| |
| |||||||
Log-Analyse und Auswertung: Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
16.04.2013, 09:46
| #1 |
 |  Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Hallo, ich hatte mir am 2. April das Schadprogramm (Trojaner?) AVASoft Professional Antivirus eingefangen. Ich habe meinen Rechner danach nach folgender Anleitung wieder bereinigt: hxxp://www.bleepingcomputer.com/virus-removal/remove-avasoft-professional-antivirus Mein Rechner Kennwort habe ich geändert. Ich bin selbstständig als Webdesigner. Einige meiner Kunden-FTP-Zugänge wurde gehackt, anscheinend aus Filezilla und Dreamweaver geklaut. Ich habe bereits alle FTP-Kennwörter geändert. Es wurde immer versucht die index-Dateien zu verändern. Jetzt muss ich natürlich wissen, woher diese Lücke kam, ob das von AVASoft war. Meinen Rechner werde ich neu formatieren, aber vorher will ich wissen, was passiert ist. Damit ich weiß, welchen Daten ich noch vertrauen kann. Ich bin gerne bereit für das Service in diesem Forum zu spenden :-). Meine Logs im Anhang. Username ist immer durch "zwitscher" ersetzt. Herzlichen Dank schon im Voraus! zwitscher |
|
16.04.2013, 12:47
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Hallo und
__________________ Zitat:
Zitat:
__________________ |
|
16.04.2013, 13:03
| #3 |
| | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Danke für die rasche Antwort!
__________________Ich habe keine IT-Abteilung und hatten den verlinkten Beitrag auch gelesen und dachte es reicht, wenn ich schreibe, dass ich gerne etwas spende! Ich habe kein Bankdaten meiner Kunden gespeichert, lediglich FTP-Zugänge und hier sind alle Kennwörter bereits geändert. Ich werde meinen Rechner neu aufsetzen, aber ich möchte trotzdem wissen, ob mein Rechner zur Zeit sauber ist oder nicht. Könnt Ihr bitte helfen? Danke. |
|
16.04.2013, 13:07
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Bedenkt jedoch, dass Logfiles viele heikle Informationen enthalten können ( Kundendaten, Bankdaten, etc ) sowie das Malware die Möglichkeit besitzt, diese auszuspähen und zu missbrauchen. Hier legen wir euch ein Formatieren und Neuaufsetzen nahe. Hast du das gelesen oder nicht? 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
16.04.2013, 13:26
| #5 |
| | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Ja, danke für den Hinweis. Ich hatte es gelesen. Ich habe mir die Logfiles auch durchgeschaut, gelesen (soferne möglich), durchsucht,... und keine einträge gefunden, die auf Kundendaten schließen, weder auf Verzeichnisse noch Dateien. Insoferne habe ich es als sicher befunden, die Logfiles hier zu posten. Ich habe den Trojaner innerhalb von einer Stunde wieder von meinem Rechner entfernt, das war am 2.4. Ich wollte jetzt einfach nur wissen, ob mein Rechner seither sauber war, soferne man das sagen kann. Ich bereite schon alles für die Neuinstallation vor, aber wenn ich weiß, dass er jetzt auch noch nicht sicher ist, muss ich noch einen Schritt weiter zurückgehen. Ich versuche einfach gerade das Ausmaß des Schadens festzustellen. Selbst wenn ich den Rechner neu formatiere und dann meine Daten wieder auf den neuinstallierten Rechner kopiere, muss ich doch wissen, ob ich diese sauber sind, oder verstehe ich das falsch? Ich habe leider gerade niemanden vor Ort in der Nähe, der mir technisch helfen kann... |
|
16.04.2013, 13:54
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Hast du noch weitere Logs (mit Funden)? Ist dein Virenscanner jemals fündig geworden? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? |
|
16.04.2013, 14:29
| #7 |
| | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Mein Virenscanner (Avira) ist nicht fündig geworden. Aber wenn man auf eine (über meinen Zugang)-versuchte Webseite geht, dann findet er: HTML/Infected.WebPage.Gen3 MalawareBytes Log vom 1.4. (mit dem Fund) Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.04.01.08 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 zwitscher :: zwitscher-LAPTOP [Administrator] 01.04.2013 23:17:19 mbam-log-2013-04-01 (23-17-19).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 1110857 Laufzeit: 28 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|8211D624B3EA151200008211541B1CCF (Trojan.Agent.124Gen) -> Daten: C:\ProgramData\8211D624B3EA151200008211541B1CCF\8211D624B3EA151200008211541B1CCF.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\Users\zwitscher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVASoft Professional Antivirus (Rogue.AVASoftPAV) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 5 C:\ProgramData\8211D624B3EA151200008211541B1CCF\8211D624B3EA151200008211541B1CCF.exe (Trojan.Agent.124Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\zwitscher\AppData\Local\Temp\AEAB.tmp (Trojan.Agent.124Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\zwitscher\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\74a1b418-3b9949d4 (Trojan.Ransom.ED) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\zwitscher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVASoft Professional Antivirus\AVASoft Professional Antivirus.lnk (Rogue.AVASoftPAV) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\zwitscher\Desktop\AVASoft Professional Antivirus.lnk (Rogue.AVASoftPAV) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.04.01.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 zwitscher :: zwitscher-LAPTOP [Administrator] 03.04.2013 01:18:35 mbam-log-2013-04-03 (01-18-35).txt Art des Suchlaufs: Benutzerdefinierter Suchlauf (C:\xampp\htdocs\eutonia.at\werte_check|) Aktivierte Suchlaufeinstellungen: Dateisystem | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Heuristiks/Extra | P2P Durchsuchte Objekte: 36 Laufzeit: 4 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Rkill 2.4.7 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
hxxp://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 04/01/2013 11:13:53 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]
Backup Registry file created at:
C:\Users\zwitscher\Desktop\rkill\rkill-04-01-2013-11-13-54.reg
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* COM+-Ereignissystem (EventSystem) is not Running.
Startup Type set to: Automatic
* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual
* Sicherheitscenter (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)
* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)
* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 04/01/2013 11:13:58 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
danke! |
|
16.04.2013, 14:58
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2013, 20:16
| #9 |
| | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Beim Starten von Malwarebytes Anti-Rootkit BETA bekomme ich folgende Abfrage (siehe Abfrage). Zuerst habe ich "no" geclickt, dann kam eine Abfrage, dass ich das MBAR updaten muss, dann ist nichts mehr passiert. Ich habe MBAR.exe noch einmal gestartet und bei der Abfrage auf "yes" geklickt. Dann kam auch die Update-Frage. Habe ich dann neu heruntergeladen und gestartet. Hier das Log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.04.16.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
zwitscher :: zwitscher-LAPTOP [administrator]
16.04.2013 21:07:28
mbar-log-2013-04-16 (21-07-28).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 33048
Time elapsed: 14 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
16.04.2013, 21:28
| #10 |
| | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? asw MBR Log Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-16 21:18:31
-----------------------------
21:18:31.779 OS Version: Windows x64 6.1.7601 Service Pack 1
21:18:31.789 Number of processors: 4 586 0x2A07
21:18:31.789 ComputerName: zwitscher-LAPTOP UserName: zwitscher
21:18:32.259 Initialize success
21:28:34.370 AVAST engine defs: 13041601
21:29:13.670 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:29:13.686 Disk 0 Vendor: SAMSUNG_ CXM0 Size: 244198MB BusType: 8
21:29:13.701 Disk 0 MBR read successfully
21:29:13.701 Disk 0 MBR scan
21:29:13.701 Disk 0 Windows VISTA default MBR code
21:29:13.701 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
21:29:13.717 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11968 MB offset 81920
21:29:13.717 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 232188 MB offset 24592384
21:29:13.732 Disk 0 scanning C:\Windows\system32\drivers
21:29:17.929 Service scanning
21:29:28.162 Modules scanning
21:29:28.178 Disk 0 trace - called modules:
21:29:28.178 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:29:28.693 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005d76060]
21:29:28.693 3 CLASSPNP.SYS[fffff88000db143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b7d050]
21:29:29.239 AVAST engine scan C:\Windows
21:29:30.003 AVAST engine scan C:\Windows\system32
21:31:11.528 AVAST engine scan C:\Windows\system32\drivers
21:31:17.207 AVAST engine scan C:\Users\zwitscher
22:16:52.835 AVAST engine scan C:\ProgramData
22:23:27.095 Scan finished successfully
22:25:46.684 Disk 0 MBR has been saved successfully to "C:\Users\zwitscher\Desktop\MBR.dat"
22:25:46.684 The log file has been saved successfully to "C:\Users\zwitscher\Desktop\aswMBR.txt"
Code:
ATTFilter 22:30:23.0888 4304 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:30:24.0008 4304 ============================================================
22:30:24.0008 4304 Current date / time: 2013/04/16 22:30:24.0008
22:30:24.0008 4304 SystemInfo:
22:30:24.0008 4304
22:30:24.0008 4304 OS Version: 6.1.7601 ServicePack: 1.0
22:30:24.0008 4304 Product type: Workstation
22:30:24.0008 4304 ComputerName: zwitscher-LAPTOP
22:30:24.0008 4304 UserName: zwitscher
22:30:24.0008 4304 Windows directory: C:\Windows
22:30:24.0008 4304 System windows directory: C:\Windows
22:30:24.0008 4304 Running under WOW64
22:30:24.0008 4304 Processor architecture: Intel x64
22:30:24.0008 4304 Number of processors: 4
22:30:24.0008 4304 Page size: 0x1000
22:30:24.0008 4304 Boot type: Normal boot
22:30:24.0008 4304 ============================================================
22:30:24.0188 4304 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:30:24.0198 4304 Drive \Device\Harddisk1\DR1 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:30:24.0198 4304 ============================================================
22:30:24.0198 4304 \Device\Harddisk0\DR0:
22:30:24.0198 4304 MBR partitions:
22:30:24.0198 4304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1760000
22:30:24.0198 4304 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1774000, BlocksNum 0x1C57E000
22:30:24.0198 4304 \Device\Harddisk1\DR1:
22:30:24.0208 4304 MBR partitions:
22:30:24.0208 4304 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
22:30:24.0208 4304 ============================================================
22:30:24.0208 4304 C: <-> \Device\Harddisk0\DR0\Partition2
22:30:24.0688 4304 E: <-> \Device\Harddisk1\DR1\Partition1
22:30:24.0688 4304 ============================================================
22:30:24.0688 4304 Initialize success
22:30:24.0688 4304 ============================================================
22:30:59.0115 4168 ============================================================
22:30:59.0115 4168 Scan started
22:30:59.0115 4168 Mode: Manual; SigCheck; TDLFS;
22:30:59.0115 4168 ============================================================
22:30:59.0295 4168 ================ Scan system memory ========================
22:30:59.0295 4168 System memory - ok
22:30:59.0295 4168 ================ Scan services =============================
22:30:59.0355 4168 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:30:59.0425 4168 1394ohci - ok
22:30:59.0435 4168 [ 1575A815C27789061F34B4F55AE0B5C3 ] Acceler C:\Windows\system32\DRIVERS\accelern.sys
22:30:59.0445 4168 Acceler - ok
22:30:59.0455 4168 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:30:59.0465 4168 ACPI - ok
22:30:59.0465 4168 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:30:59.0485 4168 AcpiPmi - ok
22:30:59.0495 4168 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:30:59.0505 4168 AdobeARMservice - ok
22:30:59.0525 4168 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:30:59.0565 4168 AdobeFlashPlayerUpdateSvc - ok
22:30:59.0565 4168 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:30:59.0585 4168 adp94xx - ok
22:30:59.0595 4168 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:30:59.0605 4168 adpahci - ok
22:30:59.0605 4168 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:30:59.0615 4168 adpu320 - ok
22:30:59.0625 4168 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:30:59.0685 4168 AeLookupSvc - ok
22:30:59.0685 4168 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
22:30:59.0705 4168 AESTFilters - ok
22:30:59.0715 4168 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:30:59.0725 4168 AFD - ok
22:30:59.0735 4168 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:30:59.0745 4168 agp440 - ok
22:30:59.0745 4168 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:30:59.0765 4168 ALG - ok
22:30:59.0765 4168 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:30:59.0775 4168 aliide - ok
22:30:59.0775 4168 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:30:59.0785 4168 amdide - ok
22:30:59.0785 4168 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:30:59.0795 4168 AmdK8 - ok
22:30:59.0805 4168 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:30:59.0815 4168 AmdPPM - ok
22:30:59.0815 4168 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:30:59.0825 4168 amdsata - ok
22:30:59.0825 4168 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:30:59.0835 4168 amdsbs - ok
22:30:59.0845 4168 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:30:59.0855 4168 amdxata - ok
22:30:59.0865 4168 [ 76544F01FA0D79CE6F525B6EB475BEF9 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
22:30:59.0875 4168 AntiVirMailService - ok
22:30:59.0875 4168 [ 90C69DF5FB36F8B74109583652575BD3 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:30:59.0885 4168 AntiVirSchedulerService - ok
22:30:59.0895 4168 [ B6F85597831F63C27FD278F4E05C3020 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:30:59.0895 4168 AntiVirService - ok
22:30:59.0905 4168 [ 932B178CF3840CFC8B0051523F657A8A ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
22:30:59.0925 4168 AntiVirWebService - ok
22:30:59.0925 4168 [ 6D4CB1F46A0AC05326F834FD6B822479 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
22:30:59.0945 4168 ApfiltrService - ok
22:30:59.0945 4168 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:31:00.0005 4168 AppID - ok
22:31:00.0015 4168 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:31:00.0035 4168 AppIDSvc - ok
22:31:00.0045 4168 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:31:00.0065 4168 Appinfo - ok
22:31:00.0075 4168 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:31:00.0085 4168 Apple Mobile Device - ok
22:31:00.0095 4168 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:31:00.0105 4168 AppMgmt - ok
22:31:00.0105 4168 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:31:00.0115 4168 arc - ok
22:31:00.0125 4168 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:31:00.0135 4168 arcsas - ok
22:31:00.0145 4168 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:31:00.0155 4168 aspnet_state - ok
22:31:00.0155 4168 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:31:00.0185 4168 AsyncMac - ok
22:31:00.0185 4168 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:31:00.0195 4168 atapi - ok
22:31:00.0205 4168 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:31:00.0245 4168 AudioEndpointBuilder - ok
22:31:00.0255 4168 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:31:00.0285 4168 AudioSrv - ok
22:31:00.0295 4168 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:31:00.0305 4168 avgntflt - ok
22:31:00.0315 4168 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:31:00.0325 4168 avipbb - ok
22:31:00.0325 4168 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:31:00.0335 4168 avkmgr - ok
22:31:00.0345 4168 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:31:00.0365 4168 AxInstSV - ok
22:31:00.0375 4168 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:31:00.0395 4168 b06bdrv - ok
22:31:00.0405 4168 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:31:00.0415 4168 b57nd60a - ok
22:31:00.0425 4168 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:31:00.0435 4168 BBSvc - ok
22:31:00.0445 4168 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:31:00.0455 4168 BBUpdate - ok
22:31:00.0465 4168 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:31:00.0475 4168 BDESVC - ok
22:31:00.0475 4168 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:31:00.0515 4168 Beep - ok
22:31:00.0525 4168 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:31:00.0565 4168 BFE - ok
22:31:00.0575 4168 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:31:00.0605 4168 BITS - ok
22:31:00.0615 4168 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:31:00.0625 4168 blbdrive - ok
22:31:00.0625 4168 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:31:00.0635 4168 Bonjour Service - ok
22:31:00.0645 4168 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:31:00.0655 4168 bowser - ok
22:31:00.0655 4168 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:31:00.0665 4168 BrFiltLo - ok
22:31:00.0675 4168 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:31:00.0685 4168 BrFiltUp - ok
22:31:00.0685 4168 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:31:00.0695 4168 Browser - ok
22:31:00.0705 4168 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:31:00.0715 4168 Brserid - ok
22:31:00.0725 4168 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:31:00.0735 4168 BrSerWdm - ok
22:31:00.0735 4168 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:31:00.0745 4168 BrUsbMdm - ok
22:31:00.0755 4168 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:31:00.0765 4168 BrUsbSer - ok
22:31:00.0765 4168 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:31:00.0775 4168 BthEnum - ok
22:31:00.0775 4168 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:31:00.0795 4168 BTHMODEM - ok
22:31:00.0795 4168 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:31:00.0805 4168 BthPan - ok
22:31:00.0815 4168 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:31:00.0825 4168 BTHPORT - ok
22:31:00.0835 4168 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:31:00.0865 4168 bthserv - ok
22:31:00.0865 4168 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:31:00.0875 4168 BTHUSB - ok
22:31:00.0885 4168 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
22:31:00.0895 4168 BTWAMPFL - ok
22:31:00.0895 4168 [ 7CF028CE78696882B327FF13D2DFA534 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:31:00.0905 4168 btwaudio - ok
22:31:00.0905 4168 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
22:31:00.0915 4168 btwavdt - ok
22:31:00.0925 4168 [ CC9DAE7759AC2C0D19111C0D38DDD232 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:31:00.0945 4168 btwdins - ok
22:31:00.0955 4168 [ 9AD0FA253ED531D39FB2D74FE12A5FA9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:31:00.0955 4168 btwl2cap - ok
22:31:00.0965 4168 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:31:00.0965 4168 btwrchid - ok
22:31:00.0965 4168 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:31:00.0995 4168 cdfs - ok
22:31:01.0005 4168 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:31:01.0015 4168 cdrom - ok
22:31:01.0015 4168 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:31:01.0045 4168 CertPropSvc - ok
22:31:01.0045 4168 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:31:01.0065 4168 circlass - ok
22:31:01.0065 4168 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:31:01.0085 4168 CLFS - ok
22:31:01.0085 4168 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:31:01.0095 4168 clr_optimization_v2.0.50727_32 - ok
22:31:01.0105 4168 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:31:01.0115 4168 clr_optimization_v2.0.50727_64 - ok
22:31:01.0125 4168 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:31:01.0135 4168 clr_optimization_v4.0.30319_32 - ok
22:31:01.0135 4168 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:31:01.0145 4168 clr_optimization_v4.0.30319_64 - ok
22:31:01.0155 4168 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:31:01.0165 4168 CmBatt - ok
22:31:01.0165 4168 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:31:01.0175 4168 cmdide - ok
22:31:01.0175 4168 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:31:01.0195 4168 CNG - ok
22:31:01.0205 4168 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:31:01.0215 4168 Compbatt - ok
22:31:01.0215 4168 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:31:01.0225 4168 CompositeBus - ok
22:31:01.0225 4168 COMSysApp - ok
22:31:01.0235 4168 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:31:01.0245 4168 crcdisk - ok
22:31:01.0255 4168 [ D8E4F20BD26D8DCA4CB67A796D7EEC84 ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
22:31:01.0275 4168 Credential Vault Host Control Service - ok
22:31:01.0275 4168 [ EC31C9A4D1059E599DD1DBB50B84F278 ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
22:31:01.0285 4168 Credential Vault Host Storage - ok
22:31:01.0285 4168 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:31:01.0305 4168 CryptSvc - ok
22:31:01.0305 4168 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
22:31:01.0325 4168 CSC - ok
22:31:01.0335 4168 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
22:31:01.0345 4168 CscService - ok
22:31:01.0355 4168 [ 8CE04A5BDD2CE6E62CE02A1C27093104 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
22:31:01.0365 4168 CtClsFlt - ok
22:31:01.0365 4168 [ AFD403048B1753EB4225CA476F663350 ] cvusbdrv C:\Windows\system32\Drivers\cvusbdrv.sys
22:31:01.0375 4168 cvusbdrv - ok
22:31:01.0375 4168 [ 0FEF994D890C92D8F23442BC52D4FEA9 ] d554gps C:\Windows\system32\DRIVERS\d554gps64.sys
22:31:01.0385 4168 d554gps - ok
22:31:01.0395 4168 [ 95DA07E4859396912D8E5630DA5A9324 ] d554scard C:\Windows\system32\DRIVERS\d554scard.sys
22:31:01.0395 4168 d554scard - ok
22:31:01.0405 4168 [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
22:31:01.0415 4168 dc3d - ok
22:31:01.0415 4168 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:31:01.0445 4168 DcomLaunch - ok
22:31:01.0455 4168 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:31:01.0485 4168 defragsvc - ok
22:31:01.0505 4168 [ B85201F1AAE97CD58FDE0DB18120F924 ] DFEPService c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
22:31:01.0545 4168 DFEPService - ok
22:31:01.0545 4168 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:31:01.0575 4168 DfsC - ok
22:31:01.0575 4168 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
22:31:01.0585 4168 DgiVecp - ok
22:31:01.0595 4168 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:31:01.0605 4168 Dhcp - ok
22:31:01.0605 4168 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:31:01.0635 4168 discache - ok
22:31:01.0635 4168 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:31:01.0645 4168 Disk - ok
22:31:01.0655 4168 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:31:01.0665 4168 dmvsc - ok
22:31:01.0665 4168 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:31:01.0675 4168 Dnscache - ok
22:31:01.0685 4168 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:31:01.0715 4168 dot3svc - ok
22:31:01.0715 4168 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:31:01.0745 4168 DPS - ok
22:31:01.0745 4168 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:31:01.0755 4168 drmkaud - ok
22:31:01.0775 4168 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:31:01.0795 4168 DXGKrnl - ok
22:31:01.0795 4168 [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
22:31:01.0805 4168 e1cexpress - ok
22:31:01.0815 4168 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:31:01.0845 4168 EapHost - ok
22:31:01.0875 4168 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:31:01.0915 4168 ebdrv - ok
22:31:01.0915 4168 [ F88F2E5806FC405B0FA94B7947A5875E ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
22:31:01.0925 4168 ecnssndis - ok
22:31:01.0925 4168 [ C8CD88218EFC28F7E44A9892B3E97F4D ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
22:31:01.0935 4168 ecnssndisfltr - ok
22:31:01.0935 4168 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:31:01.0945 4168 EFS - ok
22:31:01.0965 4168 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:31:01.0985 4168 ehRecvr - ok
22:31:01.0985 4168 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:31:01.0995 4168 ehSched - ok
22:31:02.0005 4168 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:31:02.0015 4168 elxstor - ok
22:31:02.0025 4168 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:31:02.0035 4168 ErrDev - ok
22:31:02.0045 4168 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:31:02.0075 4168 EventSystem - ok
22:31:02.0085 4168 [ 770B15B8261A444B817F296EC27CE71E ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:31:02.0095 4168 EvtEng - ok
22:31:02.0105 4168 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:31:02.0135 4168 exfat - ok
22:31:02.0135 4168 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:31:02.0165 4168 fastfat - ok
22:31:02.0175 4168 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:31:02.0195 4168 Fax - ok
22:31:02.0195 4168 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
22:31:02.0205 4168 fdc - ok
22:31:02.0205 4168 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:31:02.0235 4168 fdPHost - ok
22:31:02.0235 4168 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:31:02.0265 4168 FDResPub - ok
22:31:02.0265 4168 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:31:02.0275 4168 FileInfo - ok
22:31:02.0275 4168 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:31:02.0305 4168 Filetrace - ok
22:31:02.0305 4168 FirebirdGuardianDefaultInstance - ok
22:31:02.0315 4168 FirebirdServerDefaultInstance - ok
22:31:02.0325 4168 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:31:02.0336 4168 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
22:31:02.0336 4168 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
22:31:02.0336 4168 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:31:02.0346 4168 flpydisk - ok
22:31:02.0356 4168 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:31:02.0366 4168 FltMgr - ok
22:31:02.0376 4168 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
22:31:02.0406 4168 FontCache - ok
22:31:02.0406 4168 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:31:02.0416 4168 FontCache3.0.0.0 - ok
22:31:02.0416 4168 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:31:02.0426 4168 FsDepends - ok
22:31:02.0426 4168 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:31:02.0436 4168 Fs_Rec - ok
22:31:02.0446 4168 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:31:02.0456 4168 fvevol - ok
22:31:02.0456 4168 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:31:02.0466 4168 gagp30kx - ok
22:31:02.0466 4168 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:31:02.0476 4168 GEARAspiWDM - ok
22:31:02.0486 4168 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:31:02.0516 4168 gpsvc - ok
22:31:02.0526 4168 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:02.0526 4168 gupdate - ok
22:31:02.0536 4168 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:02.0536 4168 gupdatem - ok
22:31:02.0546 4168 [ 0E485F2C759F155170DA9F35354034E9 ] HBtnKey C:\Windows\system32\drivers\HBtnKey.sys
22:31:02.0556 4168 HBtnKey - ok
22:31:02.0556 4168 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:31:02.0566 4168 hcw85cir - ok
22:31:02.0576 4168 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:31:02.0586 4168 HDAudBus - ok
22:31:02.0586 4168 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:31:02.0596 4168 HidBatt - ok
22:31:02.0596 4168 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:31:02.0616 4168 HidBth - ok
22:31:02.0616 4168 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:31:02.0626 4168 HidIr - ok
22:31:02.0636 4168 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:31:02.0656 4168 hidserv - ok
22:31:02.0656 4168 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:31:02.0666 4168 HidUsb - ok
22:31:02.0676 4168 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:31:02.0696 4168 hkmsvc - ok
22:31:02.0706 4168 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:31:02.0716 4168 HomeGroupListener - ok
22:31:02.0726 4168 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:31:02.0736 4168 HomeGroupProvider - ok
22:31:02.0736 4168 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:31:02.0746 4168 HpSAMD - ok
22:31:02.0756 4168 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:31:02.0786 4168 HTTP - ok
22:31:02.0796 4168 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:31:02.0796 4168 hwpolicy - ok
22:31:02.0806 4168 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:31:02.0816 4168 i8042prt - ok
22:31:02.0826 4168 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
22:31:02.0836 4168 iaStor - ok
22:31:02.0836 4168 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:31:02.0856 4168 iaStorV - ok
22:31:02.0866 4168 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:31:02.0886 4168 idsvc - ok
22:31:02.0996 4168 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:31:03.0156 4168 igfx - ok
22:31:03.0166 4168 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:31:03.0176 4168 iirsp - ok
22:31:03.0186 4168 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:31:03.0226 4168 IKEEXT - ok
22:31:03.0226 4168 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
22:31:03.0236 4168 Impcd - ok
22:31:03.0246 4168 [ D7B978F4504D3DA95A21002863D0E7EE ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
22:31:03.0256 4168 Intel(R) PROSet Monitoring Service - ok
22:31:03.0256 4168 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:31:03.0266 4168 intelide - ok
22:31:03.0266 4168 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:31:03.0276 4168 intelppm - ok
22:31:03.0286 4168 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:31:03.0306 4168 IPBusEnum - ok
22:31:03.0316 4168 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:31:03.0336 4168 IpFilterDriver - ok
22:31:03.0346 4168 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:31:03.0366 4168 iphlpsvc - ok
22:31:03.0366 4168 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:31:03.0376 4168 IPMIDRV - ok
22:31:03.0386 4168 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:31:03.0406 4168 IPNAT - ok
22:31:03.0416 4168 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:31:03.0436 4168 iPod Service - ok
22:31:03.0436 4168 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:31:03.0446 4168 IRENUM - ok
22:31:03.0456 4168 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:31:03.0466 4168 isapnp - ok
22:31:03.0466 4168 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:31:03.0476 4168 iScsiPrt - ok
22:31:03.0486 4168 [ 2170317581575FF7D73562F6AFEF2D57 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
22:31:03.0496 4168 jhi_service - ok
22:31:03.0496 4168 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:31:03.0506 4168 kbdclass - ok
22:31:03.0506 4168 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:31:03.0516 4168 kbdhid - ok
22:31:03.0526 4168 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:31:03.0536 4168 KeyIso - ok
22:31:03.0536 4168 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:31:03.0546 4168 KSecDD - ok
22:31:03.0546 4168 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:31:03.0556 4168 KSecPkg - ok
22:31:03.0566 4168 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:31:03.0586 4168 ksthunk - ok
22:31:03.0596 4168 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:31:03.0626 4168 KtmRm - ok
22:31:03.0626 4168 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:31:03.0656 4168 LanmanServer - ok
22:31:03.0666 4168 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:31:03.0686 4168 LanmanWorkstation - ok
22:31:03.0696 4168 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:31:03.0716 4168 lltdio - ok
22:31:03.0726 4168 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:31:03.0756 4168 lltdsvc - ok
22:31:03.0756 4168 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:31:03.0786 4168 lmhosts - ok
22:31:03.0786 4168 [ 4518070BDE0BB3636EB9E7B70AD9D7C6 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:31:03.0796 4168 LMS - ok
22:31:03.0806 4168 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:31:03.0816 4168 LSI_FC - ok
22:31:03.0816 4168 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:31:03.0826 4168 LSI_SAS - ok
22:31:03.0836 4168 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:31:03.0836 4168 LSI_SAS2 - ok
22:31:03.0846 4168 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:31:03.0856 4168 LSI_SCSI - ok
22:31:03.0856 4168 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:31:03.0886 4168 luafv - ok
22:31:03.0896 4168 [ 0845DA0BFF1AF5C57DE4DD97ACAF2FCD ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
22:31:03.0906 4168 Mbm3CBus - ok
22:31:03.0906 4168 [ DB6FA599AA79324E287C4EAF6020DA37 ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
22:31:03.0926 4168 Mbm3DevMt - ok
22:31:03.0926 4168 [ 2F71EDB697752D409B9983F0E1D88F70 ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
22:31:03.0936 4168 Mbm3mdfl - ok
22:31:03.0936 4168 [ 21B412A36DE3CCFE4E13383B88CFC90C ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
22:31:03.0956 4168 Mbm3Mdm - ok
22:31:03.0956 4168 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:31:03.0966 4168 Mcx2Svc - ok
22:31:03.0966 4168 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:31:03.0976 4168 megasas - ok
22:31:03.0986 4168 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:31:03.0996 4168 MegaSR - ok
22:31:03.0996 4168 [ 86614752D2FAE34CCD9E7B2AABA5FBEC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:31:04.0006 4168 MEIx64 - ok
22:31:04.0006 4168 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:31:04.0036 4168 MMCSS - ok
22:31:04.0036 4168 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:31:04.0066 4168 Modem - ok
22:31:04.0066 4168 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:31:04.0086 4168 monitor - ok
22:31:04.0086 4168 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:31:04.0096 4168 mouclass - ok
22:31:04.0096 4168 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:31:04.0106 4168 mouhid - ok
22:31:04.0116 4168 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:31:04.0116 4168 mountmgr - ok
22:31:04.0126 4168 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:31:04.0136 4168 MozillaMaintenance - ok
22:31:04.0136 4168 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:31:04.0146 4168 mpio - ok
22:31:04.0146 4168 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:31:04.0176 4168 mpsdrv - ok
22:31:04.0186 4168 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:31:04.0226 4168 MpsSvc - ok
22:31:04.0226 4168 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:31:04.0236 4168 MRxDAV - ok
22:31:04.0246 4168 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:31:04.0256 4168 mrxsmb - ok
22:31:04.0266 4168 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:31:04.0276 4168 mrxsmb10 - ok
22:31:04.0276 4168 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:31:04.0286 4168 mrxsmb20 - ok
22:31:04.0286 4168 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:31:04.0296 4168 msahci - ok
22:31:04.0306 4168 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:31:04.0316 4168 msdsm - ok
22:31:04.0316 4168 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:31:04.0326 4168 MSDTC - ok
22:31:04.0336 4168 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:31:04.0366 4168 Msfs - ok
22:31:04.0366 4168 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:31:04.0386 4168 mshidkmdf - ok
22:31:04.0396 4168 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:31:04.0406 4168 msisadrv - ok
22:31:04.0406 4168 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:31:04.0436 4168 MSiSCSI - ok
22:31:04.0436 4168 msiserver - ok
22:31:04.0436 4168 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:31:04.0466 4168 MSKSSRV - ok
22:31:04.0466 4168 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:31:04.0506 4168 MSPCLOCK - ok
22:31:04.0506 4168 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:31:04.0536 4168 MSPQM - ok
22:31:04.0546 4168 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:31:04.0556 4168 MsRPC - ok
22:31:04.0566 4168 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:31:04.0566 4168 mssmbios - ok
22:31:04.0576 4168 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:31:04.0596 4168 MSTEE - ok
22:31:04.0606 4168 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:31:04.0616 4168 MTConfig - ok
22:31:04.0616 4168 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:31:04.0626 4168 Mup - ok
22:31:04.0636 4168 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:31:04.0666 4168 napagent - ok
22:31:04.0666 4168 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:31:04.0686 4168 NativeWifiP - ok
22:31:04.0686 4168 [ 7CCA9D3F1BA2172B8CB7558737404E15 ] ndfs C:\Program Files\NetDrive\ndfs.sys
22:31:04.0696 4168 ndfs - ok
22:31:04.0706 4168 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:31:04.0726 4168 NDIS - ok
22:31:04.0736 4168 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:31:04.0756 4168 NdisCap - ok
22:31:04.0766 4168 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:31:04.0796 4168 NdisTapi - ok
22:31:04.0796 4168 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:31:04.0816 4168 Ndisuio - ok
22:31:04.0826 4168 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:31:04.0856 4168 NdisWan - ok
22:31:04.0856 4168 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:31:04.0886 4168 NDProxy - ok
22:31:04.0916 4168 [ 4F54331F051F15EAD005F0E4CB55014E ] ndsvc C:\Program Files\NetDrive\ndsvc.exe
22:31:04.0956 4168 ndsvc ( UnsignedFile.Multi.Generic ) - warning
22:31:04.0956 4168 ndsvc - detected UnsignedFile.Multi.Generic (1)
22:31:04.0956 4168 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:31:04.0986 4168 NetBIOS - ok
22:31:04.0996 4168 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:31:05.0016 4168 NetBT - ok
22:31:05.0026 4168 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:31:05.0036 4168 Netlogon - ok
22:31:05.0036 4168 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:31:05.0066 4168 Netman - ok
22:31:05.0076 4168 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:05.0086 4168 NetMsmqActivator - ok
22:31:05.0086 4168 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:05.0096 4168 NetPipeActivator - ok
22:31:05.0096 4168 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:31:05.0126 4168 netprofm - ok
22:31:05.0136 4168 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:05.0146 4168 NetTcpActivator - ok
22:31:05.0146 4168 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:05.0156 4168 NetTcpPortSharing - ok
22:31:05.0156 4168 [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
22:31:05.0166 4168 netvsc - ok
22:31:05.0266 4168 [ 62A8A81674F71B76289E460615A0AC73 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
22:31:05.0406 4168 NETwNs64 - ok
22:31:05.0416 4168 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:31:05.0426 4168 nfrd960 - ok
22:31:05.0426 4168 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:31:05.0446 4168 NlaSvc - ok
22:31:05.0446 4168 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:31:05.0476 4168 Npfs - ok
22:31:05.0476 4168 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:31:05.0506 4168 nsi - ok
22:31:05.0506 4168 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:31:05.0526 4168 nsiproxy - ok
22:31:05.0546 4168 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:31:05.0576 4168 Ntfs - ok
22:31:05.0586 4168 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:31:05.0606 4168 Null - ok
22:31:05.0616 4168 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
22:31:05.0626 4168 NVHDA - ok
22:31:05.0626 4168 [ 1E91E29ACAEDFD9533F5C18B003E389F ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
22:31:05.0636 4168 nvkflt - ok
22:31:05.0776 4168 [ 368D7CA6309634E8D9B82C36723EE293 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:31:05.0976 4168 nvlddmkm - ok
22:31:05.0986 4168 [ 96B5125F0AE23AA4A4A2F97C2DE8F22E ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
22:31:05.0986 4168 nvpciflt - ok
22:31:05.0996 4168 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:31:06.0006 4168 nvraid - ok
22:31:06.0006 4168 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:31:06.0016 4168 nvstor - ok
22:31:06.0026 4168 [ 23946D1E72925D973FB7FD9BADEFBAFB ] NVSvc C:\Windows\system32\nvvsvc.exe
22:31:06.0046 4168 NVSvc - ok
22:31:06.0076 4168 [ 253AD2B12BC3DFDDA6912AB2A1121C33 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:31:06.0106 4168 nvUpdatusService - ok
22:31:06.0116 4168 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:31:06.0126 4168 nv_agp - ok
22:31:06.0136 4168 [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR C:\Windows\system32\DRIVERS\O2MDFw7x64.sys
22:31:06.0146 4168 O2MDFRDR - ok
22:31:06.0146 4168 [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR C:\Windows\system32\drivers\O2MDRw7x64.sys
22:31:06.0156 4168 O2MDRRDR - ok
22:31:06.0186 4168 [ 4635935FC972C582632BF45C26BFCB0E ] O2SDIOAssist c:\Windows\SysWOW64\srvany.exe
22:31:06.0186 4168 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - warning
22:31:06.0186 4168 O2SDIOAssist - detected UnsignedFile.Multi.Generic (1)
22:31:06.0196 4168 [ A9C1E6B7C134FAD124338B7944FA996D ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjw7x64.sys
22:31:06.0206 4168 O2SDJRDR - ok
22:31:06.0226 4168 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:31:06.0236 4168 odserv - ok
22:31:06.0236 4168 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:31:06.0256 4168 ohci1394 - ok
22:31:06.0256 4168 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:31:06.0266 4168 ose - ok
22:31:06.0286 4168 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:31:06.0296 4168 p2pimsvc - ok
22:31:06.0306 4168 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:31:06.0326 4168 p2psvc - ok
22:31:06.0346 4168 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:31:06.0356 4168 Parport - ok
22:31:06.0366 4168 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:31:06.0376 4168 partmgr - ok
22:31:06.0376 4168 [ 363B3F857ABEE85767E01E3044C539CD ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
22:31:06.0386 4168 PBADRV - ok
22:31:06.0396 4168 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:31:06.0416 4168 PcaSvc - ok
22:31:06.0426 4168 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:31:06.0446 4168 pci - ok
22:31:06.0446 4168 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:31:06.0456 4168 pciide - ok
22:31:06.0466 4168 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:31:06.0476 4168 pcmcia - ok
22:31:06.0476 4168 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:31:06.0486 4168 pcw - ok
22:31:06.0496 4168 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:31:06.0536 4168 PEAUTH - ok
22:31:06.0546 4168 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:31:06.0576 4168 PeerDistSvc - ok
22:31:06.0586 4168 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:31:06.0596 4168 PerfHost - ok
22:31:06.0616 4168 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:31:06.0656 4168 pla - ok
22:31:06.0686 4168 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:31:06.0706 4168 PlugPlay - ok
22:31:06.0716 4168 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:31:06.0726 4168 PNRPAutoReg - ok
22:31:06.0726 4168 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:31:06.0746 4168 PNRPsvc - ok
22:31:06.0756 4168 [ 5BC4D480DD527EB0CF33A67A090A130E ] Point64 C:\Windows\system32\DRIVERS\point64.sys
22:31:06.0766 4168 Point64 - ok
22:31:06.0776 4168 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:31:06.0806 4168 PolicyAgent - ok
22:31:06.0806 4168 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:31:06.0836 4168 Power - ok
22:31:06.0846 4168 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:31:06.0866 4168 PptpMiniport - ok
22:31:06.0866 4168 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:31:06.0876 4168 Processor - ok
22:31:06.0886 4168 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:31:06.0896 4168 ProfSvc - ok
22:31:06.0906 4168 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:31:06.0906 4168 ProtectedStorage - ok
22:31:06.0916 4168 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:31:06.0966 4168 Psched - ok
22:31:06.0976 4168 [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
22:31:06.0986 4168 PSI - ok
22:31:06.0996 4168 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
22:31:07.0006 4168 PxHlpa64 - ok
22:31:07.0026 4168 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:31:07.0056 4168 ql2300 - ok
22:31:07.0066 4168 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:31:07.0076 4168 ql40xx - ok
22:31:07.0086 4168 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:31:07.0106 4168 QWAVE - ok
22:31:07.0106 4168 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:31:07.0126 4168 QWAVEdrv - ok
22:31:07.0126 4168 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:31:07.0156 4168 RasAcd - ok
22:31:07.0166 4168 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:31:07.0206 4168 RasAgileVpn - ok
22:31:07.0206 4168 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:31:07.0236 4168 RasAuto - ok
22:31:07.0246 4168 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:31:07.0276 4168 Rasl2tp - ok
22:31:07.0276 4168 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:31:07.0306 4168 RasMan - ok
22:31:07.0306 4168 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:31:07.0336 4168 RasPppoe - ok
22:31:07.0346 4168 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:31:07.0366 4168 RasSstp - ok
22:31:07.0376 4168 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:31:07.0406 4168 rdbss - ok
22:31:07.0406 4168 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:31:07.0426 4168 rdpbus - ok
22:31:07.0426 4168 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:31:07.0456 4168 RDPCDD - ok
22:31:07.0466 4168 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:31:07.0476 4168 RDPDR - ok
22:31:07.0486 4168 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:31:07.0516 4168 RDPENCDD - ok
22:31:07.0536 4168 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:31:07.0566 4168 RDPREFMP - ok
22:31:07.0576 4168 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:31:07.0596 4168 RDPWD - ok
22:31:07.0596 4168 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:31:07.0606 4168 rdyboost - ok
22:31:07.0616 4168 [ 992E3160D3AB2D8F083B6808D73A4016 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:31:07.0626 4168 RegSrvc - ok
22:31:07.0636 4168 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:31:07.0656 4168 RemoteAccess - ok
22:31:07.0666 4168 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:31:07.0696 4168 RemoteRegistry - ok
22:31:07.0696 4168 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:31:07.0716 4168 RFCOMM - ok
22:31:07.0736 4168 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
22:31:07.0766 4168 RoxMediaDB12OEM - ok
22:31:07.0766 4168 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
22:31:07.0786 4168 RoxWatch12 - ok
22:31:07.0786 4168 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:31:07.0816 4168 RpcEptMapper - ok
22:31:07.0816 4168 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:31:07.0836 4168 RpcLocator - ok
22:31:07.0836 4168 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:31:07.0866 4168 RpcSs - ok
22:31:07.0876 4168 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:31:07.0896 4168 rspndr - ok
22:31:07.0906 4168 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:31:07.0916 4168 s3cap - ok
22:31:07.0916 4168 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:31:07.0926 4168 SamSs - ok
22:31:07.0926 4168 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:31:07.0936 4168 sbp2port - ok
22:31:07.0946 4168 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:31:07.0976 4168 SCardSvr - ok
22:31:07.0986 4168 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:31:08.0016 4168 scfilter - ok
22:31:08.0026 4168 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:31:08.0066 4168 Schedule - ok
22:31:08.0076 4168 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:31:08.0096 4168 SCPolicySvc - ok
22:31:08.0106 4168 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:31:08.0116 4168 SDRSVC - ok
22:31:08.0126 4168 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:31:08.0146 4168 secdrv - ok
22:31:08.0146 4168 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:31:08.0176 4168 seclogon - ok
22:31:08.0196 4168 [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
22:31:08.0226 4168 Secunia PSI Agent - ok
22:31:08.0236 4168 [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
22:31:08.0256 4168 Secunia Update Agent - ok
22:31:08.0286 4168 [ 8365191D0FE7DF5972B889821ADBE62B ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
22:31:08.0316 4168 SecureStorageService - ok
22:31:08.0326 4168 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:31:08.0366 4168 SENS - ok
22:31:08.0366 4168 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:31:08.0386 4168 SensrSvc - ok
22:31:08.0386 4168 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
22:31:08.0406 4168 Serenum - ok
22:31:08.0416 4168 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
22:31:08.0426 4168 Serial - ok
22:31:08.0436 4168 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:31:08.0456 4168 sermouse - ok
22:31:08.0476 4168 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:31:08.0506 4168 SessionEnv - ok
22:31:08.0516 4168 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:31:08.0536 4168 sffdisk - ok
22:31:08.0536 4168 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:31:08.0556 4168 sffp_mmc - ok
22:31:08.0566 4168 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:31:08.0576 4168 sffp_sd - ok
22:31:08.0586 4168 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:31:08.0596 4168 sfloppy - ok
22:31:08.0606 4168 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:31:08.0646 4168 SharedAccess - ok
22:31:08.0656 4168 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:31:08.0686 4168 ShellHWDetection - ok
22:31:08.0701 4168 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:31:08.0701 4168 SiSRaid2 - ok
22:31:08.0717 4168 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:31:08.0717 4168 SiSRaid4 - ok
22:31:08.0748 4168 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:31:08.0810 4168 Skype C2C Service - ok
22:31:08.0810 4168 [ 2F5AF9D91D51E832773D4A9EAF65CB33 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:31:08.0826 4168 SkypeUpdate - ok
22:31:08.0826 4168 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:31:08.0857 4168 Smb - ok
22:31:08.0857 4168 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:31:08.0873 4168 SNMPTRAP - ok
22:31:08.0873 4168 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:31:08.0873 4168 spldr - ok
22:31:08.0888 4168 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:31:08.0904 4168 Spooler - ok
22:31:08.0935 4168 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:31:08.0998 4168 sppsvc - ok
22:31:08.0998 4168 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:31:09.0029 4168 sppuinotify - ok
22:31:09.0029 4168 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:31:09.0044 4168 SQLWriter - ok
22:31:09.0044 4168 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:31:09.0060 4168 srv - ok
22:31:09.0076 4168 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:31:09.0091 4168 srv2 - ok
22:31:09.0091 4168 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:31:09.0091 4168 srvnet - ok
22:31:09.0107 4168 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:31:09.0138 4168 SSDPSRV - ok
22:31:09.0138 4168 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
22:31:09.0138 4168 SSPORT - ok
22:31:09.0154 4168 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:31:09.0169 4168 SstpSvc - ok
22:31:09.0185 4168 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
22:31:09.0185 4168 STacSV - ok
22:31:09.0200 4168 [ 02A7183FEBD44D54BFC98D166D091FF5 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:31:09.0216 4168 Stereo Service - ok
22:31:09.0216 4168 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:31:09.0216 4168 stexstor - ok
22:31:09.0232 4168 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
22:31:09.0247 4168 STHDA - ok
22:31:09.0247 4168 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:31:09.0278 4168 stisvc - ok
22:31:09.0278 4168 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
22:31:09.0278 4168 stllssvr - ok
22:31:09.0294 4168 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
22:31:09.0294 4168 StorSvc - ok
22:31:09.0294 4168 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:31:09.0310 4168 storvsc - ok
22:31:09.0310 4168 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:31:09.0325 4168 swenum - ok
22:31:09.0325 4168 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:31:09.0357 4168 swprv - ok
22:31:09.0357 4168 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
22:31:09.0373 4168 SynthVid - ok
22:31:09.0389 4168 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:31:09.0420 4168 SysMain - ok
22:31:09.0435 4168 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:31:09.0435 4168 TabletInputService - ok
22:31:09.0451 4168 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:31:09.0482 4168 TapiSrv - ok
22:31:09.0482 4168 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:31:09.0513 4168 TBS - ok
22:31:09.0529 4168 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:31:09.0560 4168 Tcpip - ok
22:31:09.0576 4168 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:31:09.0607 4168 TCPIP6 - ok
22:31:09.0607 4168 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:31:09.0623 4168 tcpipreg - ok
22:31:09.0638 4168 [ 3D52B206D9F6F3ECFDB5D676614E47B6 ] tcsd_win32.exe C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
22:31:09.0669 4168 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning
22:31:09.0669 4168 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1)
22:31:09.0701 4168 [ E2F626E4A23E12DE31D8820FF143A456 ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
22:31:09.0763 4168 TdmService - ok
22:31:09.0779 4168 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:31:09.0794 4168 TDPIPE - ok
22:31:09.0794 4168 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:31:09.0794 4168 TDTCP - ok
22:31:09.0810 4168 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:31:09.0841 4168 tdx - ok
22:31:09.0872 4168 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
22:31:09.0935 4168 TeamViewer7 - ok
22:31:09.0935 4168 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:31:09.0950 4168 TermDD - ok
22:31:09.0966 4168 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:31:09.0997 4168 TermService - ok
22:31:09.0997 4168 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:31:10.0013 4168 Themes - ok
22:31:10.0028 4168 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:31:10.0059 4168 THREADORDER - ok
22:31:10.0059 4168 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:31:10.0091 4168 TrkWks - ok
22:31:10.0106 4168 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:31:10.0137 4168 TrustedInstaller - ok
22:31:10.0137 4168 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:31:10.0169 4168 tssecsrv - ok
22:31:10.0169 4168 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:31:10.0184 4168 TsUsbFlt - ok
22:31:10.0184 4168 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:31:10.0200 4168 TsUsbGD - ok
22:31:10.0215 4168 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:31:10.0231 4168 tunnel - ok
22:31:10.0247 4168 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:31:10.0247 4168 uagp35 - ok
22:31:10.0262 4168 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:31:10.0293 4168 udfs - ok
22:31:10.0293 4168 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:31:10.0309 4168 UI0Detect - ok
22:31:10.0309 4168 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:31:10.0309 4168 uliagpkx - ok
22:31:10.0325 4168 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:31:10.0325 4168 umbus - ok
22:31:10.0325 4168 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:31:10.0340 4168 UmPass - ok
22:31:10.0340 4168 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
22:31:10.0356 4168 UmRdpService - ok
22:31:10.0387 4168 [ EA9C8B5A8EDC28F2060676F388E33A6F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:31:10.0434 4168 UNS - ok
22:31:10.0434 4168 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:31:10.0481 4168 upnphost - ok
22:31:10.0481 4168 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:31:10.0496 4168 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
22:31:10.0496 4168 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
22:31:10.0496 4168 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:31:10.0512 4168 usbaudio - ok
22:31:10.0512 4168 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:31:10.0527 4168 usbccgp - ok
22:31:10.0543 4168 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:31:10.0559 4168 usbcir - ok
22:31:10.0559 4168 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:31:10.0574 4168 usbehci - ok
22:31:10.0574 4168 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:31:10.0590 4168 usbhub - ok
22:31:10.0590 4168 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:31:10.0605 4168 usbohci - ok
22:31:10.0605 4168 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:31:10.0621 4168 usbprint - ok
22:31:10.0637 4168 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:31:10.0637 4168 USBSTOR - ok
22:31:10.0652 4168 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:31:10.0652 4168 usbuhci - ok
22:31:10.0668 4168 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:31:10.0683 4168 usbvideo - ok
22:31:10.0683 4168 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:31:10.0715 4168 UxSms - ok
22:31:10.0715 4168 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:31:10.0730 4168 VaultSvc - ok
22:31:10.0730 4168 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:31:10.0746 4168 vdrvroot - ok
22:31:10.0761 4168 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:31:10.0793 4168 vds - ok
22:31:10.0793 4168 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:31:10.0808 4168 vga - ok
22:31:10.0808 4168 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:31:10.0839 4168 VgaSave - ok
22:31:10.0839 4168 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:31:10.0855 4168 vhdmp - ok
22:31:10.0855 4168 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:31:10.0871 4168 viaide - ok
22:31:10.0871 4168 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:31:10.0886 4168 VMBusHID - ok
22:31:10.0886 4168 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:31:10.0886 4168 volmgr - ok
22:31:10.0902 4168 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:31:10.0917 4168 volmgrx - ok
22:31:10.0917 4168 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:31:10.0933 4168 volsnap - ok
22:31:10.0933 4168 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:31:10.0949 4168 vsmraid - ok
22:31:10.0964 4168 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:31:11.0011 4168 VSS - ok
22:31:11.0011 4168 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:31:11.0027 4168 vwifibus - ok
22:31:11.0027 4168 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:31:11.0042 4168 vwififlt - ok
22:31:11.0042 4168 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:31:11.0073 4168 W32Time - ok
22:31:11.0089 4168 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:31:11.0105 4168 WacomPen - ok
22:31:11.0105 4168 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:31:11.0136 4168 WANARP - ok
22:31:11.0136 4168 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:31:11.0151 4168 Wanarpv6 - ok
22:31:11.0183 4168 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:31:11.0214 4168 WatAdminSvc - ok
22:31:11.0229 4168 [ E45BCE01F15EEB240FE9DB83B9D86BE3 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
22:31:11.0276 4168 Wave Authentication Manager Service ( UnsignedFile.Multi.Generic ) - warning
22:31:11.0276 4168 Wave Authentication Manager Service - detected UnsignedFile.Multi.Generic (1)
22:31:11.0292 4168 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:31:11.0323 4168 wbengine - ok
22:31:11.0339 4168 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:31:11.0354 4168 WbioSrvc - ok
22:31:11.0370 4168 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:31:11.0385 4168 wcncsvc - ok
22:31:11.0385 4168 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:31:11.0401 4168 WcsPlugInService - ok
22:31:11.0401 4168 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:31:11.0417 4168 Wd - ok
22:31:11.0432 4168 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:31:11.0463 4168 Wdf01000 - ok
22:31:11.0463 4168 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:31:11.0495 4168 WdiServiceHost - ok
22:31:11.0495 4168 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:31:11.0510 4168 WdiSystemHost - ok
22:31:11.0526 4168 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:31:11.0541 4168 WebClient - ok
22:31:11.0541 4168 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:31:11.0588 4168 Wecsvc - ok
22:31:11.0588 4168 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:31:11.0619 4168 wercplsupport - ok
22:31:11.0619 4168 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:31:11.0666 4168 WerSvc - ok
22:31:11.0666 4168 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:31:11.0697 4168 WfpLwf - ok
22:31:11.0697 4168 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:31:11.0713 4168 WIMMount - ok
22:31:11.0713 4168 WinDefend - ok
22:31:11.0713 4168 WinHttpAutoProxySvc - ok
22:31:11.0729 4168 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:31:11.0760 4168 Winmgmt - ok
22:31:11.0775 4168 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:31:11.0838 4168 WinRM - ok
22:31:11.0838 4168 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
22:31:11.0853 4168 WinUsb - ok
22:31:11.0869 4168 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:31:11.0885 4168 Wlansvc - ok
22:31:11.0885 4168 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:31:11.0900 4168 wlcrasvc - ok
22:31:11.0916 4168 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:31:11.0963 4168 wlidsvc - ok
22:31:11.0963 4168 WMCoreService - ok
22:31:11.0963 4168 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:31:11.0978 4168 WmiAcpi - ok
22:31:11.0978 4168 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:31:11.0994 4168 wmiApSrv - ok
22:31:11.0994 4168 WMPNetworkSvc - ok
22:31:11.0994 4168 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:31:12.0009 4168 WPCSvc - ok
22:31:12.0009 4168 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:31:12.0041 4168 WPDBusEnum - ok
22:31:12.0041 4168 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:31:12.0072 4168 ws2ifsl - ok
22:31:12.0072 4168 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:31:12.0087 4168 wscsvc - ok
22:31:12.0103 4168 WSearch - ok
22:31:12.0134 4168 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:31:12.0197 4168 wuauserv - ok
22:31:12.0197 4168 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:31:12.0212 4168 WudfPf - ok
22:31:12.0212 4168 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:31:12.0228 4168 WUDFRd - ok
22:31:12.0228 4168 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:31:12.0243 4168 wudfsvc - ok
22:31:12.0259 4168 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:31:12.0275 4168 WwanSvc - ok
22:31:12.0290 4168 [ DDA7CD9F319AA76385F24BB2BD320044 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
22:31:12.0306 4168 WwanUsbServ - ok
22:31:12.0353 4168 [ 9FA1347D0E96998C3793F51BB94D7AC3 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
22:31:12.0415 4168 ZeroConfigService - ok
22:31:12.0415 4168 ================ Scan global ===============================
22:31:12.0431 4168 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:31:12.0431 4168 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:31:12.0431 4168 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:31:12.0446 4168 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:31:12.0446 4168 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:31:12.0462 4168 [Global] - ok
22:31:12.0462 4168 ================ Scan MBR ==================================
22:31:12.0462 4168 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:31:12.0633 4168 \Device\Harddisk0\DR0 - ok
22:31:12.0649 4168 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:31:13.0398 4168 \Device\Harddisk1\DR1 - ok
22:31:13.0398 4168 ================ Scan VBR ==================================
22:31:13.0413 4168 [ 5BBD969E91DBE97E5B88C23887F315EB ] \Device\Harddisk0\DR0\Partition1
22:31:13.0413 4168 \Device\Harddisk0\DR0\Partition1 - ok
22:31:13.0429 4168 [ 997B924F4389B00B7277F2B5D28A6FE8 ] \Device\Harddisk0\DR0\Partition2
22:31:13.0429 4168 \Device\Harddisk0\DR0\Partition2 - ok
22:31:13.0429 4168 [ 3B82EC7AC3F3B806E1134557E77EFD0A ] \Device\Harddisk1\DR1\Partition1
22:31:13.0429 4168 \Device\Harddisk1\DR1\Partition1 - ok
22:31:13.0429 4168 ============================================================
22:31:13.0429 4168 Scan finished
22:31:13.0429 4168 ============================================================
22:31:13.0445 5632 Detected object count: 6
22:31:13.0445 5632 Actual detected object count: 6
22:32:15.0655 5632 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:32:15.0655 5632 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:32:15.0655 5632 ndsvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:32:15.0655 5632 ndsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:32:15.0655 5632 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - skipped by user
22:32:15.0655 5632 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:32:15.0655 5632 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user
22:32:15.0655 5632 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:32:15.0655 5632 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
22:32:15.0655 5632 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:32:15.0655 5632 Wave Authentication Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:32:15.0655 5632 Wave Authentication Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
17.04.2013, 12:21
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.04.2013, 13:21
| #12 |
| | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? zur Info vorweg: ich hatte heute vormittag im Firefox eine Erweiterung installiert. sorry, ging nicht anders. Und mir ist aufgefallen, dass mein PC gestern nachmittag updates vom hersteller (dell) aktualisiert hat. das scheint in den Logs sicher auch auf. combofix Log Code:
ATTFilter ComboFix 13-04-17.01 - zwitscher 17.04.2013 13:46:14.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.43.1031.18.3977.1814 [GMT 2:00]
ausgeführt von:: c:\users\zwitscher\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\blekkotb_031\blEKkotb_019x.dll
c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml
c:\programdata\Roaming
c:\users\zwitscher\AppData\Local\assembly\tmp
c:\users\zwitscher\AppData\Roaming\JomCap.dll
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\instsrv.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-03-17 bis 2013-04-17 ))))))))))))))))))))))))))))))
.
.
2013-04-16 12:57 . 2013-04-16 13:03 -------- d-----w- c:\users\zwitscher\AppData\Local\Deployment
2013-04-16 10:53 . 2012-05-11 06:26 11584 ----a-w- c:\windows\system32\NVMUPEventMsg.dll
2013-04-16 10:53 . 2013-04-16 10:53 -------- d-----w- c:\users\UpdatusUser
2013-04-16 10:16 . 2013-04-16 10:16 -------- d-----w- c:\users\zwitscher\Roaming
2013-04-16 10:16 . 2013-04-16 10:16 -------- d-----w- c:\users\Public\Roaming
2013-04-16 10:16 . 2013-04-16 10:16 -------- d-----w- c:\users\Default\Roaming
2013-04-16 10:16 . 2013-04-16 10:16 -------- d-----w- c:\programdata\Intel
2013-04-16 10:16 . 2013-04-16 10:16 -------- d-----w- c:\program files (x86)\Cisco
2013-04-16 08:33 . 2013-04-16 08:33 -------- d-----w- c:\users\zwitscher\AppData\Roaming\Leadertech
2013-04-12 14:32 . 2013-04-12 14:32 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-11 06:35 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-11 02:27 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-11 02:27 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-11 02:27 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-11 02:27 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-11 02:27 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-11 02:27 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-11 02:27 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-11 02:26 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-11 02:26 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-11 02:26 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-11 02:26 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-11 02:26 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-11 02:26 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-11 02:26 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-09 14:40 . 2013-04-09 14:40 163088 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10143.bin
2013-04-03 20:30 . 2013-04-03 20:30 -------- d-----w- c:\users\zwitscher\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
2013-04-02 23:19 . 2013-04-04 06:32 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-04-01 22:19 . 2013-04-01 22:19 544688 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-01 22:19 . 2013-04-01 22:19 193968 ----a-w- c:\windows\system32\javaws.exe
2013-04-01 22:19 . 2013-04-01 22:19 172976 ----a-w- c:\windows\system32\javaw.exe
2013-04-01 22:19 . 2013-04-01 22:19 172976 ----a-w- c:\windows\system32\java.exe
2013-04-01 22:15 . 2013-04-01 22:15 -------- d-----w- c:\users\zwitscher\AppData\Local\Secunia PSI
2013-04-01 22:15 . 2013-04-01 22:15 -------- d-----w- c:\program files (x86)\Secunia
2013-04-01 20:43 . 2013-04-01 20:48 -------- d-----w- c:\programdata\8211D624B3EA151200008211541B1CCF
2013-03-29 20:50 . 2013-03-29 20:50 -------- d-----w- c:\program files (x86)\Beyond Compare 3
2013-03-24 13:54 . 2013-03-24 13:54 -------- d-----w- c:\users\zwitscher\AppData\Roaming\Malwarebytes
2013-03-24 13:53 . 2013-03-24 13:53 -------- d-----w- c:\programdata\Malwarebytes
2013-03-24 13:53 . 2013-04-16 13:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-24 13:53 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-24 13:53 . 2013-03-24 13:53 -------- d-----w- c:\users\zwitscher\AppData\Local\Programs
2013-03-21 13:07 . 2013-03-21 13:07 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-21 13:07 . 2013-03-21 13:07 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-21 13:07 . 2013-03-21 13:07 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-03-19 18:36 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-16 07:42 . 2012-03-29 07:01 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-16 07:42 . 2011-11-24 18:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-12 15:59 . 2011-12-01 20:14 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-01 22:28 . 2012-10-17 06:35 477616 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-04-01 22:28 . 2011-11-24 18:53 473520 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-01 22:19 . 2011-11-24 18:53 526256 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-12 05:45 . 2013-03-13 02:44 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 02:44 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 02:44 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 02:44 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 02:44 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 02:44 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-07 12:15 . 2013-02-07 12:15 18456 ----a-w- c:\windows\system32\drivers\psi_mf_amd64.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 14:31 1514152 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\zwitscher\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\zwitscher\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\zwitscher\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\zwitscher\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18643048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-08-09 112408]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-03-12 462993]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 50472]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"STO Backup Service"="c:\program files (x86)\SmarThru Office\BackUpSvr.exe" [2009-04-24 184320]
"STO Launcher Service"="c:\program files (x86)\SmarThru Office\x64\LegacyLauncher.exe" [2009-04-24 381440]
"Dell PanelMgr"="c:\windows\Dell\PanelMgr\SSMMgr.exe" [2008-11-13 541936]
"1235cn Scan2PC"="c:\windows\twain_32\Dell\DELL1235\Scan2Pc.exe" [2008-09-26 495616]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-05-03 217256]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-01-03 1391272]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"NetDrive"="c:\program files\NetDrive\NetDrive.exe" [2013-02-28 3587072]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-03-21 345312]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\zwitscher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\zwitscher\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-4-10 27151288]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2013-3-19 1086816]
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-25 494488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-8 1136928]
Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-2-7 575000]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-25 494488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-04-17 2594584]
R3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys [2012-05-23 27760]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-11-24 349736]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-11-24 39464]
R3 d554gps;Dell Wireless HSPA Mini-Card GPS Port;c:\windows\system32\DRIVERS\d554gps64.sys [2010-12-02 101416]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-11-01 75928]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 ndfs;ndfs;c:\program files\NetDrive\ndfs.sys [2013-02-01 63712]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7x64.sys [2011-01-03 74984]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-11-02 50856]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys [2013-02-07 18456]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-01 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-05-11 28992]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-03-21 28600]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-05-11 249152]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2013-03-21 374496]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-03-21 86752]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-03-21 565472]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-05-13 1043872]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-05-13 36768]
S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-24 2279320]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe [2007-03-02 81920]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-06-29 171688]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2012-05-21 212984]
S2 ndsvc;NetDrive Service;c:\program files\NetDrive\ndsvc.exe [2013-02-28 2789376]
S2 O2SDIOAssist;O2SDIOAssist;c:\windows\SysWOW64\srvany.exe [2003-04-19 8192]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2013-02-07 1223704]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2013-02-07 660504]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-08-20 11576]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-10 382272]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-07-01 1600000]
S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-08-23 3342640]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 172960]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2011-05-10 38504]
S3 d554scard;Dell Wireless HSPA Mini-Card USIM Port;c:\windows\system32\DRIVERS\d554scard.sys [2010-11-19 61992]
S3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys [2010-02-24 26664]
S3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys [2010-02-24 30248]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe [2007-03-02 1994752]
S3 Mbm3CBus;Dell Wireless 5550 HSPA+ Mini-Card Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys [2010-11-01 411208]
S3 Mbm3DevMt;Dell Wireless HSPA Mini-Card Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys [2010-11-01 419912]
S3 Mbm3mdfl;Dell Wireless HSPA Mini-Card Modem Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys [2010-11-01 19528]
S3 Mbm3Mdm;Dell Wireless HSPA Mini-Card Modem Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys [2010-11-01 472648]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\DRIVERS\O2MDFw7x64.sys [2011-01-03 72808]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2011-03-23 83560]
S3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys [2011-02-08 276520]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-04-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 07:42]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-01 18:11]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-01 18:11]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2012946819-271969774-3436621697-1001Core.job
- c:\users\zwitscher\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-03 20:34]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2012946819-271969774-3436621697-1001UA.job
- c:\users\zwitscher\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-03 20:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\zwitscher\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\zwitscher\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\zwitscher\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\zwitscher\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2011-05-27 23:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2011-05-27 23:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-20 611192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-28 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-28 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-28 416024]
"DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 7077272]
"TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-05-27 257392]
"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"IntelliType Pro"="c:\program files\Microsoft Mouse and Keyboard Center\itype.exe" [2012-11-02 1464944]
"IntelliPoint"="c:\program files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2012-11-02 2076272]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2012-08-23 4805936]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-05-11 1694016]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.orf.at/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: Auswahl speichern - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Capture Selection - c:\program files (x86)\SmarThru Office\WebCapture.dll2.htm
IE: Diese Seite ausschneiden - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Neue Notiz - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Save as HTML - c:\program files (x86)\SmarThru Office\WebCapture.dll1.htm
IE: Save Selected Text - c:\program files (x86)\SmarThru Office\WebCapture.dll.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: URL notieren - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Web Capture - c:\program files (x86)\SmarThru Office\WebCapture.dll
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{714AE526-5486-4F6A-9230-36FCE4324168}: NameServer = 194.48.139.254 194.48.124.200
FF - ProfilePath - c:\users\zwitscher\AppData\Roaming\Mozilla\Firefox\Profiles\6q31vqd1.default\
FF - prefs.js: browser.search.selectedEngine - Ecosia
FF - prefs.js: browser.startup.homepage - www.orf.at
FF - prefs.js: keyword.URL - hxxp://www.google.de/search?q=
FF - ExtSQL: 2013-04-02 00:28; {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}
FF - ExtSQL: 2013-04-17 09:54; {B17C1C5A-04B1-11DB-9804-B622A1EF5492}; c:\users\zwitscher\AppData\Roaming\Mozilla\Firefox\Profiles\6q31vqd1.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - (no file)
URLSearchHooks-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
BHO-{8769adce-dba5-48e9-afb5-67b12cdf2e61} - c:\program files (x86)\blekkotb_031\blekkotb_019X.dll
Toolbar-Locked - (no file)
Toolbar-{8769adce-dba5-48e9-afb5-67b12cdf2e61} - c:\program files (x86)\blekkotb_031\blekkotb_019X.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
WebBrowser-{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\sysWOW64\SDIOAssist.exe
c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
c:\program files (x86)\ASCOMP Software\Synchredible\synchredible.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-04-17 13:53:14 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-04-17 11:53
.
Vor Suchlauf: 15 Verzeichnis(se), 42.469.470.208 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 46.716.305.408 Bytes frei
.
- - End Of File - - E898C50B4BDE33922B9BC3C45F9212A3
|
|
17.04.2013, 13:43
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? Combofix-Skript
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.04.2013, 14:10
| #14 |
| | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? suspect und collect hinweise waren keine. das log ist zu lange für einen beitrag, daher als anhang. |
|
17.04.2013, 14:13
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)? |
| anleitung, antivirus, bereinigt, dreamweaver, formatieren, html/infected.webpage.gen3, kennwort, kunde, professional, rogue.avasoftpav, service, trojan.agent.124gen, trojan.ransom.ed, trojaner, versucht, wissen, wörter |
