Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   2837 Versteckte Objekte (https://www.trojaner-board.de/131488-2837-versteckte-objekte.html)

mossi 06.03.2013 13:21
Code:
13:17:48.0116 0724  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:17:50.0144 0724  ============================================================
13:17:50.0144 0724  Current date / time: 2013/03/06 13:17:50.0144
13:17:50.0144 0724  SystemInfo:
13:17:50.0144 0724 
13:17:50.0144 0724  OS Version: 6.1.7601 ServicePack: 1.0
13:17:50.0144 0724  Product type: Workstation
13:17:50.0144 0724  ComputerName: MOSSI-HP
13:17:50.0144 0724  UserName: mossi
13:17:50.0144 0724  Windows directory: C:\windows
13:17:50.0144 0724  System windows directory: C:\windows
13:17:50.0144 0724  Running under WOW64
13:17:50.0144 0724  Processor architecture: Intel x64
13:17:50.0144 0724  Number of processors: 1
13:17:50.0144 0724  Page size: 0x1000
13:17:50.0144 0724  Boot type: Normal boot
13:17:50.0144 0724  ============================================================
13:17:53.0373 0724  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:17:53.0373 0724  ============================================================
13:17:53.0373 0724  \Device\Harddisk0\DR0:
13:17:53.0373 0724  MBR partitions:
13:17:53.0373 0724  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
13:17:53.0373 0724  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x10782000
13:17:53.0373 0724  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10818800, BlocksNum 0x1E00000
13:17:53.0373 0724  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x12618800, BlocksNum 0x3FD800
13:17:53.0373 0724  ============================================================
13:17:53.0451 0724  C: <-> \Device\Harddisk0\DR0\Partition2
13:17:53.0467 0724  F: <-> \Device\Harddisk0\DR0\Partition4
13:17:53.0467 0724  ============================================================
13:17:53.0467 0724  Initialize success
13:17:53.0467 0724  ============================================================
13:18:40.0953 4980  ============================================================
13:18:40.0953 4980  Scan started
13:18:40.0953 4980  Mode: Manual; SigCheck; TDLFS;
13:18:40.0953 4980  ============================================================
13:18:42.0232 4980  ================ Scan system memory ========================
13:18:42.0232 4980  System memory - ok
13:18:42.0248 4980  ================ Scan services =============================
13:18:42.0498 4980  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
13:18:42.0872 4980  1394ohci - ok
13:18:42.0934 4980  [ C8030D922511A926D0AA06B78C4B87A9 ] acedrv06        C:\windows\system32\drivers\acedrv06.sys
13:18:42.0997 4980  acedrv06 ( UnsignedFile.Multi.Generic ) - warning
13:18:42.0997 4980  acedrv06 - detected UnsignedFile.Multi.Generic (1)
13:18:43.0059 4980  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:18:43.0137 4980  ACPI - ok
13:18:43.0184 4980  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\windows\system32\drivers\acpipmi.sys
13:18:43.0309 4980  AcpiPmi - ok
13:18:43.0465 4980  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:18:43.0527 4980  AdobeFlashPlayerUpdateSvc - ok
13:18:43.0590 4980  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\windows\system32\DRIVERS\adp94xx.sys
13:18:43.0668 4980  adp94xx - ok
13:18:43.0714 4980  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\windows\system32\DRIVERS\adpahci.sys
13:18:43.0761 4980  adpahci - ok
13:18:43.0808 4980  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\windows\system32\DRIVERS\adpu320.sys
13:18:43.0855 4980  adpu320 - ok
13:18:43.0902 4980  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\windows\System32\aelupsvc.dll
13:18:44.0229 4980  AeLookupSvc - ok
13:18:44.0354 4980  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters    C:\Program Files\IDT\WDM\AESTSr64.exe
13:18:44.0463 4980  AESTFilters - ok
13:18:44.0526 4980  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\windows\system32\drivers\afd.sys
13:18:44.0760 4980  AFD - ok
13:18:44.0807 4980  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
13:18:44.0853 4980  agp440 - ok
13:18:44.0900 4980  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\windows\System32\alg.exe
13:18:45.0009 4980  ALG - ok
13:18:45.0041 4980  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
13:18:45.0087 4980  aliide - ok
13:18:45.0134 4980  [ 5A06AB7AB4D389DFE3C109599DF0BB65 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
13:18:45.0243 4980  AMD External Events Utility - ok
13:18:45.0275 4980  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
13:18:45.0321 4980  amdide - ok
13:18:45.0353 4980  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\windows\system32\DRIVERS\amdk8.sys
13:18:45.0493 4980  AmdK8 - ok
13:18:45.0743 4980  [ 650DDCCD6657E20737433CB774521B81 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
13:18:46.0117 4980  amdkmdag - ok
13:18:46.0148 4980  [ F51B013C55B30DBE3AD59A7FE197C5BA ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
13:18:46.0226 4980  amdkmdap - ok
13:18:46.0273 4980  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
13:18:46.0335 4980  AmdPPM - ok
13:18:46.0382 4980  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\windows\system32\drivers\amdsata.sys
13:18:46.0429 4980  amdsata - ok
13:18:46.0476 4980  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
13:18:46.0523 4980  amdsbs - ok
13:18:46.0554 4980  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\windows\system32\drivers\amdxata.sys
13:18:46.0601 4980  amdxata - ok
13:18:46.0803 4980  [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:18:46.0881 4980  AntiVirSchedulerService - ok
13:18:46.0944 4980  [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:18:46.0991 4980  AntiVirService - ok
13:18:47.0037 4980  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\windows\system32\drivers\appid.sys
13:18:47.0256 4980  AppID - ok
13:18:47.0303 4980  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:18:47.0427 4980  AppIDSvc - ok
13:18:47.0490 4980  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\windows\System32\appinfo.dll
13:18:47.0630 4980  Appinfo - ok
13:18:47.0677 4980  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\windows\system32\DRIVERS\arc.sys
13:18:47.0708 4980  arc - ok
13:18:47.0724 4980  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
13:18:47.0755 4980  arcsas - ok
13:18:47.0864 4980  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:18:47.0895 4980  aspnet_state - ok
13:18:47.0927 4980  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:18:48.0051 4980  AsyncMac - ok
13:18:48.0098 4980  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\windows\system32\drivers\atapi.sys
13:18:48.0114 4980  atapi - ok
13:18:48.0223 4980  [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService  C:\windows\system32\drivers\AtiHdmi.sys
13:18:48.0348 4980  AtiHdmiService - ok
13:18:48.0395 4980  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie        C:\windows\system32\DRIVERS\AtiPcie64.sys
13:18:48.0441 4980  AtiPcie - ok
13:18:48.0535 4980  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
13:18:48.0769 4980  AudioEndpointBuilder - ok
13:18:48.0863 4980  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
13:18:48.0956 4980  AudioSrv - ok
13:18:49.0019 4980  [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
13:18:49.0034 4980  avgntflt - ok
13:18:49.0097 4980  [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
13:18:49.0112 4980  avipbb - ok
13:18:49.0143 4980  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
13:18:49.0159 4980  avkmgr - ok
13:18:49.0237 4980  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:18:49.0362 4980  AxInstSV - ok
13:18:49.0409 4980  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\windows\system32\DRIVERS\bxvbda.sys
13:18:49.0533 4980  b06bdrv - ok
13:18:49.0596 4980  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
13:18:49.0658 4980  b57nd60a - ok
13:18:49.0814 4980  [ 810BE94A9E42309B3F74217AC28BC6AC ] BCM43XX        C:\windows\system32\DRIVERS\bcmwl664.sys
13:18:50.0017 4980  BCM43XX - ok
13:18:50.0064 4980  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
13:18:50.0157 4980  BDESVC - ok
13:18:50.0173 4980  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
13:18:50.0329 4980  Beep - ok
13:18:50.0423 4980  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\windows\System32\bfe.dll
13:18:50.0579 4980  BFE - ok
13:18:50.0625 4980  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\system32\qmgr.dll
13:18:50.0844 4980  BITS - ok
13:18:50.0891 4980  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
13:18:50.0953 4980  blbdrive - ok
13:18:51.0000 4980  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:18:51.0093 4980  bowser - ok
13:18:51.0125 4980  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
13:18:51.0218 4980  BrFiltLo - ok
13:18:51.0249 4980  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
13:18:51.0296 4980  BrFiltUp - ok
13:18:51.0343 4980  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
13:18:51.0468 4980  BridgeMP - ok
13:18:51.0515 4980  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\windows\System32\browser.dll
13:18:51.0608 4980  Browser - ok
13:18:51.0639 4980  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\windows\System32\Drivers\Brserid.sys
13:18:51.0749 4980  Brserid - ok
13:18:51.0780 4980  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
13:18:51.0842 4980  BrSerWdm - ok
13:18:51.0858 4980  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
13:18:51.0920 4980  BrUsbMdm - ok
13:18:51.0951 4980  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
13:18:52.0014 4980  BrUsbSer - ok
13:18:52.0092 4980  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum        C:\windows\system32\drivers\BthEnum.sys
13:18:52.0326 4980  BthEnum - ok
13:18:52.0357 4980  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
13:18:52.0435 4980  BTHMODEM - ok
13:18:52.0466 4980  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
13:18:52.0513 4980  BthPan - ok
13:18:52.0591 4980  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT        C:\windows\System32\Drivers\BTHport.sys
13:18:52.0700 4980  BTHPORT - ok
13:18:52.0731 4980  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\windows\system32\bthserv.dll
13:18:52.0856 4980  bthserv - ok
13:18:52.0903 4980  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
13:18:52.0965 4980  BTHUSB - ok
13:18:53.0028 4980  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl        C:\windows\system32\drivers\btwampfl.sys
13:18:53.0075 4980  btwampfl - ok
13:18:53.0121 4980  [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
13:18:53.0153 4980  btwaudio - ok
13:18:53.0215 4980  [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt        C:\windows\system32\DRIVERS\btwavdt.sys
13:18:53.0262 4980  btwavdt - ok
13:18:53.0355 4980  [ 692F8648D7686D91E34A65AC698019D8 ] btwdins        C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:18:53.0433 4980  btwdins - ok
13:18:53.0465 4980  [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
13:18:53.0511 4980  btwl2cap - ok
13:18:53.0543 4980  [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
13:18:53.0574 4980  btwrchid - ok
13:18:53.0621 4980  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:18:53.0745 4980  cdfs - ok
13:18:53.0823 4980  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\windows\system32\DRIVERS\cdrom.sys
13:18:53.0901 4980  cdrom - ok
13:18:53.0979 4980  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\windows\System32\certprop.dll
13:18:54.0104 4980  CertPropSvc - ok
13:18:54.0151 4980  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\DRIVERS\circlass.sys
13:18:54.0213 4980  circlass - ok
13:18:54.0260 4980  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
13:18:54.0323 4980  CLFS - ok
13:18:54.0385 4980  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:18:54.0432 4980  clr_optimization_v2.0.50727_32 - ok
13:18:54.0479 4980  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:18:54.0525 4980  clr_optimization_v2.0.50727_64 - ok
13:18:54.0603 4980  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:18:54.0650 4980  clr_optimization_v4.0.30319_32 - ok
13:18:54.0681 4980  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:18:54.0728 4980  clr_optimization_v4.0.30319_64 - ok
13:18:54.0775 4980  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
13:18:54.0837 4980  CmBatt - ok
13:18:54.0884 4980  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
13:18:54.0931 4980  cmdide - ok
13:18:54.0993 4980  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\windows\system32\Drivers\cng.sys
13:18:55.0071 4980  CNG - ok
13:18:55.0103 4980  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
13:18:55.0134 4980  Compbatt - ok
13:18:55.0181 4980  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
13:18:55.0243 4980  CompositeBus - ok
13:18:55.0274 4980  COMSysApp - ok
13:18:55.0305 4980  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\windows\system32\DRIVERS\crcdisk.sys
13:18:55.0352 4980  crcdisk - ok
13:18:55.0415 4980  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:18:55.0539 4980  CryptSvc - ok
13:18:55.0602 4980  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
13:18:55.0758 4980  DcomLaunch - ok
13:18:55.0820 4980  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\windows\System32\defragsvc.dll
13:18:55.0945 4980  defragsvc - ok
13:18:56.0007 4980  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
13:18:56.0132 4980  DfsC - ok
13:18:56.0210 4980  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
13:18:56.0351 4980  Dhcp - ok
13:18:56.0397 4980  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
13:18:56.0507 4980  discache - ok
13:18:56.0553 4980  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\DRIVERS\disk.sys
13:18:56.0585 4980  Disk - ok
13:18:56.0631 4980  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:18:56.0756 4980  Dnscache - ok
13:18:56.0819 4980  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\windows\System32\dot3svc.dll
13:18:56.0943 4980  dot3svc - ok
13:18:56.0990 4980  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\windows\system32\dps.dll
13:18:57.0115 4980  DPS - ok
13:18:57.0162 4980  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\windows\system32\drivers\drmkaud.sys
13:18:57.0209 4980  drmkaud - ok
13:18:57.0271 4980  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\windows\System32\drivers\dxgkrnl.sys
13:18:57.0349 4980  DXGKrnl - ok
13:18:57.0396 4980  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\windows\System32\eapsvc.dll
13:18:57.0521 4980  EapHost - ok
13:18:57.0661 4980  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\windows\system32\DRIVERS\evbda.sys
13:18:57.0833 4980  ebdrv - ok
13:18:57.0864 4980  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\windows\System32\lsass.exe
13:18:57.0973 4980  EFS - ok
13:18:58.0051 4980  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\windows\ehome\ehRecvr.exe
13:18:58.0160 4980  ehRecvr - ok
13:18:58.0207 4980  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\windows\ehome\ehsched.exe
13:18:58.0301 4980  ehSched - ok
13:18:58.0363 4980  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\windows\system32\DRIVERS\elxstor.sys
13:18:58.0425 4980  elxstor - ok
13:18:58.0457 4980  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
13:18:58.0519 4980  ErrDev - ok
13:18:58.0597 4980  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\windows\system32\es.dll
13:18:58.0737 4980  EventSystem - ok
13:18:58.0800 4980  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\windows\system32\drivers\exfat.sys
13:18:58.0971 4980  exfat - ok
13:18:59.0018 4980  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\windows\system32\drivers\fastfat.sys
13:18:59.0174 4980  fastfat - ok
13:18:59.0268 4980  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\windows\system32\fxssvc.exe
13:18:59.0393 4980  Fax - ok
13:18:59.0424 4980  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\windows\system32\DRIVERS\fdc.sys
13:18:59.0486 4980  fdc - ok
13:18:59.0517 4980  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\windows\system32\fdPHost.dll
13:18:59.0642 4980  fdPHost - ok
13:18:59.0736 4980  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
13:18:59.0861 4980  FDResPub - ok
13:18:59.0892 4980  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:18:59.0939 4980  FileInfo - ok
13:18:59.0954 4980  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\windows\system32\drivers\filetrace.sys
13:19:00.0095 4980  Filetrace - ok
13:19:00.0141 4980  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
13:19:00.0204 4980  flpydisk - ok
13:19:00.0266 4980  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:19:00.0313 4980  FltMgr - ok
13:19:00.0391 4980  [ C4C183E6551084039EC862DA1C945E3D ] FontCache      C:\windows\system32\FntCache.dll
13:19:00.0531 4980  FontCache - ok
13:19:00.0609 4980  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:19:00.0656 4980  FontCache3.0.0.0 - ok
13:19:00.0687 4980  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\windows\system32\drivers\FsDepends.sys
13:19:00.0734 4980  FsDepends - ok
13:19:00.0781 4980  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:19:01.0031 4980  Fs_Rec - ok
13:19:01.0093 4980  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:19:01.0155 4980  fvevol - ok
13:19:01.0202 4980  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
13:19:01.0249 4980  gagp30kx - ok
13:19:01.0343 4980  [ E80C14B9C6E5B57BB7710B356857A964 ] gfiark          C:\windows\system32\drivers\gfiark.sys
13:19:01.0374 4980  gfiark - ok
13:19:01.0436 4980  [ 14908F4F9005C29DE8F5587E271390EE ] gfibto          C:\windows\system32\drivers\gfibto.sys
13:19:01.0483 4980  gfibto - ok
13:19:01.0545 4980  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\windows\System32\gpsvc.dll
13:19:01.0701 4980  gpsvc - ok
13:19:01.0779 4980  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:19:01.0826 4980  gupdate - ok
13:19:01.0842 4980  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:19:01.0873 4980  gupdatem - ok
13:19:01.0920 4980  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:19:01.0967 4980  gusvc - ok
13:19:01.0998 4980  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
13:19:02.0091 4980  hcw85cir - ok
13:19:02.0154 4980  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:19:02.0232 4980  HdAudAddService - ok
13:19:02.0294 4980  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
13:19:02.0357 4980  HDAudBus - ok
13:19:02.0388 4980  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\windows\system32\DRIVERS\HidBatt.sys
13:19:02.0450 4980  HidBatt - ok
13:19:02.0497 4980  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
13:19:02.0559 4980  HidBth - ok
13:19:02.0606 4980  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\windows\system32\DRIVERS\hidir.sys
13:19:02.0684 4980  HidIr - ok
13:19:02.0731 4980  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\windows\System32\hidserv.dll
13:19:02.0871 4980  hidserv - ok
13:19:02.0918 4980  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
13:19:02.0949 4980  HidUsb - ok
13:19:02.0996 4980  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:19:03.0121 4980  hkmsvc - ok
13:19:03.0168 4980  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:19:03.0277 4980  HomeGroupListener - ok
13:19:03.0324 4980  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:19:03.0402 4980  HomeGroupProvider - ok
13:19:03.0511 4980  [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:19:03.0573 4980  HP Support Assistant Service - ok
13:19:03.0636 4980  [ 58CC11D14D88EF70EF7ABBC75B5EEBD8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
13:19:03.0698 4980  HP Wireless Assistant Service - ok
13:19:03.0776 4980  [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:19:03.0823 4980  HPDrvMntSvc.exe - ok
13:19:03.0901 4980  [ 120C1CEB5E45DB0A04416242BD6C1E3E ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
13:19:03.0979 4980  hpHotkeyMonitor - ok
13:19:04.0041 4980  [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr      C:\windows\system32\DRIVERS\HpqKbFiltr.sys
13:19:04.0088 4980  HpqKbFiltr - ok
13:19:04.0151 4980  [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:19:04.0197 4980  hpqwmiex - ok
13:19:04.0244 4980  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:19:04.0260 4980  HpSAMD - ok
13:19:04.0322 4980  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:19:04.0478 4980  HTTP - ok
13:19:04.0525 4980  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:19:04.0587 4980  hwpolicy - ok
13:19:04.0634 4980  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
13:19:04.0697 4980  i8042prt - ok
13:19:04.0743 4980  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\windows\system32\drivers\iaStorV.sys
13:19:04.0821 4980  iaStorV - ok
13:19:04.0899 4980  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:19:04.0962 4980  idsvc - ok
13:19:04.0993 4980  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\windows\system32\DRIVERS\iirsp.sys
13:19:05.0040 4980  iirsp - ok
13:19:05.0102 4980  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
13:19:05.0258 4980  IKEEXT - ok
13:19:05.0305 4980  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
13:19:05.0352 4980  intelide - ok
13:19:05.0399 4980  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
13:19:05.0445 4980  intelppm - ok
13:19:05.0508 4980  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\windows\system32\ipbusenum.dll
13:19:05.0617 4980  IPBusEnum - ok
13:19:05.0679 4980  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:19:05.0835 4980  IpFilterDriver - ok
13:19:05.0898 4980  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:19:05.0991 4980  iphlpsvc - ok
13:19:06.0038 4980  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\windows\system32\drivers\IPMIDrv.sys
13:19:06.0069 4980  IPMIDRV - ok
13:19:06.0116 4980  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\windows\system32\drivers\ipnat.sys
13:19:06.0257 4980  IPNAT - ok
13:19:06.0303 4980  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:19:06.0413 4980  IRENUM - ok
13:19:06.0444 4980  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:19:06.0491 4980  isapnp - ok
13:19:06.0537 4980  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
13:19:06.0584 4980  iScsiPrt - ok
13:19:06.0631 4980  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
13:19:06.0678 4980  kbdclass - ok
13:19:06.0740 4980  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
13:19:06.0787 4980  kbdhid - ok
13:19:06.0818 4980  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
13:19:06.0881 4980  KeyIso - ok
13:19:06.0927 4980  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:19:06.0959 4980  KSecDD - ok
13:19:07.0021 4980  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\windows\system32\Drivers\ksecpkg.sys
13:19:07.0068 4980  KSecPkg - ok
13:19:07.0099 4980  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\windows\system32\drivers\ksthunk.sys
13:19:07.0224 4980  ksthunk - ok
13:19:07.0317 4980  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\windows\system32\msdtckrm.dll
13:19:07.0395 4980  KtmRm - ok
13:19:07.0442 4980  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\System32\srvsvc.dll
13:19:07.0505 4980  LanmanServer - ok
13:19:07.0551 4980  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:19:07.0645 4980  LanmanWorkstation - ok
13:19:07.0707 4980  [ 47269F0DE1E5089C6F23BC1EC48CFC31 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:19:07.0739 4980  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
13:19:07.0739 4980  LightScribeService - detected UnsignedFile.Multi.Generic (1)
13:19:07.0770 4980  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:19:07.0848 4980  lltdio - ok
13:19:07.0895 4980  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\windows\System32\lltdsvc.dll
13:19:07.0957 4980  lltdsvc - ok
13:19:07.0988 4980  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\windows\System32\lmhsvc.dll
13:19:08.0066 4980  lmhosts - ok
13:19:08.0113 4980  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
13:19:08.0129 4980  LSI_FC - ok
13:19:08.0160 4980  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\windows\system32\DRIVERS\lsi_sas.sys
13:19:08.0175 4980  LSI_SAS - ok
13:19:08.0191 4980  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
13:19:08.0222 4980  LSI_SAS2 - ok
13:19:08.0238 4980  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
13:19:08.0253 4980  LSI_SCSI - ok
13:19:08.0285 4980  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\windows\system32\drivers\luafv.sys
13:19:08.0347 4980  luafv - ok
13:19:08.0425 4980  [ FCD749A10CF28DF4F508D2BF87491E83 ] McAfee SiteAdvisor Enterprise Service C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe
13:19:08.0441 4980  McAfee SiteAdvisor Enterprise Service - ok
13:19:08.0487 4980  [ DD0F83167275CC2C66EA87B479CADC14 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
13:19:08.0519 4980  McShield - ok
13:19:08.0581 4980  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\windows\system32\Mcx2Svc.dll
13:19:08.0643 4980  Mcx2Svc - ok
13:19:08.0690 4980  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\windows\system32\DRIVERS\megasas.sys
13:19:08.0721 4980  megasas - ok
13:19:08.0768 4980  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
13:19:08.0815 4980  MegaSR - ok
13:19:08.0846 4980  [ 6AE40901ABC3AC5FA3C33314DB59D36E ] mfeapfk        C:\windows\system32\drivers\mfeapfk.sys
13:19:08.0893 4980  mfeapfk - ok
13:19:08.0955 4980  [ 49DC553557C31704DCB4771245E7D556 ] mfeavfk        C:\windows\system32\drivers\mfeavfk.sys
13:19:08.0987 4980  mfeavfk - ok
13:19:09.0033 4980  mfeavfk01 - ok
13:19:09.0080 4980  [ B2E1B291676AC3919058798A6707DBC9 ] mfehidk        C:\windows\system32\drivers\mfehidk.sys
13:19:09.0143 4980  mfehidk - ok
13:19:09.0174 4980  [ 582BD7C0C1C9913F44B6835651A52BD1 ] mferkdet        C:\windows\system32\drivers\mferkdet.sys
13:19:09.0221 4980  mferkdet - ok
13:19:09.0252 4980  [ 5DA98EB70211B64879A9781ECDEEADC6 ] mfevtp          C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
13:19:09.0299 4980  mfevtp - ok
13:19:09.0330 4980  [ A2AD5E7FAD5AD659D3073F826C35E127 ] mfewfpk        C:\windows\system32\drivers\mfewfpk.sys
13:19:09.0377 4980  mfewfpk - ok
13:19:09.0423 4980  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\windows\system32\mmcss.dll
13:19:09.0564 4980  MMCSS - ok
13:19:09.0642 4980  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\windows\system32\drivers\modem.sys
13:19:09.0767 4980  Modem - ok
13:19:09.0813 4980  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\windows\system32\DRIVERS\monitor.sys
13:19:09.0891 4980  monitor - ok
13:19:09.0938 4980  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
13:19:09.0985 4980  mouclass - ok
13:19:10.0016 4980  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
13:19:10.0094 4980  mouhid - ok
13:19:10.0141 4980  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:19:10.0172 4980  mountmgr - ok
13:19:10.0250 4980  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:19:10.0297 4980  MozillaMaintenance - ok
13:19:10.0344 4980  [ AE2E68527013EB4F761ECCC630F7F1A3 ] MPFP            C:\windows\system32\Drivers\Mpfp.sys
13:19:10.0391 4980  MPFP - ok
13:19:10.0453 4980  [ 95AAC73D11DDBA901042953E5F8146F7 ] MpfService      C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
13:19:10.0531 4980  MpfService - ok
13:19:10.0578 4980  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
13:19:10.0625 4980  mpio - ok
13:19:10.0656 4980  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:19:10.0765 4980  mpsdrv - ok
13:19:10.0827 4980  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
13:19:11.0124 4980  MpsSvc - ok
13:19:11.0155 4980  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:19:11.0217 4980  MRxDAV - ok
13:19:11.0249 4980  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:19:11.0342 4980  mrxsmb - ok
13:19:11.0389 4980  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:19:11.0467 4980  mrxsmb10 - ok
13:19:11.0498 4980  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:19:11.0576 4980  mrxsmb20 - ok
13:19:11.0623 4980  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
13:19:11.0701 4980  msahci - ok
13:19:11.0732 4980  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\windows\system32\drivers\msdsm.sys
13:19:11.0795 4980  msdsm - ok
13:19:11.0826 4980  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\windows\System32\msdtc.exe
13:19:11.0935 4980  MSDTC - ok
13:19:11.0966 4980  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:19:12.0122 4980  Msfs - ok
13:19:12.0153 4980  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\windows\System32\drivers\mshidkmdf.sys
13:19:12.0278 4980  mshidkmdf - ok
13:19:12.0309 4980  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:19:12.0341 4980  msisadrv - ok
13:19:12.0372 4980  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\windows\system32\iscsiexe.dll
13:19:12.0465 4980  MSiSCSI - ok
13:19:12.0465 4980  msiserver - ok
13:19:12.0512 4980  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\windows\system32\drivers\MSKSSRV.sys
13:19:12.0575 4980  MSKSSRV - ok
13:19:12.0590 4980  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:19:12.0668 4980  MSPCLOCK - ok
13:19:12.0699 4980  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\windows\system32\drivers\MSPQM.sys
13:19:12.0762 4980  MSPQM - ok
13:19:12.0809 4980  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\windows\system32\drivers\MsRPC.sys
13:19:12.0933 4980  MsRPC - ok
13:19:12.0949 4980  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
13:19:12.0980 4980  mssmbios - ok
13:19:12.0996 4980  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\windows\system32\drivers\MSTEE.sys
13:19:13.0074 4980  MSTEE - ok
13:19:13.0105 4980  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
13:19:13.0121 4980  MTConfig - ok
13:19:13.0136 4980  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\windows\system32\Drivers\mup.sys
13:19:13.0167 4980  Mup - ok
13:19:13.0214 4980  [ FD6B9817671377CFCCAD2F8A4B682A52 ] myAgtSvc        C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
13:19:13.0230 4980  myAgtSvc - ok
13:19:13.0261 4980  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
13:19:13.0417 4980  napagent - ok
13:19:13.0464 4980  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\windows\system32\DRIVERS\nwifi.sys
13:19:13.0542 4980  NativeWifiP - ok
13:19:13.0635 4980  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
13:19:13.0729 4980  NDIS - ok
13:19:13.0760 4980  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\windows\system32\DRIVERS\ndiscap.sys
13:19:13.0901 4980  NdisCap - ok
13:19:13.0932 4980  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:19:14.0072 4980  NdisTapi - ok
13:19:14.0119 4980  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\windows\system32\DRIVERS\ndisuio.sys
13:19:14.0259 4980  Ndisuio - ok
13:19:14.0291 4980  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\windows\system32\DRIVERS\ndiswan.sys
13:19:14.0447 4980  NdisWan - ok
13:19:14.0478 4980  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\windows\system32\drivers\NDProxy.sys
13:19:14.0821 4980  NDProxy - ok
13:19:14.0837 4980  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\windows\system32\DRIVERS\netbios.sys
13:19:14.0946 4980  NetBIOS - ok
13:19:14.0993 4980  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\windows\system32\DRIVERS\netbt.sys
13:19:15.0117 4980  NetBT - ok
13:19:15.0149 4980  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
13:19:15.0195 4980  Netlogon - ok
13:19:15.0242 4980  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
13:19:15.0383 4980  Netman - ok
13:19:15.0429 4980  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:19:15.0492 4980  NetMsmqActivator - ok
13:19:15.0507 4980  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:19:15.0539 4980  NetPipeActivator - ok
13:19:15.0570 4980  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
13:19:15.0710 4980  netprofm - ok
13:19:15.0726 4980  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:19:15.0773 4980  NetTcpActivator - ok
13:19:15.0788 4980  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:19:15.0835 4980  NetTcpPortSharing - ok
13:19:15.0866 4980  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\windows\system32\DRIVERS\nfrd960.sys
13:19:15.0913 4980  nfrd960 - ok
13:19:15.0960 4980  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll
13:19:16.0038 4980  NlaSvc - ok
13:19:16.0100 4980  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:19:16.0241 4980  Npfs - ok
13:19:16.0241 4980  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\windows\system32\nsisvc.dll
13:19:16.0334 4980  nsi - ok
13:19:16.0350 4980  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:19:16.0412 4980  nsiproxy - ok
13:19:16.0475 4980  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:19:16.0646 4980  Ntfs - ok
13:19:16.0662 4980  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
13:19:16.0740 4980  Null - ok
13:19:16.0771 4980  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:19:16.0802 4980  nvraid - ok
13:19:16.0833 4980  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:19:16.0865 4980  nvstor - ok
13:19:16.0880 4980  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:19:16.0896 4980  nv_agp - ok
13:19:16.0927 4980  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
13:19:16.0989 4980  ohci1394 - ok
13:19:17.0021 4980  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:19:17.0130 4980  p2pimsvc - ok
13:19:17.0161 4980  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
13:19:17.0223 4980  p2psvc - ok
13:19:17.0255 4980  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\windows\system32\DRIVERS\parport.sys
13:19:17.0317 4980  Parport - ok
13:19:17.0333 4980  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\windows\system32\drivers\partmgr.sys
13:19:17.0379 4980  partmgr - ok
13:19:17.0395 4980  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:19:17.0473 4980  PcaSvc - ok
13:19:17.0504 4980  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\windows\system32\drivers\pci.sys
13:19:17.0567 4980  pci - ok
13:19:17.0582 4980  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
13:19:17.0629 4980  pciide - ok
13:19:17.0645 4980  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
13:19:17.0691 4980  pcmcia - ok
13:19:17.0723 4980  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\windows\system32\drivers\pcw.sys
13:19:17.0754 4980  pcw - ok
13:19:17.0801 4980  pdfcDispatcher - ok
13:19:17.0832 4980  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:19:17.0988 4980  PEAUTH - ok
13:19:18.0081 4980  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
13:19:18.0159 4980  PerfHost - ok
13:19:18.0253 4980  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\windows\system32\pla.dll
13:19:18.0409 4980  pla - ok
13:19:18.0487 4980  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:19:18.0612 4980  PlugPlay - ok
13:19:18.0627 4980  PnkBstrA - ok
13:19:18.0643 4980  PnkBstrB - ok
13:19:18.0659 4980  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\windows\system32\pnrpauto.dll
13:19:18.0737 4980  PNRPAutoReg - ok
13:19:18.0768 4980  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\windows\system32\pnrpsvc.dll
13:19:18.0830 4980  PNRPsvc - ok
13:19:18.0893 4980  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\windows\System32\ipsecsvc.dll
13:19:19.0033 4980  PolicyAgent - ok
13:19:19.0080 4980  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\windows\system32\umpo.dll
13:19:19.0205 4980  Power - ok
13:19:19.0267 4980  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:19:19.0361 4980  PptpMiniport - ok
13:19:19.0392 4980  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\windows\system32\DRIVERS\processr.sys
13:19:19.0439 4980  Processor - ok
13:19:19.0501 4980  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\windows\system32\profsvc.dll
13:19:19.0579 4980  ProfSvc - ok
13:19:19.0610 4980  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
13:19:19.0657 4980  ProtectedStorage - ok
13:19:19.0704 4980  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:19:19.0860 4980  Psched - ok
13:19:19.0907 4980  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
13:19:19.0953 4980  PxHlpa64 - ok
13:19:20.0047 4980  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
13:19:20.0187 4980  ql2300 - ok
13:19:20.0234 4980  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
13:19:20.0297 4980  ql40xx - ok
13:19:20.0328 4980  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\windows\system32\qwave.dll
13:19:20.0390 4980  QWAVE - ok
13:19:20.0421 4980  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:19:20.0499 4980  QWAVEdrv - ok
13:19:20.0531 4980  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:19:20.0640 4980  RasAcd - ok
13:19:20.0687 4980  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\windows\system32\DRIVERS\AgileVpn.sys
13:19:20.0811 4980  RasAgileVpn - ok
13:19:20.0843 4980  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\windows\System32\rasauto.dll
13:19:20.0967 4980  RasAuto - ok
13:19:20.0999 4980  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\windows\system32\DRIVERS\rasl2tp.sys
13:19:21.0123 4980  Rasl2tp - ok
13:19:21.0155 4980  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
13:19:21.0326 4980  RasMan - ok
13:19:21.0357 4980  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:19:21.0467 4980  RasPppoe - ok
13:19:21.0498 4980  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\windows\system32\DRIVERS\rassstp.sys
13:19:21.0607 4980  RasSstp - ok
13:19:21.0654 4980  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\windows\system32\DRIVERS\rdbss.sys
13:19:21.0810 4980  rdbss - ok
13:19:21.0825 4980  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
13:19:21.0903 4980  rdpbus - ok
13:19:21.0919 4980  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
13:19:22.0044 4980  RDPCDD - ok
13:19:22.0075 4980  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
13:19:22.0215 4980  RDPENCDD - ok
13:19:22.0247 4980  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
13:19:22.0340 4980  RDPREFMP - ok
13:19:22.0387 4980  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\windows\system32\drivers\RDPWD.sys
13:19:22.0605 4980  RDPWD - ok
13:19:22.0668 4980  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:19:22.0683 4980  rdyboost - ok
13:19:22.0715 4980  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
13:19:22.0777 4980  RemoteAccess - ok
13:19:22.0808 4980  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:19:22.0902 4980  RemoteRegistry - ok
13:19:22.0933 4980  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
13:19:22.0980 4980  RFCOMM - ok
13:19:23.0011 4980  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:19:23.0089 4980  RpcEptMapper - ok
13:19:23.0120 4980  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
13:19:23.0183 4980  RpcLocator - ok
13:19:23.0229 4980  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\windows\system32\rpcss.dll
13:19:23.0354 4980  RpcSs - ok
13:19:23.0385 4980  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:19:23.0510 4980  rspndr - ok
13:19:23.0573 4980  [ BA3E57C89E6F63808D3F2B11E1A2AD3C ] RTL8167        C:\windows\system32\DRIVERS\Rt64win7.sys
13:19:23.0651 4980  RTL8167 - ok
13:19:23.0682 4980  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\windows\system32\lsass.exe
13:19:23.0744 4980  SamSs - ok
13:19:23.0791 4980  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:19:23.0838 4980  sbp2port - ok
13:19:23.0869 4980  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:19:24.0041 4980  SCardSvr - ok
13:19:24.0087 4980  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:19:24.0212 4980  scfilter - ok
13:19:24.0259 4980  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
13:19:24.0446 4980  Schedule - ok
13:19:24.0509 4980  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\windows\System32\certprop.dll
13:19:24.0587 4980  SCPolicySvc - ok
13:19:24.0618 4980  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus          C:\windows\system32\drivers\sdbus.sys
13:19:24.0680 4980  sdbus - ok
13:19:24.0696 4980  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:19:24.0774 4980  SDRSVC - ok
13:19:24.0883 4980  [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\mossi\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
13:19:24.0899 4980  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
13:19:24.0899 4980  SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
13:19:24.0945 4980  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:19:25.0117 4980  secdrv - ok
13:19:25.0148 4980  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
13:19:25.0273 4980  seclogon - ok
13:19:25.0320 4980  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\system32\sens.dll
13:19:25.0445 4980  SENS - ok
13:19:25.0491 4980  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
13:19:25.0601 4980  SensrSvc - ok
13:19:25.0632 4980  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\windows\system32\DRIVERS\serenum.sys
13:19:25.0710 4980  Serenum - ok
13:19:25.0741 4980  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\DRIVERS\serial.sys
13:19:25.0803 4980  Serial - ok
13:19:25.0850 4980  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
13:19:25.0944 4980  sermouse - ok
13:19:25.0991 4980  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
13:19:26.0193 4980  SessionEnv - ok
13:19:26.0225 4980  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\windows\system32\drivers\sffdisk.sys
13:19:26.0318 4980  sffdisk - ok
13:19:26.0349 4980  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
13:19:26.0412 4980  sffp_mmc - ok
13:19:26.0427 4980  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\windows\system32\drivers\sffp_sd.sys
13:19:26.0521 4980  sffp_sd - ok
13:19:26.0552 4980  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\windows\system32\DRIVERS\sfloppy.sys
13:19:26.0630 4980  sfloppy - ok
13:19:26.0693 4980  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:19:26.0817 4980  SharedAccess - ok
13:19:26.0864 4980  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:19:26.0989 4980  ShellHWDetection - ok
13:19:27.0020 4980  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
13:19:27.0083 4980  SiSRaid2 - ok
13:19:27.0098 4980  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
13:19:27.0129 4980  SiSRaid4 - ok
13:19:27.0176 4980  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\windows\system32\DRIVERS\smb.sys
13:19:27.0223 4980  Smb - ok
13:19:27.0270 4980  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:19:27.0285 4980  SNMPTRAP - ok
13:19:27.0363 4980  [ 2B0BD5D647F382B9E7253C598E24D133 ] SNP2UVC        C:\windows\system32\DRIVERS\snp2uvc.sys
13:19:27.0441 4980  SNP2UVC - ok
13:19:27.0457 4980  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\windows\system32\drivers\spldr.sys
13:19:27.0504 4980  spldr - ok
13:19:27.0551 4980  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\windows\System32\spoolsv.exe
13:19:27.0613 4980  Spooler - ok
13:19:27.0738 4980  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
13:19:28.0050 4980  sppsvc - ok
13:19:28.0097 4980  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\windows\system32\sppuinotify.dll
13:19:28.0237 4980  sppuinotify - ok
13:19:28.0284 4980  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\windows\system32\DRIVERS\srv.sys
13:19:28.0424 4980  srv - ok
13:19:28.0455 4980  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:19:28.0533 4980  srv2 - ok
13:19:28.0565 4980  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:19:28.0658 4980  srvnet - ok
13:19:28.0705 4980  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\windows\System32\ssdpsrv.dll
13:19:28.0845 4980  SSDPSRV - ok
13:19:28.0877 4980  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\windows\system32\sstpsvc.dll
13:19:28.0970 4980  SstpSvc - ok
13:19:29.0064 4980  [ F8807AAF697E1D20C9D7716A4941E574 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
13:19:29.0079 4980  STacSV - ok
13:19:29.0126 4980  Steam Client Service - ok
13:19:29.0173 4980  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
13:19:29.0220 4980  stexstor - ok
13:19:29.0313 4980  [ 96DF19A03D37F8568141612D31F0D035 ] STHDA          C:\windows\system32\DRIVERS\stwrt64.sys
13:19:29.0407 4980  STHDA - ok
13:19:29.0516 4980  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
13:19:29.0625 4980  stisvc - ok
13:19:29.0657 4980  [ AD989072596AB313D7FA13BCF69573F7 ] stllssvr        c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:19:29.0703 4980  stllssvr - ok
13:19:29.0719 4980  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\drivers\swenum.sys
13:19:29.0766 4980  swenum - ok
13:19:29.0828 4980  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\windows\System32\swprv.dll
13:19:29.0969 4980  swprv - ok
13:19:30.0047 4980  [ D268D2A0DB2A2BBE963E688D0B039267 ] SynTP          C:\windows\system32\DRIVERS\SynTP.sys
13:19:30.0140 4980  SynTP - ok
13:19:30.0234 4980  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\windows\system32\sysmain.dll
13:19:30.0390 4980  SysMain - ok
13:19:30.0452 4980  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
13:19:30.0593 4980  TabletInputService - ok
13:19:30.0671 4980  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\windows\System32\tapisrv.dll
13:19:30.0889 4980  TapiSrv - ok
13:19:30.0920 4980  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\windows\System32\tbssvc.dll
13:19:31.0076 4980  TBS - ok
13:19:31.0232 4980  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip          C:\windows\system32\drivers\tcpip.sys
13:19:31.0419 4980  Tcpip - ok
13:19:31.0482 4980  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:19:31.0607 4980  TCPIP6 - ok
13:19:31.0669 4980  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:19:31.0731 4980  tcpipreg - ok
13:19:31.0778 4980  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
13:19:31.0903 4980  TDPIPE - ok
13:19:31.0919 4980  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\windows\system32\drivers\tdtcp.sys
13:19:31.0950 4980  TDTCP - ok
13:19:32.0012 4980  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\windows\system32\DRIVERS\tdx.sys
13:19:32.0137 4980  tdx - ok
13:19:32.0168 4980  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\drivers\termdd.sys
13:19:32.0199 4980  TermDD - ok
13:19:32.0246 4980  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\windows\System32\termsrv.dll
13:19:32.0371 4980  TermService - ok
13:19:32.0402 4980  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
13:19:32.0449 4980  Themes - ok
13:19:32.0480 4980  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\windows\system32\mmcss.dll
13:19:32.0527 4980  THREADORDER - ok
13:19:32.0543 4980  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM            C:\windows\system32\drivers\tpm.sys
13:19:32.0574 4980  TPM - ok
13:19:32.0589 4980  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
13:19:32.0652 4980  TrkWks - ok
13:19:32.0714 4980  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:19:32.0823 4980  TrustedInstaller - ok
13:19:32.0886 4980  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
13:19:32.0995 4980  tssecsrv - ok
13:19:33.0026 4980  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:19:33.0151 4980  TsUsbFlt - ok
13:19:33.0276 4980  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:19:33.0463 4980  tunnel - ok
13:19:33.0525 4980  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
13:19:33.0572 4980  uagp35 - ok
13:19:33.0619 4980  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:19:33.0837 4980  udfs - ok
13:19:33.0947 4980  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\windows\system32\UI0Detect.exe
13:19:33.0993 4980  UI0Detect - ok
13:19:34.0040 4980  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:19:34.0071 4980  uliagpkx - ok
13:19:34.0118 4980  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\windows\system32\DRIVERS\umbus.sys
13:19:34.0134 4980  umbus - ok
13:19:34.0149 4980  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
13:19:34.0196 4980  UmPass - ok
13:19:34.0227 4980  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
13:19:34.0305 4980  upnphost - ok
13:19:34.0337 4980  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\windows\system32\DRIVERS\usbccgp.sys
13:19:34.0399 4980  usbccgp - ok
13:19:34.0430 4980  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
13:19:34.0477 4980  usbcir - ok
13:19:34.0493 4980  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\windows\system32\DRIVERS\usbehci.sys
13:19:34.0555 4980  usbehci - ok
13:19:34.0602 4980  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
13:19:34.0664 4980  usbhub - ok
13:19:34.0680 4980  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\windows\system32\DRIVERS\usbohci.sys
13:19:34.0742 4980  usbohci - ok
13:19:34.0789 4980  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
13:19:34.0883 4980  usbprint - ok
13:19:34.0914 4980  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\windows\system32\DRIVERS\USBSTOR.SYS
13:19:35.0085 4980  USBSTOR - ok
13:19:35.0148 4980  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\windows\system32\drivers\usbuhci.sys
13:19:35.0241 4980  usbuhci - ok
13:19:35.0335 4980  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
13:19:35.0397 4980  usbvideo - ok
13:19:35.0429 4980  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\windows\System32\uxsms.dll
13:19:35.0553 4980  UxSms - ok
13:19:35.0585 4980  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
13:19:35.0631 4980  VaultSvc - ok
13:19:35.0647 4980  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:19:35.0725 4980  vdrvroot - ok
13:19:35.0803 4980  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\windows\System32\vds.exe
13:19:35.0928 4980  vds - ok
13:19:35.0959 4980  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\windows\system32\DRIVERS\vgapnp.sys
13:19:36.0006 4980  vga - ok
13:19:36.0021 4980  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\windows\System32\drivers\vga.sys
13:19:36.0146 4980  VgaSave - ok
13:19:36.0177 4980  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\windows\system32\drivers\vhdmp.sys
13:19:36.0224 4980  vhdmp - ok
13:19:36.0271 4980  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
13:19:36.0287 4980  viaide - ok
13:19:36.0318 4980  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:19:36.0333 4980  volmgr - ok
13:19:36.0365 4980  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\windows\system32\drivers\volmgrx.sys
13:19:36.0396 4980  volmgrx - ok
13:19:36.0427 4980  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\windows\system32\drivers\volsnap.sys
13:19:36.0443 4980  volsnap - ok
13:19:36.0489 4980  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\windows\system32\DRIVERS\vsmraid.sys
13:19:36.0536 4980  vsmraid - ok
13:19:36.0599 4980  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\windows\system32\vssvc.exe
13:19:36.0755 4980  VSS - ok
13:19:36.0786 4980  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
13:19:36.0817 4980  vwifibus - ok
13:19:36.0848 4980  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:19:36.0879 4980  vwififlt - ok
13:19:36.0911 4980  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\windows\system32\w32time.dll
13:19:36.0973 4980  W32Time - ok
13:19:36.0989 4980  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
13:19:37.0035 4980  WacomPen - ok
13:19:37.0067 4980  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
13:19:37.0129 4980  WANARP - ok
13:19:37.0160 4980  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:19:37.0207 4980  Wanarpv6 - ok
13:19:37.0254 4980  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
13:19:37.0347 4980  wbengine - ok
13:19:37.0394 4980  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:19:37.0457 4980  WbioSrvc - ok
13:19:37.0503 4980  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\windows\System32\wcncsvc.dll
13:19:37.0581 4980  wcncsvc - ok
13:19:37.0613 4980  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:19:37.0706 4980  WcsPlugInService - ok
13:19:37.0737 4980  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\DRIVERS\wd.sys
13:19:37.0769 4980  Wd - ok
13:19:37.0815 4980  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:19:37.0878 4980  Wdf01000 - ok
13:19:37.0893 4980  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:19:37.0971 4980  WdiServiceHost - ok
13:19:37.0971 4980  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\windows\system32\wdi.dll
13:19:38.0003 4980  WdiSystemHost - ok
13:19:38.0049 4980  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\windows\System32\webclnt.dll
13:19:38.0096 4980  WebClient - ok
13:19:38.0127 4980  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:19:38.0190 4980  Wecsvc - ok
13:19:38.0221 4980  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\windows\System32\wercplsupport.dll
13:19:38.0299 4980  wercplsupport - ok
13:19:38.0330 4980  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
13:19:38.0393 4980  WerSvc - ok
13:19:38.0439 4980  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
13:19:38.0486 4980  WfpLwf - ok
13:19:38.0502 4980  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:19:38.0517 4980  WIMMount - ok
13:19:38.0549 4980  WinDefend - ok
13:19:38.0564 4980  WinHttpAutoProxySvc - ok
13:19:38.0595 4980  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\windows\system32\wbem\WMIsvc.dll
13:19:38.0689 4980  Winmgmt - ok
13:19:38.0783 4980  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\windows\system32\WsmSvc.dll
13:19:38.0923 4980  WinRM - ok
13:19:38.0970 4980  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
13:19:39.0001 4980  WinUsb - ok
13:19:39.0032 4980  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\windows\System32\wlansvc.dll
13:19:39.0095 4980  Wlansvc - ok
13:19:39.0157 4980  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:19:39.0188 4980  wlcrasvc - ok
13:19:39.0313 4980  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:19:39.0578 4980  wlidsvc - ok
13:19:39.0625 4980  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\windows\system32\drivers\wmiacpi.sys
13:19:39.0703 4980  WmiAcpi - ok
13:19:39.0734 4980  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:19:39.0781 4980  wmiApSrv - ok
13:19:39.0812 4980  WMPNetworkSvc - ok
13:19:39.0828 4980  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:19:39.0890 4980  WPCSvc - ok
13:19:39.0921 4980  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:19:40.0015 4980  WPDBusEnum - ok
13:19:40.0046 4980  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\windows\system32\drivers\ws2ifsl.sys
13:19:40.0155 4980  ws2ifsl - ok
13:19:40.0187 4980  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\system32\wscsvc.dll
13:19:40.0280 4980  wscsvc - ok
13:19:40.0296 4980  WSearch - ok
13:19:40.0421 4980  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
13:19:40.0655 4980  wuauserv - ok
13:19:40.0701 4980  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:19:40.0811 4980  WudfPf - ok
13:19:40.0842 4980  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
13:19:40.0889 4980  WUDFRd - ok
13:19:40.0920 4980  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\windows\System32\WUDFSvc.dll
13:19:40.0998 4980  wudfsvc - ok
13:19:41.0045 4980  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\windows\System32\wwansvc.dll
13:19:41.0201 4980  WwanSvc - ok
13:19:41.0247 4980  ================ Scan global ===============================
13:19:41.0294 4980  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
13:19:41.0341 4980  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
13:19:41.0372 4980  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
13:19:41.0513 4980  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
13:19:41.0559 4980  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
13:19:41.0575 4980  [Global] - ok
13:19:41.0575 4980  ================ Scan MBR ==================================
13:19:41.0591 4980  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:19:42.0823 4980  \Device\Harddisk0\DR0 - ok
13:19:42.0823 4980  ================ Scan VBR ==================================
13:19:42.0839 4980  [ 557F5EC52BD17C94673BF37203277CBF ] \Device\Harddisk0\DR0\Partition1
13:19:42.0839 4980  \Device\Harddisk0\DR0\Partition1 - ok
13:19:42.0839 4980  [ E384C685613EB5760B240DA4B6FD4DB3 ] \Device\Harddisk0\DR0\Partition2
13:19:42.0854 4980  \Device\Harddisk0\DR0\Partition2 - ok
13:19:42.0901 4980  [ 7C941D31ECF9E2E64D1CC8D3E48C859A ] \Device\Harddisk0\DR0\Partition3
13:19:42.0917 4980  \Device\Harddisk0\DR0\Partition3 - ok
13:19:42.0917 4980  [ 1EE2E800DD04B5DA20C67EC95270A8E9 ] \Device\Harddisk0\DR0\Partition4
13:19:42.0917 4980  \Device\Harddisk0\DR0\Partition4 - ok
13:19:42.0917 4980  ============================================================
13:19:42.0917 4980  Scan finished
13:19:42.0917 4980  ============================================================
13:19:42.0932 2604  Detected object count: 3
13:19:42.0932 2604  Actual detected object count: 3

markusg 06.03.2013 14:34
hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

mossi 06.03.2013 16:07
Es wurde kein Logfile erstellt.
Was nun?

markusg 06.03.2013 17:07
es wird immer ein log erstellt, wenn das programm bis zum ende gelaufen ist, entweder unter combofix.txt bzw log.txt auf c:
wenn es keins gibt, starte neu, drücke f8 wähle abgesicherter modus, melde dich in deinem konto an, lasse combofix laufen.
warten bis fertig, dann normal starten und log posten

mossi 06.03.2013 19:52
Ich kann dann keine Programme starten.
Ich kann dann nur bei cmd befehle eingeben, und einen älteren Systemstand aufrufen oder so ähnlich.

mossi 08.03.2013 14:42
Wie soll ich da Combofix starten?
Bitte noch mal genauer erklären.

markusg 08.03.2013 18:59
1. es ist nicht nötig nach 1 tag die Frage bereits 2 mal zu stellen, ich hab auch noch anderes zu tun!
2. bist du im abgesicherten Modus mit Eingabeaufforderung gewesen, du sollst aber bitte in den abgesicherten modus gehen. da gibts mehrere auswahlmöglichkeiten, bitte noch mal schaun

mossi 08.03.2013 20:08
Avira hat einen Virus entdeckt.
Der heißt: ADWARE/Adware.Gen
Ok ich kucke noch mal.

Code:
ComboFix 13-03-07.03 - mossi 08.03.2013  20:40:47.2.1 - x64 NETWORK
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.1789.1310 [GMT 1:00]
ausgeführt von:: c:\users\mossi\Downloads\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: McAfee® Total Protection™ Service *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee® Total Protection™ Service *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: McAfee® Total Protection™ Service *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-02-08 bis 2013-03-08  ))))))))))))))))))))))))))))))
.
.
2013-03-08 15:20 . 2013-02-08 00:28        9162192        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{04CBF508-0454-4408-94EB-E7D468B4C3B6}\mpengine.dll
2013-03-08 14:15 . 2013-03-08 14:15        --------        d-----w-        c:\users\mossi\AppData\Roaming\OpenCandy
2013-03-08 14:06 . 2013-03-08 15:03        --------        d-----w-        c:\users\mossi\AppData\Roaming\vlc
2013-03-08 14:05 . 2013-03-08 14:05        --------        d-----w-        c:\program files (x86)\VideoLAN
2013-03-07 18:22 . 2013-03-07 18:22        --------        d-----w-        c:\users\mossi\AppData\Roaming\McAfee
2013-03-06 20:17 . 2013-03-06 20:18        --------        d-----w-        c:\users\mossi\AppData\Roaming\TrueCrypt
2013-03-06 20:17 . 2013-03-07 18:20        --------        d-----w-        c:\program files\TrueCrypt
2013-03-06 20:04 . 2013-03-06 20:04        --------        d-----w-        c:\users\mossi\AppData\Roaming\FreemakeVideoDownloader
2013-03-06 19:55 . 2013-03-08 15:03        --------        d-----w-        c:\program files\WinPcap
2013-03-06 19:54 . 2013-03-08 14:49        --------        d-----w-        c:\programdata\Freemake
2013-03-06 19:54 . 2013-03-08 15:00        --------        d-----w-        c:\program files (x86)\Freemake
2013-03-03 17:24 . 2013-03-03 17:24        --------        d-----w-        c:\users\mossi\AppData\Roaming\Auslogics
2013-03-03 17:09 . 2013-03-05 14:09        --------        d---a-w-        C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2013-02-27 21:43 . 2013-01-04 06:11        2284544        ----a-w-        c:\windows\SysWow64\msmpeg2vdec.dll
2013-02-27 21:43 . 2013-01-04 06:11        2776576        ----a-w-        c:\windows\system32\msmpeg2vdec.dll
2013-02-27 21:43 . 2013-01-13 19:53        187392        ----a-w-        c:\windows\SysWow64\UIAnimation.dll
2013-02-27 21:43 . 2013-01-13 19:24        221184        ----a-w-        c:\windows\system32\UIAnimation.dll
2013-02-27 21:43 . 2013-01-13 19:02        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll
2013-02-27 21:43 . 2013-01-13 18:32        465920        ----a-w-        c:\windows\system32\WMPhoto.dll
2013-02-24 18:44 . 2013-02-24 18:45        --------        d-----w-        c:\program files (x86)\7-Zip
2013-02-24 10:06 . 2013-02-24 10:06        --------        d-----w-        c:\programdata\SoftSafe
2013-02-24 10:05 . 2013-03-05 13:55        --------        d-----w-        c:\program files (x86)\BrowseToSave
2013-02-24 10:04 . 2013-03-03 17:38        --------        d-----w-        c:\program files (x86)\EasyLife
2013-02-24 10:02 . 2013-02-24 10:06        --------        d-----w-        c:\programdata\InstallMate
2013-02-13 19:14 . 2013-02-13 19:14        --------        d-----w-        c:\users\mossi\AppData\Roaming\Avira
2013-02-13 19:05 . 2013-02-13 19:03        27800        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2013-02-13 19:05 . 2013-02-13 19:03        129216        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2013-02-13 19:05 . 2013-02-13 19:03        99912        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2013-02-13 19:05 . 2013-02-13 19:08        --------        d-----w-        c:\programdata\Avira
2013-02-13 19:05 . 2013-02-13 19:05        --------        d-----w-        c:\program files (x86)\Avira
2013-02-13 17:45 . 2013-02-13 17:45        215336        ----a-w-        c:\windows\system32\SynTPAPI.dll
2013-02-13 17:45 . 2013-02-13 17:45        147752        ----a-w-        c:\windows\system32\SynTPCo4.dll
2013-02-13 17:45 . 2013-02-13 17:45        1379376        ----a-w-        c:\windows\system32\drivers\SynTP.sys
2013-02-13 17:45 . 2013-02-13 17:45        107816        ----a-w-        c:\windows\SysWow64\SynTPCOM.dll
2013-02-13 17:45 . 2013-02-13 17:45        270632        ----a-w-        c:\windows\system32\SynCtrl.dll
2013-02-13 17:45 . 2013-02-13 17:45        214312        ----a-w-        c:\windows\SysWow64\SynCtrl.dll
2013-02-13 17:45 . 2013-02-13 17:45        400168        ----a-w-        c:\windows\system32\SynCOM.dll
2013-02-13 17:45 . 2013-02-13 17:45        173352        ----a-w-        c:\windows\SysWow64\SynCOM.dll
2013-02-13 16:38 . 2013-01-09 01:10        996352        ----a-w-        c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 16:38 . 2013-01-08 22:01        768000        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 16:36 . 2013-01-09 01:12        1392128        ----a-w-        c:\windows\system32\wininet.dll
2013-02-13 16:10 . 2013-01-05 05:53        5553512        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-02-13 16:10 . 2013-01-05 05:00        3967848        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 16:10 . 2013-01-05 05:00        3913064        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 16:09 . 2013-01-04 03:26        3153408        ----a-w-        c:\windows\system32\win32k.sys
2013-02-13 16:09 . 2013-01-04 05:46        215040        ----a-w-        c:\windows\system32\winsrv.dll
2013-02-13 16:09 . 2013-01-04 02:47        25600        ----a-w-        c:\windows\SysWow64\setup16.exe
2013-02-13 16:09 . 2013-01-04 02:47        14336        ----a-w-        c:\windows\SysWow64\ntvdm64.dll
2013-02-13 16:09 . 2013-01-04 04:51        5120        ----a-w-        c:\windows\SysWow64\wow32.dll
2013-02-13 16:09 . 2013-01-04 02:47        7680        ----a-w-        c:\windows\SysWow64\instnm.exe
2013-02-13 16:09 . 2013-01-04 02:47        2048        ----a-w-        c:\windows\SysWow64\user.exe
2013-02-13 16:08 . 2013-01-03 06:00        1913192        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-02-13 16:08 . 2013-01-03 06:00        288088        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 20:50 . 2012-05-16 18:03        691568        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 20:50 . 2011-09-02 10:47        71024        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-13 16:45 . 2011-09-01 10:47        70004024        ----a-w-        c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2013-01-12 18:53        273840        ------w-        c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-13 16:09        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2012-12-17 05:43 . 2012-12-21 19:00        38096        ----a-w-        c:\windows\system32\drivers\gfiark.sys
2012-12-16 17:11 . 2012-12-21 14:24        46080        ----a-w-        c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 14:24        367616        ----a-w-        c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 14:24        295424        ----a-w-        c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 14:24        34304        ----a-w-        c:\windows\SysWow64\atmlib.dll
2012-12-09 20:19 . 2012-12-09 20:19        14456        ----a-w-        c:\windows\system32\drivers\gfibto.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\mossi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-06 1199576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-02-13 385248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-30 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R1 acedrv06;acedrv06;c:\windows\system32\drivers\acedrv06.sys [2012-04-05 147456]
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-02-13 27800]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-02-08 89600]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 203264]
R2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-02-13 86752]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
R2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [2009-08-07 222528]
R2 myAgtSvc;McAfee Viren- und Spyware-Schutzdienst;c:\program files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-07-07 282824]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2012-12-17 38096]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-06-04 94736]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R4 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
R4 SearchAnonymizer;SearchAnonymizer;c:\users\mossi\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2012-11-06 40960]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2012-12-09 14456]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-06-04 283232]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-06-04 149032]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-03 331880]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PXHLPA64
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-02-22 18:38        451872        ----a-w-        c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-25 18:43        1629648        ----a-w-        c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 20:50]
.
2013-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-04 14:50]
.
2013-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-04 14:50]
.
2013-02-13 c:\windows\Tasks\HPCeeScheduleFormossi.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-02-08 489472]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.easylifeapp.com/?pid=713&src=ie1&r=2013/02/24&hid=2584535279&lg=EN&cc=DE
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://search.easylifeapp.com/?pid=713&src=ie1&r=2013/02/24&hid=2584535279&lg=EN&cc=DE
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
Trusted Zone: siteadvisor.com\www
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\mossi\AppData\Roaming\Mozilla\Firefox\Profiles\vpihpbsd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.easylifeapp.com/?pid=713&src=ff2&r=2013/02/24&hid=2584535279&lg=EN&cc=DE&l=1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.avaaz.org/de/index.php
FF - prefs.js: keyword.URL - hxxp://search.easylifeapp.com/?pid=713&src=ff2&r=2013/02/24&hid=2584535279&lg=EN&cc=DE&l=1&q=
FF - prefs.js: network.proxy.ftp - 147.31.182.137
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 147.31.182.137
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 147.31.182.137
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 147.31.182.137
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - user.js: general.useragent.extra.brc -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-MVS - c:\progra~2\McAfee\MANAGE~1\Agent\myinx
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\mcafee\ManagedServices]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\mcafee\VSCORE]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-08  20:49:37
ComboFix-quarantined-files.txt  2013-03-08 19:49
.
Vor Suchlauf: 20 Verzeichnis(se), 56.500.449.280 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 56.299.819.008 Bytes frei
.
- - End Of File - - 9E3879DD62BEB2972BEC725FF9590D17

markusg 11.03.2013 18:40
und wo?
http://www.trojaner-board.de/125889-...en-posten.html

mossi 12.03.2013 15:56
Ich weiß es nicht.
Da kam unten rechts ein kleines Fenster mit der Anzeige.
Ich habe ihn in die Quarantäne gemacht.

markusg 12.03.2013 19:22
dann lies doch bitte mal alles was man dier postet, wo du das findest steht in dem link

mossi 13.03.2013 01:03
Da steht: Quelle: C:\Users\mossi\Download.exe

markusg 13.03.2013 18:41
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

mossi 14.03.2013 16:34
Code:
7-Zip 9.20                24.02.2013                gebraucht
Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        12.03.2013        6,00MB        11.6.602.180 gebraucht
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        12.03.2013        6,00MB        11.6.602.180 gebraucht
ASIO4ALL        Michael Tippach        01.01.2013                2.10  unbekannt
ATI Catalyst Install Manager        ATI Technologies, Inc.        05.11.2010        22,3MB        3.0.778.0 unbekannt
Avira Free Antivirus        Avira        13.02.2013        136MB        13.0.0.3185 gebraucht
Blue Byte Game Channel        UbiSoft        01.01.2013 gebraucht               
Broadcom 2070 Bluetooth 3.0        Broadcom Corporation        05.11.2010        183MB        6.3.0.6300 unbekannt
Broadcom 802.11 Wireless LAN Adapter        Broadcom Corporation                        5.60.350.6 unbekannt
CCleaner        Piriform        24.09.2012                3.23 gebraucht
ColdZero                01.01.2013                gebraucht
Das Geheimnis des silbernen Ohrrings                01.01.2013                0.0 gebraucht
Die Römer                01.01.2013                gebraucht
EAWMapEditor        Petroglyph        26.01.2012        23,3MB        1.0.0 gebraucht
Energy Star Digital Logo        Hewlett-Packard        05.11.2010        300KB        1.0.1 unbekannt
FL Studio 10        Image-Line        01.01.2013        gebraucht       
GameSpy Arcade                12.03.2013        unbekannt       
Google Chrome        Google Inc.        09.04.2011                25.0.1364.97 gebraucht
Google Earth        Google        20.11.2011        92,7MB        6.1.0.5001  gebraucht
Google Toolbar for Internet Explorer        Google Inc.        01.01.2013                7.4.3607.2246 ungebraucht
HP Advisor        Hewlett-Packard        08.09.2010        53,9MB        3.4.10262.3295 gebraucht
HP Documentation        Hewlett-Packard        08.09.2010        883MB        1.5.1.0 gebraucht
HP ESU for Microsoft Windows 7        Hewlett-Packard Company        14.12.2011        15,0MB        1.1.8.1 gebraucht
HP HotKey Support        Hewlett-Packard Company        12.05.2011        11,6MB        4.0.3.1 gebraucht
HP Setup        Hewlett-Packard Company        08.09.2010                8.2.4130.3367 gebraucht
HP SoftPaq Download Manager        Hewlett-Packard Company        08.09.2010        14,3MB        3.0.5.0 gebraucht
HP Software Framework        Hewlett-Packard Company        28.07.2012        4,74MB        4.1.13.1 gebraucht
HP Software Setup        Hewlett-Packard Company        08.09.2010        11,7MB        7.0.1.6 gebraucht
HP Support Assistant        Hewlett-Packard Company        30.08.2012        75,6MB        6.1.12.1 gebraucht
HP Webcam        Roxio        01.01.2013        9,76MB        1.0.25.0 gebraucht
HP Webcam Driver        Sonix        05.11.2010                5.8.50014.0 gebraucht
HP Wireless Assistant        Hewlett-Packard        08.09.2010        5,59MB        4.0.6.0 gebraucht
IDT Audio        IDT        05.11.2010                1.0.6275.0 unbekannt
IL Download Manager        Image-Line        01.01.2013        unbekannt       
Java SE Development Kit 7 Update 4        Oracle        02.05.2012        139MB        1.7.0.40 gebraucht
Java(TM) 6 Update 25        Oracle        16.05.2011        94,7MB        6.0.250 gebraucht
Java(TM) 7 Update 4        Oracle        02.05.2012        101MB        7.0.40 gebraucht
Java(TM) SE Development Kit 6 Update 20        Sun Microsystems, Inc.        07.04.2012        140MB        1.6.0.200 gebraucht
LightScribe System Software        LightScribe        08.09.2010        23,3MB        1.18.12.1 unbekannt
LMMS 0.4.10        LMMS Developers        01.01.2013                0.4.10 unbekannt
McAfee Browser Protection Service        McAfee, Inc.        01.01.2013                5.1.0.340 ungebraucht
McAfee Firewall Protection Service        McAfee, Inc.        01.01.2013                5.1.0.340 ungebraucht
McAfee Virus and Spyware Protection Service        McAfee, Inc.        01.01.2013                5.1.0.340 ungebraucht
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        19.01.2011        38,8MB        4.0.30319 gebraucht
Microsoft .NET Framework 4 Extended        Microsoft Corporation        12.10.2012        51,9MB        4.0.30319 gebraucht
Microsoft Age of Empires                13.03.2013        gebraucht       
Microsoft Office 2010        Microsoft Corporation        08.09.2010        6,31MB        14.0.4763.1000 ungebraucht
Microsoft Silverlight        Microsoft Corporation        04.05.2012        40,3MB        4.0.60310.0 gebraucht
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        01.10.2012        2,69MB        8.0.56336 gebraucht
Microsoft Visual C++ 2005 Redistributable (x64)        Microsoft Corporation        08.09.2010        708KB        8.0.56336 gebraucht
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17        Microsoft Corporation        08.09.2010        788KB        9.0.30729 gebraucht
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148        Microsoft Corporation        05.11.2010        788KB        9.0.30729.4148 gebraucht
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161        Microsoft Corporation        04.12.2012        788KB        9.0.30729.6161 gebraucht
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        01.10.2012        1,42MB        9.0.21022 gebraucht
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        12.10.2012        238KB        9.0.30729 gebraucht
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        17.01.2011        596KB        9.0.30729.4148 gebraucht
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        04.12.2012        600KB        9.0.30729.6161 gebraucht
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        13.02.2013        11,1MB        10.0.40219  gebraucht
Mozilla Firefox 19.0.2 (x86 de)        Mozilla        08.03.2013        43,6MB        19.0.2 gebraucht
Mozilla Maintenance Service        Mozilla        08.03.2013        330KB        19.0.2 unbekannt
Mozilla Thunderbird 15.0 (x86 de)        Mozilla        01.01.2013        39,6MB        15.0 ungebraucht
Norton Online Backup        Symantec        17.01.2011        3,30MB        2.0.0.34 unbekannt
NVIDIA PhysX        NVIDIA Corporation        12.10.2012        78,9MB        9.10.0513 unbekannt
OpenOffice.org 3.4.1        Apache Software Foundation        04.12.2012        331MB        3.41.9593 gebraucht
PDF Complete Special Edition        PDF Complete, Inc        13.02.2013                4.0.64 gebraucht
PunkBuster Services        Even Balance, Inc.        01.01.2013                0.992 unbekannt
Realtek Ethernet Controller All-In-One Windows Driver        Realtek        08.09.2010 gebraucht        1.12.0011
Rome - Total War - Gold Edition        The Creative Assembly        12.03.2013                1.6 gebraucht
Roxio Creator Business        Roxio        01.01.2013        324MB        10.3.56.21 unbekannt
Spotify        Spotify AB        06.11.2012                0.8.5.1333.g822e0de8 gebraucht
Star Wars Empire at War        LucasArts        23.01.2011                1.0 gebraucht
Star Wars Empire at War Forces of Corruption        LucasArts        31.03.2011                1.0
Starcraft                11.03.2013                gebraucht
Steam        Valve        01.10.2012        42,1MB        1.0.0.0 gebraucht
Synaptics Pointing Device Driver        Synaptics Incorporated        13.02.2013        46,4MB        15.0.24.0 unbekannt
Total War: SHOGUN 2        The Creative Assembly        01.01.2013                gebraucht
Unity Web Player        Unity Technologies ApS        17.12.2012        12,0MB        2.6.1f3_31223 unbekannt
Windows 7 Default Setting        Hewlett-Packard Company        08.09.2010        32,0KB        1.0.1.7 unbekannt
WinRAR 4.01 (32-Bit)        win.rar GmbH        01.01.2013                4.01.0 gebraucht
WinZip 14.5        WinZip Computing, S.L.        17.01.2011        19,9MB        14.5.9095 gebraucht

markusg 14.03.2013 21:56
deinstalire:
Google Toolbar
IL
Java: alle
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
McAfee : alle
Mozilla Thunderbird
Unity

Öffne CCleaner, analysieren, starten, pc neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:25 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131