| |
| |||||||
Log-Analyse und Auswertung: Immer wiederkehrende Warnmeldung bei AviraWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
02.07.2013, 06:27
| #1 |
| |  Immer wiederkehrende Warnmeldung bei Avira Hallo liebe Community, mein Antivir (kostenlose Version) zeigt mir nun schon seit einigen Wochen folgende Warnung: 'Der Zugriff auf die Datei 'C:\$Recycle.Bin\S-1-5-18\...\80000032.@' (oder statt der 32 auch manchmal mit der 64 am Ende), die ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' enthält, wurde verweigert.' Dann kann ich auf den Butten entfernen klicken. Kurze Zeit später erscheint aber genau die selbe Warnung wieder. Und meine Quarantäne ist auch voll nur mit diesen zwei 'Viren' Was kann ich machen, damit diese störende Mitteilung nicht mehr auftaucht? Vielen Dank schonmal im Voraus für eure Hilfe  LG, Christine |
|
02.07.2013, 06:45
| #2 |
| /// the machine /// TB-Ausbilder    | Immer wiederkehrende Warnmeldung bei Avira Hi,
__________________Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
|
02.07.2013, 17:37
| #3 |
| | Immer wiederkehrende Warnmeldung bei Avira Hallo,
__________________erstmal vielen Dank für die schnelle Antwort!  Ich habe das Program wie beschrieben durchlaufen lassen. Hier sind die beiden Dateien (ich hoffe, dass es klappt  ) : |
|
02.07.2013, 18:30
| #4 |
| /// the machine /// TB-Ausbilder | Immer wiederkehrende Warnmeldung bei Avira Logs bitte immer ind en Thread posten.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.07.2013, 18:54
| #5 |
| | Immer wiederkehrende Warnmeldung bei Avira Oke, habe das Programm wie beschrieben durchlaufen lassen: Code:
ATTFilter 19:51:06.0241 4540 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:51:06.0433 4540 ============================================================
19:51:06.0433 4540 Current date / time: 2013/07/02 19:51:06.0433
19:51:06.0433 4540 SystemInfo:
19:51:06.0433 4540
19:51:06.0433 4540 OS Version: 6.1.7601 ServicePack: 1.0
19:51:06.0433 4540 Product type: Workstation
19:51:06.0433 4540 ComputerName: CHRISTINE-PC
19:51:06.0433 4540 UserName: Christine
19:51:06.0433 4540 Windows directory: C:\Windows
19:51:06.0433 4540 System windows directory: C:\Windows
19:51:06.0434 4540 Running under WOW64
19:51:06.0434 4540 Processor architecture: Intel x64
19:51:06.0434 4540 Number of processors: 2
19:51:06.0434 4540 Page size: 0x1000
19:51:06.0434 4540 Boot type: Normal boot
19:51:06.0434 4540 ============================================================
19:51:08.0508 4540 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:51:08.0513 4540 ============================================================
19:51:08.0513 4540 \Device\Harddisk0\DR0:
19:51:08.0514 4540 MBR partitions:
19:51:08.0514 4540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0xE8E0360
19:51:08.0535 4540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A
19:51:08.0535 4540 ============================================================
19:51:08.0583 4540 C: <-> \Device\Harddisk0\DR0\Partition1
19:51:08.0622 4540 D: <-> \Device\Harddisk0\DR0\Partition2
19:51:08.0661 4540 ============================================================
19:51:08.0662 4540 Initialize success
19:51:08.0662 4540 ============================================================
19:51:48.0095 5112 ============================================================
19:51:48.0095 5112 Scan started
19:51:48.0095 5112 Mode: Manual; SigCheck; TDLFS;
19:51:48.0095 5112 ============================================================
19:51:49.0356 5112 ================ Scan system memory ========================
19:51:49.0356 5112 System memory - ok
19:51:49.0357 5112 ================ Scan services =============================
19:51:49.0546 5112 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:51:49.0678 5112 1394ohci - ok
19:51:49.0724 5112 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:51:49.0749 5112 ACPI - ok
19:51:49.0779 5112 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:51:49.0821 5112 AcpiPmi - ok
19:51:49.0925 5112 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:51:49.0944 5112 AdobeARMservice - ok
19:51:50.0058 5112 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:51:50.0078 5112 AdobeFlashPlayerUpdateSvc - ok
19:51:50.0150 5112 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:51:50.0179 5112 adp94xx - ok
19:51:50.0196 5112 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:51:50.0225 5112 adpahci - ok
19:51:50.0244 5112 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:51:50.0265 5112 adpu320 - ok
19:51:50.0347 5112 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
19:51:50.0397 5112 ADSMService ( UnsignedFile.Multi.Generic ) - warning
19:51:50.0397 5112 ADSMService - detected UnsignedFile.Multi.Generic (1)
19:51:50.0430 5112 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:51:50.0497 5112 AeLookupSvc - ok
19:51:50.0555 5112 [ FB2BE0BAE9B3F248080CDBF91EF16C7F ] AFBAgent C:\Windows\system32\FBAgent.exe
19:51:50.0586 5112 AFBAgent - ok
19:51:50.0650 5112 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:51:50.0713 5112 AFD - ok
19:51:50.0751 5112 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:51:50.0769 5112 agp440 - ok
19:51:50.0943 5112 [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
19:51:51.0045 5112 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803
19:51:51.0055 5112 Akamai ( HiddenFile.Multi.Generic ) - warning
19:51:51.0055 5112 Akamai - detected HiddenFile.Multi.Generic (1)
19:51:51.0096 5112 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:51:51.0144 5112 ALG - ok
19:51:51.0195 5112 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:51:51.0212 5112 aliide - ok
19:51:51.0262 5112 [ 6626D03567106689BF877504612F2C89 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:51:51.0313 5112 AMD External Events Utility - ok
19:51:51.0353 5112 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:51:51.0370 5112 amdide - ok
19:51:51.0413 5112 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:51:51.0455 5112 AmdK8 - ok
19:51:51.0481 5112 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:51:51.0534 5112 AmdPPM - ok
19:51:51.0571 5112 [ 12A5062C06E03FF70DB47800F91C7A13 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
19:51:51.0588 5112 amdsata - ok
19:51:51.0626 5112 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:51:51.0649 5112 amdsbs - ok
19:51:51.0661 5112 [ 8A7F289B45CEACAC761E14D5FAC59EB9 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
19:51:51.0676 5112 amdxata - ok
19:51:51.0886 5112 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:51:51.0902 5112 AntiVirSchedulerService - ok
19:51:51.0954 5112 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:51:51.0969 5112 AntiVirService - ok
19:51:51.0992 5112 AnyDVD - ok
19:51:52.0033 5112 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:51:52.0095 5112 AppID - ok
19:51:52.0145 5112 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:51:52.0215 5112 AppIDSvc - ok
19:51:52.0274 5112 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
19:51:52.0322 5112 Appinfo - ok
19:51:52.0419 5112 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:51:52.0495 5112 Apple Mobile Device - ok
19:51:52.0549 5112 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:51:52.0567 5112 arc - ok
19:51:52.0587 5112 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:51:52.0606 5112 arcsas - ok
19:51:52.0806 5112 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
19:51:52.0830 5112 AsDsm - ok
19:51:52.0971 5112 [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
19:51:53.0002 5112 ASLDRService - ok
19:51:53.0049 5112 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
19:51:53.0065 5112 ASMMAP64 - ok
19:51:53.0192 5112 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:51:53.0262 5112 aspnet_state - ok
19:51:53.0299 5112 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:51:53.0374 5112 AsyncMac - ok
19:51:53.0467 5112 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:51:53.0484 5112 atapi - ok
19:51:53.0726 5112 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:51:53.0824 5112 athr - ok
19:51:53.0981 5112 [ 2263EAFCF5ADD181B7FD47B78AE6D3E3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:51:54.0190 5112 atikmdag - ok
19:51:54.0224 5112 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:51:54.0240 5112 AtiPcie - ok
19:51:54.0286 5112 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
19:51:54.0359 5112 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
19:51:54.0359 5112 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
19:51:54.0451 5112 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:51:54.0472 5112 atksgt - ok
19:51:54.0598 5112 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:51:54.0744 5112 AudioEndpointBuilder - ok
19:51:54.0795 5112 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:51:54.0848 5112 AudioSrv - ok
19:51:54.0917 5112 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:51:54.0936 5112 avgntflt - ok
19:51:54.0998 5112 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:51:55.0020 5112 avipbb - ok
19:51:55.0072 5112 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:51:55.0089 5112 avkmgr - ok
19:51:55.0170 5112 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:51:55.0210 5112 AxInstSV - ok
19:51:55.0264 5112 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:51:55.0313 5112 b06bdrv - ok
19:51:55.0359 5112 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:51:55.0417 5112 b57nd60a - ok
19:51:55.0452 5112 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:51:55.0498 5112 BDESVC - ok
19:51:55.0549 5112 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:51:55.0614 5112 Beep - ok
19:51:55.0669 5112 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:51:55.0719 5112 blbdrive - ok
19:51:55.0808 5112 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:51:55.0832 5112 Bonjour Service - ok
19:51:55.0876 5112 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:51:55.0915 5112 bowser - ok
19:51:55.0954 5112 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:51:56.0009 5112 BrFiltLo - ok
19:51:56.0025 5112 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:51:56.0049 5112 BrFiltUp - ok
19:51:56.0089 5112 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:51:56.0128 5112 Browser - ok
19:51:56.0163 5112 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:51:56.0211 5112 Brserid - ok
19:51:56.0235 5112 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:51:56.0275 5112 BrSerWdm - ok
19:51:56.0294 5112 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:51:56.0345 5112 BrUsbMdm - ok
19:51:56.0375 5112 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:51:56.0413 5112 BrUsbSer - ok
19:51:56.0440 5112 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:51:56.0487 5112 BTHMODEM - ok
19:51:56.0523 5112 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:51:56.0571 5112 bthserv - ok
19:51:56.0589 5112 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:51:56.0635 5112 cdfs - ok
19:51:56.0698 5112 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:51:56.0732 5112 cdrom - ok
19:51:56.0781 5112 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:51:56.0844 5112 CertPropSvc - ok
19:51:56.0888 5112 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:51:56.0928 5112 circlass - ok
19:51:56.0966 5112 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:51:56.0993 5112 CLFS - ok
19:51:57.0047 5112 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:51:57.0090 5112 clr_optimization_v2.0.50727_32 - ok
19:51:57.0147 5112 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:51:57.0203 5112 clr_optimization_v2.0.50727_64 - ok
19:51:57.0289 5112 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:51:57.0512 5112 clr_optimization_v4.0.30319_32 - ok
19:51:57.0547 5112 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:51:57.0711 5112 clr_optimization_v4.0.30319_64 - ok
19:51:57.0776 5112 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:51:57.0809 5112 CmBatt - ok
19:51:57.0845 5112 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:51:57.0862 5112 cmdide - ok
19:51:57.0930 5112 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:51:57.0964 5112 CNG - ok
19:51:58.0019 5112 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:51:58.0036 5112 Compbatt - ok
19:51:58.0081 5112 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:51:58.0135 5112 CompositeBus - ok
19:51:58.0152 5112 COMSysApp - ok
19:51:58.0182 5112 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:51:58.0200 5112 crcdisk - ok
19:51:58.0239 5112 [ 64BEED6775C22B0362FA9DED3F8124A1 ] CRFILTER C:\Windows\system32\DRIVERS\CRFILTER.sys
19:51:58.0285 5112 CRFILTER - ok
19:51:58.0341 5112 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:51:58.0385 5112 CryptSvc - ok
19:51:58.0445 5112 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:51:58.0536 5112 DcomLaunch - ok
19:51:58.0571 5112 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:51:58.0642 5112 defragsvc - ok
19:51:58.0680 5112 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:51:58.0756 5112 DfsC - ok
19:51:58.0815 5112 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:51:58.0859 5112 Dhcp - ok
19:51:58.0890 5112 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:51:58.0961 5112 discache - ok
19:51:59.0008 5112 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:51:59.0029 5112 Disk - ok
19:51:59.0077 5112 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:51:59.0120 5112 Dnscache - ok
19:51:59.0161 5112 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:51:59.0228 5112 dot3svc - ok
19:51:59.0258 5112 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:51:59.0341 5112 DPS - ok
19:51:59.0368 5112 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:51:59.0409 5112 drmkaud - ok
19:51:59.0470 5112 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:51:59.0490 5112 dtsoftbus01 - ok
19:51:59.0533 5112 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:51:59.0566 5112 DXGKrnl - ok
19:51:59.0610 5112 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:51:59.0681 5112 EapHost - ok
19:51:59.0776 5112 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:51:59.0920 5112 ebdrv - ok
19:51:59.0963 5112 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:52:00.0011 5112 EFS - ok
19:52:00.0167 5112 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:52:00.0225 5112 ehRecvr - ok
19:52:00.0261 5112 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:52:00.0302 5112 ehSched - ok
19:52:00.0357 5112 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:52:00.0387 5112 elxstor - ok
19:52:00.0415 5112 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:52:00.0450 5112 ErrDev - ok
19:52:00.0497 5112 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:52:00.0571 5112 EventSystem - ok
19:52:00.0591 5112 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:52:00.0652 5112 exfat - ok
19:52:00.0690 5112 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:52:00.0758 5112 fastfat - ok
19:52:00.0812 5112 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:52:00.0874 5112 Fax - ok
19:52:00.0892 5112 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:52:00.0931 5112 fdc - ok
19:52:00.0975 5112 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:52:01.0027 5112 fdPHost - ok
19:52:01.0046 5112 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:52:01.0119 5112 FDResPub - ok
19:52:01.0145 5112 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:52:01.0164 5112 FileInfo - ok
19:52:01.0183 5112 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:52:01.0245 5112 Filetrace - ok
19:52:01.0265 5112 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:01.0300 5112 flpydisk - ok
19:52:01.0333 5112 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:52:01.0357 5112 FltMgr - ok
19:52:01.0409 5112 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:52:01.0466 5112 FontCache - ok
19:52:01.0530 5112 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:52:01.0564 5112 FontCache3.0.0.0 - ok
19:52:01.0590 5112 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:52:01.0609 5112 FsDepends - ok
19:52:01.0648 5112 [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:52:01.0666 5112 fssfltr - ok
19:52:01.0716 5112 [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:52:01.0743 5112 fsssvc - ok
19:52:01.0770 5112 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:52:01.0788 5112 Fs_Rec - ok
19:52:01.0836 5112 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:52:01.0862 5112 fvevol - ok
19:52:01.0878 5112 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:52:01.0897 5112 gagp30kx - ok
19:52:01.0933 5112 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:52:01.0949 5112 GEARAspiWDM - ok
19:52:01.0987 5112 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:52:02.0085 5112 gpsvc - ok
19:52:02.0158 5112 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:52:02.0175 5112 gupdate - ok
19:52:02.0191 5112 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:52:02.0208 5112 gupdatem - ok
19:52:02.0233 5112 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:52:02.0278 5112 hcw85cir - ok
19:52:02.0343 5112 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:52:02.0394 5112 HdAudAddService - ok
19:52:02.0451 5112 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:52:02.0484 5112 HDAudBus - ok
19:52:02.0508 5112 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:52:02.0544 5112 HidBatt - ok
19:52:02.0566 5112 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:52:02.0605 5112 HidBth - ok
19:52:02.0625 5112 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:52:02.0671 5112 HidIr - ok
19:52:02.0707 5112 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:52:02.0773 5112 hidserv - ok
19:52:02.0832 5112 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:52:02.0854 5112 HidUsb - ok
19:52:02.0887 5112 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:52:02.0947 5112 hkmsvc - ok
19:52:02.0991 5112 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:52:03.0041 5112 HomeGroupListener - ok
19:52:03.0091 5112 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:52:03.0136 5112 HomeGroupProvider - ok
19:52:03.0164 5112 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:52:03.0183 5112 HpSAMD - ok
19:52:03.0246 5112 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:52:03.0322 5112 HTTP - ok
19:52:03.0362 5112 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:52:03.0380 5112 hwpolicy - ok
19:52:03.0422 5112 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:52:03.0445 5112 i8042prt - ok
19:52:03.0485 5112 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:52:03.0527 5112 iaStorV - ok
19:52:03.0602 5112 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:52:03.0629 5112 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:52:03.0629 5112 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:52:03.0692 5112 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:52:03.0770 5112 idsvc - ok
19:52:03.0805 5112 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:52:03.0824 5112 iirsp - ok
19:52:03.0886 5112 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:52:03.0982 5112 IKEEXT - ok
19:52:04.0014 5112 IntcAzAudAddService - ok
19:52:04.0032 5112 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:52:04.0051 5112 intelide - ok
19:52:04.0097 5112 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:52:04.0140 5112 intelppm - ok
19:52:04.0171 5112 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:52:04.0235 5112 IPBusEnum - ok
19:52:04.0267 5112 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:04.0326 5112 IpFilterDriver - ok
19:52:04.0364 5112 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:52:04.0399 5112 IPMIDRV - ok
19:52:04.0442 5112 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:52:04.0510 5112 IPNAT - ok
19:52:04.0594 5112 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:52:04.0619 5112 iPod Service - ok
19:52:04.0634 5112 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:52:04.0680 5112 IRENUM - ok
19:52:04.0707 5112 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:52:04.0726 5112 isapnp - ok
19:52:04.0759 5112 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:52:04.0782 5112 iScsiPrt - ok
19:52:04.0795 5112 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:52:04.0814 5112 kbdclass - ok
19:52:04.0845 5112 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:52:04.0885 5112 kbdhid - ok
19:52:04.0929 5112 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
19:52:04.0945 5112 kbfiltr - ok
19:52:04.0960 5112 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:52:04.0989 5112 KeyIso - ok
19:52:05.0004 5112 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:52:05.0023 5112 KSecDD - ok
19:52:05.0054 5112 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:52:05.0074 5112 KSecPkg - ok
19:52:05.0100 5112 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:52:05.0162 5112 ksthunk - ok
19:52:05.0250 5112 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:52:05.0338 5112 KtmRm - ok
19:52:05.0394 5112 [ AD88105EFDDC55877EA8D06346D75989 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
19:52:05.0446 5112 L1C - ok
19:52:05.0532 5112 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:52:05.0614 5112 LanmanServer - ok
19:52:05.0650 5112 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:52:05.0722 5112 LanmanWorkstation - ok
19:52:05.0777 5112 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:52:05.0794 5112 lirsgt - ok
19:52:05.0846 5112 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:52:05.0903 5112 lltdio - ok
19:52:05.0953 5112 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:52:06.0026 5112 lltdsvc - ok
19:52:06.0043 5112 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:52:06.0109 5112 lmhosts - ok
19:52:06.0176 5112 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:52:06.0195 5112 LSI_FC - ok
19:52:06.0214 5112 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:52:06.0234 5112 LSI_SAS - ok
19:52:06.0249 5112 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:52:06.0268 5112 LSI_SAS2 - ok
19:52:06.0281 5112 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:52:06.0301 5112 LSI_SCSI - ok
19:52:06.0329 5112 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:52:06.0397 5112 luafv - ok
19:52:06.0434 5112 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
19:52:06.0450 5112 lullaby - ok
19:52:06.0482 5112 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:52:06.0526 5112 Mcx2Svc - ok
19:52:06.0569 5112 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:52:06.0589 5112 megasas - ok
19:52:06.0611 5112 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:52:06.0651 5112 MegaSR - ok
19:52:06.0750 5112 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:52:06.0881 5112 Microsoft Office Groove Audit Service - ok
19:52:06.0899 5112 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:52:06.0980 5112 MMCSS - ok
19:52:07.0020 5112 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:52:07.0081 5112 Modem - ok
19:52:07.0130 5112 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:52:07.0154 5112 monitor - ok
19:52:07.0190 5112 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:52:07.0209 5112 mouclass - ok
19:52:07.0247 5112 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:52:07.0279 5112 mouhid - ok
19:52:07.0321 5112 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:52:07.0340 5112 mountmgr - ok
19:52:07.0416 5112 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:52:07.0435 5112 MozillaMaintenance - ok
19:52:07.0479 5112 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:52:07.0499 5112 mpio - ok
19:52:07.0528 5112 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:52:07.0574 5112 mpsdrv - ok
19:52:07.0609 5112 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:52:07.0656 5112 MRxDAV - ok
19:52:07.0693 5112 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:07.0736 5112 mrxsmb - ok
19:52:07.0766 5112 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:07.0810 5112 mrxsmb10 - ok
19:52:07.0831 5112 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:07.0876 5112 mrxsmb20 - ok
19:52:07.0904 5112 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:52:07.0922 5112 msahci - ok
19:52:07.0940 5112 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:52:07.0960 5112 msdsm - ok
19:52:07.0977 5112 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:52:08.0035 5112 MSDTC - ok
19:52:08.0083 5112 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:52:08.0143 5112 Msfs - ok
19:52:08.0168 5112 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:52:08.0233 5112 mshidkmdf - ok
19:52:08.0264 5112 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:52:08.0282 5112 msisadrv - ok
19:52:08.0332 5112 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:52:08.0397 5112 MSiSCSI - ok
19:52:08.0402 5112 msiserver - ok
19:52:08.0441 5112 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:52:08.0502 5112 MSKSSRV - ok
19:52:08.0525 5112 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:08.0587 5112 MSPCLOCK - ok
19:52:08.0605 5112 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:52:08.0683 5112 MSPQM - ok
19:52:08.0764 5112 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:52:08.0795 5112 MsRPC - ok
19:52:08.0852 5112 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:52:08.0871 5112 mssmbios - ok
19:52:08.0917 5112 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:52:08.0962 5112 MSTEE - ok
19:52:08.0980 5112 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:52:09.0024 5112 MTConfig - ok
19:52:09.0066 5112 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
19:52:09.0082 5112 MTsensor - ok
19:52:09.0123 5112 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:52:09.0141 5112 Mup - ok
19:52:09.0179 5112 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:52:09.0257 5112 napagent - ok
19:52:09.0312 5112 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:52:09.0357 5112 NativeWifiP - ok
19:52:09.0422 5112 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:52:09.0472 5112 NDIS - ok
19:52:09.0515 5112 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:52:09.0561 5112 NdisCap - ok
19:52:09.0595 5112 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:09.0661 5112 NdisTapi - ok
19:52:09.0701 5112 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:09.0759 5112 Ndisuio - ok
19:52:09.0785 5112 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:09.0846 5112 NdisWan - ok
19:52:09.0884 5112 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:52:09.0942 5112 NDProxy - ok
19:52:10.0058 5112 [ A0101E836D2A39682E134C47B1565256 ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
19:52:10.0149 5112 Nero BackItUp Scheduler 3 - ok
19:52:10.0194 5112 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:52:10.0270 5112 NetBIOS - ok
19:52:10.0305 5112 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:52:10.0365 5112 NetBT - ok
19:52:10.0386 5112 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:52:10.0415 5112 Netlogon - ok
19:52:10.0463 5112 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:52:10.0548 5112 Netman - ok
19:52:10.0656 5112 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:10.0719 5112 NetMsmqActivator - ok
19:52:10.0724 5112 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:10.0744 5112 NetPipeActivator - ok
19:52:10.0777 5112 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:52:10.0857 5112 netprofm - ok
19:52:10.0909 5112 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:10.0929 5112 NetTcpActivator - ok
19:52:10.0942 5112 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:10.0961 5112 NetTcpPortSharing - ok
19:52:10.0986 5112 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:52:11.0005 5112 nfrd960 - ok
19:52:11.0059 5112 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:52:11.0115 5112 NlaSvc - ok
19:52:11.0216 5112 [ 6EF0506CE1F553E9BD085645933C8686 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
19:52:11.0308 5112 NMIndexingService - ok
19:52:11.0345 5112 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:52:11.0397 5112 Npfs - ok
19:52:11.0420 5112 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:52:11.0490 5112 nsi - ok
19:52:11.0507 5112 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:52:11.0567 5112 nsiproxy - ok
19:52:11.0629 5112 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:52:11.0699 5112 Ntfs - ok
19:52:11.0723 5112 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:52:11.0782 5112 Null - ok
19:52:11.0826 5112 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:52:11.0845 5112 nvraid - ok
19:52:11.0865 5112 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:52:11.0895 5112 nvstor - ok
19:52:11.0917 5112 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:52:11.0937 5112 nv_agp - ok
19:52:12.0028 5112 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:52:12.0055 5112 odserv - ok
19:52:12.0080 5112 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:52:12.0102 5112 ohci1394 - ok
19:52:12.0133 5112 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:12.0152 5112 ose - ok
19:52:12.0210 5112 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:52:12.0270 5112 p2pimsvc - ok
19:52:12.0296 5112 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:52:12.0358 5112 p2psvc - ok
19:52:12.0385 5112 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:52:12.0422 5112 Parport - ok
19:52:12.0459 5112 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:52:12.0479 5112 partmgr - ok
19:52:12.0515 5112 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:52:12.0571 5112 PcaSvc - ok
19:52:12.0598 5112 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:52:12.0620 5112 pci - ok
19:52:12.0644 5112 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:52:12.0662 5112 pciide - ok
19:52:12.0693 5112 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:52:12.0718 5112 pcmcia - ok
19:52:12.0737 5112 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:52:12.0756 5112 pcw - ok
19:52:12.0784 5112 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:52:12.0855 5112 PEAUTH - ok
19:52:12.0927 5112 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:52:12.0973 5112 PerfHost - ok
19:52:13.0046 5112 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:52:13.0152 5112 pla - ok
19:52:13.0208 5112 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:52:13.0265 5112 PlugPlay - ok
19:52:13.0286 5112 PnkBstrA - ok
19:52:13.0314 5112 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:52:13.0365 5112 PNRPAutoReg - ok
19:52:13.0387 5112 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:52:13.0421 5112 PNRPsvc - ok
19:52:13.0459 5112 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:52:13.0526 5112 PolicyAgent - ok
19:52:13.0573 5112 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:52:13.0653 5112 Power - ok
19:52:13.0690 5112 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:52:13.0752 5112 PptpMiniport - ok
19:52:13.0787 5112 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:52:13.0829 5112 Processor - ok
19:52:13.0868 5112 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:52:13.0931 5112 ProfSvc - ok
19:52:13.0952 5112 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:52:13.0980 5112 ProtectedStorage - ok
19:52:14.0041 5112 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:52:14.0094 5112 Psched - ok
19:52:14.0145 5112 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:52:14.0210 5112 ql2300 - ok
19:52:14.0238 5112 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:52:14.0258 5112 ql40xx - ok
19:52:14.0294 5112 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:52:14.0341 5112 QWAVE - ok
19:52:14.0357 5112 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:52:14.0402 5112 QWAVEdrv - ok
19:52:14.0424 5112 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:52:14.0489 5112 RasAcd - ok
19:52:14.0528 5112 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:52:14.0573 5112 RasAgileVpn - ok
19:52:14.0609 5112 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:52:14.0681 5112 RasAuto - ok
19:52:14.0707 5112 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:14.0780 5112 Rasl2tp - ok
19:52:14.0815 5112 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:52:14.0891 5112 RasMan - ok
19:52:14.0932 5112 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:14.0999 5112 RasPppoe - ok
19:52:15.0019 5112 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:52:15.0078 5112 RasSstp - ok
19:52:15.0114 5112 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:52:15.0163 5112 rdbss - ok
19:52:15.0198 5112 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:52:15.0235 5112 rdpbus - ok
19:52:15.0259 5112 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:15.0319 5112 RDPCDD - ok
19:52:15.0343 5112 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:52:15.0404 5112 RDPENCDD - ok
19:52:15.0413 5112 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:52:15.0471 5112 RDPREFMP - ok
19:52:15.0509 5112 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:52:15.0548 5112 RDPWD - ok
19:52:15.0606 5112 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:52:15.0628 5112 rdyboost - ok
19:52:15.0707 5112 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:52:15.0788 5112 RemoteAccess - ok
19:52:15.0828 5112 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:52:15.0899 5112 RemoteRegistry - ok
19:52:15.0989 5112 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
19:52:16.0045 5112 RMCAST - ok
19:52:16.0079 5112 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:52:16.0154 5112 RpcEptMapper - ok
19:52:16.0193 5112 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:52:16.0235 5112 RpcLocator - ok
19:52:16.0286 5112 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:52:16.0346 5112 RpcSs - ok
19:52:16.0395 5112 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:52:16.0454 5112 rspndr - ok
19:52:16.0468 5112 RTHDMIAzAudService - ok
19:52:16.0494 5112 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:52:16.0522 5112 SamSs - ok
19:52:16.0551 5112 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:52:16.0570 5112 sbp2port - ok
19:52:16.0601 5112 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:52:16.0660 5112 SCardSvr - ok
19:52:16.0690 5112 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:52:16.0751 5112 scfilter - ok
19:52:16.0802 5112 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:52:16.0885 5112 Schedule - ok
19:52:16.0911 5112 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:52:16.0957 5112 SCPolicySvc - ok
19:52:16.0993 5112 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:52:17.0039 5112 SDRSVC - ok
19:52:17.0097 5112 [ 58DC20EB15F071804C56FCCC796417A2 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:52:17.0116 5112 SeaPort - ok
19:52:17.0167 5112 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:52:17.0231 5112 secdrv - ok
19:52:17.0264 5112 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:52:17.0329 5112 seclogon - ok
19:52:17.0362 5112 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:52:17.0439 5112 SENS - ok
19:52:17.0466 5112 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:52:17.0515 5112 SensrSvc - ok
19:52:17.0546 5112 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:52:17.0579 5112 Serenum - ok
19:52:17.0606 5112 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:52:17.0642 5112 Serial - ok
19:52:17.0670 5112 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:52:17.0705 5112 sermouse - ok
19:52:17.0742 5112 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:52:17.0811 5112 SessionEnv - ok
19:52:17.0831 5112 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:52:17.0870 5112 sffdisk - ok
19:52:17.0894 5112 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:52:17.0915 5112 sffp_mmc - ok
19:52:17.0923 5112 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:52:17.0959 5112 sffp_sd - ok
19:52:17.0992 5112 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:52:18.0034 5112 sfloppy - ok
19:52:18.0070 5112 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:52:18.0144 5112 ShellHWDetection - ok
19:52:18.0179 5112 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
19:52:18.0222 5112 SiSGbeLH - ok
19:52:18.0250 5112 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:52:18.0269 5112 SiSRaid2 - ok
19:52:18.0286 5112 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:52:18.0306 5112 SiSRaid4 - ok
19:52:18.0325 5112 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:52:18.0391 5112 Smb - ok
19:52:18.0477 5112 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:52:18.0534 5112 SNMPTRAP - ok
19:52:18.0608 5112 [ A415C67B40DFB903ACCC1D40FBEE3269 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
19:52:18.0680 5112 SNP2UVC - ok
19:52:18.0697 5112 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:52:18.0725 5112 spldr - ok
19:52:18.0762 5112 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:52:18.0819 5112 Spooler - ok
19:52:18.0919 5112 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:52:19.0077 5112 sppsvc - ok
19:52:19.0113 5112 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:52:19.0187 5112 sppuinotify - ok
19:52:19.0205 5112 sptd - ok
19:52:19.0246 5112 [ B9657A0AFF28C1CB114ACC0CB93EE4BB ] sp_rsdrv2 C:\Windows\system32\DRIVERS\stflt.sys
19:52:19.0265 5112 sp_rsdrv2 - ok
19:52:19.0297 5112 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:52:19.0338 5112 srv - ok
19:52:19.0361 5112 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:52:19.0388 5112 srv2 - ok
19:52:19.0410 5112 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:52:19.0446 5112 srvnet - ok
19:52:19.0485 5112 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:52:19.0563 5112 SSDPSRV - ok
19:52:19.0590 5112 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:52:19.0670 5112 SstpSvc - ok
19:52:19.0763 5112 [ 24543AAF056D3AFCED3F4FF487F53C90 ] ST2012_Svc C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
19:52:19.0797 5112 ST2012_Svc - ok
19:52:19.0826 5112 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:52:19.0845 5112 stexstor - ok
19:52:19.0882 5112 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:52:19.0943 5112 stisvc - ok
19:52:19.0977 5112 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:52:19.0995 5112 swenum - ok
19:52:20.0075 5112 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:52:20.0114 5112 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
19:52:20.0115 5112 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
19:52:20.0153 5112 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:52:20.0217 5112 swprv - ok
19:52:20.0276 5112 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:52:20.0296 5112 SynTP - ok
19:52:20.0356 5112 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:52:20.0458 5112 SysMain - ok
19:52:20.0497 5112 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:52:20.0537 5112 TabletInputService - ok
19:52:20.0554 5112 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:52:20.0644 5112 TapiSrv - ok
19:52:20.0699 5112 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:52:20.0758 5112 TBS - ok
19:52:20.0832 5112 [ 6408F77ED53D68F2E883A617E081EAEB ] TC310 C:\Windows\system32\Drivers\TC31064.sys
19:52:20.0852 5112 TC310 - ok
19:52:20.0935 5112 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:52:21.0014 5112 Tcpip - ok
19:52:21.0100 5112 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:52:21.0148 5112 TCPIP6 - ok
19:52:21.0177 5112 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:52:21.0214 5112 tcpipreg - ok
19:52:21.0243 5112 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:52:21.0278 5112 TDPIPE - ok
19:52:21.0299 5112 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:52:21.0320 5112 TDTCP - ok
19:52:21.0363 5112 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:52:21.0408 5112 tdx - ok
19:52:21.0435 5112 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:52:21.0454 5112 TermDD - ok
19:52:21.0503 5112 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:52:21.0600 5112 TermService - ok
19:52:21.0630 5112 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:52:21.0691 5112 Themes - ok
19:52:21.0724 5112 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:52:21.0778 5112 THREADORDER - ok
19:52:21.0825 5112 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:52:21.0896 5112 TrkWks - ok
19:52:21.0971 5112 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:52:22.0067 5112 TrustedInstaller - ok
19:52:22.0100 5112 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:22.0156 5112 tssecsrv - ok
19:52:22.0196 5112 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:52:22.0236 5112 TsUsbFlt - ok
19:52:22.0285 5112 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:52:22.0344 5112 tunnel - ok
19:52:22.0417 5112 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:52:22.0436 5112 uagp35 - ok
19:52:22.0479 5112 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:52:22.0544 5112 udfs - ok
19:52:22.0583 5112 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:52:22.0638 5112 UI0Detect - ok
19:52:22.0663 5112 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:52:22.0683 5112 uliagpkx - ok
19:52:22.0728 5112 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:52:22.0767 5112 umbus - ok
19:52:22.0802 5112 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:52:22.0839 5112 UmPass - ok
19:52:22.0875 5112 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:52:22.0967 5112 upnphost - ok
19:52:23.0008 5112 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:52:23.0044 5112 USBAAPL64 - ok
19:52:23.0077 5112 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:23.0100 5112 usbccgp - ok
19:52:23.0119 5112 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:52:23.0159 5112 usbcir - ok
19:52:23.0194 5112 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:52:23.0231 5112 usbehci - ok
19:52:23.0281 5112 [ D524F3716D85B744762FF5EAAEF8F3A2 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:52:23.0298 5112 usbfilter - ok
19:52:23.0346 5112 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:52:23.0373 5112 usbhub - ok
19:52:23.0394 5112 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:52:23.0441 5112 usbohci - ok
19:52:23.0483 5112 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:52:23.0529 5112 usbprint - ok
19:52:23.0558 5112 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:52:23.0602 5112 usbscan - ok
19:52:23.0633 5112 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:23.0671 5112 USBSTOR - ok
19:52:23.0708 5112 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:52:23.0742 5112 usbuhci - ok
19:52:23.0784 5112 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:52:23.0813 5112 usbvideo - ok
19:52:23.0849 5112 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:52:23.0922 5112 UxSms - ok
19:52:23.0946 5112 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:52:23.0975 5112 VaultSvc - ok
19:52:24.0012 5112 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:52:24.0031 5112 vdrvroot - ok
19:52:24.0075 5112 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:52:24.0167 5112 vds - ok
19:52:24.0206 5112 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:24.0231 5112 vga - ok
19:52:24.0239 5112 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:52:24.0302 5112 VgaSave - ok
19:52:24.0333 5112 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:52:24.0355 5112 vhdmp - ok
19:52:24.0376 5112 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:52:24.0394 5112 viaide - ok
19:52:24.0421 5112 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:52:24.0440 5112 volmgr - ok
19:52:24.0479 5112 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:52:24.0505 5112 volmgrx - ok
19:52:24.0530 5112 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:52:24.0553 5112 volsnap - ok
19:52:24.0585 5112 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:52:24.0606 5112 vsmraid - ok
19:52:24.0669 5112 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:52:24.0756 5112 VSS - ok
19:52:24.0780 5112 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:52:24.0817 5112 vwifibus - ok
19:52:24.0837 5112 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:52:24.0879 5112 vwififlt - ok
19:52:24.0919 5112 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:52:24.0958 5112 vwifimp - ok
19:52:24.0996 5112 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:52:25.0075 5112 W32Time - ok
19:52:25.0096 5112 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:52:25.0140 5112 WacomPen - ok
19:52:25.0186 5112 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:52:25.0250 5112 WANARP - ok
19:52:25.0265 5112 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:52:25.0311 5112 Wanarpv6 - ok
19:52:25.0381 5112 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:52:25.0444 5112 WatAdminSvc - ok
19:52:25.0507 5112 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:52:25.0588 5112 wbengine - ok
19:52:25.0620 5112 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:52:25.0667 5112 WbioSrvc - ok
19:52:25.0695 5112 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:52:25.0756 5112 wcncsvc - ok
19:52:25.0782 5112 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:52:25.0830 5112 WcsPlugInService - ok
19:52:25.0858 5112 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:52:25.0877 5112 Wd - ok
19:52:25.0920 5112 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:52:25.0969 5112 Wdf01000 - ok
19:52:25.0992 5112 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:52:26.0051 5112 WdiServiceHost - ok
19:52:26.0069 5112 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:52:26.0111 5112 WdiSystemHost - ok
19:52:26.0143 5112 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:52:26.0200 5112 WebClient - ok
19:52:26.0226 5112 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:52:26.0317 5112 Wecsvc - ok
19:52:26.0343 5112 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:52:26.0403 5112 wercplsupport - ok
19:52:26.0438 5112 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:52:26.0514 5112 WerSvc - ok
19:52:26.0559 5112 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:52:26.0606 5112 WfpLwf - ok
19:52:26.0633 5112 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:52:26.0655 5112 WimFltr - ok
19:52:26.0670 5112 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:52:26.0689 5112 WIMMount - ok
19:52:26.0699 5112 WinHttpAutoProxySvc - ok
19:52:26.0749 5112 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:52:26.0800 5112 Winmgmt - ok
19:52:26.0866 5112 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:52:27.0000 5112 WinRM - ok
19:52:27.0063 5112 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:52:27.0100 5112 WinUsb - ok
19:52:27.0148 5112 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:52:27.0220 5112 Wlansvc - ok
19:52:27.0351 5112 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:52:27.0425 5112 wlidsvc - ok
19:52:27.0444 5112 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:52:27.0483 5112 WmiAcpi - ok
19:52:27.0516 5112 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:52:27.0559 5112 wmiApSrv - ok
19:52:27.0591 5112 WMPNetworkSvc - ok
19:52:27.0612 5112 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:52:27.0648 5112 WPCSvc - ok
19:52:27.0679 5112 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:52:27.0718 5112 WPDBusEnum - ok
19:52:27.0755 5112 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:52:27.0814 5112 ws2ifsl - ok
19:52:27.0818 5112 WSearch - ok
19:52:27.0853 5112 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:52:27.0888 5112 WudfPf - ok
19:52:27.0938 5112 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:27.0979 5112 WUDFRd - ok
19:52:28.0023 5112 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:52:28.0074 5112 wudfsvc - ok
19:52:28.0121 5112 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:52:28.0188 5112 WwanSvc - ok
19:52:28.0216 5112 ================ Scan global ===============================
19:52:28.0246 5112 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:52:28.0285 5112 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:52:28.0334 5112 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:52:28.0373 5112 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:52:28.0422 5112 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:52:28.0436 5112 [Global] - ok
19:52:28.0437 5112 ================ Scan MBR ==================================
19:52:28.0457 5112 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:52:29.0114 5112 \Device\Harddisk0\DR0 - ok
19:52:29.0115 5112 ================ Scan VBR ==================================
19:52:29.0118 5112 [ 1415C0D4C0ECC064CBE3D129B01AA08B ] \Device\Harddisk0\DR0\Partition1
19:52:29.0120 5112 \Device\Harddisk0\DR0\Partition1 - ok
19:52:29.0124 5112 [ 0FB6F883B7C7C1D2BD175E32CD183B3C ] \Device\Harddisk0\DR0\Partition2
19:52:29.0127 5112 \Device\Harddisk0\DR0\Partition2 - ok
19:52:29.0127 5112 ============================================================
19:52:29.0127 5112 Scan finished
19:52:29.0127 5112 ============================================================
19:52:29.0140 0260 Detected object count: 5
19:52:29.0140 0260 Actual detected object count: 5
19:52:38.0996 0260 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:38.0996 0260 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:38.0999 0260 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:52:38.0999 0260 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
19:52:39.0001 0260 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:39.0001 0260 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:39.0003 0260 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:39.0003 0260 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:39.0007 0260 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:39.0007 0260 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
03.07.2013, 07:08
| #6 | |
| /// the machine /// TB-Ausbilder | Immer wiederkehrende Warnmeldung bei AviraCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> Immer wiederkehrende Warnmeldung bei Avira |
|
03.07.2013, 16:58
| #7 |
| | Immer wiederkehrende Warnmeldung bei Avira Super! Die Meldungen sind weg!!! Vielen lieben Dank!! Du hast mir sehr geholfen Hier ist noch die letzte textfile: Code:
ATTFilter ComboFix 13-07-02.03 - Christine 03.07.2013 17:35:32.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2887 [GMT 2:00]
ausgeführt von:: c:\users\Christine\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\$recycle.bin\S-1-5-18\$db7b069140949cbcc955f9f9a86d73cb\@
c:\$recycle.bin\S-1-5-18\$db7b069140949cbcc955f9f9a86d73cb\n
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\programdata\FullRemove.exe
c:\programdata\go_0molg.pad
c:\users\Christine\4.0
c:\users\Christine\AppData\Roaming\.#
c:\users\Christine\AppData\Roaming\Goxe
c:\users\Christine\AppData\Roaming\Goxe\uhcee.ywd
c:\users\Christine\AppData\Roaming\Honoz
c:\users\Christine\AppData\Roaming\Honoz\ecze.udr
c:\users\Christine\AppData\Roaming\Local
c:\users\Christine\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Christine\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Christine\AppData\Roaming\Local\Temp\DDM\Settings\stars_db.e01.xvid.avi.ddr
c:\users\Christine\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\stars_db.e01.xvid.avi.ddp
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-03 bis 2013-07-03 ))))))))))))))))))))))))))))))
.
.
2013-07-02 16:30 . 2013-07-02 16:30 -------- d-----w- C:\FRST
2013-07-01 20:09 . 2013-07-01 20:09 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2013-06-28 18:20 . 2013-06-28 18:21 -------- d-----w- c:\users\Christine\AppData\Local\calibre-cache
2013-06-28 14:55 . 2013-06-30 15:42 -------- d-----w- c:\users\Christine\AppData\Roaming\calibre
2013-06-28 14:54 . 2013-06-28 14:55 -------- d-----w- c:\program files (x86)\Calibre2
2013-06-10 12:44 . 2013-06-10 12:44 -------- d-----w- c:\program files\Bonjour
2013-06-10 12:44 . 2013-06-10 12:44 -------- d-----w- c:\program files (x86)\Bonjour
2013-06-09 12:04 . 2013-06-09 12:04 -------- d-----w- c:\program files\Bonjour Print Services
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-24 09:24 . 2013-05-07 18:33 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-06-12 15:03 . 2012-04-01 16:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 15:03 . 2011-05-18 15:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-16 17:40 . 2010-09-18 15:08 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-14 21:00 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-05-14 21:00 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-05-13 06:37 . 2013-05-17 13:46 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC613290-61FE-4854-BF64-4FB6B1EBEBF5}\mpengine.dll
2013-05-06 13:39 . 2013-05-16 12:30 9060352 ----a-w- c:\windows\system32\mshtml.dll
2013-05-02 00:06 . 2010-08-03 08:36 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-18 14:18 . 2013-04-18 14:18 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-13 05:49 . 2013-05-16 12:31 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 12:31 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 12:31 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 12:31 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 12:31 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 12:31 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 13:38 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-16 12:31 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-16 12:31 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-16 12:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-02 98304]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-10-12 106496]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-06-10 8568832]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-24 345144]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"AirPort Base Station Agent"="c:\program files (x86)\AirPort\APAgent.exe" [2009-11-11 771360]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys;c:\windows\SYSNATIVE\DRIVERS\CRFILTER.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TC310;BMS_CMOS_3.0C Camera(TC310) 64bit;c:\windows\system32\Drivers\TC31064.sys;c:\windows\SYSNATIVE\Drivers\TC31064.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys;c:\windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-19 18:50 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 15:03]
.
2013-07-03 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2010-09-18 08:32]
.
2013-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-27 09:05]
.
2013-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-27 09:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
mSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Christine\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Christine\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.1.1
FF - ProfilePath - c:\users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\u2rfa30c.default\
FF - ExtSQL: 2013-06-30 12:06; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\u2rfa30c.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Toolbar-Locked - (no file)
WebBrowser-{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - (no file)
HKLM-Run-SpywareTerminatorShield - c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM-Run-SpywareTerminatorUpdater - c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3654667669-1078212546-1181664073-1001\Software\SecuROM\License information*]
"datasecu"=hex:89,0a,67,71,e7,7a,7d,ec,1b,db,23,49,f1,8c,aa,d9,d9,b3,f3,00,fa,
c3,20,75,70,76,16,ee,bc,81,db,90,ee,e4,41,e0,e2,57,31,39,68,78,ff,76,28,e3,\
"rkeysecu"=hex:76,a6,9c,d7,bf,70,90,46,d7,3a,3e,59,83,c3,37,f2
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\windows\SysWOW64\ASUSTPE.exe
c:\program files (x86)\Brother\Brmfcmon\BrMfcmon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-03 17:54:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-07-03 15:54
.
Vor Suchlauf: 14 Verzeichnis(se), 34.909.003.776 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 35.080.540.160 Bytes frei
.
- - End Of File - - 26A71E1B36AB07C4A4BEFA85202AB2B0
D41D8CD98F00B204E9800998ECF8427E
|
|
03.07.2013, 18:20
| #8 |
| /// the machine /// TB-Ausbilder | Immer wiederkehrende Warnmeldung bei Avira Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST Log bitte
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.07.2013, 21:58
| #9 |
| | Immer wiederkehrende Warnmeldung bei AviraCode:
ATTFilter # AdwCleaner v2.304 - Datei am 03/07/2013 um 22:23:30 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Christine - CHRISTINE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Christine\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Ordner Gelöscht : C:\Users\Christine\AppData\Local\iMesh
Ordner Gelöscht : C:\Users\Christine\Documents\iMesh
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\u2rfa30c.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\48zvlx7i.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v27.0.1453.116
Datei : C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
Datei : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v [Version kann nicht ermittelt werden]
Datei : C:\Users\Christine\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
Datei : C:\Users\Gast\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S2].txt - [1624 octets] - [03/07/2013 22:23:30]
########## EOF - C:\AdwCleaner[S2].txt - [1684 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Christine on 03.07.2013 at 22:38:16,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\sho16AD.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1B1F.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho659B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA529.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC789.tmp
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Christine\AppData\Roaming\mozilla\firefox\profiles\u2rfa30c.default\minidumps [19 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.07.2013 at 22:44:04,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
04.07.2013, 07:12
| #10 |
| /// the machine /// TB-Ausbilder | Immer wiederkehrende Warnmeldung bei AviraESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST Log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Immer wiederkehrende Warnmeldung bei Avira |
| 'c:\$recycle.bin\s-1-5-18\...\80000032.@, antivir, avira, datei, entfernen, folge, folgende, klicke, kostenlose, kurze, meldung, nicht mehr, programm, quarantäne, tr/atraps.gen, unerwünschtes programm, version, viren, virus, voll, warnmeldung, warnung, wiederkehrende, woche, wochen, zugriff |
Linear-Darstellung
