357 5224 CmBatt - ok
20:39:32.0388 5224 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:39:32.0404 5224 cmdide - ok
20:39:32.0435 5224 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys
20:39:32.0451 5224 CNG - ok
20:39:32.0482 5224 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:39:32.0498 5224 Compbatt - ok
20:39:32.0529 5224 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:39:32.0560 5224 CompositeBus - ok
20:39:32.0560 5224 COMSysApp - ok
20:39:32.0591 5224 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:39:32.0607 5224 crcdisk - ok
20:39:32.0638 5224 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:39:32.0685 5224 CryptSvc - ok
20:39:32.0747 5224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:39:32.0810 5224 DcomLaunch - ok
20:39:32.0841 5224 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:39:32.0903 5224 defragsvc - ok
20:39:32.0934 5224 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:39:32.0997 5224 DfsC - ok
20:39:33.0012 5224 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:39:33.0075 5224 Dhcp - ok
20:39:33.0106 5224 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:39:33.0153 5224 discache - ok
20:39:33.0184 5224 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:39:33.0200 5224 Disk - ok
20:39:33.0246 5224 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:39:33.0293 5224 Dnscache - ok
20:39:33.0324 5224 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:39:33.0371 5224 dot3svc - ok
20:39:33.0387 5224 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:39:33.0449 5224 DPS - ok
20:39:33.0480 5224 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:39:33.0512 5224 drmkaud - ok
20:39:33.0543 5224 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:39:33.0574 5224 DXGKrnl - ok
20:39:33.0590 5224 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
20:39:33.0621 5224 e1yexpress - ok
20:39:33.0652 5224 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:39:33.0714 5224 EapHost - ok
20:39:33.0808 5224 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:39:33.0870 5224 ebdrv - ok
20:39:33.0886 5224 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
20:39:33.0933 5224 EFS - ok
20:39:33.0995 5224 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:39:34.0042 5224 ehRecvr - ok
20:39:34.0058 5224 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:39:34.0073 5224 ehSched - ok
20:39:34.0104 5224 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:39:34.0120 5224 elxstor - ok
20:39:34.0151 5224 [ 20ECD0A490A121CB34F553FAD1DBBD39 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe
20:39:34.0167 5224 EpsonScanSvc - ok
20:39:34.0198 5224 [ 2A60F7356E9149CF898A6232440F3738 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
20:39:34.0214 5224 EPSON_EB_RPCV4_04 - ok
20:39:34.0229 5224 [ 3F0C6F09DBDFA034865E560B7166690B ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
20:39:34.0245 5224 EPSON_PM_RPCV4_04 - ok
20:39:34.0276 5224 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:39:34.0307 5224 ErrDev - ok
20:39:34.0354 5224 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:39:34.0416 5224 EventSystem - ok
20:39:34.0510 5224 [ 7EE9F35BC1DD0CE1A4976032F9AC5162 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:39:34.0541 5224 EvtEng - ok
20:39:34.0572 5224 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:39:34.0619 5224 exfat - ok
20:39:34.0635 5224 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:39:34.0697 5224 fastfat - ok
20:39:34.0744 5224 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:39:34.0806 5224 Fax - ok
20:39:34.0806 5224 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:39:34.0853 5224 fdc - ok
20:39:34.0869 5224 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:39:34.0916 5224 fdPHost - ok
20:39:34.0931 5224 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:39:34.0978 5224 FDResPub - ok
20:39:34.0978 5224 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:39:34.0994 5224 FileInfo - ok
20:39:35.0025 5224 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:39:35.0087 5224 Filetrace - ok
20:39:35.0118 5224 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:39:35.0165 5224 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
20:39:35.0165 5224 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
20:39:35.0181 5224 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:39:35.0196 5224 flpydisk - ok
20:39:35.0228 5224 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:39:35.0243 5224 FltMgr - ok
20:39:35.0306 5224 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:39:35.0368 5224 FontCache - ok
20:39:35.0415 5224 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:39:35.0430 5224 FontCache3.0.0.0 - ok
20:39:35.0446 5224 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:39:35.0462 5224 FsDepends - ok
20:39:35.0493 5224 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:39:35.0493 5224 Fs_Rec - ok
20:39:35.0508 5224 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:39:35.0524 5224 fvevol - ok
20:39:35.0555 5224 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:39:35.0555 5224 gagp30kx - ok
20:39:35.0602 5224 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:39:35.0602 5224 GEARAspiWDM - ok
20:39:35.0649 5224 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:39:35.0696 5224 gpsvc - ok
20:39:35.0758 5224 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:39:35.0774 5224 gusvc - ok
20:39:35.0789 5224 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:39:35.0852 5224 hcw85cir - ok
20:39:35.0883 5224 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:39:35.0914 5224 HdAudAddService - ok
20:39:35.0945 5224 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:39:35.0976 5224 HDAudBus - ok
20:39:36.0008 5224 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:39:36.0054 5224 HidBatt - ok
20:39:36.0054 5224 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:39:36.0070 5224 HidBth - ok
20:39:36.0101 5224 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:39:36.0117 5224 HidIr - ok
20:39:36.0132 5224 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:39:36.0164 5224 hidserv - ok
20:39:36.0195 5224 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:39:36.0210 5224 HidUsb - ok
20:39:36.0242 5224 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:39:36.0304 5224 hkmsvc - ok
20:39:36.0320 5224 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:39:36.0366 5224 HomeGroupListener - ok
20:39:36.0398 5224 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:39:36.0429 5224 HomeGroupProvider - ok
20:39:36.0444 5224 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:39:36.0460 5224 HpSAMD - ok
20:39:36.0491 5224 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:39:36.0554 5224 HTTP - ok
20:39:36.0600 5224 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:39:36.0616 5224 hwpolicy - ok
20:39:36.0616 5224 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:39:36.0632 5224 i8042prt - ok
20:39:36.0663 5224 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:39:36.0678 5224 iaStor - ok
20:39:36.0725 5224 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:39:36.0725 5224 IAStorDataMgrSvc - ok
20:39:36.0756 5224 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:39:36.0772 5224 iaStorV - ok
20:39:36.0834 5224 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:39:36.0866 5224 idsvc - ok
20:39:36.0897 5224 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:39:36.0912 5224 iirsp - ok
20:39:36.0944 5224 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:39:37.0006 5224 IKEEXT - ok
20:39:37.0084 5224 [ CDB772F707AC24B43A20C821852CA61F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:39:37.0146 5224 IntcAzAudAddService - ok
20:39:37.0162 5224 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:39:37.0193 5224 IntcDAud - ok
20:39:37.0224 5224 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:39:37.0224 5224 intelide - ok
20:39:37.0490 5224 [ 33FAA40B288002C89529DBD14F3AB72C ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
20:39:37.0724 5224 intelkmd - ok
20:39:37.0770 5224 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:39:37.0786 5224 intelppm - ok
20:39:37.0802 5224 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:39:37.0864 5224 IPBusEnum - ok
20:39:37.0880 5224 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:39:37.0911 5224 IpFilterDriver - ok
20:39:37.0942 5224 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:39:38.0004 5224 iphlpsvc - ok
20:39:38.0020 5224 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:39:38.0067 5224 IPMIDRV - ok
20:39:38.0114 5224 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:39:38.0192 5224 IPNAT - ok
20:39:38.0238 5224 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:39:38.0270 5224 iPod Service - ok
20:39:38.0285 5224 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:39:38.0332 5224 IRENUM - ok
20:39:38.0348 5224 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:39:38.0363 5224 isapnp - ok
20:39:38.0379 5224 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:39:38.0394 5224 iScsiPrt - ok
20:39:38.0410 5224 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:39:38.0426 5224 kbdclass - ok
20:39:38.0426 5224 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:39:38.0457 5224 kbdhid - ok
20:39:38.0488 5224 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
20:39:38.0504 5224 KeyIso - ok
20:39:38.0519 5224 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:39:38.0535 5224 KSecDD - ok
20:39:38.0550 5224 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:39:38.0566 5224 KSecPkg - ok
20:39:38.0566 5224 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:39:38.0628 5224 ksthunk - ok
20:39:38.0660 5224 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:39:38.0706 5224 KtmRm - ok
20:39:38.0738 5224 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:39:38.0800 5224 LanmanServer - ok
20:39:38.0816 5224 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:39:38.0862 5224 LanmanWorkstation - ok
20:39:38.0894 5224 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:39:38.0940 5224 lltdio - ok
20:39:38.0972 5224 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:39:39.0050 5224 lltdsvc - ok
20:39:39.0065 5224 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:39:39.0112 5224 lmhosts - ok
20:39:39.0143 5224 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:39:39.0159 5224 LMS - ok
20:39:39.0174 5224 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:39:39.0190 5224 LSI_FC - ok
20:39:39.0221 5224 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:39:39.0237 5224 LSI_SAS - ok
20:39:39.0237 5224 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:39:39.0252 5224 LSI_SAS2 - ok
20:39:39.0268 5224 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:39:39.0268 5224 LSI_SCSI - ok
20:39:39.0284 5224 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:39:39.0346 5224 luafv - ok
20:39:39.0377 5224 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:39:39.0393 5224 MBAMProtector - ok
20:39:39.0408 5224 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:39:39.0424 5224 MBAMScheduler - ok
20:39:39.0455 5224 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:39:39.0471 5224 MBAMService - ok
20:39:39.0549 5224 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
20:39:39.0564 5224 McComponentHostService - ok
20:39:39.0611 5224 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
20:39:39.0627 5224 McShield - ok
20:39:39.0642 5224 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:39:39.0674 5224 Mcx2Svc - ok
20:39:39.0705 5224 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:39:39.0720 5224 megasas - ok
20:39:39.0752 5224 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:39:39.0767 5224 MegaSR - ok
20:39:39.0798 5224 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
20:39:39.0814 5224 MEIx64 - ok
20:39:39.0830 5224 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
20:39:39.0845 5224 mfeapfk - ok
20:39:39.0876 5224 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
20:39:39.0892 5224 mfeavfk - ok
20:39:39.0923 5224 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:39:39.0939 5224 mfefire - ok
20:39:39.0954 5224 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
20:39:39.0986 5224 mfefirek - ok
20:39:40.0017 5224 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
20:39:40.0032 5224 mfehidk - ok
20:39:40.0048 5224 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
20:39:40.0064 5224 mferkdet - ok
20:39:40.0079 5224 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Windows\system32\mfevtps.exe
20:39:40.0095 5224 mfevtp - ok
20:39:40.0110 5224 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
20:39:40.0110 5224 mfewfpk - ok
20:39:40.0188 5224 Microsoft SharePoint Workspace Audit Service - ok
20:39:40.0204 5224 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:39:40.0266 5224 MMCSS - ok
20:39:40.0298 5224 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:39:40.0344 5224 Modem - ok
20:39:40.0376 5224 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:39:40.0407 5224 monitor - ok
20:39:40.0422 5224 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:39:40.0438 5224 mouclass - ok
20:39:40.0454 5224 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:39:40.0485 5224 mouhid - ok
20:39:40.0500 5224 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:39:40.0516 5224 mountmgr - ok
20:39:40.0563 5224 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:39:40.0563 5224 MozillaMaintenance - ok
20:39:40.0610 5224 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:39:40.0610 5224 mpio - ok
20:39:40.0641 5224 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:39:40.0672 5224 mpsdrv - ok
20:39:40.0719 5224 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:39:40.0766 5224 MpsSvc - ok
20:39:40.0781 5224 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:39:40.0812 5224 MRxDAV - ok
20:39:40.0844 5224 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:39:40.0890 5224 mrxsmb - ok
20:39:40.0922 5224 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:39:40.0937 5224 mrxsmb10 - ok
20:39:40.0937 5224 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:39:40.0953 5224 mrxsmb20 - ok
20:39:40.0984 5224 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:39:41.0000 5224 msahci - ok
20:39:41.0015 5224 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:39:41.0031 5224 msdsm - ok
20:39:41.0046 5224 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:39:41.0078 5224 MSDTC - ok
20:39:41.0093 5224 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:39:41.0156 5224 Msfs - ok
20:39:41.0187 5224 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:39:41.0249 5224 mshidkmdf - ok
20:39:41.0265 5224 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:39:41.0265 5224 msisadrv - ok
20:39:41.0296 5224 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:39:41.0343 5224 MSiSCSI - ok
20:39:41.0343 5224 msiserver - ok
20:39:41.0358 5224 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:39:41.0405 5224 MSKSSRV - ok
20:39:41.0436 5224 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:39:41.0483 5224 MSPCLOCK - ok
20:39:41.0514 5224 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:39:41.0561 5224 MSPQM - ok
20:39:41.0577 5224 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:39:41.0608 5224 MsRPC - ok
20:39:41.0624 5224 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:39:41.0639 5224 mssmbios - ok
20:39:41.0670 5224 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:39:41.0717 5224 MSTEE - ok
20:39:41.0748 5224 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:39:41.0764 5224 MTConfig - ok
20:39:41.0780 5224 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:39:41.0795 5224 Mup - ok
20:39:41.0826 5224 [ 0CF5580F27918FFD2E165ECAFA734103 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:39:41.0842 5224 MyWiFiDHCPDNS - ok
20:39:41.0873 5224 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:39:41.0936 5224 napagent - ok
20:39:41.0951 5224 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:39:41.0998 5224 NativeWifiP - ok
20:39:42.0045 5224 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:39:42.0060 5224 NDIS - ok
20:39:42.0092 5224 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:39:42.0154 5224 NdisCap - ok
20:39:42.0170 5224 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:39:42.0216 5224 NdisTapi - ok
20:39:42.0216 5224 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:39:42.0263 5224 Ndisuio - ok
20:39:42.0279 5224 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:39:42.0341 5224 NdisWan - ok
20:39:42.0357 5224 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:39:42.0388 5224 NDProxy - ok
20:39:42.0404 5224 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:39:42.0466 5224 NetBIOS - ok
20:39:42.0497 5224 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:39:42.0528 5224 NetBT - ok
20:39:42.0544 5224 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
20:39:42.0560 5224 Netlogon - ok
20:39:42.0591 5224 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:39:42.0653 5224 Netman - ok
20:39:42.0684 5224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:39:42.0700 5224 NetMsmqActivator - ok
20:39:42.0700 5224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:39:42.0716 5224 NetPipeActivator - ok
20:39:42.0731 5224 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:39:42.0794 5224 netprofm - ok
20:39:42.0794 5224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:39:42.0809 5224 NetTcpActivator - ok
20:39:42.0809 5224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:39:42.0825 5224 NetTcpPortSharing - ok
20:39:42.0981 5224 [ B9C587BDAA61A689883439D5AE6FE7F3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
20:39:43.0121 5224 NETwNs64 - ok
20:39:43.0152 5224 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:39:43.0168 5224 nfrd960 - ok
20:39:43.0215 5224 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:39:43.0277 5224 NlaSvc - ok
20:39:43.0308 5224 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:39:43.0340 5224 Npfs - ok
20:39:43.0355 5224 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:39:43.0402 5224 nsi - ok
20:39:43.0418 5224 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:39:43.0480 5224 nsiproxy - ok
20:39:43.0542 5224 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:39:43.0589 5224 Ntfs - ok
20:39:43.0605 5224 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:39:43.0667 5224 Null - ok
20:39:43.0698 5224 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
20:39:43.0714 5224 nusb3hub - ok
20:39:43.0730 5224 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
20:39:43.0776 5224 nusb3xhc - ok
20:39:44.0010 5224 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:39:44.0198 5224 nvlddmkm - ok
20:39:44.0244 5224 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:39:44.0260 5224 nvraid - ok
20:39:44.0276 5224 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:39:44.0291 5224 nvstor - ok
20:39:44.0322 5224 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:39:44.0322 5224 nv_agp - ok
20:39:44.0354 5224 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:39:44.0385 5224 ohci1394 - ok
20:39:44.0447 5224 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:39:44.0463 5224 ose - ok
20:39:44.0603 5224 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:39:44.0697 5224 osppsvc - ok
20:39:44.0728 5224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:39:44.0775 5224 p2pimsvc - ok
20:39:44.0806 5224 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:39:44.0822 5224 p2psvc - ok
20:39:44.0853 5224 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:39:44.0868 5224 Parport - ok
20:39:44.0868 5224 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:39:44.0884 5224 partmgr - ok
20:39:44.0915 5224 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:39:44.0962 5224 PcaSvc - ok
20:39:44.0978 5224 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:39:44.0993 5224 pci - ok
20:39:45.0009 5224 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:39:45.0009 5224 pciide - ok
20:39:45.0024 5224 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:39:45.0040 5224 pcmcia - ok
20:39:45.0056 5224 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:39:45.0071 5224 pcw - ok
20:39:45.0102 5224 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:39:45.0165 5224 PEAUTH - ok
20:39:45.0570 5224 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:39:45.0602 5224 PerfHost - ok
20:39:45.0758 5224 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:39:45.0820 5224 pla - ok
20:39:45.0867 5224 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:39:45.0914 5224 PlugPlay - ok
20:39:45.0992 5224 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
20:39:46.0007 5224 PMBDeviceInfoProvider - ok
20:39:46.0038 5224 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:39:46.0070 5224 PNRPAutoReg - ok
20:39:46.0085 5224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:39:46.0116 5224 PNRPsvc - ok
20:39:46.0179 5224 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:39:46.0257 5224 PolicyAgent - ok
20:39:46.0288 5224 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:39:46.0350 5224 Power - ok
20:39:46.0397 5224 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:39:46.0460 5224 PptpMiniport - ok
20:39:46.0491 5224 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:39:46.0522 5224 Processor - ok
20:39:46.0569 5224 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
20:39:46.0631 5224 ProfSvc - ok
20:39:46.0662 5224 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
20:39:46.0678 5224 ProtectedStorage - ok
20:39:46.0709 5224 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:39:46.0756 5224 Psched - ok
20:39:46.0787 5224 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:39:46.0803 5224 PxHlpa64 - ok
20:39:46.0850 5224 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:39:46.0881 5224 ql2300 - ok
20:39:46.0912 5224 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:39:46.0928 5224 ql40xx - ok
20:39:46.0943 5224 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:39:46.0974 5224 QWAVE - ok
20:39:47.0006 5224 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:39:47.0052 5224 QWAVEdrv - ok
20:39:47.0068 5224 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:39:47.0099 5224 RasAcd - ok
20:39:47.0130 5224 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:39:47.0162 5224 RasAgileVpn - ok
20:39:47.0193 5224 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:39:47.0255 5224 RasAuto - ok
20:39:47.0271 5224 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:39:47.0333 5224 Rasl2tp - ok
20:39:47.0364 5224 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:39:47.0396 5224 RasMan - ok
20:39:47.0411 5224 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:39:47.0474 5224 RasPppoe - ok
20:39:47.0489 5224 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:39:47.0552 5224 RasSstp - ok
20:39:47.0567 5224 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:39:47.0614 5224 rdbss - ok
20:39:47.0630 5224 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:39:47.0661 5224 rdpbus - ok
20:39:47.0692 5224 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:39:47.0723 5224 RDPCDD - ok
20:39:47.0739 5224 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:39:47.0786 5224 RDPENCDD - ok
20:39:47.0801 5224 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:39:47.0832 5224 RDPREFMP - ok
20:39:47.0864 5224 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:39:47.0895 5224 RDPWD - ok
20:39:47.0910 5224 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:39:47.0926 5224 rdyboost - ok
20:39:48.0020 5224 [ AA9FD849C028CCB441A78061B57DB734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:39:48.0035 5224 RegSrvc - ok
20:39:48.0066 5224 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:39:48.0129 5224 RemoteAccess - ok
20:39:48.0144 5224 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:39:48.0207 5224 RemoteRegistry - ok
20:39:48.0238 5224 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:39:48.0269 5224 RFCOMM - ok
20:39:48.0285 5224 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:39:48.0347 5224 RpcEptMapper - ok
20:39:48.0378 5224 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:39:48.0410 5224 RpcLocator - ok
20:39:48.0441 5224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:39:48.0488 5224 RpcSs - ok
20:39:48.0519 5224 [ CA327A84085F68200452E6761F943298 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:39:48.0534 5224 RSPCIESTOR - ok
20:39:48.0566 5224 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:39:48.0612 5224 rspndr - ok
20:39:48.0628 5224 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:39:48.0644 5224 RTL8167 - ok
20:39:48.0659 5224 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
20:39:48.0675 5224 SamSs - ok
20:39:48.0690 5224 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:39:48.0706 5224 sbp2port - ok
20:39:48.0722 5224 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:39:48.0768 5224 SCardSvr - ok
20:39:48.0800 5224 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:39:48.0846 5224 scfilter - ok
20:39:48.0893 5224 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:39:48.0940 5224 Schedule - ok
20:39:48.0956 5224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:39:49.0002 5224 SCPolicySvc - ok
20:39:49.0018 5224 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:39:49.0065 5224 sdbus - ok
20:39:49.0096 5224 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:39:49.0158 5224 SDRSVC - ok
20:39:49.0205 5224 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:39:49.0221 5224 SeaPort - ok
20:39:49.0236 5224 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:39:49.0299 5224 secdrv - ok
20:39:49.0330 5224 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:39:49.0377 5224 seclogon - ok
20:39:49.0392 5224 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:39:49.0439 5224 SENS - ok
20:39:49.0455 5224 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:39:49.0502 5224 SensrSvc - ok
20:39:49.0533 5224 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:39:49.0564 5224 Serenum - ok
20:39:49.0595 5224 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:39:49.0626 5224 Serial - ok
20:39:49.0658 5224 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:39:49.0673 5224 sermouse - ok
20:39:49.0704 5224 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:39:49.0767 5224 SessionEnv - ok
20:39:49.0798 5224 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys
20:39:49.0829 5224 SFEP - ok
20:39:49.0860 5224 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:39:49.0892 5224 sffdisk - ok
20:39:49.0907 5224 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:39:49.0938 5224 sffp_mmc - ok
20:39:49.0954 5224 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:39:49.0985 5224 sffp_sd - ok
20:39:50.0016 5224 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:39:50.0048 5224 sfloppy - ok
20:39:50.0094 5224 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:39:50.0141 5224 SharedAccess - ok
20:39:50.0188 5224 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:39:50.0250 5224 ShellHWDetection - ok
20:39:50.0266 5224 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:39:50.0282 5224 SiSRaid2 - ok
20:39:50.0313 5224 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:39:50.0313 5224 SiSRaid4 - ok
20:39:50.0328 5224 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:39:50.0375 5224 Smb - ok
20:39:50.0422 5224 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:39:50.0453 5224 SNMPTRAP - ok
20:39:50.0516 5224 [ DDF2EC98AF6FC70608A4F9CE4DB52758 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
20:39:50.0531 5224 SOHCImp - ok
20:39:50.0547 5224 [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
20:39:50.0547 5224 SOHDs - ok
20:39:50.0578 5224 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
20:39:50.0594 5224 SpfService - ok
20:39:50.0609 5224 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:39:50.0609 5224 spldr - ok
20:39:50.0656 5224 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
20:39:50.0703 5224 Spooler - ok
20:39:50.0781 5224 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:39:50.0874 5224 sppsvc - ok
20:39:50.0890 5224 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:39:50.0937 5224 sppuinotify - ok
20:39:50.0968 5224 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:39:51.0030 5224 srv - ok
20:39:51.0046 5224 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:39:51.0077 5224 srv2 - ok
20:39:51.0124 5224 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:39:51.0140 5224 srvnet - ok
20:39:51.0155 5224 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:39:51.0202 5224 SSDPSRV - ok
20:39:51.0218 5224 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:39:51.0264 5224 SstpSvc - ok
20:39:51.0280 5224 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:39:51.0296 5224 stexstor - ok
20:39:51.0311 5224 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:39:51.0358 5224 stisvc - ok
20:39:51.0389 5224 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:39:51.0389 5224 swenum - ok
20:39:51.0420 5224 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:39:51.0483 5224 swprv - ok
20:39:51.0545 5224 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:39:51.0608 5224 SysMain - ok
20:39:51.0654 5224 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:39:51.0670 5224 TabletInputService - ok
20:39:51.0701 5224 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:39:51.0732 5224 TapiSrv - ok
20:39:51.0748 5224 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:39:51.0795 5224 TBS - ok
20:39:51.0857 5224 [ F0E98C00A09FDF791525829A1D14240F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:39:51.0888 5224 Tcpip - ok
20:39:51.0935 5224 [ F0E98C00A09FDF791525829A1D14240F ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:39:51.0966 5224 TCPIP6 - ok
20:39:51.0998 5224 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:39:52.0060 5224 tcpipreg - ok
20:39:52.0076 5224 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:39:52.0122 5224 TDPIPE - ok
20:39:52.0138 5224 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:39:52.0169 5224 TDTCP - ok
20:39:52.0200 5224 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:39:52.0247 5224 tdx - ok
20:39:52.0278 5224 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:39:52.0294 5224 TermDD - ok
20:39:52.0325 5224 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:39:52.0388 5224 TermService - ok
20:39:52.0403 5224 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:39:52.0434 5224 Themes - ok
20:39:52.0450 5224 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:39:52.0481 5224 THREADORDER - ok
20:39:52.0512 5224 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:39:52.0559 5224 TrkWks - ok
20:39:52.0606 5224 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:39:52.0668 5224 TrustedInstaller - ok
20:39:52.0684 5224 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:39:52.0731 5224 tssecsrv - ok
20:39:52.0762 5224 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:39:52.0809 5224 TsUsbFlt - ok
20:39:52.0840 5224 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:39:52.0871 5224 TsUsbGD - ok
20:39:52.0887 5224 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:39:52.0949 5224 tunnel - ok
20:39:52.0965 5224 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:39:52.0980 5224 uagp35 - ok
20:39:53.0027 5224 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
20:39:53.0043 5224 uCamMonitor - ok
20:39:53.0058 5224 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:39:53.0121 5224 udfs - ok
20:39:53.0152 5224 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:39:53.0199 5224 UI0Detect - ok
20:39:53.0230 5224 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:39:53.0230 5224 uliagpkx - ok
20:39:53.0246 5224 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:39:53.0277 5224 umbus - ok
20:39:53.0324 5224 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:39:53.0355 5224 UmPass - ok
20:39:53.0464 5224 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:39:53.0511 5224 UNS - ok
20:39:53.0526 5224 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:39:53.0604 5224 upnphost - ok
20:39:53.0636 5224 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:39:53.0682 5224 USBAAPL64 - ok
20:39:53.0714 5224 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:39:53.0745 5224 usbccgp - ok
20:39:53.0760 5224 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:39:53.0776 5224 usbcir - ok
20:39:53.0776 5224 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:39:53.0807 5224 usbehci - ok
20:39:53.0838 5224 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:39:53.0870 5224 usbhub - ok
20:39:53.0901 5224 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:39:53.0916 5224 usbohci - ok
20:39:53.0948 5224 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:39:53.0994 5224 usbprint - ok
20:39:54.0026 5224 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:39:54.0041 5224 usbscan - ok
20:39:54.0057 5224 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:39:54.0104 5224 USBSTOR - ok
20:39:54.0135 5224 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:39:54.0166 5224 usbuhci - ok
20:39:54.0228 5224 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:39:54.0338 5224 usbvideo - ok
20:39:54.0369 5224 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:39:54.0431 5224 UxSms - ok
20:39:54.0478 5224 [ DCB1F83AD167D16D263CE57C94E9EEDF ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
20:39:54.0478 5224 VAIO Event Service - ok
20:39:54.0556 5224 [ EF7CF87F940F9104A3079F839BDC60C5 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
20:39:54.0572 5224 VAIO Power Management - ok
20:39:54.0587 5224 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
20:39:54.0603 5224 VaultSvc - ok
20:39:54.0665 5224 [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:39:54.0696 5224 VCFw - ok
20:39:54.0728 5224 [ 4B7ED2D6F738219068361BB14D19CBDE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
20:39:54.0759 5224 VcmIAlzMgr - ok
20:39:54.0790 5224 [ 2F06D134554BA84FE253DBC481DCFE6D ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
20:39:54.0806 5224 VcmINSMgr - ok
20:39:54.0837 5224 [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
20:39:54.0852 5224 VcmXmlIfHelper - ok
20:39:54.0899 5224 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
20:39:54.0915 5224 VCService - ok
20:39:54.0930 5224 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:39:54.0946 5224 vdrvroot - ok
20:39:54.0977 5224 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:39:55.0040 5224 vds - ok
20:39:55.0055 5224 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:39:55.0071 5224 vga - ok
20:39:55.0086 5224 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:39:55.0149 5224 VgaSave - ok
20:39:55.0180 5224 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:39:55.0180 5224 vhdmp - ok
20:39:55.0211 5224 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:39:55.0211 5224 viaide - ok
20:39:55.0242 5224 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:39:55.0258 5224 volmgr - ok
20:39:55.0274 5224 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:39:55.0289 5224 volmgrx - ok
20:39:55.0305 5224 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:39:55.0336 5224 volsnap - ok
20:39:55.0336 5224 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:39:55.0352 5224 vsmraid - ok
20:39:55.0445 5224 [ 0ED394BFBA3EB4740F063E0BA5EC7104 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
20:39:55.0476 5224 VSNService - ok
20:39:55.0539 5224 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:39:55.0617 5224 VSS - ok
20:39:55.0695 5224 [ D62D16E057BE87F5B84A54D1B83822C4 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
20:39:55.0726 5224 VUAgent - ok
20:39:55.0757 5224 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:39:55.0788 5224 vwifibus - ok
20:39:55.0804 5224 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:39:55.0835 5224 vwififlt - ok
20:39:55.0851 5224 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:39:55.0898 5224 vwifimp - ok
20:39:55.0913 5224 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:39:55.0960 5224 W32Time - ok
20:39:55.0991 5224 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:39:56.0022 5224 WacomPen - ok
20:39:56.0054 5224 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:39:56.0100 5224 WANARP - ok
20:39:56.0100 5224 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:39:56.0147 5224 Wanarpv6 - ok
20:39:56.0194 5224 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:39:56.0225 5224 WatAdminSvc - ok
20:39:56.0272 5224 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:39:56.0350 5224 wbengine - ok
20:39:56.0381 5224 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:39:56.0412 5224 WbioSrvc - ok
20:39:56.0428 5224 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:39:56.0475 5224 wcncsvc - ok
20:39:56.0490 5224 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:39:56.0537 5224 WcsPlugInService - ok
20:39:56.0553 5224 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:39:56.0568 5224 Wd - ok
20:39:56.0600 5224 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:39:56.0615 5224 Wdf01000 - ok
20:39:56.0646 5224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:39:56.0740 5224 WdiServiceHost - ok
20:39:56.0740 5224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:39:56.0756 5224 WdiSystemHost - ok
20:39:56.0802 5224 [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
20:39:56.0818 5224 wdkmd - ok
20:39:56.0834 5224 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:39:56.0880 5224 WebClient - ok
20:39:56.0912 5224 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:39:56.0974 5224 Wecsvc - ok
20:39:56.0990 5224 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:39:57.0036 5224 wercplsupport - ok
20:39:57.0052 5224 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:39:57.0083 5224 WerSvc - ok
20:39:57.0114 5224 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:39:57.0146 5224 WfpLwf - ok
20:39:57.0161 5224 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:39:57.0177 5224 WIMMount - ok
20:39:57.0192 5224 WinDefend - ok
20:39:57.0192 5224 WinHttpAutoProxySvc - ok
20:39:57.0255 5224 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:39:57.0286 5224 Winmgmt - ok
20:39:57.0348 5224 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:39:57.0411 5224 WinRM - ok
20:39:57.0442 5224 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:39:57.0473 5224 WinUsb - ok
20:39:57.0520 5224 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:39:57.0567 5224 Wlansvc - ok
20:39:57.0614 5224 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:39:57.0629 5224 wlcrasvc - ok
20:39:57.0723 5224 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:39:57.0770 5224 wlidsvc - ok
20:39:57.0801 5224 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:39:57.0832 5224 WmiAcpi - ok
20:39:57.0863 5224 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:39:57.0894 5224 wmiApSrv - ok
20:39:57.0926 5224 WMPNetworkSvc - ok
20:39:57.0957 5224 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:39:57.0988 5224 WPCSvc - ok
20:39:57.0988 5224 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:39:58.0004 5224 WPDBusEnum - ok
20:39:58.0035 5224 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:39:58.0066 5224 ws2ifsl - ok
20:39:58.0082 5224 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:39:58.0128 5224 wscsvc - ok
20:39:58.0160 5224 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
20:39:58.0175 5224 WSDPrintDevice - ok
20:39:58.0222 5224 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
20:39:58.0238 5224 WSDScan - ok
20:39:58.0238 5224 WSearch - ok
20:39:58.0331 5224 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:39:58.0378 5224 wuauserv - ok
20:39:58.0394 5224 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:39:58.0425 5224 WudfPf - ok
20:39:58.0440 5224 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:39:58.0503 5224 WUDFRd - ok
20:39:58.0534 5224 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:39:58.0581 5224 wudfsvc - ok
20:39:58.0596 5224 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:39:58.0643 5224 WwanSvc - ok
20:39:58.0659 5224 ================ Scan global ===============================
20:39:58.0674 5224 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:39:58.0721 5224 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:39:58.0721 5224 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:39:58.0737 5224 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:39:58.0768 5224 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:39:58.0768 5224 [Global] - ok
20:39:58.0768 5224 ================ Scan MBR ==================================
20:39:58.0784 5224 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:39:59.0080 5224 \Device\Harddisk0\DR0 - ok
20:39:59.0080 5224 ================ Scan VBR ==================================
20:39:59.0080 5224 [ 4C90D3521CB8F03FE79554736F85C8B7 ] \Device\Harddisk0\DR0\Partition1
20:39:59.0080 5224 \Device\Harddisk0\DR0\Partition1 - ok
20:39:59.0096 5224 [ 2543919218D276A862C5DE061DAA8E2E ] \Device\Harddisk0\DR0\Partition2
20:39:59.0096 5224 \Device\Harddisk0\DR0\Partition2 - ok
20:39:59.0127 5224 [ EC4EA366C3CEC583F9DF01101144C956 ] \Device\Harddisk0\DR0\Partition3
20:39:59.0127 5224 \Device\Harddisk0\DR0\Partition3 - ok
20:39:59.0127 5224 ============================================================
20:39:59.0127 5224 Scan finished
20:39:59.0127 5224 ============================================================
20:39:59.0127 6244 Detected object count: 1
20:39:59.0127 6244 Actual detected object count: 1
20:41:55.0615 6244 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:55.0615 6244 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

LG

Alt 22.02.2013, 14:31   #8
markusg
/// Malware-holic
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 22.02.2013, 20:02   #9
FeKu
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-22.01 - FeKu 22.02.2013  16:23:21.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4012.2026 [GMT 1:00]
ausgeführt von:: c:\users\FeKu\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-22 bis 2013-02-22  ))))))))))))))))))))))))))))))
.
.
2013-02-22 15:32 . 2013-02-22 15:32	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-21 18:53 . 2013-02-21 18:53	--------	d-----w-	C:\_OTL
2013-02-21 10:48 . 2013-02-21 10:48	--------	d-----w-	c:\users\FeKu\AppData\Roaming\Malwarebytes
2013-02-21 10:47 . 2013-02-21 10:47	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-21 10:47 . 2013-02-21 10:48	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-21 10:47 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-21 10:47 . 2013-02-21 10:47	--------	d-----w-	c:\users\FeKu\AppData\Local\Programs
2013-02-09 11:37 . 2013-02-09 11:37	--------	d-----w-	c:\users\Public\Sony Online Entertainment
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-15 09:25 . 2012-06-14 14:18	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-15 09:25 . 2011-12-02 03:44	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-14 11:53 . 2012-12-07 17:28	99912	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-12-14 11:53 . 2012-12-07 17:28	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-12-20 20:56	1521952	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\FeKu\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\FeKu\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\FeKu\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\FeKu\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-04-02 83344]
"VRLPHelper"="c:\program files (x86)\Sony\Media Gallery\VRLPHelper.exe" [2011-04-02 186768]
"Facebook Update"="c:\users\FeKu\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Spotify Web Helper"="c:\users\FeKu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-28 1199576]
"Akamai NetSession Interface"="c:\users\FeKu\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE" [2011-11-02 278112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-02-26 336384]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2010-09-23 38840]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"VAIO Boot Manager"="c:\program files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe" [2011-05-26 2104456]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"iTunesHelper"="d:\programme\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2011-10-31 1058400]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-12-20 1574176]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-02-12 385248]
.
c:\users\FeKu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\FeKu\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2011-04-06 344616]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-04-06 39464]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-07-17 106112]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-02-18 329832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-23 1255736]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-07-17 335784]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-08-26 204288]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-02-12 86752]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-02-12 565472]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-11-02 179296]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-11-02 151648]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe [2011-12-11 135824]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-07-17 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-07-17 177144]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-03-08 2656280]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2011-02-14 550080]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-02-18 546608]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-03-29 852160]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-04-06 317440]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-07-17 513456]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2011-02-23 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2011-02-23 181760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-30 425064]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]
S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 59354185
*Deregistered* - 59354185
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-31119644-2831033667-1578475259-1000Core.job
- c:\users\FeKu\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-24 13:39]
.
2013-02-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-31119644-2831033667-1578475259-1000UA.job
- c:\users\FeKu\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-24 13:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\FeKu\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\FeKu\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\FeKu\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\FeKu\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-23 11490408]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-02-23 2179688]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-09 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-09 416024]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.facemoods.com/?a=ddrnw
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
mSearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Free YouTube Download - c:\users\FeKu\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\FeKu\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - d:\programme\ICQ7.6\ICQ.exe
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\FeKu\AppData\Roaming\Mozilla\Firefox\Profiles\bs8f69bn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - ExtSQL: 2013-02-09 12:37; {000F1EA4-5E08-4564-A29B-29076F63A37A}; c:\users\FeKu\AppData\Roaming\Mozilla\Firefox\Profiles\bs8f69bn.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-{C0357E79-BAED-48F4-8AFE-A5E71AFC2658} - c:\program files (x86)\InstallShield Installation Information\{C0357E79-BAED-48F4-8AFE-A5E71AFC2658}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-22  16:35:14
ComboFix-quarantined-files.txt  2013-02-22 15:35
.
Vor Suchlauf: 17 Verzeichnis(se), 19.541.475.328 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 19.147.907.072 Bytes frei
.
- - End Of File - - 37336E269296462A37336208AB4C8081 [\code]
         
--- --- ---

Alt 22.02.2013, 20:06   #10
markusg
/// Malware-holic
 
Exploit Drop GS und trojaner.agent gefunden - Standard

Exploit Drop GS und trojaner.agent gefunden



Hi,
sieht gut aus.
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Exploit Drop GS und trojaner.agent gefunden
administrator, aktion, anti-malware, appdata, autostart, bösartige, dateien, exploit, explorer, helfer, malwarebytes, minute, poste, quick, registrierung, scan, service, speicher, temp, test, troja, trojaner.agent, users, version, verzeichnisse, vollständiger




Ähnliche Themen: Exploit Drop GS und trojaner.agent gefunden


  1. GVU Trojaner-Problem!(Exploit.Drop.GS;Exploit.drop.GSA;trojan.ransom.SUGen;--->Malwarebytes-Funde)
    Plagegeister aller Art und deren Bekämpfung - 02.03.2013 (6)
  2. TR/Drop.Agent.TF.2 Trojaner gefunden
    Plagegeister aller Art und deren Bekämpfung - 04.02.2013 (22)
  3. Malwarebytes hat Trojan.FakeMS, Exploit.Drop.GSA gefunden...:(
    Plagegeister aller Art und deren Bekämpfung - 06.01.2013 (18)
  4. Trojan.FakeMS / Trojan.Agent.ck / Exploit.Drop.GSA
    Plagegeister aller Art und deren Bekämpfung - 03.01.2013 (3)
  5. GVU Virus - runctf.lnk (im Autostart), wgsdgsdgdsgsd.dll (Exploit.Drop.GS), dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) und dsgsdgdsgdsgw.js
    Plagegeister aller Art und deren Bekämpfung - 02.01.2013 (3)
  6. GVU Trojaner (Exploit.drop.gsa)
    Plagegeister aller Art und deren Bekämpfung - 28.12.2012 (12)
  7. Mehrere Trojaner gefunden (Java/Exploit.Agent.NDM)
    Plagegeister aller Art und deren Bekämpfung - 18.12.2012 (7)
  8. GVU Trojaner und Exploit.Drop.GS
    Log-Analyse und Auswertung - 27.10.2012 (10)
  9. Exploit.Drop.UR2 gefunden
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (32)
  10. Exploit.drop.ur.2-BKA-Trojaner auf Windows 7
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (23)
  11. BKA Trojaner Windows 7 Exploit.Drop.UR.2
    Plagegeister aller Art und deren Bekämpfung - 22.08.2012 (15)
  12. EXP/CVE-2010-0840.HG(Exploit), EXP/JAVA.Ternub.Gen(Exploit) und TR/Agent.464.4(Trojaner) - nicht totzukriegen
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (12)
  13. Exploit.Drop - Trojaner
    Log-Analyse und Auswertung - 03.07.2012 (3)
  14. TR/Agent.379392.F, TR/Drop.Agent.dil, TR/Crypt.ZPACK.Gen2 bei AntiVir gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.12.2011 (43)
  15. 'EXP/Agent.AG' [exploit] gefunden
    Plagegeister aller Art und deren Bekämpfung - 24.09.2011 (33)
  16. Avira hat 'EXP/Agent.AG' [exploit]gefunden
    Plagegeister aller Art und deren Bekämpfung - 22.09.2011 (19)
  17. trojaner gefunden - TR/Drop.Agent.aokn.25
    Log-Analyse und Auswertung - 02.07.2009 (2)

Zum Thema Exploit Drop GS und trojaner.agent gefunden - Hallo an die Helfer, bei einem Quick Scan mit Malwarebytes wurde eploitdropgs gefunden, nach einem vollständigen scan noch trojan.agent. Ich poste mal beide logfiles. Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank - Exploit Drop GS und trojaner.agent gefunden...
Archiv
Du betrachtest: Exploit Drop GS und trojaner.agent gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.