Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Interpol Trojaner - Sperschirm//FRST.Log schon angehängt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.08.2013, 16:43   #1
Oliver Ekni
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



Guten Tag,

ich habe das Problem das ich seit gestern einen Interpol Trojaner eingefangen habe.

Ich habe bereits ein FRST Scan duchgeführt und diesen auch angehängt.
allerdings hat der Scan nur über den abgesicherten Modus funktioniert.
Ich konnte über die Systemwiederherstellung nicht auf meinen USB Stick zugreifen.
Macht dies einen gravierenden Unterschied?

Kann es sein das dies der Übeltäter ist?
Code:
ATTFilter
ShortcutTarget: srenywvbgpqptdglxfe.lnk -> C:\Users\User\AppData\Local\Temp\efxlgdtpqpgbvwyners.bfg ()
         
Über eine schnelle Hilfe würde ich mich freuen.

Viele Grüße


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2013 02
Ran by User (administrator) on 09-08-2013 17:37:09
Running from J:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\userinit.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Zune Launcher] - c:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKCU\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent [x]
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7.5\ICQ.exe [124480 2011-08-01] (ICQ, LLC.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-08] (Google Inc.)
HKCU\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe [846288 2013-07-25] (Google Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATOR] - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992 2009-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [LaunchHPOSIAPP] - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [385024 2009-04-03] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MySig.lnk
ShortcutTarget: MySig.lnk -> C:\Program Files (x86)\MySig.exe (No File)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\srenywvbgpqptdglxfe.lnk
ShortcutTarget: srenywvbgpqptdglxfe.lnk -> C:\Users\User\AppData\Local\Temp\efxlgdtpqpgbvwyners.bfg ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=homepage&u=3a61a3f7000000000000701a04407626
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {BAF60B34-BC2D-4D38-BF52-8D31949C6020} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {902D76CD-4644-4E24-B5B4-3F14BEC37261} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM - {BAF60B34-BC2D-4D38-BF52-8D31949C6020} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM-x32 - DefaultScope {BAF60B34-BC2D-4D38-BF52-8D31949C6020} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {902D76CD-4644-4E24-B5B4-3F14BEC37261} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 - {BAF60B34-BC2D-4D38-BF52-8D31949C6020} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKCU - DefaultScope {8D1DAE29-1D72-4A00-9DCF-CA352A457B5D} URL = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=3a61a3f7000000000000701a04407626&q={searchTerms}&r=77
SearchScopes: HKCU - {06DFFB3D-6221-4383-940E-1857E790E60C} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {8D1DAE29-1D72-4A00-9DCF-CA352A457B5D} URL = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=3a61a3f7000000000000701a04407626&q={searchTerms}&r=77
SearchScopes: HKCU - {902D76CD-4644-4E24-B5B4-3F14BEC37261} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKCU - {BAF60B34-BC2D-4D38-BF52-8D31949C6020} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKCU - {E310FE3E-9079-407F-86B2-E6A5D0718325} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\user.js
FF NetworkProxy: "type", 0
FF Homepage: hxxp://blekko.com/ws/?source=5f97ddbe&tbp=homepage&u=3a61a3f7000000000000701a04407626
FF SelectedSearchEngine: blekko
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin.gif
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin.src
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\searchplugins\spamfreesearch.xml
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: ciuvo-extension - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5cio9dcl.default\Extensions\ciuvo-extension@icq.de.xpi
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-12] (Adobe Systems)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-03-11] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-06-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-07] (DT Soft Ltd)
S1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-06-06] ()
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 MEMSWEEP2; C:\Windows\system32\4431.tmp [6144 2010-05-26] (Sophos Plc)
S3 MEMSWEEP2; C:\Windows\system32\4431.tmp [6144 2010-05-26] (Sophos Plc)
S3 VSPerfDrv100; C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2010-03-17] (Microsoft Corporation)
S3 VSPerfDrv100; C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2010-03-17] (Microsoft Corporation)
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-09 17:37 - 2013-08-09 17:37 - 00000000 ____D C:\FRST
2013-08-08 22:13 - 2013-08-08 22:13 - 00000165 _____ C:\ProgramData\srenywvbgpqptdglxfe.reg
2013-08-08 22:13 - 2013-08-08 22:13 - 00000070 _____ C:\ProgramData\srenywvbgpqptdglxfe.bat
2013-07-26 02:01 - 2013-07-26 02:01 - 00000000 ____D C:\Users\User\Documents\NCSOFT
2013-07-25 08:47 - 2013-07-25 08:47 - 00001066 _____ C:\Users\User\Desktop\Wildstar.exe - Verknüpfung.lnk
2013-07-24 18:16 - 2013-07-24 18:16 - 00000000 ____D C:\Users\User\AppData\Roaming\NCSOFT
2013-07-18 18:48 - 2013-07-25 21:40 - 00000000 ____D C:\Users\User\AppData\Roaming\ICQ

==================== One Month Modified Files and Folders =======

2013-08-10 03:16 - 2013-08-10 03:16 - 00000000 ____D C:\ProgramData\Recovery
2013-08-09 17:37 - 2013-08-09 17:37 - 00000000 ____D C:\FRST
2013-08-09 17:37 - 2012-04-29 16:31 - 00000000 ____D C:\Users\User\AppData\Roaming\NetSpeedMonitor
2013-08-09 17:36 - 2012-11-13 21:10 - 00000000 _____ C:\Windows\system32\Ikeext.etl
2013-08-09 17:31 - 2009-09-22 17:27 - 00880272 _____ C:\Windows\PFRO.log
2013-08-09 17:30 - 2009-09-22 17:28 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-09 17:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-09 17:30 - 2009-07-14 06:51 - 02322340 _____ C:\Windows\setupact.log
2013-08-09 17:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-08-08 22:25 - 2013-01-07 18:51 - 00000000 ___RD C:\Users\User\Dropbox
2013-08-08 22:25 - 2013-01-07 18:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2013-08-08 22:25 - 2011-05-09 15:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-08 22:22 - 2009-10-16 11:58 - 01718123 _____ C:\Windows\WindowsUpdate.log
2013-08-08 22:22 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-08 22:22 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-08 22:13 - 2013-08-08 22:13 - 00000165 _____ C:\ProgramData\srenywvbgpqptdglxfe.reg
2013-08-08 22:13 - 2013-08-08 22:13 - 00000070 _____ C:\ProgramData\srenywvbgpqptdglxfe.bat
2013-08-08 22:13 - 2009-11-04 13:29 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-08 22:00 - 2012-08-08 10:21 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4130136908-467914500-1083429523-1000UA.job
2013-08-08 22:00 - 2010-09-05 13:53 - 00000000 ____D C:\Users\User\AppData\Local\PMB Files
2013-08-08 22:00 - 2010-09-05 13:53 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-08 22:00 - 2010-05-18 19:54 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2013-08-08 20:00 - 2012-08-08 10:21 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4130136908-467914500-1083429523-1000Core.job
2013-08-04 21:35 - 2010-08-23 21:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2013-07-30 19:02 - 2012-08-08 10:22 - 00002361 _____ C:\Users\User\Desktop\Google Chrome.lnk
2013-07-30 18:21 - 2009-09-23 03:14 - 00762144 _____ C:\Windows\system32\perfh007.dat
2013-07-30 18:21 - 2009-09-23 03:14 - 00172530 _____ C:\Windows\system32\perfc007.dat
2013-07-30 18:21 - 2009-07-14 07:13 - 01796610 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-26 02:01 - 2013-07-26 02:01 - 00000000 ____D C:\Users\User\Documents\NCSOFT
2013-07-25 21:40 - 2013-07-18 18:48 - 00000000 ____D C:\Users\User\AppData\Roaming\ICQ
2013-07-25 08:47 - 2013-07-25 08:47 - 00001066 _____ C:\Users\User\Desktop\Wildstar.exe - Verknüpfung.lnk
2013-07-24 20:02 - 2013-04-22 19:20 - 00014059 _____ C:\Windows\system32\lvcoinst.log
2013-07-24 18:16 - 2013-07-24 18:16 - 00000000 ____D C:\Users\User\AppData\Roaming\NCSOFT
2013-07-24 15:39 - 2010-05-18 19:05 - 00000000 ____D C:\Spiele
2013-07-24 15:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-23 08:37 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-18 18:58 - 2010-07-10 11:21 - 00002082 ____H C:\Users\User\Documents\Default.rdp
2013-07-18 18:50 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-07-12 19:55 - 2012-08-08 10:21 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4130136908-467914500-1083429523-1000UA
2013-07-12 19:55 - 2012-08-08 10:21 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4130136908-467914500-1083429523-1000Core
2013-07-10 19:07 - 2010-08-23 21:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-10 19:07 - 2010-08-23 21:40 - 00000000 ____D C:\ProgramData\Skype

Files to move or delete:
====================
C:\ProgramData\srenywvbgpqptdglxfe.bat
C:\ProgramData\srenywvbgpqptdglxfe.reg

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-24 16:19

==================== End Of Log ============================
         
--- --- ---

Alt 09.08.2013, 18:05   #2
markusg
/// Malware-holic
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



Hi,
1.
Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\ProgramData\srenywvbgpqptdglxfe.bat
C:\ProgramData\srenywvbgpqptdglxfe.reg
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\srenywvbgpqptdglxfe.lnk
ShortcutTarget: srenywvbgpqptdglxfe.lnk -> C:\Users\User\AppData\Local\Temp\efxlgdtpqpgbvwyners.bfg ()
C:\Users\User\AppData\Local\Temp\efxlgdtpqpgbvwyners.bfg
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

falls du wieder normal starten kannst:
2.

Navigiere bitte zu:
C:\FRST\Quarantine
Rechtsklick, mit Winrar oder einem anderen Archvierer packen und im Uploadchannel hochladen.
Trojaner-Board Upload Channel
__________________

__________________

Alt 09.08.2013, 18:32   #3
Oliver Ekni
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



Quaratine hochgeladen. Aber wo ist de rOrdner hin? Ich hab zumidnest den Link eingegeben.

Fixlog:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-08-2013 02
Ran by User at 2013-08-09 19:29:39 Run:1
Running from J:\
Boot Mode: Safe Mode (with Networking)
==============================================

C:\ProgramData\srenywvbgpqptdglxfe.bat => Moved successfully.
C:\ProgramData\srenywvbgpqptdglxfe.reg => Moved successfully.
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\srenywvbgpqptdglxfe.lnk => Moved successfully.
C:\Users\User\AppData\Local\Temp\efxlgdtpqpgbvwyners.bfg => Moved successfully.
"C:\Users\User\AppData\Local\Temp\efxlgdtpqpgbvwyners.bfg" => File/Directory not found.

==== End of Fixlog ====
         
__________________

Alt 09.08.2013, 18:56   #4
markusg
/// Malware-holic
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



Hi, der ordner ist nur für diejenigen Sichtbar die für diesen Bereich ein Passwort haben, wir wollen ja keine Schadsoftware verbreiten :-)
Ist aber angekommen, dafür danke.
Es sind 2 Logs zu erstellen, möglichst gleichzeitig posten.
1.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


2.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.08.2013, 09:57   #5
Oliver Ekni
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



TSD:

Code:
ATTFilter
10:32:45.0642 5892  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:32:46.0067 5892  ============================================================
10:32:46.0067 5892  Current date / time: 2013/08/10 10:32:46.0067
10:32:46.0067 5892  SystemInfo:
10:32:46.0067 5892  
10:32:46.0067 5892  OS Version: 6.1.7601 ServicePack: 1.0
10:32:46.0067 5892  Product type: Workstation
10:32:46.0067 5892  ComputerName: OLISPC
10:32:46.0067 5892  UserName: User
10:32:46.0067 5892  Windows directory: C:\Windows
10:32:46.0067 5892  System windows directory: C:\Windows
10:32:46.0067 5892  Running under WOW64
10:32:46.0067 5892  Processor architecture: Intel x64
10:32:46.0067 5892  Number of processors: 4
10:32:46.0067 5892  Page size: 0x1000
10:32:46.0067 5892  Boot type: Normal boot
10:32:46.0067 5892  ============================================================
10:32:50.0380 5892  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:32:50.0399 5892  Drive \Device\Harddisk5\DR5 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:32:50.0402 5892  ============================================================
10:32:50.0402 5892  \Device\Harddisk0\DR0:
10:32:50.0402 5892  MBR partitions:
10:32:50.0402 5892  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:32:50.0403 5892  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x73259800
10:32:50.0403 5892  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7328C000, BlocksNum 0x147A000
10:32:50.0403 5892  \Device\Harddisk5\DR5:
10:32:50.0403 5892  MBR partitions:
10:32:50.0403 5892  \Device\Harddisk5\DR5\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x777A41
10:32:50.0403 5892  ============================================================
10:32:50.0647 5892  C: <-> \Device\Harddisk0\DR0\Partition2
10:32:51.0403 5892  D: <-> \Device\Harddisk0\DR0\Partition3
10:32:51.0403 5892  ============================================================
10:32:51.0403 5892  Initialize success
10:32:51.0403 5892  ============================================================
10:33:05.0677 4288  ============================================================
10:33:05.0677 4288  Scan started
10:33:05.0677 4288  Mode: Manual; SigCheck; TDLFS; 
10:33:05.0677 4288  ============================================================
10:33:10.0001 4288  ================ Scan system memory ========================
10:33:10.0001 4288  System memory - ok
10:33:10.0001 4288  ================ Scan services =============================
10:33:11.0093 4288  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:33:11.0327 4288  1394ohci - ok
10:33:11.0408 4288  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:33:11.0421 4288  ACPI - ok
10:33:11.0544 4288  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:33:13.0670 4288  AcpiPmi - ok
10:33:13.0910 4288  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
10:33:13.0923 4288  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
10:33:13.0923 4288  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
10:33:14.0126 4288  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:33:14.0146 4288  AdobeARMservice - ok
10:33:14.0310 4288  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:33:14.0345 4288  adp94xx - ok
10:33:14.0522 4288  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:33:14.0649 4288  adpahci - ok
10:33:14.0774 4288  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:33:14.0792 4288  adpu320 - ok
10:33:14.0838 4288  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:33:14.0887 4288  AeLookupSvc - ok
10:33:14.0950 4288  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
10:33:15.0297 4288  AFD - ok
10:33:15.0787 4288  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:33:15.0821 4288  agp440 - ok
10:33:15.0894 4288  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
10:33:16.0408 4288  ALG - ok
10:33:16.0613 4288  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:33:16.0628 4288  aliide - ok
10:33:16.0698 4288  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:33:16.0707 4288  amdide - ok
10:33:16.0784 4288  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:33:16.0820 4288  AmdK8 - ok
10:33:16.0870 4288  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:33:17.0304 4288  AmdPPM - ok
10:33:17.0357 4288  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:33:17.0367 4288  amdsata - ok
10:33:17.0515 4288  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:33:17.0526 4288  amdsbs - ok
10:33:17.0672 4288  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:33:17.0681 4288  amdxata - ok
10:33:18.0139 4288  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
10:33:24.0467 4288  AppID - ok
10:33:24.0515 4288  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:33:24.0594 4288  AppIDSvc - ok
10:33:24.0695 4288  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
10:33:24.0743 4288  Appinfo - ok
10:33:24.0914 4288  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:33:24.0924 4288  arc - ok
10:33:24.0999 4288  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:33:25.0008 4288  arcsas - ok
10:33:25.0347 4288  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:33:25.0355 4288  aspnet_state - ok
10:33:25.0456 4288  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:33:25.0533 4288  AsyncMac - ok
10:33:25.0633 4288  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
10:33:25.0642 4288  atapi - ok
10:33:25.0792 4288  [ FC0E8778C000291CAF60EB88C011E931 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
10:33:25.0811 4288  atksgt - ok
10:33:26.0046 4288  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:33:26.0129 4288  AudioEndpointBuilder - ok
10:33:26.0137 4288  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:33:26.0166 4288  AudioSrv - ok
10:33:26.0310 4288  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:33:26.0416 4288  AxInstSV - ok
10:33:26.0590 4288  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:33:26.0716 4288  b06bdrv - ok
10:33:26.0900 4288  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:33:27.0028 4288  b57nd60a - ok
10:33:27.0562 4288  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:33:27.0609 4288  BDESVC - ok
10:33:27.0725 4288  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:33:27.0802 4288  Beep - ok
10:33:28.0133 4288  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
10:33:28.0315 4288  BFE - ok
10:33:28.0495 4288  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
10:33:28.0637 4288  BITS - ok
10:33:28.0671 4288  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:33:28.0703 4288  blbdrive - ok
10:33:28.0821 4288  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:33:28.0883 4288  bowser - ok
10:33:28.0946 4288  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:33:29.0473 4288  BrFiltLo - ok
10:33:29.0520 4288  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:33:29.0552 4288  BrFiltUp - ok
10:33:29.0754 4288  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
10:33:29.0780 4288  BridgeMP - ok
10:33:29.0880 4288  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
10:33:29.0957 4288  Browser - ok
10:33:30.0109 4288  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:33:30.0283 4288  Brserid - ok
10:33:30.0335 4288  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:33:30.0380 4288  BrSerWdm - ok
10:33:30.0440 4288  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:33:30.0476 4288  BrUsbMdm - ok
10:33:30.0538 4288  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:33:30.0576 4288  BrUsbSer - ok
10:33:30.0651 4288  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:33:30.0681 4288  BTHMODEM - ok
10:33:30.0775 4288  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
10:33:30.0816 4288  bthserv - ok
10:33:30.0908 4288  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:33:30.0953 4288  cdfs - ok
10:33:31.0065 4288  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:33:31.0095 4288  cdrom - ok
10:33:31.0208 4288  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
10:33:31.0253 4288  CertPropSvc - ok
10:33:31.0341 4288  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:33:31.0352 4288  circlass - ok
10:33:31.0411 4288  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
10:33:31.0425 4288  CLFS - ok
10:33:31.0593 4288  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:33:31.0601 4288  clr_optimization_v2.0.50727_32 - ok
10:33:31.0935 4288  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:33:31.0944 4288  clr_optimization_v2.0.50727_64 - ok
10:33:32.0692 4288  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:33:32.0713 4288  clr_optimization_v4.0.30319_32 - ok
10:33:32.0792 4288  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:33:32.0813 4288  clr_optimization_v4.0.30319_64 - ok
10:33:32.0872 4288  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:33:32.0901 4288  CmBatt - ok
10:33:32.0928 4288  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:33:32.0937 4288  cmdide - ok
10:33:33.0125 4288  [ C4943B6C962E4B82197542447AD599F4 ] CNG             C:\Windows\system32\Drivers\cng.sys
10:33:33.0184 4288  CNG - ok
10:33:33.0259 4288  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:33:33.0268 4288  Compbatt - ok
10:33:33.0371 4288  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:33:33.0401 4288  CompositeBus - ok
10:33:33.0422 4288  COMSysApp - ok
10:33:33.0511 4288  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:33:33.0519 4288  crcdisk - ok
10:33:33.0618 4288  [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:33:33.0673 4288  CryptSvc - ok
10:33:33.0831 4288  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:33:33.0893 4288  DcomLaunch - ok
10:33:34.0092 4288  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
10:33:34.0145 4288  defragsvc - ok
10:33:34.0210 4288  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:33:34.0259 4288  DfsC - ok
10:33:34.0394 4288  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:33:34.0443 4288  Dhcp - ok
10:33:34.0521 4288  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
10:33:34.0562 4288  discache - ok
10:33:34.0735 4288  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:33:34.0744 4288  Disk - ok
10:33:34.0902 4288  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:33:35.0055 4288  Dnscache - ok
10:33:35.0407 4288  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:33:35.0492 4288  dot3svc - ok
10:33:35.0572 4288  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
10:33:35.0631 4288  DPS - ok
10:33:35.0796 4288  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:33:35.0830 4288  drmkaud - ok
10:33:35.0953 4288  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:33:35.0963 4288  dtsoftbus01 - ok
10:33:36.0166 4288  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:33:36.0184 4288  DXGKrnl - ok
10:33:36.0301 4288  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
10:33:36.0366 4288  EapHost - ok
10:33:37.0434 4288  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:33:37.0549 4288  ebdrv - ok
10:33:37.0692 4288  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
10:33:37.0822 4288  EFS - ok
10:33:38.0277 4288  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:33:38.0501 4288  ehRecvr - ok
10:33:38.0548 4288  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
10:33:38.0714 4288  ehSched - ok
10:33:38.0963 4288  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:33:38.0978 4288  elxstor - ok
10:33:39.0038 4288  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:33:39.0061 4288  ErrDev - ok
10:33:39.0179 4288  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
10:33:39.0237 4288  EventSystem - ok
10:33:39.0350 4288  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
10:33:39.0392 4288  exfat - ok
10:33:39.0451 4288  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:33:39.0540 4288  fastfat - ok
10:33:39.0803 4288  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
10:33:39.0864 4288  Fax - ok
10:33:39.0890 4288  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:33:39.0898 4288  fdc - ok
10:33:39.0944 4288  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:33:40.0042 4288  fdPHost - ok
10:33:40.0091 4288  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:33:40.0117 4288  FDResPub - ok
10:33:40.0159 4288  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:33:40.0167 4288  FileInfo - ok
10:33:40.0194 4288  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:33:40.0233 4288  Filetrace - ok
10:33:40.0350 4288  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:33:40.0432 4288  flpydisk - ok
10:33:40.0571 4288  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:33:40.0583 4288  FltMgr - ok
10:33:40.0662 4288  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
10:33:40.0774 4288  FontCache - ok
10:33:41.0041 4288  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:33:41.0048 4288  FontCache3.0.0.0 - ok
10:33:41.0078 4288  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:33:41.0087 4288  FsDepends - ok
10:33:41.0155 4288  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:33:41.0163 4288  Fs_Rec - ok
10:33:41.0231 4288  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:33:41.0244 4288  fvevol - ok
10:33:41.0302 4288  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:33:41.0312 4288  gagp30kx - ok
10:33:41.0830 4288  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
10:33:41.0885 4288  gpsvc - ok
10:33:41.0957 4288  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
10:33:41.0964 4288  hamachi - ok
10:33:41.0983 4288  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:33:42.0030 4288  hcw85cir - ok
10:33:42.0084 4288  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:33:42.0115 4288  HDAudBus - ok
10:33:42.0159 4288  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:33:42.0191 4288  HidBatt - ok
10:33:42.0229 4288  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:33:42.0263 4288  HidBth - ok
10:33:42.0292 4288  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:33:42.0321 4288  HidIr - ok
10:33:42.0362 4288  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
10:33:42.0415 4288  hidserv - ok
10:33:42.0489 4288  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:33:42.0498 4288  HidUsb - ok
10:33:42.0548 4288  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:33:42.0613 4288  hkmsvc - ok
10:33:42.0660 4288  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:33:42.0694 4288  HomeGroupListener - ok
10:33:42.0750 4288  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:33:42.0781 4288  HomeGroupProvider - ok
10:33:42.0851 4288  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:33:42.0860 4288  HpSAMD - ok
10:33:42.0963 4288  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:33:43.0020 4288  HTTP - ok
10:33:43.0069 4288  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:33:43.0077 4288  hwpolicy - ok
10:33:43.0151 4288  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:33:43.0161 4288  i8042prt - ok
10:33:43.0297 4288  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:33:43.0307 4288  IAANTMON - ok
10:33:43.0332 4288  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:33:43.0342 4288  iaStor - ok
10:33:43.0482 4288  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:33:43.0496 4288  iaStorV - ok
10:33:43.0652 4288  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:33:43.0671 4288  idsvc - ok
10:33:43.0692 4288  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:33:43.0702 4288  iirsp - ok
10:33:43.0741 4288  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
10:33:43.0788 4288  IKEEXT - ok
10:33:44.0218 4288  [ 31C32BC56D85D109EBB0C526BE5CACA7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:33:44.0244 4288  IntcAzAudAddService - ok
10:33:44.0256 4288  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
10:33:44.0265 4288  intelide - ok
10:33:44.0326 4288  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:33:44.0375 4288  intelppm - ok
10:33:44.0468 4288  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:33:44.0514 4288  IPBusEnum - ok
10:33:44.0563 4288  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:33:44.0613 4288  IpFilterDriver - ok
10:33:44.0774 4288  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:33:44.0870 4288  iphlpsvc - ok
10:33:44.0914 4288  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:33:44.0953 4288  IPMIDRV - ok
10:33:44.0978 4288  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:33:45.0018 4288  IPNAT - ok
10:33:45.0085 4288  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:33:45.0119 4288  IRENUM - ok
10:33:45.0173 4288  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:33:45.0182 4288  isapnp - ok
10:33:45.0288 4288  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:33:45.0316 4288  iScsiPrt - ok
10:33:45.0586 4288  [ 9C6F3F69163133FB8E56AC4A6E163452 ] ISODrive        C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
10:33:45.0594 4288  ISODrive - ok
10:33:45.0677 4288  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:33:45.0686 4288  kbdclass - ok
10:33:45.0750 4288  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:33:45.0783 4288  kbdhid - ok
10:33:45.0836 4288  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
10:33:45.0844 4288  KeyIso - ok
10:33:45.0883 4288  [ DA1E991A61CFDD755A589E206B97644B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:33:45.0892 4288  KSecDD - ok
10:33:45.0964 4288  [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:33:45.0974 4288  KSecPkg - ok
10:33:46.0048 4288  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:33:46.0108 4288  ksthunk - ok
10:33:46.0160 4288  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:33:46.0207 4288  KtmRm - ok
10:33:46.0310 4288  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:33:46.0365 4288  LanmanServer - ok
10:33:46.0447 4288  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:33:46.0504 4288  LanmanWorkstation - ok
10:33:46.0654 4288  [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:33:46.0692 4288  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:33:46.0692 4288  LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:33:46.0842 4288  [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
10:33:46.0849 4288  lirsgt - ok
10:33:46.0916 4288  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:33:46.0973 4288  lltdio - ok
10:33:47.0059 4288  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:33:47.0101 4288  lltdsvc - ok
10:33:47.0160 4288  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:33:47.0212 4288  lmhosts - ok
10:33:47.0269 4288  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:33:47.0279 4288  LSI_FC - ok
10:33:47.0359 4288  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:33:47.0371 4288  LSI_SAS - ok
10:33:47.0401 4288  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:33:47.0411 4288  LSI_SAS2 - ok
10:33:47.0491 4288  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:33:47.0501 4288  LSI_SCSI - ok
10:33:47.0558 4288  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:33:47.0610 4288  luafv - ok
10:33:47.0730 4288  [ 4A503882318BB2F59218D401614E6AF6 ] lvpepf64        C:\Windows\system32\DRIVERS\lv302a64.sys
10:33:47.0736 4288  lvpepf64 - ok
10:33:47.0827 4288  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
10:33:47.0833 4288  LVPr2M64 - ok
10:33:47.0921 4288  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
10:33:47.0929 4288  LVPr2Mon - ok
10:33:49.0118 4288  [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
10:33:49.0125 4288  LVPrcS64 - ok
10:33:49.0386 4288  [ 125AE13C293889001B8456CF3EB04A40 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
10:33:49.0395 4288  LVRS64 - ok
10:33:49.0506 4288  [ 5C3FF68267A5D242EE79EE01B993D6CE ] LVUSBS64        C:\Windows\system32\drivers\LVUSBS64.sys
10:33:49.0512 4288  LVUSBS64 - ok
10:33:50.0622 4288  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:33:50.0698 4288  Mcx2Svc - ok
10:33:50.0784 4288  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:33:50.0793 4288  megasas - ok
10:33:50.0926 4288  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:33:50.0963 4288  MegaSR - ok
10:33:51.0158 4288  [ D70476AD02D6FD75282B196D3B58831D ] MEMSWEEP2       C:\Windows\system32\4431.tmp
10:33:51.0161 4288  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
10:33:51.0161 4288  MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
10:33:51.0325 4288  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:33:51.0333 4288  Microsoft Office Groove Audit Service - ok
10:33:51.0387 4288  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
10:33:51.0430 4288  MMCSS - ok
10:33:51.0468 4288  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
10:33:51.0517 4288  Modem - ok
10:33:51.0574 4288  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:33:51.0606 4288  monitor - ok
10:33:51.0665 4288  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:33:51.0673 4288  mouclass - ok
10:33:51.0719 4288  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:33:51.0756 4288  mouhid - ok
10:33:51.0823 4288  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:33:51.0832 4288  mountmgr - ok
10:33:51.0880 4288  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:33:51.0891 4288  mpio - ok
10:33:51.0967 4288  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:33:52.0029 4288  mpsdrv - ok
10:33:52.0230 4288  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:33:52.0302 4288  MpsSvc - ok
10:33:52.0385 4288  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:33:52.0437 4288  MRxDAV - ok
10:33:52.0519 4288  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:33:52.0593 4288  mrxsmb - ok
10:33:52.0703 4288  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:33:52.0735 4288  mrxsmb10 - ok
10:33:52.0771 4288  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:33:52.0788 4288  mrxsmb20 - ok
10:33:52.0842 4288  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:33:52.0858 4288  msahci - ok
10:33:52.0917 4288  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:33:52.0935 4288  msdsm - ok
10:33:53.0046 4288  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
10:33:53.0087 4288  MSDTC - ok
10:33:53.0159 4288  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:33:53.0231 4288  Msfs - ok
10:33:53.0304 4288  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:33:53.0343 4288  mshidkmdf - ok
10:33:53.0390 4288  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:33:53.0398 4288  msisadrv - ok
10:33:53.0520 4288  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:33:53.0579 4288  MSiSCSI - ok
10:33:53.0583 4288  msiserver - ok
10:33:53.0662 4288  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:33:53.0723 4288  MSKSSRV - ok
10:33:53.0829 4288  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:33:53.0892 4288  MSPCLOCK - ok
10:33:53.0933 4288  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:33:53.0991 4288  MSPQM - ok
10:33:54.0081 4288  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:33:54.0103 4288  MsRPC - ok
10:33:54.0204 4288  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:33:54.0221 4288  mssmbios - ok
10:33:54.0469 4288  MSSQL$SQLEXPRESS - ok
10:33:54.0714 4288  [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
10:33:54.0731 4288  MSSQLServerADHelper100 - ok
10:33:54.0813 4288  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:33:54.0883 4288  MSTEE - ok
10:33:54.0926 4288  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:33:54.0952 4288  MTConfig - ok
10:33:55.0006 4288  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:33:55.0019 4288  Mup - ok
10:33:55.0159 4288  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
10:33:55.0353 4288  napagent - ok
10:33:55.0553 4288  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:33:55.0600 4288  NativeWifiP - ok
10:33:55.0833 4288  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:33:55.0897 4288  NDIS - ok
10:33:55.0984 4288  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:33:56.0050 4288  NdisCap - ok
10:33:56.0318 4288  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:33:56.0376 4288  NdisTapi - ok
10:33:56.0438 4288  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:33:56.0502 4288  Ndisuio - ok
10:33:56.0580 4288  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:33:56.0636 4288  NdisWan - ok
10:33:56.0688 4288  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:33:56.0748 4288  NDProxy - ok
10:33:56.0807 4288  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:33:56.0876 4288  NetBIOS - ok
10:33:56.0972 4288  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:33:57.0032 4288  NetBT - ok
10:33:57.0103 4288  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
10:33:57.0117 4288  Netlogon - ok
10:33:57.0294 4288  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
10:33:57.0370 4288  Netman - ok
10:33:57.0433 4288  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:33:57.0442 4288  NetMsmqActivator - ok
10:33:57.0475 4288  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:33:57.0484 4288  NetPipeActivator - ok
10:33:57.0641 4288  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
10:33:57.0728 4288  netprofm - ok
10:33:57.0993 4288  [ 44D4BD55191624C82A2745296BA42814 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
10:33:58.0454 4288  netr28x - ok
10:33:58.0488 4288  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:33:58.0503 4288  NetTcpActivator - ok
10:33:58.0508 4288  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:33:58.0522 4288  NetTcpPortSharing - ok
10:33:58.0614 4288  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:33:58.0632 4288  nfrd960 - ok
10:33:58.0782 4288  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:33:58.0837 4288  NlaSvc - ok
10:33:58.0877 4288  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:33:58.0911 4288  Npfs - ok
10:33:58.0964 4288  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
10:33:59.0017 4288  nsi - ok
10:33:59.0034 4288  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:33:59.0100 4288  nsiproxy - ok
10:33:59.0459 4288  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:33:59.0532 4288  Ntfs - ok
10:33:59.0554 4288  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
10:33:59.0587 4288  Null - ok
10:34:01.0644 4288  [ 4EE399576F76D38C04745DB739BBC8C7 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:34:01.0773 4288  nvlddmkm - ok
10:34:01.0891 4288  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:34:01.0907 4288  nvraid - ok
10:34:02.0050 4288  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:34:02.0078 4288  nvstor - ok
10:34:02.0489 4288  [ 7335C3D78A7746D76D37F6722CC4A466 ] nvsvc           C:\Windows\system32\nvvsvc.exe
10:34:02.0541 4288  nvsvc - ok
10:34:02.0727 4288  [ B7C53DA1C73FF39F4A6248643EFD979A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:34:02.0749 4288  nvUpdatusService - ok
10:34:02.0800 4288  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:34:02.0810 4288  nv_agp - ok
10:34:03.0033 4288  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:34:03.0046 4288  odserv - ok
10:34:03.0092 4288  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:34:03.0102 4288  ohci1394 - ok
10:34:03.0194 4288  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:34:03.0203 4288  ose - ok
10:34:03.0359 4288  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:34:03.0429 4288  p2pimsvc - ok
10:34:03.0480 4288  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:34:03.0511 4288  p2psvc - ok
10:34:03.0535 4288  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:34:03.0545 4288  Parport - ok
10:34:03.0575 4288  [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:34:03.0584 4288  partmgr - ok
10:34:03.0666 4288  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:34:03.0709 4288  PcaSvc - ok
10:34:04.0585 4288  [ 51209FBDB13A46E05C1B0077A9310264 ] PCDSRVC{F36B3A4C-F95654BD-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
10:34:07.0680 4288  PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok
10:34:07.0784 4288  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
10:34:07.0795 4288  pci - ok
10:34:07.0849 4288  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
10:34:07.0877 4288  pciide - ok
10:34:07.0960 4288  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:34:07.0971 4288  pcmcia - ok
10:34:08.0023 4288  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:34:08.0031 4288  pcw - ok
10:34:08.0621 4288  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:34:08.0705 4288  PEAUTH - ok
         
Combofix:

Code:
ATTFilter
ComboFix 13-08-09.02 - User 10.08.2013  10:34:07.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6135.4144 [GMT 2:00]
ausgeführt von:: c:\users\User\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\sdelevURL.tmp
c:\users\User\AppData\Local\assembly\tmp
c:\users\User\AppData\Roaming\Help\coredb\storage
c:\users\User\AppData\Roaming\mIRC\logs\status.log
c:\windows\iun6002.exe
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-10 bis 2013-08-10  ))))))))))))))))))))))))))))))
.
.
2013-08-10 08:45 . 2013-08-10 08:45	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-08-10 08:45 . 2013-08-10 08:45	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-10 08:45 . 2013-08-10 08:45	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2013-08-10 01:16 . 2013-08-10 01:16	--------	d-----w-	c:\programdata\Recovery
2013-08-09 15:37 . 2013-08-09 15:37	--------	d-----w-	C:\FRST
2013-07-24 16:16 . 2013-07-24 16:16	--------	d-----w-	c:\users\User\AppData\Roaming\NCSOFT
2013-07-18 16:48 . 2013-07-25 19:40	--------	d-----w-	c:\users\User\AppData\Roaming\ICQ
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-24 17:17 . 2013-06-24 17:17	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-24 17:17 . 2012-09-16 09:49	867240	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-06-24 17:17 . 2011-11-28 14:53	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-26 1807272]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE"="c:\users\User\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-07-25 846288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-03 385024]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-10 417792]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-03-20 162856]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\4431.tmp;c:\windows\SYSNATIVE\4431.tmp [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 52247827
*Deregistered* - 52247827
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4130136908-467914500-1083429523-1000Core.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-08 08:21]
.
2013-08-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4130136908-467914500-1083429523-1000UA.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-08 08:21]
.
2013-03-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=homepage&u=3a61a3f7000000000000701a04407626
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MySig.lnk - c:\program files (x86)\MySig.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\4431.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4130136908-467914500-1083429523-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{41535443-3F11-3B8B-9ADC-649EEE6376C3}*]
"haobnkekilghalfl"=hex:6b,61,69,70,6c,62,63,65,67,63,68,6b,65,64,63,6a,6e,68,
   66,6c,66,6d,00,00
"gafbpekckepmln"=hex:61,63,65,6d,64,70,61,65,61,61,68,6d,61,69,66,61,6c,6d,61,
   62,61,68,64,6b,67,66,64,6b,6f,64,62,61,6b,62,62,62,70,6e,6e,6a,61,6f,61,6f,\
"iaechidgdnmgomagal"=hex:6b,61,69,70,6c,62,63,65,67,63,68,6b,65,64,63,6a,6e,68,
   66,6c,66,6d,00,00
.
[HKEY_USERS\S-1-5-21-4130136908-467914500-1083429523-1000\Software\SecuROM\License information*]
"datasecu"=hex:bd,b9,dd,b6,74,31,28,6d,5a,4c,d2,16,fa,51,4f,14,84,97,92,a1,3d,
   66,d4,00,3b,df,d7,19,02,ac,b9,4f,b2,2d,ba,a9,a5,e3,ee,71,34,54,80,a1,1d,6b,\
"rkeysecu"=hex:a0,85,f8,ad,0f,57,68,e9,f6,11,2e,fe,c7,ac,6b,54
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-10  10:56:53
ComboFix-quarantined-files.txt  2013-08-10 08:56
.
Vor Suchlauf: 14 Verzeichnis(se), 653.820.555.264 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 654.172.733.440 Bytes frei
.
- - End Of File - - EA1A0EDD3318C4E6B0404D16B4AC19A4
C04E33E69EB86700BF694E83B8B0B6E6
         


Alt 12.08.2013, 15:58   #6
markusg
/// Malware-holic
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



Und warum bekomm ich kein komplettes tdss Killer Log? :-(
__________________
--> Interpol Trojaner - Sperschirm//FRST.Log schon angehängt

Alt 12.08.2013, 17:12   #7
Oliver Ekni
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



Tut mir leid MArcus....
Das ist alles was in dieser Log Datei steht.???

Alt 12.08.2013, 17:16   #8
markusg
/// Malware-holic
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



Scanne noch mal nach anleitung und poste es bitte noch mal
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.08.2013, 17:39   #9
Oliver Ekni
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



Ok das sieht besser aus

Code:
ATTFilter
18:19:52.0268 4036  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:19:52.0584 4036  ============================================================
18:19:52.0584 4036  Current date / time: 2013/08/12 18:19:52.0584
18:19:52.0584 4036  SystemInfo:
18:19:52.0584 4036  
18:19:52.0584 4036  OS Version: 6.1.7601 ServicePack: 1.0
18:19:52.0584 4036  Product type: Workstation
18:19:52.0584 4036  ComputerName: OLISPC
18:19:52.0584 4036  UserName: User
18:19:52.0584 4036  Windows directory: C:\Windows
18:19:52.0584 4036  System windows directory: C:\Windows
18:19:52.0584 4036  Running under WOW64
18:19:52.0584 4036  Processor architecture: Intel x64
18:19:52.0584 4036  Number of processors: 4
18:19:52.0584 4036  Page size: 0x1000
18:19:52.0584 4036  Boot type: Normal boot
18:19:52.0584 4036  ============================================================
18:19:53.0125 4036  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:19:53.0141 4036  ============================================================
18:19:53.0141 4036  \Device\Harddisk0\DR0:
18:19:53.0141 4036  MBR partitions:
18:19:53.0141 4036  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:19:53.0141 4036  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x73259800
18:19:53.0141 4036  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7328C000, BlocksNum 0x147A000
18:19:53.0141 4036  ============================================================
18:19:53.0170 4036  C: <-> \Device\Harddisk0\DR0\Partition2
18:19:53.0214 4036  D: <-> \Device\Harddisk0\DR0\Partition3
18:19:53.0214 4036  ============================================================
18:19:53.0214 4036  Initialize success
18:19:53.0214 4036  ============================================================
18:20:35.0470 1044  ============================================================
18:20:35.0470 1044  Scan started
18:20:35.0470 1044  Mode: Manual; SigCheck; TDLFS; 
18:20:35.0470 1044  ============================================================
18:20:35.0811 1044  ================ Scan system memory ========================
18:20:35.0811 1044  System memory - ok
18:20:35.0812 1044  ================ Scan services =============================
18:20:36.0005 1044  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:20:36.0149 1044  1394ohci - ok
18:20:36.0208 1044  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:20:36.0226 1044  ACPI - ok
18:20:36.0277 1044  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:20:36.0356 1044  AcpiPmi - ok
18:20:36.0477 1044  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:20:36.0523 1044  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
18:20:36.0523 1044  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
18:20:36.0670 1044  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:20:36.0701 1044  AdobeARMservice - ok
18:20:36.0763 1044  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:20:36.0789 1044  adp94xx - ok
18:20:36.0844 1044  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:20:36.0874 1044  adpahci - ok
18:20:36.0907 1044  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:20:36.0932 1044  adpu320 - ok
18:20:36.0960 1044  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:20:37.0092 1044  AeLookupSvc - ok
18:20:37.0150 1044  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:20:37.0210 1044  AFD - ok
18:20:37.0253 1044  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:20:37.0272 1044  agp440 - ok
18:20:37.0282 1044  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:20:37.0332 1044  ALG - ok
18:20:37.0379 1044  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:20:37.0396 1044  aliide - ok
18:20:37.0413 1044  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:20:37.0430 1044  amdide - ok
18:20:37.0473 1044  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:20:37.0499 1044  AmdK8 - ok
18:20:37.0514 1044  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:20:37.0549 1044  AmdPPM - ok
18:20:37.0591 1044  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:20:37.0606 1044  amdsata - ok
18:20:37.0636 1044  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:20:37.0655 1044  amdsbs - ok
18:20:37.0682 1044  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:20:37.0697 1044  amdxata - ok
18:20:37.0768 1044  [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:20:37.0782 1044  AntiVirSchedulerService - ok
18:20:37.0807 1044  [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:20:37.0823 1044  AntiVirService - ok
18:20:37.0868 1044  [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:20:37.0895 1044  AntiVirWebService - ok
18:20:37.0928 1044  [ D41231AECFEE88973D56AEC2EE5B962D ] APNMCP          C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
18:20:37.0948 1044  APNMCP - ok
18:20:38.0005 1044  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:20:38.0151 1044  AppID - ok
18:20:38.0181 1044  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:20:38.0261 1044  AppIDSvc - ok
18:20:38.0306 1044  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
18:20:38.0366 1044  Appinfo - ok
18:20:38.0436 1044  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:20:38.0460 1044  arc - ok
18:20:38.0476 1044  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:20:38.0491 1044  arcsas - ok
18:20:38.0602 1044  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:20:38.0685 1044  aspnet_state - ok
18:20:38.0733 1044  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:20:38.0812 1044  AsyncMac - ok
18:20:38.0866 1044  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:20:38.0885 1044  atapi - ok
18:20:38.0959 1044  [ FC0E8778C000291CAF60EB88C011E931 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
18:20:39.0001 1044  atksgt - ok
18:20:39.0056 1044  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:20:39.0109 1044  AudioEndpointBuilder - ok
18:20:39.0117 1044  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:20:39.0147 1044  AudioSrv - ok
18:20:39.0200 1044  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:20:39.0220 1044  avgntflt - ok
18:20:39.0271 1044  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:20:39.0292 1044  avipbb - ok
18:20:39.0327 1044  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:20:39.0344 1044  avkmgr - ok
18:20:39.0386 1044  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:20:39.0462 1044  AxInstSV - ok
18:20:39.0501 1044  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:20:39.0568 1044  b06bdrv - ok
18:20:39.0601 1044  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:20:39.0659 1044  b57nd60a - ok
18:20:39.0695 1044  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:20:39.0749 1044  BDESVC - ok
18:20:39.0757 1044  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:20:39.0831 1044  Beep - ok
18:20:39.0900 1044  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:20:39.0984 1044  BFE - ok
18:20:40.0054 1044  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
18:20:40.0159 1044  BITS - ok
18:20:40.0192 1044  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:20:40.0226 1044  blbdrive - ok
18:20:40.0265 1044  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:20:40.0324 1044  bowser - ok
18:20:40.0345 1044  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:20:40.0420 1044  BrFiltLo - ok
18:20:40.0442 1044  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:20:40.0474 1044  BrFiltUp - ok
18:20:40.0531 1044  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:20:40.0581 1044  BridgeMP - ok
18:20:40.0647 1044  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
18:20:40.0723 1044  Browser - ok
18:20:40.0764 1044  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:20:40.0848 1044  Brserid - ok
18:20:40.0868 1044  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:20:40.0924 1044  BrSerWdm - ok
18:20:40.0950 1044  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:20:40.0997 1044  BrUsbMdm - ok
18:20:41.0015 1044  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:20:41.0051 1044  BrUsbSer - ok
18:20:41.0084 1044  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:20:41.0116 1044  BTHMODEM - ok
18:20:41.0164 1044  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:20:41.0255 1044  bthserv - ok
18:20:41.0321 1044  catchme - ok
18:20:41.0353 1044  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:20:41.0423 1044  cdfs - ok
18:20:41.0498 1044  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:20:41.0543 1044  cdrom - ok
18:20:41.0589 1044  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:20:41.0654 1044  CertPropSvc - ok
18:20:41.0685 1044  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:20:41.0704 1044  circlass - ok
18:20:41.0733 1044  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:20:41.0750 1044  CLFS - ok
18:20:41.0826 1044  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:20:41.0857 1044  clr_optimization_v2.0.50727_32 - ok
18:20:41.0891 1044  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:20:41.0918 1044  clr_optimization_v2.0.50727_64 - ok
18:20:42.0000 1044  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:20:42.0088 1044  clr_optimization_v4.0.30319_32 - ok
18:20:42.0110 1044  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:20:42.0128 1044  clr_optimization_v4.0.30319_64 - ok
18:20:42.0161 1044  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:20:42.0184 1044  CmBatt - ok
18:20:42.0217 1044  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:20:42.0233 1044  cmdide - ok
18:20:42.0270 1044  [ C4943B6C962E4B82197542447AD599F4 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:20:42.0307 1044  CNG - ok
18:20:42.0326 1044  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:20:42.0339 1044  Compbatt - ok
18:20:42.0382 1044  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:20:42.0423 1044  CompositeBus - ok
18:20:42.0444 1044  COMSysApp - ok
18:20:42.0466 1044  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:20:42.0481 1044  crcdisk - ok
18:20:42.0517 1044  [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:20:42.0610 1044  CryptSvc - ok
18:20:42.0654 1044  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:20:42.0715 1044  DcomLaunch - ok
18:20:42.0754 1044  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:20:42.0823 1044  defragsvc - ok
18:20:42.0865 1044  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:20:42.0910 1044  DfsC - ok
18:20:42.0950 1044  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:20:43.0009 1044  Dhcp - ok
18:20:43.0043 1044  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:20:43.0101 1044  discache - ok
18:20:43.0146 1044  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:20:43.0162 1044  Disk - ok
18:20:43.0202 1044  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:20:43.0256 1044  Dnscache - ok
18:20:43.0294 1044  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:20:43.0356 1044  dot3svc - ok
18:20:43.0394 1044  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:20:43.0440 1044  DPS - ok
18:20:43.0461 1044  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:20:43.0498 1044  drmkaud - ok
18:20:43.0560 1044  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:20:43.0576 1044  dtsoftbus01 - ok
18:20:43.0622 1044  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:20:43.0660 1044  DXGKrnl - ok
18:20:43.0678 1044  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:20:43.0729 1044  EapHost - ok
18:20:43.0813 1044  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:20:43.0948 1044  ebdrv - ok
18:20:43.0980 1044  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:20:44.0024 1044  EFS - ok
18:20:44.0076 1044  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:20:44.0129 1044  ehRecvr - ok
18:20:44.0158 1044  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:20:44.0206 1044  ehSched - ok
18:20:44.0251 1044  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:20:44.0282 1044  elxstor - ok
18:20:44.0325 1044  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:20:44.0357 1044  ErrDev - ok
18:20:44.0390 1044  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:20:44.0469 1044  EventSystem - ok
18:20:44.0516 1044  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:20:44.0562 1044  exfat - ok
18:20:44.0593 1044  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:20:44.0632 1044  fastfat - ok
18:20:44.0691 1044  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:20:44.0720 1044  Fax - ok
18:20:44.0733 1044  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:20:44.0749 1044  fdc - ok
18:20:44.0777 1044  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:20:44.0822 1044  fdPHost - ok
18:20:44.0834 1044  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:20:44.0878 1044  FDResPub - ok
18:20:44.0902 1044  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:20:44.0920 1044  FileInfo - ok
18:20:44.0926 1044  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:20:44.0985 1044  Filetrace - ok
18:20:45.0016 1044  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:20:45.0044 1044  flpydisk - ok
18:20:45.0079 1044  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:20:45.0103 1044  FltMgr - ok
18:20:45.0163 1044  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
18:20:45.0253 1044  FontCache - ok
18:20:45.0307 1044  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:20:45.0324 1044  FontCache3.0.0.0 - ok
18:20:45.0343 1044  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:20:45.0363 1044  FsDepends - ok
18:20:45.0399 1044  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:20:45.0412 1044  Fs_Rec - ok
18:20:45.0452 1044  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:20:45.0477 1044  fvevol - ok
18:20:45.0501 1044  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:20:45.0516 1044  gagp30kx - ok
18:20:45.0566 1044  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:20:45.0699 1044  gpsvc - ok
18:20:45.0755 1044  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
18:20:45.0771 1044  hamachi - ok
18:20:45.0782 1044  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:20:45.0820 1044  hcw85cir - ok
18:20:45.0850 1044  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:20:45.0886 1044  HDAudBus - ok
18:20:45.0914 1044  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:20:45.0972 1044  HidBatt - ok
18:20:45.0994 1044  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:20:46.0032 1044  HidBth - ok
18:20:46.0069 1044  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:20:46.0102 1044  HidIr - ok
18:20:46.0128 1044  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
18:20:46.0188 1044  hidserv - ok
18:20:46.0221 1044  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:20:46.0234 1044  HidUsb - ok
18:20:46.0258 1044  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:20:46.0313 1044  hkmsvc - ok
18:20:46.0359 1044  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:20:46.0408 1044  HomeGroupListener - ok
18:20:46.0449 1044  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:20:46.0483 1044  HomeGroupProvider - ok
18:20:46.0516 1044  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:20:46.0536 1044  HpSAMD - ok
18:20:46.0597 1044  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:20:46.0662 1044  HTTP - ok
18:20:46.0701 1044  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:20:46.0714 1044  hwpolicy - ok
18:20:46.0750 1044  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:20:46.0772 1044  i8042prt - ok
18:20:46.0830 1044  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:20:46.0861 1044  IAANTMON - ok
18:20:46.0876 1044  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:20:46.0893 1044  iaStor - ok
18:20:46.0938 1044  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:20:46.0969 1044  iaStorV - ok
18:20:47.0008 1044  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:20:47.0092 1044  idsvc - ok
18:20:47.0136 1044  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:20:47.0156 1044  iirsp - ok
18:20:47.0209 1044  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:20:47.0323 1044  IKEEXT - ok
18:20:47.0372 1044  [ 31C32BC56D85D109EBB0C526BE5CACA7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:20:47.0405 1044  IntcAzAudAddService - ok
18:20:47.0421 1044  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:20:47.0433 1044  intelide - ok
18:20:47.0469 1044  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:20:47.0499 1044  intelppm - ok
18:20:47.0545 1044  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:20:47.0609 1044  IPBusEnum - ok
18:20:47.0651 1044  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:20:47.0720 1044  IpFilterDriver - ok
18:20:47.0797 1044  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:20:47.0872 1044  iphlpsvc - ok
18:20:47.0902 1044  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:20:47.0929 1044  IPMIDRV - ok
18:20:47.0955 1044  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:20:48.0010 1044  IPNAT - ok
18:20:48.0029 1044  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:20:48.0078 1044  IRENUM - ok
18:20:48.0116 1044  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:20:48.0134 1044  isapnp - ok
18:20:48.0176 1044  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:20:48.0204 1044  iScsiPrt - ok
18:20:48.0263 1044  [ 9C6F3F69163133FB8E56AC4A6E163452 ] ISODrive        C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
18:20:48.0283 1044  ISODrive - ok
18:20:48.0309 1044  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:20:48.0328 1044  kbdclass - ok
18:20:48.0372 1044  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:20:48.0409 1044  kbdhid - ok
18:20:48.0435 1044  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:20:48.0452 1044  KeyIso - ok
18:20:48.0471 1044  [ DA1E991A61CFDD755A589E206B97644B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:20:48.0493 1044  KSecDD - ok
18:20:48.0519 1044  [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:20:48.0537 1044  KSecPkg - ok
18:20:48.0558 1044  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:20:48.0615 1044  ksthunk - ok
18:20:48.0648 1044  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:20:48.0695 1044  KtmRm - ok
18:20:48.0743 1044  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:20:48.0791 1044  LanmanServer - ok
18:20:48.0824 1044  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:20:48.0880 1044  LanmanWorkstation - ok
18:20:48.0942 1044  [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:20:48.0969 1044  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
18:20:48.0969 1044  LightScribeService - detected UnsignedFile.Multi.Generic (1)
18:20:49.0008 1044  [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
18:20:49.0025 1044  lirsgt - ok
18:20:49.0041 1044  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:20:49.0096 1044  lltdio - ok
18:20:49.0126 1044  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:20:49.0205 1044  lltdsvc - ok
18:20:49.0237 1044  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:20:49.0295 1044  lmhosts - ok
18:20:49.0335 1044  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:20:49.0354 1044  LSI_FC - ok
18:20:49.0359 1044  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:20:49.0378 1044  LSI_SAS - ok
18:20:49.0389 1044  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:20:49.0407 1044  LSI_SAS2 - ok
18:20:49.0424 1044  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:20:49.0443 1044  LSI_SCSI - ok
18:20:49.0468 1044  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:20:49.0527 1044  luafv - ok
18:20:49.0573 1044  [ 4A503882318BB2F59218D401614E6AF6 ] lvpepf64        C:\Windows\system32\DRIVERS\lv302a64.sys
18:20:49.0589 1044  lvpepf64 - ok
18:20:49.0615 1044  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:20:49.0630 1044  LVPr2M64 - ok
18:20:49.0663 1044  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:20:49.0675 1044  LVPr2Mon - ok
18:20:49.0739 1044  [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
18:20:49.0764 1044  LVPrcS64 - ok
18:20:49.0786 1044  [ 125AE13C293889001B8456CF3EB04A40 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
18:20:49.0814 1044  LVRS64 - ok
18:20:49.0827 1044  [ 5C3FF68267A5D242EE79EE01B993D6CE ] LVUSBS64        C:\Windows\system32\drivers\LVUSBS64.sys
18:20:49.0846 1044  LVUSBS64 - ok
18:20:49.0876 1044  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:20:49.0922 1044  Mcx2Svc - ok
18:20:49.0961 1044  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:20:49.0983 1044  megasas - ok
18:20:50.0003 1044  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:20:50.0032 1044  MegaSR - ok
18:20:50.0080 1044  [ D70476AD02D6FD75282B196D3B58831D ] MEMSWEEP2       C:\Windows\system32\4431.tmp
18:20:50.0090 1044  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
18:20:50.0090 1044  MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
18:20:50.0158 1044  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:20:50.0181 1044  Microsoft Office Groove Audit Service - ok
18:20:50.0208 1044  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:20:50.0273 1044  MMCSS - ok
18:20:50.0300 1044  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:20:50.0353 1044  Modem - ok
18:20:50.0395 1044  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:20:50.0431 1044  monitor - ok
18:20:50.0475 1044  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:20:50.0496 1044  mouclass - ok
18:20:50.0518 1044  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:20:50.0548 1044  mouhid - ok
18:20:50.0600 1044  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:20:50.0621 1044  mountmgr - ok
18:20:50.0669 1044  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:20:50.0694 1044  mpio - ok
18:20:50.0698 1044  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:20:50.0744 1044  mpsdrv - ok
18:20:50.0795 1044  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:20:50.0865 1044  MpsSvc - ok
18:20:50.0896 1044  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:20:50.0930 1044  MRxDAV - ok
18:20:50.0962 1044  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:20:51.0011 1044  mrxsmb - ok
18:20:51.0046 1044  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:20:51.0088 1044  mrxsmb10 - ok
18:20:51.0114 1044  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:20:51.0136 1044  mrxsmb20 - ok
18:20:51.0185 1044  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:20:51.0204 1044  msahci - ok
18:20:51.0237 1044  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:20:51.0261 1044  msdsm - ok
18:20:51.0288 1044  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:20:51.0327 1044  MSDTC - ok
18:20:51.0368 1044  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:20:51.0424 1044  Msfs - ok
18:20:51.0439 1044  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:20:51.0485 1044  mshidkmdf - ok
18:20:51.0533 1044  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:20:51.0545 1044  msisadrv - ok
18:20:51.0563 1044  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:20:51.0614 1044  MSiSCSI - ok
18:20:51.0617 1044  msiserver - ok
18:20:51.0644 1044  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:20:51.0685 1044  MSKSSRV - ok
18:20:51.0714 1044  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:20:51.0744 1044  MSPCLOCK - ok
18:20:51.0753 1044  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:20:51.0800 1044  MSPQM - ok
18:20:51.0834 1044  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:20:51.0853 1044  MsRPC - ok
18:20:51.0891 1044  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:20:51.0902 1044  mssmbios - ok
18:20:51.0987 1044  MSSQL$SQLEXPRESS - ok
18:20:52.0045 1044  [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:20:52.0068 1044  MSSQLServerADHelper100 - ok
18:20:52.0073 1044  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:20:52.0134 1044  MSTEE - ok
18:20:52.0157 1044  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:20:52.0192 1044  MTConfig - ok
18:20:52.0216 1044  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:20:52.0232 1044  Mup - ok
18:20:52.0279 1044  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:20:52.0343 1044  napagent - ok
18:20:52.0374 1044  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:20:52.0420 1044  NativeWifiP - ok
18:20:52.0452 1044  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:20:52.0482 1044  NDIS - ok
18:20:52.0504 1044  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:20:52.0533 1044  NdisCap - ok
18:20:52.0561 1044  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:20:52.0603 1044  NdisTapi - ok
18:20:52.0637 1044  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:20:52.0687 1044  Ndisuio - ok
18:20:52.0723 1044  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:20:52.0806 1044  NdisWan - ok
18:20:52.0853 1044  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:20:52.0918 1044  NDProxy - ok
18:20:52.0939 1044  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:20:52.0992 1044  NetBIOS - ok
18:20:53.0025 1044  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:20:53.0081 1044  NetBT - ok
18:20:53.0101 1044  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:20:53.0111 1044  Netlogon - ok
18:20:53.0136 1044  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:20:53.0175 1044  Netman - ok
18:20:53.0220 1044  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:53.0269 1044  NetMsmqActivator - ok
18:20:53.0274 1044  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:53.0287 1044  NetPipeActivator - ok
18:20:53.0316 1044  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:20:53.0358 1044  netprofm - ok
18:20:53.0378 1044  [ 44D4BD55191624C82A2745296BA42814 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
18:20:53.0415 1044  netr28x - ok
18:20:53.0418 1044  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:53.0426 1044  NetTcpActivator - ok
18:20:53.0429 1044  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:53.0437 1044  NetTcpPortSharing - ok
18:20:53.0479 1044  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:20:53.0492 1044  nfrd960 - ok
18:20:53.0524 1044  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:20:53.0564 1044  NlaSvc - ok
18:20:53.0575 1044  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:20:53.0610 1044  Npfs - ok
18:20:53.0618 1044  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:20:53.0677 1044  nsi - ok
18:20:53.0699 1044  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:20:53.0751 1044  nsiproxy - ok
18:20:53.0818 1044  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:20:53.0903 1044  Ntfs - ok
18:20:53.0908 1044  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:20:53.0936 1044  Null - ok
18:20:54.0152 1044  [ 4EE399576F76D38C04745DB739BBC8C7 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:20:54.0290 1044  nvlddmkm - ok
18:20:54.0345 1044  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:20:54.0367 1044  nvraid - ok
18:20:54.0416 1044  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:20:54.0442 1044  nvstor - ok
18:20:54.0479 1044  [ 7335C3D78A7746D76D37F6722CC4A466 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:20:54.0509 1044  nvsvc - ok
18:20:54.0618 1044  [ B7C53DA1C73FF39F4A6248643EFD979A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:20:54.0661 1044  nvUpdatusService - ok
18:20:54.0710 1044  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:20:54.0738 1044  nv_agp - ok
18:20:54.0810 1044  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:20:54.0851 1044  odserv - ok
18:20:54.0880 1044  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:20:54.0896 1044  ohci1394 - ok
18:20:54.0927 1044  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:20:54.0944 1044  ose - ok
18:20:54.0969 1044  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:20:55.0007 1044  p2pimsvc - ok
18:20:55.0024 1044  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:20:55.0053 1044  p2psvc - ok
18:20:55.0067 1044  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:20:55.0085 1044  Parport - ok
18:20:55.0118 1044  [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:20:55.0136 1044  partmgr - ok
18:20:55.0153 1044  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:20:55.0188 1044  PcaSvc - ok
18:20:55.0339 1044  [ 51209FBDB13A46E05C1B0077A9310264 ] PCDSRVC{F36B3A4C-F95654BD-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
18:20:55.0566 1044  PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok
18:20:55.0606 1044  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:20:55.0641 1044  pci - ok
18:20:55.0681 1044  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:20:55.0704 1044  pciide - ok
18:20:55.0737 1044  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:20:55.0772 1044  pcmcia - ok
18:20:55.0787 1044  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:20:55.0803 1044  pcw - ok
18:20:55.0831 1044  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:20:55.0909 1044  PEAUTH - ok
18:20:56.0041 1044  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:20:56.0062 1044  PerfHost - ok
18:20:56.0141 1044  [ AE0B94363DA0F60D42B9D05B352F61ED ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
18:20:56.0262 1044  PID_PEPI - ok
18:20:56.0318 1044  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:20:56.0411 1044  pla - ok
18:20:56.0462 1044  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:20:56.0509 1044  PlugPlay - ok
18:20:56.0512 1044  PnkBstrA - ok
18:20:56.0543 1044  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:20:56.0571 1044  PNRPAutoReg - ok
18:20:56.0592 1044  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:20:56.0609 1044  PNRPsvc - ok
18:20:56.0651 1044  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:20:56.0703 1044  PolicyAgent - ok
18:20:56.0728 1044  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:20:56.0757 1044  Power - ok
18:20:56.0806 1044  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:20:56.0878 1044  PptpMiniport - ok
18:20:56.0905 1044  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:20:56.0946 1044  Processor - ok
18:20:56.0981 1044  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
18:20:57.0024 1044  ProfSvc - ok
18:20:57.0046 1044  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:20:57.0057 1044  ProtectedStorage - ok
18:20:57.0098 1044  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:20:57.0128 1044  Psched - ok
18:20:57.0172 1044  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:20:57.0239 1044  ql2300 - ok
18:20:57.0256 1044  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:20:57.0272 1044  ql40xx - ok
18:20:57.0292 1044  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:20:57.0321 1044  QWAVE - ok
18:20:57.0340 1044  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:20:57.0372 1044  QWAVEdrv - ok
18:20:57.0382 1044  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:20:57.0432 1044  RasAcd - ok
18:20:57.0478 1044  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:20:57.0539 1044  RasAgileVpn - ok
18:20:57.0562 1044  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:20:57.0614 1044  RasAuto - ok
18:20:57.0657 1044  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:20:57.0713 1044  Rasl2tp - ok
18:20:57.0771 1044  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:20:57.0857 1044  RasMan - ok
18:20:57.0877 1044  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:20:57.0945 1044  RasPppoe - ok
18:20:57.0970 1044  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:20:58.0034 1044  RasSstp - ok
18:20:58.0077 1044  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:20:58.0140 1044  rdbss - ok
18:20:58.0179 1044  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:20:58.0199 1044  rdpbus - ok
18:20:58.0213 1044  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:20:58.0264 1044  RDPCDD - ok
18:20:58.0283 1044  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:20:58.0312 1044  RDPENCDD - ok
18:20:58.0319 1044  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:20:58.0347 1044  RDPREFMP - ok
18:20:58.0380 1044  [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:20:58.0437 1044  RDPWD - ok
18:20:58.0482 1044  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:20:58.0507 1044  rdyboost - ok
18:20:58.0534 1044  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:20:58.0578 1044  RemoteAccess - ok
18:20:58.0606 1044  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:20:58.0659 1044  RemoteRegistry - ok
18:20:58.0680 1044  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:20:58.0719 1044  RpcEptMapper - ok
18:20:58.0732 1044  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:20:58.0756 1044  RpcLocator - ok
18:20:58.0797 1044  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:20:58.0834 1044  RpcSs - ok
18:20:58.0871 1044  [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
18:20:58.0905 1044  RsFx0103 - ok
18:20:58.0927 1044  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:20:58.0984 1044  rspndr - ok
18:20:59.0021 1044  [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:20:59.0070 1044  RTL8167 - ok
18:20:59.0091 1044  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:20:59.0107 1044  SamSs - ok
18:20:59.0141 1044  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:20:59.0165 1044  sbp2port - ok
18:20:59.0189 1044  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:20:59.0241 1044  SCardSvr - ok
18:20:59.0282 1044  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:20:59.0313 1044  scfilter - ok
18:20:59.0365 1044  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:20:59.0449 1044  Schedule - ok
18:20:59.0465 1044  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:20:59.0504 1044  SCPolicySvc - ok
18:20:59.0523 1044  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:20:59.0577 1044  SDRSVC - ok
18:20:59.0604 1044  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:20:59.0653 1044  secdrv - ok
18:20:59.0684 1044  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:20:59.0747 1044  seclogon - ok
18:20:59.0759 1044  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
18:20:59.0817 1044  SENS - ok
18:20:59.0839 1044  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:20:59.0889 1044  SensrSvc - ok
18:20:59.0919 1044  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:20:59.0945 1044  Serenum - ok
18:20:59.0958 1044  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:21:00.0005 1044  Serial - ok
18:21:00.0066 1044  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:21:00.0102 1044  sermouse - ok
18:21:00.0150 1044  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:21:00.0226 1044  SessionEnv - ok
18:21:00.0258 1044  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:21:00.0307 1044  sffdisk - ok
18:21:00.0330 1044  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:21:00.0359 1044  sffp_mmc - ok
18:21:00.0367 1044  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:21:00.0401 1044  sffp_sd - ok
18:21:00.0417 1044  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:21:00.0433 1044  sfloppy - ok
18:21:00.0483 1044  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:21:00.0553 1044  SharedAccess - ok
18:21:00.0596 1044  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:21:00.0647 1044  ShellHWDetection - ok
18:21:00.0681 1044  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:21:00.0697 1044  SiSRaid2 - ok
18:21:00.0709 1044  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:21:00.0726 1044  SiSRaid4 - ok
18:21:00.0830 1044  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:21:00.0890 1044  SkypeUpdate - ok
18:21:00.0920 1044  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:21:00.0951 1044  Smb - ok
18:21:00.0989 1044  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:21:01.0017 1044  SNMPTRAP - ok
18:21:01.0032 1044  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:21:01.0045 1044  spldr - ok
18:21:01.0083 1044  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
18:21:01.0127 1044  Spooler - ok
18:21:01.0234 1044  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:21:01.0372 1044  sppsvc - ok
18:21:01.0387 1044  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:21:01.0433 1044  sppuinotify - ok
18:21:01.0558 1044  [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
18:21:01.0594 1044  SQLAgent$SQLEXPRESS - ok
18:21:01.0656 1044  [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:21:01.0685 1044  SQLBrowser - ok
18:21:01.0740 1044  [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:21:01.0762 1044  SQLWriter - ok
18:21:01.0800 1044  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:21:01.0845 1044  srv - ok
18:21:01.0886 1044  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:21:01.0934 1044  srv2 - ok
18:21:01.0952 1044  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:21:01.0978 1044  srvnet - ok
18:21:02.0011 1044  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:21:02.0063 1044  SSDPSRV - ok
18:21:02.0071 1044  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:21:02.0102 1044  SstpSvc - ok
18:21:02.0185 1044  [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:21:02.0221 1044  Steam Client Service - ok
18:21:02.0342 1044  [ 81F177C1954453AF407604160BD149CB ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:21:02.0382 1044  Stereo Service - ok
18:21:02.0398 1044  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:21:02.0412 1044  stexstor - ok
18:21:02.0458 1044  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:21:02.0510 1044  stisvc - ok
18:21:02.0549 1044  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:21:02.0566 1044  swenum - ok
18:21:02.0581 1044  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:21:02.0671 1044  swprv - ok
18:21:02.0736 1044  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:21:02.0824 1044  SysMain - ok
18:21:02.0856 1044  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:21:02.0878 1044  TabletInputService - ok
18:21:02.0920 1044  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:21:03.0004 1044  TapiSrv - ok
18:21:03.0020 1044  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:21:03.0062 1044  TBS - ok
18:21:03.0107 1044  [ FC62769E7BFF2896035AEED399108162 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:21:03.0175 1044  Tcpip - ok
18:21:03.0205 1044  [ FC62769E7BFF2896035AEED399108162 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:21:03.0233 1044  TCPIP6 - ok
18:21:03.0269 1044  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:21:03.0308 1044  tcpipreg - ok
18:21:03.0333 1044  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:21:03.0345 1044  TDPIPE - ok
18:21:03.0377 1044  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:21:03.0389 1044  TDTCP - ok
18:21:03.0427 1044  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:21:03.0472 1044  tdx - ok
18:21:03.0519 1044  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:21:03.0538 1044  TermDD - ok
18:21:03.0576 1044  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:21:03.0646 1044  TermService - ok
18:21:03.0686 1044  [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes          C:\Windows\system32\themeservice.dll
18:21:03.0698 1044  Themes ( UnsignedFile.Multi.Generic ) - warning
18:21:03.0698 1044  Themes - detected UnsignedFile.Multi.Generic (1)
18:21:03.0719 1044  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:21:03.0752 1044  THREADORDER - ok
18:21:03.0776 1044  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:21:03.0811 1044  TrkWks - ok
18:21:03.0874 1044  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:21:03.0929 1044  TrustedInstaller - ok
18:21:03.0959 1044  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:21:04.0016 1044  tssecsrv - ok
18:21:04.0088 1044  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:21:04.0136 1044  TsUsbFlt - ok
18:21:04.0193 1044  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:21:04.0254 1044  tunnel - ok
18:21:04.0277 1044  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:21:04.0301 1044  uagp35 - ok
18:21:04.0350 1044  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:21:04.0422 1044  udfs - ok
18:21:04.0437 1044  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:21:04.0457 1044  UI0Detect - ok
18:21:04.0502 1044  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:21:04.0520 1044  uliagpkx - ok
18:21:04.0567 1044  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:21:04.0588 1044  umbus - ok
18:21:04.0612 1044  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:21:04.0642 1044  UmPass - ok
18:21:04.0661 1044  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:21:04.0729 1044  upnphost - ok
18:21:04.0803 1044  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:21:04.0834 1044  usbaudio - ok
18:21:04.0871 1044  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:21:04.0900 1044  usbccgp - ok
18:21:04.0934 1044  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:21:04.0958 1044  usbcir - ok
18:21:05.0006 1044  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:21:05.0024 1044  usbehci - ok
18:21:05.0062 1044  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:21:05.0089 1044  usbhub - ok
18:21:05.0127 1044  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:21:05.0164 1044  usbohci - ok
18:21:05.0197 1044  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:21:05.0219 1044  usbprint - ok
18:21:05.0244 1044  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:21:05.0266 1044  usbscan - ok
18:21:05.0305 1044  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:21:05.0362 1044  USBSTOR - ok
18:21:05.0397 1044  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:21:05.0417 1044  usbuhci - ok
18:21:05.0440 1044  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:21:05.0507 1044  UxSms - ok
18:21:05.0524 1044  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:21:05.0534 1044  VaultSvc - ok
18:21:05.0575 1044  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:21:05.0590 1044  vdrvroot - ok
18:21:05.0627 1044  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:21:05.0715 1044  vds - ok
18:21:05.0751 1044  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:21:05.0775 1044  vga - ok
18:21:05.0811 1044  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:21:05.0873 1044  VgaSave - ok
18:21:05.0914 1044  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:21:05.0944 1044  vhdmp - ok
18:21:05.0983 1044  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:21:06.0004 1044  viaide - ok
18:21:06.0043 1044  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:21:06.0072 1044  volmgr - ok
18:21:06.0114 1044  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:21:06.0146 1044  volmgrx - ok
18:21:06.0179 1044  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:21:06.0208 1044  volsnap - ok
18:21:06.0240 1044  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:21:06.0264 1044  vsmraid - ok
18:21:06.0403 1044  [ 1928B9CA20F51BFBBAD54D2C2C447B13 ] VSPerfDrv100    C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
18:21:06.0432 1044  VSPerfDrv100 - ok
18:21:06.0500 1044  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:21:06.0644 1044  VSS - ok
18:21:06.0670 1044  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:21:06.0702 1044  vwifibus - ok
18:21:06.0732 1044  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:21:06.0753 1044  vwififlt - ok
18:21:06.0768 1044  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:21:06.0798 1044  vwifimp - ok
18:21:06.0834 1044  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:21:06.0886 1044  W32Time - ok
18:21:06.0910 1044  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:21:06.0942 1044  WacomPen - ok
18:21:07.0000 1044  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:21:07.0043 1044  WANARP - ok
18:21:07.0060 1044  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:21:07.0095 1044  Wanarpv6 - ok
18:21:07.0139 1044  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:21:07.0225 1044  wbengine - ok
18:21:07.0249 1044  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:21:07.0279 1044  WbioSrvc - ok
18:21:07.0321 1044  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:21:07.0353 1044  wcncsvc - ok
18:21:07.0363 1044  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:21:07.0392 1044  WcsPlugInService - ok
18:21:07.0424 1044  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:21:07.0439 1044  Wd - ok
18:21:07.0476 1044  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:21:07.0510 1044  Wdf01000 - ok
18:21:07.0514 1044  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:21:07.0599 1044  WdiServiceHost - ok
18:21:07.0602 1044  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:21:07.0623 1044  WdiSystemHost - ok
18:21:07.0662 1044  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:21:07.0702 1044  WebClient - ok
18:21:07.0724 1044  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:21:07.0786 1044  Wecsvc - ok
18:21:07.0797 1044  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:21:07.0841 1044  wercplsupport - ok
18:21:07.0876 1044  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:21:07.0914 1044  WerSvc - ok
18:21:07.0936 1044  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:21:07.0968 1044  WfpLwf - ok
18:21:07.0986 1044  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:21:07.0999 1044  WIMMount - ok
18:21:08.0029 1044  WinDefend - ok
18:21:08.0034 1044  WinHttpAutoProxySvc - ok
18:21:08.0099 1044  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:21:08.0164 1044  Winmgmt - ok
18:21:08.0223 1044  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:21:08.0321 1044  WinRM - ok
18:21:08.0379 1044  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
18:21:08.0414 1044  WinUsb - ok
18:21:08.0451 1044  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:21:08.0538 1044  Wlansvc - ok
18:21:08.0686 1044  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:21:08.0781 1044  wlidsvc - ok
18:21:08.0818 1044  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:21:08.0831 1044  WmiAcpi - ok
18:21:08.0864 1044  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:21:08.0891 1044  wmiApSrv - ok
18:21:08.0926 1044  WMPNetworkSvc - ok
18:21:08.0986 1044  [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm      c:\Program Files\Zune\WMZuneComm.exe
18:21:09.0027 1044  WMZuneComm - ok
18:21:09.0057 1044  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:21:09.0096 1044  WPCSvc - ok
18:21:09.0135 1044  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:21:09.0167 1044  WPDBusEnum - ok
18:21:09.0191 1044  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:21:09.0244 1044  ws2ifsl - ok
18:21:09.0278 1044  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
18:21:09.0325 1044  wscsvc - ok
18:21:09.0329 1044  WSearch - ok
18:21:09.0402 1044  [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:21:09.0528 1044  wuauserv - ok
18:21:09.0576 1044  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:21:09.0632 1044  WudfPf - ok
18:21:09.0661 1044  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:21:09.0718 1044  WUDFRd - ok
18:21:09.0743 1044  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:21:09.0776 1044  wudfsvc - ok
18:21:09.0803 1044  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:21:09.0828 1044  WwanSvc - ok
18:21:09.0877 1044  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
18:21:09.0911 1044  xusb21 - ok
18:21:10.0071 1044  [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc  c:\Program Files\Zune\ZuneNss.exe
18:21:10.0364 1044  ZuneNetworkSvc - ok
18:21:10.0409 1044  [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc  c:\Program Files\Zune\ZuneWlanCfgSvc.exe
18:21:10.0437 1044  ZuneWlanCfgSvc - ok
18:21:10.0452 1044  ================ Scan global ===============================
18:21:10.0474 1044  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:21:10.0516 1044  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:21:10.0530 1044  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:21:10.0550 1044  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:21:10.0579 1044  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:21:10.0591 1044  [Global] - ok
18:21:10.0591 1044  ================ Scan MBR ==================================
18:21:10.0600 1044  [ C04E33E69EB86700BF694E83B8B0B6E6 ] \Device\Harddisk0\DR0
18:21:10.0921 1044  \Device\Harddisk0\DR0 - ok
18:21:10.0922 1044  ================ Scan VBR ==================================
18:21:10.0926 1044  [ 5B5D2AF2D7E84C55CE8560C48CF5F12B ] \Device\Harddisk0\DR0\Partition1
18:21:10.0928 1044  \Device\Harddisk0\DR0\Partition1 - ok
18:21:10.0975 1044  [ DA3F112239BCDF911931C445BA3CDD20 ] \Device\Harddisk0\DR0\Partition2
18:21:10.0978 1044  \Device\Harddisk0\DR0\Partition2 - ok
18:21:11.0018 1044  [ D21B0DE9CF35D6A2FD4F5C7438F672E7 ] \Device\Harddisk0\DR0\Partition3
18:21:11.0021 1044  \Device\Harddisk0\DR0\Partition3 - ok
18:21:11.0021 1044  ============================================================
18:21:11.0021 1044  Scan finished
18:21:11.0021 1044  ============================================================
18:21:11.0038 5964  Detected object count: 4
18:21:11.0038 5964  Actual detected object count: 4
18:38:15.0744 5964  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:38:15.0745 5964  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:38:15.0746 5964  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
18:38:15.0746 5964  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:38:15.0748 5964  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
18:38:15.0748 5964  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:38:15.0749 5964  Themes ( UnsignedFile.Multi.Generic ) - skipped by user
18:38:15.0750 5964  Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 12.08.2013, 17:42   #10
markusg
/// Malware-holic
 
Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Standard

Interpol Trojaner - Sperschirm//FRST.Log schon angehängt



Hi,
sehr gut.
es sind 4 Logs zu erstellen, möglichst gleichzeitig posten.
1.
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


neustarten.
2.
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Neustarten.
3.

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


neustarten
4.
Hitmanpro laden:
HitmanPro - Download - Filepony
Doppelklicken, Scan klicken.
Log speichern und posten, bzw als XML exportieren, packen und anhängen.
Hitmanpro schließen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Interpol Trojaner - Sperschirm//FRST.Log schon angehängt
administrator, adobe, browser, desktop, explorer, farbar, farbar recovery scan tool, google, helper, home, homepage, iexplore.exe, lws.exe, microsoft, mozilla, performance, plug-in, problem, registry, scan, server, services.exe, software, stick, svchost.exe, temp, trojaner, usb, winlogon.exe



Ähnliche Themen: Interpol Trojaner - Sperschirm//FRST.Log schon angehängt


  1. ich habe einen Virus eingefangen der aus FRST.txt ein FRST.txt!___prosschiff@gmail.com_ macht
    Log-Analyse und Auswertung - 27.09.2015 (3)
  2. GVU Trojaner Interpol Merkel - Windows XP x86 - OTL.txt schon erstellt
    Plagegeister aller Art und deren Bekämpfung - 22.05.2014 (24)
  3. Windows 7: Interpol-Trojaner, FRST-Scan angefügt
    Log-Analyse und Auswertung - 02.04.2014 (10)
  4. Interpol Virus - FRST.exe
    Plagegeister aller Art und deren Bekämpfung - 25.03.2014 (21)
  5. Interpol Trojaner Windows 7 Statusfenster von frst erscheint nicht
    Log-Analyse und Auswertung - 08.12.2013 (3)
  6. FRST.txt nach Interpol-Polizei Trojaner/Virus
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (3)
  7. WIN 7 / Sperrbildschirm(interpol trojaner) / FRST-Scan
    Log-Analyse und Auswertung - 10.10.2013 (14)
  8. GVU Trojaner! FRST scan schon durchgeführt, wie gehts weiter?
    Log-Analyse und Auswertung - 16.09.2013 (10)
  9. Interpol Trojaner hat PC gesperrt - frst Scan bereits durchgeführt
    Plagegeister aller Art und deren Bekämpfung - 14.08.2013 (7)
  10. Interpol Trojaner - FRST Logfile includiert
    Plagegeister aller Art und deren Bekämpfung - 13.08.2013 (13)
  11. Interpol Trojaner - Logfile schon angehängt
    Plagegeister aller Art und deren Bekämpfung - 12.08.2013 (3)
  12. Weißer Bildschirm nach Neustart, scan via FRST.exe --> FRST.txt
    Log-Analyse und Auswertung - 06.08.2013 (5)
  13. GVU Trojaner - PC gesperrt - defogger + OTL-Log angehängt
    Plagegeister aller Art und deren Bekämpfung - 12.09.2012 (5)
  14. Win7 PC mit BKA-Trojaner infiziert (Logfiles angehängt)
    Log-Analyse und Auswertung - 08.08.2012 (18)
  15. GVU Trojaner 2.07 / Logfiles angehängt
    Log-Analyse und Auswertung - 30.07.2012 (8)
  16. Bundespolizei-Trojaner, OTL-Logs angehängt
    Plagegeister aller Art und deren Bekämpfung - 17.07.2012 (5)
  17. 50 € Trojaner, Win XP, OTL Logfiles angehängt
    Plagegeister aller Art und deren Bekämpfung - 05.03.2012 (36)

Zum Thema Interpol Trojaner - Sperschirm//FRST.Log schon angehängt - Guten Tag, ich habe das Problem das ich seit gestern einen Interpol Trojaner eingefangen habe. Ich habe bereits ein FRST Scan duchgeführt und diesen auch angehängt. allerdings hat der Scan - Interpol Trojaner - Sperschirm//FRST.Log schon angehängt...
Archiv
Du betrachtest: Interpol Trojaner - Sperschirm//FRST.Log schon angehängt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.