Jump to content

p3k1ti

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

 Content Type 

Everything posted by p3k1ti

  1. p3k1ti
    Hello, MBAM scan never reports any malicious file ... ... all I got was a "Blocking ..." pop-up from time to time. (wlmail, firefox, skype, ms messenger) And because ComboFix crippled my system I had to "restore" it ... ... so all the mentioned "delete actions" are reverted. As a summary I would say: - ComboFix is a damn dangerous tool - it deletes files without asking the user for permission - It looks like Malwarebytes produces some false-positives from time to time ;-) Thanks a lot for your time and support! Cheers, Hendrik
  2. p3k1ti
    Well, I used ComboFix and it crashed my system for the 2nd time ... lucky me, this time I was able to use one of my former "recovery points", which wasnt possible some days ago and forced me to reinstall Windows 7. Okay, dont care ... ... here are the logs ComboFix 12-02-19.02 - hendrik 20.02.2012 23:52:29.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8167.6195 [GMT 1:00] ausgeführt von:: d:\hendrik\Downloads\ComboFix.exe AV: F-Secure Internet Security 2011 10.51 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} FW: F-Secure Internet Security 2011 10.51 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: F-Secure Internet Security 2011 10.51 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\HTTP Debugger Pro\mfnsvc.exe c:\windows\mfnhks32.dll c:\windows\mfnhks64.dll c:\windows\mfnspadv32.dll c:\windows\mfnspadv64.dll c:\windows\mfnspinst32.exe c:\windows\mfnspinst64.exe c:\windows\mfnspstd32.dll c:\windows\mfnspstd64.dll c:\windows\mfnswitch.exe c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\SysWow64\uninstall.exe . . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_HTTPDebugger . . ((((((((((((((((((((((( Dateien erstellt von 2012-01-20 bis 2012-02-20 )))))))))))))))))))))))))))))) . . 2012-02-20 22:54 . 2012-02-20 22:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-20 20:46 . 2012-02-20 20:46 -------- d-----w- c:\program files\iTunes 2012-02-20 20:46 . 2012-02-20 20:46 -------- d-----w- c:\program files\iPod 2012-02-20 18:51 . 2012-02-20 18:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-02-20 18:51 . 2012-02-20 18:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-02-20 18:51 . 2012-02-20 18:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-02-20 18:51 . 2012-02-20 18:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-02-20 18:51 . 2012-02-20 18:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-02-20 18:51 . 2012-02-20 18:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-02-20 18:51 . 2012-02-20 18:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2012-02-20 18:51 . 2012-02-20 18:51 -------- d-----w- c:\program files (x86)\QuickTime 2012-02-20 18:50 . 2012-02-20 18:50 -------- d-----w- c:\program files (x86)\Safari 2012-02-20 08:22 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-02-20 08:22 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2012-02-20 08:22 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2012-02-20 08:21 . 2012-02-20 08:21 -------- d-----w- c:\program files (x86)\Apple Software Update 2012-02-20 08:21 . 2012-02-20 18:50 -------- d-----w- c:\program files\Common Files\Apple 2012-02-20 08:21 . 2012-02-20 08:21 -------- d-----w- c:\program files\Bonjour 2012-02-20 08:21 . 2012-02-20 08:21 -------- d-----w- c:\program files (x86)\Bonjour 2012-02-20 08:21 . 2012-02-20 20:46 -------- d-----w- c:\program files (x86)\Common Files\Apple 2012-02-20 07:32 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll 2012-02-20 07:32 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll 2012-02-20 07:32 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll 2012-02-20 07:32 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-02-20 07:32 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2012-02-19 22:17 . 2011-03-23 16:00 31232 ----a-w- c:\windows\system32\drivers\tap0901.sys 2012-02-19 17:48 . 2012-02-19 17:48 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-02-19 14:47 . 2012-02-19 14:47 -------- d-----w- c:\program files (x86)\Microsoft.NET 2012-02-18 23:39 . 2012-02-18 23:39 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2 2012-02-18 23:20 . 2012-02-18 23:20 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins 2012-02-18 16:28 . 2012-02-18 16:28 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller 2012-02-18 16:27 . 2012-02-19 12:05 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-02-18 16:27 . 2012-02-19 12:05 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-02-18 16:27 . 2012-02-19 12:05 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-02-18 15:24 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF 2012-02-18 15:24 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF 2012-02-18 15:24 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF 2012-02-18 15:24 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF 2012-02-18 15:24 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF 2012-02-18 15:22 . 2012-02-18 15:23 -------- d-----w- c:\programdata\IDMComp 2012-02-18 15:13 . 2012-02-20 22:54 -------- d-----w- c:\program files (x86)\HTTP Debugger Pro 2012-02-18 14:57 . 2012-02-19 12:09 -------- d-----w- c:\programdata\Origin 2012-02-18 14:57 . 2012-02-18 15:05 -------- d-----w- c:\program files (x86)\Origin Games 2012-02-18 14:57 . 2012-02-18 14:57 -------- d-----w- c:\programdata\Electronic Arts 2012-02-18 13:32 . 2010-02-04 09:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2012-02-18 13:31 . 2007-01-24 14:27 393576 ----a-w- c:\windows\system32\xactengine2_6.dll 2012-02-18 09:56 . 2012-02-18 14:19 -------- d-----w- c:\program files (x86)\Common Files\Steam 2012-02-18 09:16 . 2012-02-18 09:16 -------- d-----w- c:\programdata\InstallMate 2012-02-18 09:15 . 2012-02-19 21:22 -------- d-----r- c:\program files (x86)\Skype 2012-02-18 09:15 . 2012-02-19 21:13 -------- d-----w- c:\program files (x86)\Common Files\Skype 2012-02-18 09:15 . 2012-02-19 21:13 -------- d-----w- c:\programdata\Skype 2012-02-18 03:16 . 2012-02-18 03:16 -------- d-----w- c:\program files (x86)\Common Files\LWS 2012-02-18 03:15 . 2012-02-18 22:24 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-18 03:15 . 2012-02-18 03:15 -------- d-----w- c:\windows\SysWow64\Macromed 2012-02-18 03:15 . 2012-02-18 03:15 -------- d-----w- c:\windows\system32\Macromed 2012-02-18 03:01 . 2012-02-18 03:01 -------- d-----w- c:\windows\SysWow64\wbem\en-US 2012-02-18 03:01 . 2012-02-18 03:01 -------- d-----w- c:\windows\system32\wbem\en-US 2012-02-18 02:38 . 2012-02-18 02:38 -------- d-----w- c:\programdata\SmartTechnology 2012-02-18 02:38 . 2012-02-18 02:38 -------- d-----w- c:\program files\SmartTechnology 2012-02-18 02:28 . 2012-02-18 23:23 -------- d-----w- c:\programdata\Logitech 2012-02-18 02:28 . 2012-02-18 23:23 -------- d-----w- c:\program files (x86)\Logitech 2012-02-18 02:25 . 2012-02-20 08:22 -------- dc----w- c:\windows\system32\DRVSTORE 2012-02-18 02:24 . 2012-02-20 20:46 -------- d-----w- c:\programdata\Apple Computer 2012-02-18 02:24 . 2012-02-19 21:13 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2012-02-18 02:24 . 2012-02-18 02:24 -------- d-----w- c:\programdata\Apple 2012-02-18 02:20 . 2012-02-18 23:23 -------- d-----w- c:\program files\Logitech 2012-02-18 02:19 . 2012-02-18 02:19 -------- d-----w- c:\programdata\LogiShrd 2012-02-18 02:12 . 2011-02-19 12:03 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-02-18 02:11 . 2011-07-16 05:37 421888 ----a-w- c:\windows\system32\KernelBase.dll 2012-02-18 02:10 . 2012-01-17 03:39 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1CC8BFFE-5A0C-4279-929C-F2C2F54627F3}\mpengine.dll 2012-02-18 02:09 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll 2012-02-18 02:09 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll 2012-02-18 01:59 . 2001-08-29 20:00 59904 ----a-w- c:\windows\SysWow64\wbemdisp.tlb 2012-02-18 01:59 . 1998-07-21 23:00 102912 ----a-w- c:\windows\SysWow64\Vb6stkit.dll 2012-02-18 01:59 . 1998-07-21 23:00 102160 ----a-w- c:\windows\SysWow64\VB6KO.DLL 2012-02-18 01:59 . 1998-06-23 23:00 115016 ----a-w- c:\windows\SysWow64\MSINET.OCX 2012-02-18 01:56 . 2012-02-18 01:56 -------- d-----w- c:\program files (x86)\Common Files\CyberLink 2012-02-18 01:55 . 2012-02-18 01:55 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-02-18 01:55 . 2012-02-18 01:55 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-02-18 01:55 . 2012-02-18 01:55 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll 2012-02-18 01:53 . 2012-02-18 01:53 -------- d-----w- c:\program files (x86)\Cyberlink 2012-02-18 01:52 . 2012-02-18 01:52 -------- d-----w- c:\program files (x86)\Common Files\LightScribe 2012-02-18 01:51 . 2012-02-18 01:56 -------- d-----w- c:\programdata\CyberLink 2012-02-18 01:35 . 2012-02-18 01:35 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-02-18 01:19 . 2012-02-18 01:19 -------- d-----w- c:\program files\Common Files\Adobe 2012-02-18 00:40 . 2012-02-18 00:44 -------- d-----w- c:\program files (x86)\Windows Live 2012-02-18 00:40 . 2012-02-18 00:40 -------- d-----w- c:\program files\Windows Live 2012-02-18 00:40 . 2012-02-18 00:40 -------- d-----w- c:\windows\PCHEALTH 2012-02-18 00:39 . 2012-02-18 02:50 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-02-18 00:37 . 2012-02-18 00:37 -------- d-----w- c:\program files (x86)\Common Files\Windows Live 2012-02-18 00:30 . 2012-02-18 00:30 525544 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-18 00:15 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-17 23:56 . 2012-02-18 00:01 42672 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys 2012-02-17 23:54 . 2012-02-17 23:54 46664 ----a-w- c:\windows\system32\drivers\fses.sys 2012-02-17 23:54 . 2012-02-17 23:54 95784 ----a-w- c:\windows\system32\drivers\fsdfw.sys 2012-02-17 23:54 . 2012-02-17 23:53 574632 ----a-w- c:\windows\SysWow64\msvcp50.dll 2012-02-17 23:52 . 2012-02-17 23:53 -------- d-----w- c:\programdata\fssg 2012-02-17 23:51 . 2012-02-17 23:54 -------- d-----w- c:\programdata\f-secure 2012-02-17 23:50 . 2012-02-18 03:17 -------- d-----w- c:\program files (x86)\Common Files\logishrd 2012-02-17 23:50 . 2012-02-18 03:17 -------- d-----w- c:\program files\Common Files\logishrd 2012-02-17 23:48 . 2012-02-17 23:48 -------- d-----w- c:\program files (x86)\avmwlanstick 2012-02-17 23:48 . 2010-10-22 01:00 14120 ----a-r- c:\windows\system32\drivers\avmeject.sys 2012-02-17 23:48 . 2010-10-22 01:00 99328 ----a-w- c:\windows\system32\fwusbnci.dll 2012-02-17 23:48 . 2010-10-22 01:00 714368 ----a-w- c:\windows\system32\drivers\fwlanusbn.sys 2012-02-17 23:48 . 2010-10-22 01:00 15565 ----a-w- c:\windows\system32\drivers\fwlanusbn.bin 2012-02-17 23:46 . 2012-02-17 23:46 -------- d-----w- c:\programdata\SlySoft 2012-02-17 23:46 . 2012-02-20 20:31 -------- d-----w- c:\programdata\Atheros 2012-02-17 23:43 . 2012-02-17 23:43 -------- d-----w- c:\program files (x86)\Marvell 2012-02-17 23:43 . 2009-07-14 01:15 315904 ----a-w- c:\windows\SysWow64\Difx163e.rra 2012-02-17 23:43 . 2010-08-10 09:29 120920 ----a-w- c:\windows\system32\drivers\jraid.sys 2012-02-17 23:43 . 2012-02-17 23:43 -------- d-----w- c:\windows\RaidTool 2012-02-17 23:42 . 2011-02-22 10:59 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll 2012-02-17 23:42 . 2010-10-19 15:34 56344 ----a-w- c:\windows\system32\drivers\HECIx64.sys 2012-02-17 23:42 . 2012-02-17 23:42 -------- d-----w- c:\program files (x86)\ASM104xUSB3 2012-02-17 23:40 . 2012-02-17 23:40 -------- d-----w- c:\windows\SysWow64\RTCOM 2012-02-17 23:40 . 2012-02-17 23:40 -------- d-----w- c:\program files\Realtek 2012-02-17 23:38 . 2012-02-17 23:38 16896 ----a-w- c:\windows\AsTaskSched.dll 2012-02-17 23:38 . 2012-02-17 23:38 -------- d-----w- c:\program files (x86)\Common Files\Atheros 2012-02-17 23:38 . 2012-02-17 23:38 -------- d-----w- c:\program files (x86)\Bluetooth Suite 2012-02-17 23:35 . 2012-02-17 23:42 -------- d-----w- c:\program files (x86)\Intel 2012-02-17 23:32 . 2012-02-20 22:55 -------- d-----w- c:\programdata\NVIDIA 2012-02-17 23:32 . 2012-02-19 21:16 -------- d-----w- c:\users\UpdatusUser 2012-02-17 23:32 . 2012-02-17 23:32 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2012-02-17 23:32 . 2011-11-08 03:51 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll 2012-02-17 23:32 . 2011-11-08 03:51 5067584 ----a-w- c:\windows\system32\nvsvc64.dll . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-18 00:40 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-01-29 04:10 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-01-18 06:44 . 2012-01-18 06:44 351136 ----a-w- c:\windows\system32\drivers\lvrs64.sys 2012-01-18 06:44 . 2012-01-18 06:44 25632 ----a-w- c:\windows\system32\drivers\lvbflt64.sys 2012-01-18 05:44 . 2012-01-18 05:44 540960 ----a-w- c:\windows\SysWow64\LVUI2RC.dll 2012-01-18 05:44 . 2012-01-18 05:44 545056 ----a-w- c:\windows\SysWow64\LVUI2.dll 2012-01-18 05:44 . 2012-01-18 05:44 561440 ----a-w- c:\windows\system32\LVUIRC64.dll 2012-01-18 05:44 . 2012-01-18 05:44 4865568 ----a-w- c:\windows\system32\drivers\lvuvc64.sys 2012-01-18 05:44 . 2012-01-18 05:44 769312 ----a-w- c:\windows\system32\LVUI64.dll 2012-01-18 05:44 . 2012-01-18 05:44 307488 ----a-w- c:\windows\SysWow64\lvcodec2.dll 2012-01-18 05:44 . 2012-01-18 05:44 263456 ----a-w- c:\windows\system32\lvco13311044.dll 2012-01-18 05:44 . 2012-01-18 05:44 176416 ----a-w- c:\windows\system32\lvcod64.dll 2012-01-18 05:44 . 2012-01-18 05:44 336408 ----a-w- c:\windows\SysWow64\DevManagerCore.dll 2012-01-18 05:44 . 2012-01-18 05:44 336408 ----a-w- c:\windows\system32\DevManagerCore.dll 2012-01-18 05:44 . 2012-01-18 05:44 10920984 ----a-w- c:\windows\SysWow64\LogiDPP.dll 2012-01-18 05:44 . 2012-01-18 05:44 10920984 ----a-w- c:\windows\system32\LogiDPP.dll 2012-01-18 05:44 . 2012-01-18 05:44 104472 ----a-w- c:\windows\SysWow64\LogiDPPApp.exe 2012-01-18 05:44 . 2012-01-18 05:44 104472 ----a-w- c:\windows\system32\LogiDPPApp.exe . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\hendrik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\hendrik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\hendrik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AnyDVD"="d:\apps\AnyDVD\AnyDVDtray.exe" [2012-02-20 5860984] "Dexpot"="d:\apps\Dexpot\dexpot.exe" [2012-01-30 1421312] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="d:\apps\iTunes\iTunesHelper.exe" [2012-01-16 421736] "AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344] "F-Secure TNB"="d:\security\F-Secure\FSGUI\TNBUtil.exe" [2012-02-17 1655464] "F-Secure Manager"="d:\security\F-Secure\Common\FSM32.EXE" [2012-02-17 201384] "Malwarebytes' Anti-Malware"="d:\security\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] "LWS"="d:\apps\LogitechC525\LWS\Webcam Software\LWS.exe" [2011-11-11 205336] "Logitech G35"="d:\apps\LogitechG35\G35.exe" [2010-10-05 1811800] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] . c:\users\hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\hendrik\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMService;MBAMService;d:\security\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-08 2253120] R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [x] R3 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912] R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [x] R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys [x] R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys [x] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 wgsslvpnsrc;WatchGuard SSLVPN Service;d:\security\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [2011-03-23 58368] R4 F-Secure Filter;F-Secure File System Filter;d:\security\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2012-02-17 41896] R4 F-Secure Recognizer;F-Secure File System Recognizer;d:\security\F-Secure\Anti-Virus\Win2K\FSrec.sys [2012-02-17 27304] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x] S1 F-Secure HIPS;F-Secure HIPS Driver;d:\security\F-Secure\HIPS\drivers\fshs.sys [2012-02-17 61960] S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x] S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x] S1 fsvista;F-Secure Vista Support Driver;d:\security\F-Secure\Anti-Virus\minifilter\fsvista.sys [2012-02-17 15016] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-07 381248] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x] S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [x] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;d:\security\F-Secure\Anti-Virus\minifilter\fsgk.sys [2012-02-17 198808] S3 FSORSPClient;F-Secure ORSP Client;d:\security\F-Secure\ORSP Client\fsorsp.exe [2012-02-17 61088] S3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys [x] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x] S3 LVUVC64;Logitech HD Webcam C525(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 SaiK0CCB;SaiK0CCB;c:\windows\system32\DRIVERS\SaiK0CCB.sys [x] S3 SaiU0CCB;SaiU0CCB;c:\windows\system32\DRIVERS\SaiU0CCB.sys [x] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-04-22 12:09 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhalt des "geplante Tasks" Ordners . 2012-02-20 c:\windows\Tasks\Scheduled scanning task.job - d:\security\F-Secure\ANTI-V~1\fsav.exe [2012-02-17 23:54] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\hendrik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\hendrik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\hendrik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\hendrik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2012-01-23 158208] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288] "ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2012-01-23 432640] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616] "combofix"="c:\combofix\CF15514.3XE" [2010-11-21 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local LSP: c:\windows\mfnspstd32.dll LSP: d:\security\F-Secure\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 192.168.178.1 FF - ProfilePath - c:\users\hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\tc2ks5u9.default\ . - - - - Entfernte verwaiste Registrierungseinträge - - - - . AddRemove-HTTP Debugger Pro - c:\windows\system32\uninstall.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-1002679150-2292389105-1398518112-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1002679150-2292389105-1398518112-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\avmwlanstick\WlanNetService.exe d:\security\F-Secure\Anti-Virus\fsgk32st.exe d:\security\F-Secure\Anti-Virus\FSGK32.EXE d:\security\F-Secure\Common\FSMA32.EXE c:\windows\SysWOW64\PnkBstrA.exe c:\windows\SysWOW64\PnkBstrB.exe d:\security\F-Secure\Common\FSHDLL32.EXE d:\security\F-Secure\Anti-Virus\fssm32.exe d:\security\F-Secure\Anti-Virus\fsav32.exe . ************************************************************************** . Zeit der Fertigstellung: 2012-02-20 23:58:32 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2012-02-20 22:58 . Vor Suchlauf: 6 Verzeichnis(se), 208.966.946.816 Bytes frei Nach Suchlauf: 10 Verzeichnis(se), 209.583.386.624 Bytes frei . - - End Of File - - 1144D5139DF2BB396ABF0DBA1BBCC065 Cheers, Hendrik
  3. p3k1ti
    BTW .. since I removed skype - not any "blocked IP" message poped up again
  4. p3k1ti
    Hi LDTate, if I understand your mentioned link right ... ... the malicious 83.128.58.236 is part of the Skype-P2P-Network and its not an indicator of an infection?! But what about "MS Messenger" and "Windows Mail" ?! >> IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 49364, Process: msnmsgr.exe) MS Messenger uses the ports TCP/UDP 49152 – 65535 for "Remote Assistance" ... do they use a P2P network as well? At the end I am still a bit worried about "Windows Live Mail" >> 2012/02/18 14:21:19 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 52412, Process: wlmail.exe) Is it because of any kind of "interaction between "Windows Live Mail" and "Windows Messenger" ??? Cheers, Hendrik
  5. p3k1ti
    Hello, I just uninstalled skype ... ... why not uninstalling "MS Messenger", too? The "firefox" entries are okay, because I was searching for information abut the "suspicious" IPs. Cheers, Hendrik
  6. p3k1ti
    I reinstalled my machine and all the "troublemakers are back" ... 2012/02/19 11:26:55 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 49360, Process: msnmsgr.exe) 2012/02/19 11:26:55 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 49364, Process: msnmsgr.exe) 2012/02/19 12:07:44 +0100 CHIMNHO hendrik IP-BLOCK 109.163.226.216 (Type: outgoing, Port: 51937, Process: firefox.exe) 2012/02/19 12:14:24 +0100 CHIMNHO hendrik IP-BLOCK 109.163.226.216 (Type: outgoing, Port: 52110, Process: firefox.exe) 2012/02/19 12:14:24 +0100 CHIMNHO hendrik IP-BLOCK 109.163.226.216 (Type: outgoing, Port: 52114, Process: firefox.exe) 2012/02/19 12:14:24 +0100 CHIMNHO hendrik IP-BLOCK 109.163.226.216 (Type: outgoing, Port: 52117, Process: firefox.exe) 2012/02/19 12:14:24 +0100 CHIMNHO hendrik IP-BLOCK 109.163.226.216 (Type: outgoing, Port: 52121, Process: firefox.exe) 2012/02/19 12:14:24 +0100 CHIMNHO hendrik IP-BLOCK 109.163.226.216 (Type: outgoing, Port: 52124, Process: firefox.exe) 2012/02/19 12:14:24 +0100 CHIMNHO hendrik IP-BLOCK 109.163.226.216 (Type: outgoing, Port: 52128, Process: firefox.exe) 2012/02/19 12:17:12 +0100 CHIMNHO hendrik IP-BLOCK 109.163.226.216 (Type: outgoing, Port: 52203, Process: firefox.exe) 2012/02/19 12:18:40 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 52452, Process: firefox.exe) 2012/02/19 12:23:21 +0100 CHIMNHO hendrik IP-BLOCK 83.128.58.236 (Type: outgoing, Port: 52684, Process: skype.exe) 2012/02/19 12:23:21 +0100 CHIMNHO hendrik IP-BLOCK 83.128.58.236 (Type: outgoing, Port: 52685, Process: skype.exe) 2012/02/19 12:23:21 +0100 CHIMNHO hendrik IP-BLOCK 83.128.58.236 (Type: outgoing, Port: 52686, Process: skype.exe) 2012/02/19 12:23:21 +0100 CHIMNHO hendrik IP-BLOCK 83.128.58.236 (Type: outgoing, Port: 52687, Process: skype.exe) 2012/02/19 12:27:37 +0100 CHIMNHO hendrik IP-BLOCK 91.223.82.146 (Type: outgoing, Port: 52835, Process: firefox.exe) 2012/02/19 12:28:33 +0100 CHIMNHO hendrik IP-BLOCK 91.223.82.146 (Type: outgoing, Port: 52856, Process: firefox.exe) 2012/02/19 12:28:33 +0100 CHIMNHO hendrik IP-BLOCK 91.223.82.146 (Type: outgoing, Port: 52860, Process: firefox.exe) 2012/02/19 12:28:33 +0100 CHIMNHO hendrik IP-BLOCK 91.223.82.146 (Type: outgoing, Port: 52863, Process: firefox.exe) 2012/02/19 12:28:33 +0100 CHIMNHO hendrik IP-BLOCK 91.223.82.146 (Type: outgoing, Port: 52867, Process: firefox.exe) 2012/02/19 12:28:33 +0100 CHIMNHO hendrik IP-BLOCK 91.223.82.146 (Type: outgoing, Port: 52870, Process: firefox.exe) ... malwarebytes was installed right after Windows was installed and before any network connection was established for the 1st time
  7. p3k1ti
    Hello, Malwarebytes Pro blocked the following outgoing connections ... --------- 2012/02/15 ---------- 2012/02/15 18:09:51 +0100 CHIMNHO hendrik MESSAGE Scheduled update executed successfully: database updated from version v2012.02.15.01 to version v2012.02.15.03 2012/02/15 20:43:11 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 52063, Process: wlmail.exe) 2012/02/15 20:43:11 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 52064, Process: wlmail.exe) ---------- 2012/02/16 ---------- 2012/02/16 08:43:59 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 50065, Process: wlmail.exe) 2012/02/16 08:43:59 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 50066, Process: wlmail.exe) 2012/02/16 18:43:33 +0100 CHIMNHO hendrik MESSAGE Scheduled update executed successfully: database updated from version v2012.02.15.03 to version v2012.02.16.04 2012/02/16 20:45:02 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 54823, Process: wlmail.exe) 2012/02/16 20:45:02 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 54824, Process: wlmail.exe) ---------- 2012/02/17 ---------- 2012/02/17 21:21:20 +0100 CHIMNHO (null) MESSAGE Scheduled update executed successfully: database updated from version v2012.02.16.04 to version v2012.02.17.06 2012/02/17 21:40:05 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 49549, Process: wlmail.exe) 2012/02/17 21:40:05 +0100 CHIMNHO hendrik IP-BLOCK 85.183.254.9 (Type: outgoing, Port: 49550, Process: wlmail.exe) A Quick Scan run returned ... Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.02.17.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 hendrik :: CHIMNHO [Administrator] Schutz: Aktiviert 17.02.2012 22:01:44 mbam-log-2012-02-17 (22-01-44).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 206635 Laufzeit: 56 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) A scan with DDS returned ... . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by hendrik at 21:57:36 on 2012-02-17 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8167.5600 [GMT 1:00] . AV: F-Secure Internet Security 2011 10.51 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} AV: Microsoft Security Essentials *Disabled/Updated* {85C1E965-F997-4AB1-E20C-5C67B92E993B} SP: F-Secure Internet Security 2011 10.51 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {3EA00881-DFAD-453F-D8BC-6715C2A9D386} FW: F-Secure Internet Security 2011 10.51 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Program Files (x86)\avmwlanstick\WlanNetService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE C:\Program Files (x86)\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\HTTP Debugger Pro\mfnsvc.exe C:\Program Files (x86)\F-Secure\Common\FSHDLL32.EXE C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe C:\Windows\SysWOW64\vmnat.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\F-Secure\Common\FSHDLL64.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe D:\Development\VMWarePlayer\vmware-authd.exe C:\Windows\SysWOW64\vmnetdhcp.exe C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe D:\Security\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe C:\Program Files\SmartTechnology\Software\ProfilerU.exe C:\Program Files\SmartTechnology\Software\SaiMfd.exe C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe D:\Apps\Dexpot\dexpot.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\Apps\AnyDVD\AnyDVDtray.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\F-Secure\Common\FSM32.EXE C:\Program Files (x86)\avmwlanstick\WLanGUI.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\wbem\wmiprvse.exe D:\Apps\Logitech Webcam\LWS\Webcam Software\LWS.exe D:\Security\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe D:\Apps\Dexpot\Dexpot64.exe C:\Program Files (x86)\F-Secure\Spam Control\fsscoepl_x64.exe D:\Apps\Logitech Webcam\LWS\Webcam Software\CameraHelperShell.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe D:\Apps\AnyDVD\ADvdDiscHlp64.exe C:\Windows\system32\conhost.exe D:\Apps\Dexpot\plugins\SevenDex.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\WMPSideShowGadget.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\system32\DllHost.exe C:\Users\hendrik\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LULnchr.exe C:\Users\hendrik\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe D:\Internet\Firefox\firefox.exe D:\Security\Malwarebytes' Anti-Malware\mbam.exe D:\Development\UEStudio\uestudio.exe D:\Development\Console2\Console.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://nmd.msn.com uDefault_Page_URL = hxxp://nmd.msn.com uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = localhost:8080 mWinlogon: Userinit=userinit.exe BHO: AutorunsDisabled - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll uRun: [Dexpot] D:\Apps\Dexpot\dexpot.exe uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [AnyDVD] D:\Apps\AnyDVD\AnyDVDtray.exe mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash mRun: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW mRun: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe mRun: [LWS] D:\Apps\Logitech Webcam\LWS\Webcam Software\LWS.exe -hide mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Malwarebytes' Anti-Malware] "D:\Security\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download Links As... - file://C:\Windows\system32\page.htm IE: Download Target(s) As... - file://C:\Windows\system32\link.htm IE: Free YouTube Download - C:\Users\hendrik\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll LSP: C:\Windows\mfnspstd32.dll LSP: %SystemRoot%\system32\vsocklib.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab TCP: DhcpNameServer = 192.168.178.1 TCP: Interfaces\{8B8C37AB-7F08-49D3-9F8A-E01037C14D55} : DhcpNameServer = 192.168.178.1 TCP: Interfaces\{A123F424-038D-4140-A10D-EAF6AA9FE2B9} : DhcpNameServer = 10.49.0.1 TCP: Interfaces\{FA258952-3DD1-41E0-B54F-E020E9FD5C9E} : DhcpNameServer = 8.8.4.4 4.2.2.5 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Internet\MP3 Skype Recorder\Skype4Com.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Name-Space Handler: ftp\DownloadMage - {99488E3C-CC26-4854-ABCD-9F462E1129F3} - D:\Internet\DLMage\DmPh.dll Name-Space Handler: http\DownloadMage - {99488E3C-CC26-4854-ABCD-9F462E1129F3} - D:\Internet\DLMage\DmPh.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" IFEO: taskmgr.exe - "D:\APPS\SYSINTERNALS\PROCESSEXPLORER\PROCEXP.EXE" BHO-X64: AutorunsDisabled - No File {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9FDDE16B-836F-4806-AB1F-1455CBEFF289} {C6867EB7-8350-4856-877F-93CF8AE3DC9C} {DBC80044-A445-435b-BC74-9C25C1C588A9} {8dcb7100-df86-4384-8842-8fa844297b3f} {265EEE8E-3228-44D3-AEA5-F7FDF5860049} mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash mRun-x64: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW mRun-x64: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe mRun-x64: [LWS] D:\Apps\Logitech Webcam\LWS\Webcam Software\LWS.exe -hide mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [Malwarebytes' Anti-Malware] "D:\Security\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe IFEO-X64: taskmgr.exe - "D:\APPS\SYSINTERNALS\PROCESSEXPLORER\PROCEXP.EXE" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\ydetzlqe.default\ FF - prefs.js: network.proxy.http - localhost FF - prefs.js: network.proxy.http_port - 8008 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\hendrik\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - plugin: D:\Apps\iTunes\Mozilla Plugins\npitunes.dll . ============= SERVICES / DRIVERS =============== . R0 apmwin;apmwin;C:\Windows\system32\DRIVERS\apmwin.sys --> C:\Windows\system32\DRIVERS\apmwin.sys [?] R0 DSFKSVCS;Kernel Services for DSF;C:\Windows\system32\DRIVERS\dsfksvcs.sys --> C:\Windows\system32\DRIVERS\dsfksvcs.sys [?] R0 dsfroot;root enumerated bus driver;C:\Windows\system32\DRIVERS\dsfroot.sys --> C:\Windows\system32\DRIVERS\dsfroot.sys [?] R0 gpt_loader;GUID Partition table support driver;C:\Windows\system32\DRIVERS\gpt_loader.sys --> C:\Windows\system32\DRIVERS\gpt_loader.sys [?] R0 mounthlp;Mounter helper driver for HFS volumes;C:\Windows\system32\DRIVERS\mounthlp.sys --> C:\Windows\system32\DRIVERS\mounthlp.sys [?] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [2011-11-4 61960] R1 FSES;F-Secure Email Scanning Driver;C:\Windows\system32\drivers\fses.sys --> C:\Windows\system32\drivers\fses.sys [?] R1 FSFW;F-Secure Firewall Driver;C:\Windows\system32\drivers\fsdfw.sys --> C:\Windows\system32\drivers\fsdfw.sys [?] R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2011-11-4 15016] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896] R2 DTSAudioService;DTSAudioService;C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2011-10-25 210024] R2 F-Secure Gatekeeper Handler Starter;FSGKHS;C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [2011-11-4 221864] R2 HfsplusRec;HfsplusRec;C:\Windows\system32\DRIVERS\hfsplusrec.sys --> C:\Windows\system32\DRIVERS\hfsplusrec.sys [?] R2 HTTPDebugger;HTTP Debugger;C:\Program Files (x86)\HTTP Debugger Pro\mfnsvc.exe [2011-10-23 66600] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-25 13592] R2 MBAMService;MBAMService;D:\Security\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-15 652360] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-25 2253120] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-7 381248] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848] R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\drivers\asmthub3.sys --> C:\Windows\system32\drivers\asmthub3.sys [?] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\drivers\asmtxhci.sys --> C:\Windows\system32\drivers\asmtxhci.sys [?] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\drivers\btath_bus.sys --> C:\Windows\system32\drivers\btath_bus.sys [?] R3 CompFilter64;UVCCompositeFilter;C:\Windows\system32\DRIVERS\lvbflt64.sys --> C:\Windows\system32\DRIVERS\lvbflt64.sys [?] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-11-4 198808] R3 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-11-4 61088] R3 fwlanusbn;FRITZ!WLAN N;C:\Windows\system32\DRIVERS\fwlanusbn.sys --> C:\Windows\system32\DRIVERS\fwlanusbn.sys [?] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?] R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?] R3 LVUVC64;Logitech HD Webcam C525(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 SaiK0CCB;SaiK0CCB;C:\Windows\system32\DRIVERS\SaiK0CCB.sys --> C:\Windows\system32\DRIVERS\SaiK0CCB.sys [?] R3 SaiU0CCB;SaiU0CCB;C:\Windows\system32\DRIVERS\SaiU0CCB.sys --> C:\Windows\system32\DRIVERS\SaiU0CCB.sys [?] S2 CLKMSVC10_9EC60124;CyberLink Product - 2012/02/16 20:59:41;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-11-23 240112] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?] S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?] S3 avmeject;AVM Eject;C:\Windows\system32\drivers\avmeject.sys --> C:\Windows\system32\drivers\avmeject.sys [?] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?] S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?] S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?] S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?] S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?] S3 danewFltr;NewDeathAdder Mouse;C:\Windows\system32\drivers\danew.sys --> C:\Windows\system32\drivers\danew.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 Hfsplus;Hfsplus;C:\Windows\system32\DRIVERS\hfsplus.sys --> C:\Windows\system32\DRIVERS\hfsplus.sys [?] S3 HRMCFGSPC;DSF General Configuration Space Redirection Module;C:\Windows\system32\DRIVERS\HRMCFGSPC.SYS --> C:\Windows\system32\DRIVERS\HRMCFGSPC.SYS [?] S3 HRMINTS;DSF Interrupt Redirection Module;C:\Windows\system32\DRIVERS\HRMINTS.SYS --> C:\Windows\system32\DRIVERS\HRMINTS.SYS [?] S3 HRMPORTS;DSF IO Port Redirection Module;C:\Windows\system32\DRIVERS\HRMPORTS.SYS --> C:\Windows\system32\DRIVERS\HRMPORTS.SYS [?] S3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\system32\DRIVERS\ladfGSCamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSCamd64.sys [?] S3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\system32\DRIVERS\ladfGSRamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSRamd64.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2011-12-10 290872] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys --> C:\Windows\system32\drivers\nvstusb.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 VKbms;Virtual HID Minidriver;C:\Windows\system32\DRIVERS\VKbms.sys --> C:\Windows\system32\DRIVERS\VKbms.sys [?] S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . .txt=UEStudio.txt . =============== Created Last 30 ================ . 2012-02-17 20:39:40 -------- d-----w- C:\Users\hendrik\AppData\Local\{531C3484-17B6-4AD4-A8CE-652CE3F80339} 2012-02-17 20:39:29 -------- d-----w- C:\Users\hendrik\AppData\Local\{433DC215-40EA-47DA-AE13-AB95343C45E1} 2012-02-17 20:30:06 8602168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{602A9E96-CA7E-48C2-B494-1181C9F4D647}\mpengine.dll 2012-02-16 19:44:44 -------- d-----w- C:\Users\hendrik\AppData\Local\{1829198D-B236-42E7-B879-1F7B8AE867E5} 2012-02-16 19:44:10 -------- d-----w- C:\Users\hendrik\AppData\Local\{20C4E619-4F93-49E3-AD72-06B5B5E79C0D} 2012-02-16 17:54:07 -------- d-----w- C:\Windows\pss 2012-02-16 07:43:45 -------- d-----w- C:\Users\hendrik\AppData\Local\{916B7F67-5A71-4C00-9B45-19B3999D94F9} 2012-02-16 07:43:23 -------- d-----w- C:\Users\hendrik\AppData\Local\{728CF9C6-E093-4692-8624-0B0C8DB97310} 2012-02-15 21:40:19 8602168 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-02-15 20:57:43 -------- d-----w- C:\Windows\Downloaded Installations 2012-02-15 20:01:38 98103 ----a-w- C:\Windows\SysWow64\uninstall.exe 2012-02-15 20:01:31 -------- d-----w- C:\Program Files (x86)\HTTP Debugger Pro 2012-02-15 19:42:57 -------- d-----w- C:\Users\hendrik\AppData\Local\{EDAA1AB4-65D5-4985-94F9-2F73FAF203DC} 2012-02-15 19:42:34 -------- d-----w- C:\Users\hendrik\AppData\Local\{F238944B-88E0-4C0A-80B0-5583D43F5342} 2012-02-15 08:07:06 -------- d-----w- C:\Users\hendrik\AppData\Roaming\Malwarebytes 2012-02-15 08:06:55 -------- d-----w- C:\ProgramData\Malwarebytes 2012-02-15 08:06:54 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-02-15 07:42:09 -------- d-----w- C:\Users\hendrik\AppData\Local\{A4E22D99-15B3-4486-9A96-C761713A016A} 2012-02-15 07:41:46 -------- d-----w- C:\Users\hendrik\AppData\Local\{057DD420-2B70-4554-8FD0-7F04F8F9C751} 2012-02-14 19:53:10 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-14 19:53:10 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-14 19:53:09 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-14 19:53:09 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-14 19:53:08 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-14 19:53:08 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-14 19:53:05 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-14 19:53:05 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-14 19:41:21 -------- d-----w- C:\Users\hendrik\AppData\Local\{26521D8F-76C9-443A-98F8-652040FD2A98} 2012-02-14 19:41:05 -------- d-----w- C:\Users\hendrik\AppData\Local\{01773542-9D58-4211-A549-791D2E65E219} 2012-02-13 18:28:02 -------- d-----w- C:\Users\hendrik\AppData\Local\{22A2994E-A965-48A1-B995-1D28F363E0CE} 2012-02-13 18:27:46 -------- d-----w- C:\Users\hendrik\AppData\Local\{0BD8E3C6-79CB-492B-AAC5-C1F7B72D50E9} 2012-02-12 13:35:50 -------- d-----w- C:\Users\hendrik\AppData\Local\{FEE2A2EC-F77C-4405-B260-8DC7FC1F8188} 2012-02-12 13:35:16 -------- d-----w- C:\Users\hendrik\AppData\Local\{7187D90B-54C9-4BB3-893B-9557C302E901} 2012-02-12 01:35:03 -------- d-----w- C:\Users\hendrik\AppData\Local\{6D50AC1A-5FF3-44A9-B480-62B206D85035} 2012-02-12 01:34:29 -------- d-----w- C:\Users\hendrik\AppData\Local\{8B07D5B3-D96C-489E-8351-9E90F93AC00D} 2012-02-11 13:34:16 -------- d-----w- C:\Users\hendrik\AppData\Local\{E1B9DBE9-9079-455D-B562-0564FF3B48CC} 2012-02-11 13:34:05 -------- d-----w- C:\Users\hendrik\AppData\Local\{F6080B35-9CB8-4560-A457-1FEA12E1B657} 2012-02-08 19:48:01 -------- d-----w- C:\Users\hendrik\AppData\Local\{F09BFC83-2B6A-4B2C-8762-FBF43CE68C21} 2012-02-08 19:47:50 -------- d-----w- C:\Users\hendrik\AppData\Local\{219AAF78-1EE3-4F7B-9079-55E61F9F8813} 2012-02-07 18:36:55 -------- d-----w- C:\Users\hendrik\AppData\Local\{2B567097-B56B-4A6D-AFE1-47B210F55277} 2012-02-07 18:36:43 -------- d-----w- C:\Users\hendrik\AppData\Local\{B07E072E-9086-44C3-ADB3-64A3019EDFC9} 2012-02-06 18:38:41 -------- d-----w- C:\Users\hendrik\AppData\Local\{8DAE9F0C-DE1B-44BB-8136-263C64C5711E} 2012-02-06 18:38:14 -------- d-----w- C:\Users\hendrik\AppData\Local\{E246C3C2-8B8A-4E4E-B1AC-B2900C27EA88} 2012-02-06 03:20:00 -------- d-----w- C:\Users\hendrik\AppData\Local\{696D4D20-9FF8-4DA0-BD27-B65C89AEB953} 2012-02-06 03:19:26 -------- d-----w- C:\Users\hendrik\AppData\Local\{6312EC51-C4D0-4A7F-84AA-0772FE543D1E} 2012-02-05 17:07:55 -------- d-----w- C:\Program Files\iPod 2012-02-05 17:07:54 -------- d-----w- C:\Program Files\iTunes 2012-02-05 17:07:36 -------- d-sh--w- C:\Windows\ftpcache 2012-02-05 15:19:00 -------- d-----w- C:\Users\hendrik\AppData\Local\{E14418B6-95E0-45F3-BB80-63F5D2FBF7B2} 2012-02-05 15:18:48 -------- d-----w- C:\Users\hendrik\AppData\Local\{903788CE-721C-4791-AD7B-B390AD2C6260} 2012-01-22 10:00:40 -------- d-----w- C:\Users\hendrik\AppData\Local\{9CD57320-BD0A-413E-A9CF-65F4400E7148} 2012-01-22 10:00:27 -------- d-----w- C:\Users\hendrik\AppData\Local\{23341D16-EF83-4FEA-A3FB-A0C797FE6AD3} 2012-01-21 10:14:51 -------- d-----w- C:\Users\hendrik\AppData\Local\{1FF90434-DE59-4CF3-9ADD-F5C096316CAA} 2012-01-21 10:14:39 -------- d-----w- C:\Users\hendrik\AppData\Local\{FA4C5F01-E87E-4F93-90C8-D021CBD48F95} 2012-01-20 18:40:01 -------- d-----w- C:\Users\hendrik\AppData\Local\{5DEDBB13-6A25-4A4F-91F2-EC28133262BE} 2012-01-20 18:39:45 -------- d-----w- C:\Users\hendrik\AppData\Local\{4BC55CC1-720F-4796-94FD-1452BAEBAA55} . ==================== Find3M ==================== . 2012-02-16 19:58:54 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2012-02-16 19:58:54 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2012-02-16 19:58:54 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll 2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe 2011-12-18 19:47:10 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-12-18 19:42:59 28672 ----a-w- C:\Windows\SysWow64\lcdmrm.exe 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-12-13 17:15:11 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2011-12-13 17:15:11 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2011-12-04 21:23:57 138872 ----a-w- C:\Windows\SysWow64\drivers\AnyDVD.sys 2011-12-04 21:23:57 138872 ----a-w- C:\Windows\System32\drivers\AnyDVD.sys 2011-12-03 17:10:40 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2011-11-22 20:25:14 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe . ============= FINISH: 21:58:59,66 =============== Thanks a lot in advance for your support, Hendrik Kaspersky TDSSKiller shows ... Threats detected Unsigned file Service: danewFltr Suspicious object, medium risk 22:24:13.0992 1960 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14 22:24:14.0226 1960 ============================================================ 22:24:14.0226 1960 Current date / time: 2012/02/17 22:24:14.0226 22:24:14.0226 1960 SystemInfo: 22:24:14.0227 1960 22:24:14.0227 1960 OS Version: 6.1.7601 ServicePack: 1.0 22:24:14.0227 1960 Product type: Workstation 22:24:14.0227 1960 ComputerName: CHIMNHO 22:24:14.0227 1960 UserName: hendrik 22:24:14.0227 1960 Windows directory: C:\Windows 22:24:14.0227 1960 System windows directory: C:\Windows 22:24:14.0227 1960 Running under WOW64 22:24:14.0227 1960 Processor architecture: Intel x64 22:24:14.0227 1960 Number of processors: 8 22:24:14.0227 1960 Page size: 0x1000 22:24:14.0227 1960 Boot type: Normal boot 22:24:14.0227 1960 ============================================================ 22:24:14.0385 1960 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:24:14.0396 1960 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:24:14.0399 1960 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x1D1C0F, SectorsPerTrack: 0x20, TracksPerCylinder: 0x40, Type 'W' 22:24:21.0388 1960 \Device\Harddisk0\DR0: 22:24:21.0389 1960 MBR used 22:24:21.0389 1960 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1DCF2AB0 22:24:21.0389 1960 \Device\Harddisk1\DR1: 22:24:21.0389 1960 MBR used 22:24:21.0389 1960 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800 22:24:21.0389 1960 \Device\Harddisk2\DR2: 22:24:21.0389 1960 MBR used 22:24:21.0389 1960 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06000 22:24:21.0437 1960 Initialize success 22:24:21.0437 1960 ============================================================ 22:24:29.0373 3544 ============================================================ 22:24:29.0373 3544 Scan started 22:24:29.0373 3544 Mode: Manual; SigCheck; TDLFS; 22:24:29.0373 3544 ============================================================ 22:24:29.0512 3544 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 22:24:29.0550 3544 1394ohci - ok 22:24:29.0561 3544 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 22:24:29.0581 3544 ACPI - ok 22:24:29.0590 3544 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 22:24:29.0607 3544 AcpiPmi - ok 22:24:29.0620 3544 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 22:24:29.0646 3544 adp94xx - ok 22:24:29.0657 3544 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 22:24:29.0677 3544 adpahci - ok 22:24:29.0693 3544 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 22:24:29.0709 3544 adpu320 - ok 22:24:29.0723 3544 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 22:24:29.0747 3544 AFD - ok 22:24:29.0756 3544 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 22:24:29.0774 3544 agp440 - ok 22:24:29.0784 3544 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 22:24:29.0799 3544 aliide - ok 22:24:29.0807 3544 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 22:24:29.0819 3544 amdide - ok 22:24:29.0829 3544 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 22:24:29.0843 3544 AmdK8 - ok 22:24:29.0852 3544 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 22:24:29.0868 3544 AmdPPM - ok 22:24:29.0878 3544 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 22:24:29.0896 3544 amdsata - ok 22:24:29.0907 3544 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 22:24:29.0925 3544 amdsbs - ok 22:24:29.0934 3544 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 22:24:29.0952 3544 amdxata - ok 22:24:29.0963 3544 AnyDVD (7ce7d6019d0d73f9203ba4ff4ba35b6a) C:\Windows\system32\Drivers\AnyDVD.sys 22:24:29.0990 3544 AnyDVD - ok 22:24:30.0001 3544 apmwin (d2d4af136ea9d2b45e3245d8bf7bf6a5) C:\Windows\system32\DRIVERS\apmwin.sys 22:24:30.0015 3544 apmwin - ok 22:24:30.0025 3544 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 22:24:30.0054 3544 AppID - ok 22:24:30.0067 3544 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 22:24:30.0081 3544 arc - ok 22:24:30.0091 3544 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 22:24:30.0105 3544 arcsas - ok 22:24:30.0115 3544 asmthub3 (6fe3237c1177e66437e7ad0e8ac1a6e5) C:\Windows\system32\drivers\asmthub3.sys 22:24:30.0133 3544 asmthub3 - ok 22:24:30.0147 3544 asmtxhci (c4043e39a2abbc56581ca25df161e9f7) C:\Windows\system32\drivers\asmtxhci.sys 22:24:30.0168 3544 asmtxhci - ok 22:24:30.0180 3544 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 22:24:30.0208 3544 AsyncMac - ok 22:24:30.0217 3544 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 22:24:30.0231 3544 atapi - ok 22:24:30.0241 3544 AthBTPort (aaae03f8eda817ec28c5445193ea8bf3) C:\Windows\system32\DRIVERS\btath_flt.sys 22:24:30.0254 3544 AthBTPort - ok 22:24:30.0264 3544 ATHDFU (4ecc791539f23982411864037d1ac8fc) C:\Windows\system32\Drivers\AthDfu.sys 22:24:30.0278 3544 ATHDFU - ok 22:24:30.0291 3544 avmeject (1dc2f715792cf33428ad7993acbd224d) C:\Windows\system32\drivers\avmeject.sys 22:24:30.0305 3544 avmeject - ok 22:24:30.0318 3544 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 22:24:30.0346 3544 b06bdrv - ok 22:24:30.0357 3544 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 22:24:30.0380 3544 b57nd60a - ok 22:24:30.0392 3544 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 22:24:30.0418 3544 Beep - ok 22:24:30.0428 3544 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 22:24:30.0441 3544 blbdrive - ok 22:24:30.0452 3544 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 22:24:30.0466 3544 bowser - ok 22:24:30.0475 3544 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 22:24:30.0490 3544 BrFiltLo - ok 22:24:30.0498 3544 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 22:24:30.0514 3544 BrFiltUp - ok 22:24:30.0525 3544 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 22:24:30.0547 3544 Brserid - ok 22:24:30.0556 3544 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 22:24:30.0574 3544 BrSerWdm - ok 22:24:30.0583 3544 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 22:24:30.0599 3544 BrUsbMdm - ok 22:24:30.0608 3544 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 22:24:30.0623 3544 BrUsbSer - ok 22:24:30.0633 3544 BTATH_A2DP (3b1b573371b206d1d5f25e0ef5fcd6d6) C:\Windows\system32\drivers\btath_a2dp.sys 22:24:30.0659 3544 BTATH_A2DP - ok 22:24:30.0668 3544 BTATH_BUS (2d0446336d9db55a742b999ec16adf15) C:\Windows\system32\drivers\btath_bus.sys 22:24:30.0681 3544 BTATH_BUS - ok 22:24:30.0692 3544 BTATH_HCRP (9a9694bbeb2849eaf95dffcae5df02ad) C:\Windows\system32\DRIVERS\btath_hcrp.sys 22:24:30.0707 3544 BTATH_HCRP - ok 22:24:30.0716 3544 BTATH_LWFLT (fc0a8075ddf2e9c66267aec91e0676f9) C:\Windows\system32\DRIVERS\btath_lwflt.sys 22:24:30.0731 3544 BTATH_LWFLT - ok 22:24:30.0741 3544 BTATH_RCP (5eb4815cbddba4541f2380dae6e269ab) C:\Windows\system32\DRIVERS\btath_rcp.sys 22:24:30.0759 3544 BTATH_RCP - ok 22:24:30.0771 3544 BtFilter (0ecede7b33cfd9a52a61220abbd09a50) C:\Windows\system32\DRIVERS\btfilter.sys 22:24:30.0790 3544 BtFilter - ok 22:24:30.0802 3544 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 22:24:30.0817 3544 BthEnum - ok 22:24:30.0828 3544 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 22:24:30.0848 3544 BTHMODEM - ok 22:24:30.0857 3544 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 22:24:30.0877 3544 BthPan - ok 22:24:30.0889 3544 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 22:24:30.0920 3544 BTHPORT - ok 22:24:30.0930 3544 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 22:24:30.0945 3544 BTHUSB - ok 22:24:30.0954 3544 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 22:24:30.0982 3544 cdfs - ok 22:24:30.0992 3544 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 22:24:31.0009 3544 cdrom - ok 22:24:31.0020 3544 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 22:24:31.0035 3544 circlass - ok 22:24:31.0045 3544 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 22:24:31.0064 3544 CLFS - ok 22:24:31.0079 3544 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 22:24:31.0091 3544 CmBatt - ok 22:24:31.0100 3544 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 22:24:31.0111 3544 cmdide - ok 22:24:31.0122 3544 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 22:24:31.0146 3544 CNG - ok 22:24:31.0155 3544 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 22:24:31.0167 3544 Compbatt - ok 22:24:31.0176 3544 CompFilter64 (403433d758c2d8908937265c1fb34f34) C:\Windows\system32\DRIVERS\lvbflt64.sys 22:24:31.0187 3544 CompFilter64 - ok 22:24:31.0196 3544 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 22:24:31.0215 3544 CompositeBus - ok 22:24:31.0224 3544 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 22:24:31.0236 3544 crcdisk - ok 22:24:31.0246 3544 danewFltr (003626f7ca17c204f16cd5047af0703a) C:\Windows\system32\drivers\danew.sys 22:24:31.0255 3544 danewFltr ( UnsignedFile.Multi.Generic ) - warning 22:24:31.0255 3544 danewFltr - detected UnsignedFile.Multi.Generic (1) 22:24:31.0267 3544 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 22:24:31.0297 3544 DfsC - ok 22:24:31.0306 3544 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 22:24:31.0332 3544 discache - ok 22:24:31.0342 3544 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 22:24:31.0355 3544 Disk - ok 22:24:31.0366 3544 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 22:24:31.0382 3544 drmkaud - ok 22:24:31.0395 3544 DSFKSVCS (4c639a503201e3f9fb001b840b934a3f) C:\Windows\system32\DRIVERS\dsfksvcs.sys 22:24:31.0422 3544 DSFKSVCS - ok 22:24:31.0432 3544 dsfroot (13699ba0680d8eeef67945f5a405610c) C:\Windows\system32\DRIVERS\dsfroot.sys 22:24:31.0447 3544 dsfroot - ok 22:24:31.0462 3544 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 22:24:31.0493 3544 DXGKrnl - ok 22:24:31.0504 3544 e1cexpress (6bafd9819d9fec2edbaebc8493c711a4) C:\Windows\system32\DRIVERS\e1c62x64.sys 22:24:31.0526 3544 e1cexpress - ok 22:24:31.0536 3544 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys 22:24:31.0550 3544 E1G60 - ok 22:24:31.0578 3544 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 22:24:31.0622 3544 ebdrv - ok 22:24:31.0635 3544 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 22:24:31.0650 3544 ElbyCDIO - ok 22:24:31.0662 3544 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 22:24:31.0693 3544 elxstor - ok 22:24:31.0702 3544 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 22:24:31.0714 3544 ErrDev - ok 22:24:31.0727 3544 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 22:24:31.0760 3544 exfat - ok 22:24:31.0766 3544 F-Secure Gatekeeper (c898cf54315e594c33f915b053e2ec2b) C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys 22:24:31.0784 3544 F-Secure Gatekeeper - ok 22:24:31.0789 3544 F-Secure HIPS (1c8ab0d7d5451c58962940539f913473) C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys 22:24:31.0802 3544 F-Secure HIPS - ok 22:24:31.0812 3544 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 22:24:31.0843 3544 fastfat - ok 22:24:31.0853 3544 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 22:24:31.0866 3544 fdc - ok 22:24:31.0877 3544 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 22:24:31.0891 3544 FileInfo - ok 22:24:31.0900 3544 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 22:24:31.0926 3544 Filetrace - ok 22:24:31.0936 3544 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 22:24:31.0950 3544 flpydisk - ok 22:24:31.0960 3544 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 22:24:31.0985 3544 FltMgr - ok 22:24:31.0996 3544 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 22:24:32.0012 3544 FsDepends - ok 22:24:32.0022 3544 FSES (81491719ad2f5bb3563334f87c82f734) C:\Windows\system32\drivers\fses.sys 22:24:32.0035 3544 FSES - ok 22:24:32.0045 3544 FSFW (b5b3d6eb4f40abfc4f28be0e5b5538e5) C:\Windows\system32\drivers\fsdfw.sys 22:24:32.0062 3544 FSFW - ok 22:24:32.0074 3544 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys 22:24:32.0089 3544 fssfltr - ok 22:24:32.0095 3544 fsvista (8a920e6cff3163c843c06e14cf787bd8) C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys 22:24:32.0107 3544 fsvista - ok 22:24:32.0116 3544 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 22:24:32.0130 3544 Fs_Rec - ok 22:24:32.0140 3544 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 22:24:32.0162 3544 fvevol - ok 22:24:32.0175 3544 fwlanusbn (15585492e45e2f30768b2d5b57929d99) C:\Windows\system32\DRIVERS\fwlanusbn.sys 22:24:32.0197 3544 fwlanusbn - ok 22:24:32.0206 3544 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 22:24:32.0219 3544 gagp30kx - ok 22:24:32.0228 3544 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 22:24:32.0240 3544 GEARAspiWDM - ok 22:24:32.0251 3544 gpt_loader (f3d356c6757a397c8523e9703f14a66b) C:\Windows\system32\DRIVERS\gpt_loader.sys 22:24:32.0262 3544 gpt_loader - ok 22:24:32.0272 3544 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys 22:24:32.0283 3544 hcmon - ok 22:24:32.0292 3544 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 22:24:32.0305 3544 hcw85cir - ok 22:24:32.0317 3544 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 22:24:32.0341 3544 HdAudAddService - ok 22:24:32.0351 3544 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 22:24:32.0373 3544 HDAudBus - ok 22:24:32.0384 3544 Hfsplus (f0dfd3f69a94b819d305e9d230cf0126) C:\Windows\system32\DRIVERS\hfsplus.sys 22:24:32.0403 3544 Hfsplus - ok 22:24:32.0413 3544 HfsplusRec (6c9f4bb1f5a1b872c63822d29bc3e4c0) C:\Windows\system32\DRIVERS\hfsplusrec.sys 22:24:32.0426 3544 HfsplusRec - ok 22:24:32.0435 3544 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 22:24:32.0450 3544 HidBatt - ok 22:24:32.0459 3544 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 22:24:32.0479 3544 HidBth - ok 22:24:32.0488 3544 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 22:24:32.0505 3544 HidIr - ok 22:24:32.0516 3544 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 22:24:32.0531 3544 HidUsb - ok 22:24:32.0543 3544 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 22:24:32.0557 3544 HpSAMD - ok 22:24:32.0566 3544 HRMACPI - ok 22:24:32.0576 3544 HRMCFGSPC (1696a06c0ef55dfcd540b32556d3819a) C:\Windows\system32\DRIVERS\HRMCFGSPC.SYS 22:24:32.0590 3544 HRMCFGSPC - ok 22:24:32.0599 3544 HRMINTS (f58f8f2a11ce4a695c9333c416d0321f) C:\Windows\system32\DRIVERS\HRMINTS.SYS 22:24:32.0612 3544 HRMINTS - ok 22:24:32.0623 3544 HRMPORTS (6bc42dc759d42a4edca7452b4d08d870) C:\Windows\system32\DRIVERS\HRMPORTS.SYS 22:24:32.0639 3544 HRMPORTS - ok 22:24:32.0652 3544 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 22:24:32.0690 3544 HTTP - ok 22:24:32.0700 3544 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 22:24:32.0711 3544 hwpolicy - ok 22:24:32.0721 3544 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 22:24:32.0739 3544 i8042prt - ok 22:24:32.0751 3544 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\drivers\iaStor.sys 22:24:32.0783 3544 iaStor - ok 22:24:32.0796 3544 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 22:24:32.0816 3544 iaStorV - ok 22:24:32.0826 3544 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 22:24:32.0838 3544 iirsp - ok 22:24:32.0866 3544 IntcAzAudAddService (028e40182a6f0374978c755f85b9f07c) C:\Windows\system32\drivers\RTKVHD64.sys 22:24:32.0926 3544 IntcAzAudAddService - ok 22:24:32.0935 3544 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 22:24:32.0948 3544 intelide - ok 22:24:32.0957 3544 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 22:24:32.0973 3544 intelppm - ok 22:24:32.0983 3544 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:24:33.0011 3544 IpFilterDriver - ok 22:24:33.0022 3544 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 22:24:33.0038 3544 IPMIDRV - ok 22:24:33.0048 3544 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 22:24:33.0078 3544 IPNAT - ok 22:24:33.0088 3544 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 22:24:33.0103 3544 IRENUM - ok 22:24:33.0112 3544 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 22:24:33.0124 3544 isapnp - ok 22:24:33.0134 3544 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 22:24:33.0152 3544 iScsiPrt - ok 22:24:33.0161 3544 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 22:24:33.0174 3544 kbdclass - ok 22:24:33.0183 3544 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 22:24:33.0196 3544 kbdhid - ok 22:24:33.0206 3544 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 22:24:33.0221 3544 KSecDD - ok 22:24:33.0231 3544 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 22:24:33.0246 3544 KSecPkg - ok 22:24:33.0255 3544 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 22:24:33.0281 3544 ksthunk - ok 22:24:33.0294 3544 LADF_CaptureOnly (ce4347e2d90db2e5517b6f2bc720a862) C:\Windows\system32\DRIVERS\ladfGSCamd64.sys 22:24:33.0315 3544 LADF_CaptureOnly - ok 22:24:33.0326 3544 LADF_RenderOnly (85a9d21d3ae2ea963e111cb150895877) C:\Windows\system32\DRIVERS\ladfGSRamd64.sys 22:24:33.0350 3544 LADF_RenderOnly - ok 22:24:33.0363 3544 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys 22:24:33.0375 3544 LGBusEnum - ok 22:24:33.0385 3544 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys 22:24:33.0397 3544 LGVirHid - ok 22:24:33.0407 3544 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 22:24:33.0435 3544 lltdio - ok 22:24:33.0447 3544 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 22:24:33.0463 3544 LSI_FC - ok 22:24:33.0472 3544 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 22:24:33.0489 3544 LSI_SAS - ok 22:24:33.0498 3544 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 22:24:33.0512 3544 LSI_SAS2 - ok 22:24:33.0522 3544 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 22:24:33.0538 3544 LSI_SCSI - ok 22:24:33.0549 3544 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 22:24:33.0576 3544 luafv - ok 22:24:33.0588 3544 LVRS64 (ef2be2f45d4f06410a3bd2a3467325b0) C:\Windows\system32\DRIVERS\lvrs64.sys 22:24:33.0605 3544 LVRS64 - ok 22:24:33.0644 3544 LVUVC64 (ac22f92c6078640fe8a70d662a2f3ad5) C:\Windows\system32\DRIVERS\lvuvc64.sys 22:24:33.0715 3544 LVUVC64 - ok 22:24:33.0725 3544 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 22:24:33.0739 3544 MBAMProtector - ok 22:24:33.0754 3544 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 22:24:33.0766 3544 megasas - ok 22:24:33.0777 3544 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 22:24:33.0795 3544 MegaSR - ok 22:24:33.0805 3544 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys 22:24:33.0816 3544 MEIx64 - ok 22:24:33.0826 3544 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 22:24:33.0852 3544 Modem - ok 22:24:33.0861 3544 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 22:24:33.0877 3544 monitor - ok 22:24:33.0886 3544 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 22:24:33.0898 3544 mouclass - ok 22:24:33.0908 3544 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 22:24:33.0923 3544 mouhid - ok 22:24:33.0932 3544 mounthlp (2d96f6ba820eb20bdaab501b5e046bdc) C:\Windows\system32\DRIVERS\mounthlp.sys 22:24:33.0947 3544 mounthlp - ok 22:24:33.0956 3544 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 22:24:33.0972 3544 mountmgr - ok 22:24:33.0983 3544 MpFilter (a58b5299e89fd6bfc6e872f3af2d13b0) C:\Windows\system32\DRIVERS\MpFilter.sys 22:24:34.0003 3544 MpFilter - ok 22:24:34.0013 3544 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 22:24:34.0030 3544 mpio - ok 22:24:34.0039 3544 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 22:24:34.0067 3544 mpsdrv - ok 22:24:34.0078 3544 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 22:24:34.0097 3544 MRxDAV - ok 22:24:34.0107 3544 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 22:24:34.0126 3544 mrxsmb - ok 22:24:34.0137 3544 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:24:34.0160 3544 mrxsmb10 - ok 22:24:34.0170 3544 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:24:34.0185 3544 mrxsmb20 - ok 22:24:34.0194 3544 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 22:24:34.0206 3544 msahci - ok 22:24:34.0215 3544 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 22:24:34.0230 3544 msdsm - ok 22:24:34.0241 3544 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 22:24:34.0267 3544 Msfs - ok 22:24:34.0276 3544 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 22:24:34.0301 3544 mshidkmdf - ok 22:24:34.0310 3544 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 22:24:34.0321 3544 msisadrv - ok 22:24:34.0332 3544 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 22:24:34.0357 3544 MSKSSRV - ok 22:24:34.0367 3544 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 22:24:34.0392 3544 MSPCLOCK - ok 22:24:34.0401 3544 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 22:24:34.0426 3544 MSPQM - ok 22:24:34.0438 3544 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 22:24:34.0461 3544 MsRPC - ok 22:24:34.0471 3544 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 22:24:34.0485 3544 mssmbios - ok 22:24:34.0494 3544 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 22:24:34.0521 3544 MSTEE - ok 22:24:34.0530 3544 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 22:24:34.0545 3544 MTConfig - ok 22:24:34.0555 3544 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 22:24:34.0570 3544 Mup - ok 22:24:34.0582 3544 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 22:24:34.0608 3544 NativeWifiP - ok 22:24:34.0623 3544 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 22:24:34.0669 3544 NDIS - ok 22:24:34.0678 3544 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 22:24:34.0723 3544 NdisCap - ok 22:24:34.0732 3544 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 22:24:34.0759 3544 NdisTapi - ok 22:24:34.0768 3544 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 22:24:34.0796 3544 Ndisuio - ok 22:24:34.0806 3544 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 22:24:34.0836 3544 NdisWan - ok 22:24:34.0845 3544 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 22:24:34.0873 3544 NDProxy - ok 22:24:34.0882 3544 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 22:24:34.0910 3544 NetBIOS - ok 22:24:34.0920 3544 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 22:24:34.0950 3544 NetBT - ok 22:24:34.0966 3544 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 22:24:34.0978 3544 nfrd960 - ok 22:24:34.0988 3544 NisDrv (61a2397fc3c3bc8684d9931013ce5711) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 22:24:35.0002 3544 NisDrv - ok 22:24:35.0013 3544 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 22:24:35.0038 3544 Npfs - ok 22:24:35.0048 3544 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 22:24:35.0074 3544 nsiproxy - ok 22:24:35.0094 3544 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 22:24:35.0137 3544 Ntfs - ok 22:24:35.0146 3544 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 22:24:35.0173 3544 Null - ok 22:24:35.0184 3544 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys 22:24:35.0202 3544 NVHDA - ok 22:24:35.0281 3544 nvlddmkm (cbf698abe989d60ec0d0b6b81ad82930) C:\Windows\system32\DRIVERS\nvlddmkm.sys 22:24:35.0432 3544 nvlddmkm - ok 22:24:35.0444 3544 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 22:24:35.0461 3544 nvraid - ok 22:24:35.0471 3544 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 22:24:35.0488 3544 nvstor - ok 22:24:35.0499 3544 NvStUSB (66fbdb104695db602d5e7565e91db35d) C:\Windows\system32\drivers\nvstusb.sys 22:24:35.0517 3544 NvStUSB - ok 22:24:35.0528 3544 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 22:24:35.0544 3544 nv_agp - ok 22:24:35.0553 3544 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 22:24:35.0569 3544 ohci1394 - ok 22:24:35.0581 3544 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 22:24:35.0596 3544 Parport - ok 22:24:35.0605 3544 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 22:24:35.0619 3544 partmgr - ok 22:24:35.0630 3544 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 22:24:35.0645 3544 pci - ok 22:24:35.0654 3544 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 22:24:35.0665 3544 pciide - ok 22:24:35.0675 3544 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 22:24:35.0692 3544 pcmcia - ok 22:24:35.0701 3544 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 22:24:35.0714 3544 pcw - ok 22:24:35.0726 3544 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 22:24:35.0766 3544 PEAUTH - ok 22:24:35.0787 3544 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 22:24:35.0816 3544 PptpMiniport - ok 22:24:35.0825 3544 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 22:24:35.0842 3544 Processor - ok 22:24:35.0854 3544 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 22:24:35.0885 3544 Psched - ok 22:24:35.0902 3544 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 22:24:35.0936 3544 ql2300 - ok 22:24:35.0946 3544 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 22:24:35.0960 3544 ql40xx - ok 22:24:35.0970 3544 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 22:24:35.0987 3544 QWAVEdrv - ok 22:24:35.0996 3544 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 22:24:36.0020 3544 RasAcd - ok 22:24:36.0030 3544 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 22:24:36.0057 3544 RasAgileVpn - ok 22:24:36.0068 3544 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 22:24:36.0094 3544 Rasl2tp - ok 22:24:36.0105 3544 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 22:24:36.0132 3544 RasPppoe - ok 22:24:36.0141 3544 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 22:24:36.0183 3544 RasSstp - ok 22:24:36.0194 3544 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 22:24:36.0229 3544 rdbss - ok 22:24:36.0238 3544 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 22:24:36.0255 3544 rdpbus - ok 22:24:36.0264 3544 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 22:24:36.0291 3544 RDPCDD - ok 22:24:36.0301 3544 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 22:24:36.0328 3544 RDPENCDD - ok 22:24:36.0338 3544 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 22:24:36.0365 3544 RDPREFMP - ok 22:24:36.0375 3544 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 22:24:36.0406 3544 RDPWD - ok 22:24:36.0416 3544 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 22:24:36.0434 3544 rdyboost - ok 22:24:36.0446 3544 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 22:24:36.0463 3544 RFCOMM - ok 22:24:36.0476 3544 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 22:24:36.0506 3544 rspndr - ok 22:24:36.0516 3544 SaiK0CCB (7449b5949bb85742cdf247be7f9b653a) C:\Windows\system32\DRIVERS\SaiK0CCB.sys 22:24:36.0532 3544 SaiK0CCB - ok 22:24:36.0542 3544 SaiMini (4b6dd6826cee2342a86e375cc0183ab0) C:\Windows\system32\DRIVERS\SaiMini.sys 22:24:36.0557 3544 SaiMini - ok 22:24:36.0567 3544 SaiNtBus (b2d3a1e5818a51f4691e44a3cb6aff42) C:\Windows\system32\drivers\SaiBus.sys 22:24:36.0582 3544 SaiNtBus - ok 22:24:36.0592 3544 SaiU0CCB (325f2aab1df5f37d6aee3c1db1d9fee1) C:\Windows\system32\DRIVERS\SaiU0CCB.sys 22:24:36.0606 3544 SaiU0CCB - ok 22:24:36.0616 3544 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 22:24:36.0633 3544 sbp2port - ok 22:24:36.0643 3544 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 22:24:36.0671 3544 scfilter - ok 22:24:36.0683 3544 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 22:24:36.0712 3544 secdrv - ok 22:24:36.0724 3544 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 22:24:36.0739 3544 Serenum - ok 22:24:36.0748 3544 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 22:24:36.0764 3544 Serial - ok 22:24:36.0773 3544 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 22:24:36.0787 3544 sermouse - ok 22:24:36.0799 3544 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 22:24:36.0814 3544 sffdisk - ok 22:24:36.0823 3544 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 22:24:36.0837 3544 sffp_mmc - ok 22:24:36.0846 3544 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 22:24:36.0860 3544 sffp_sd - ok 22:24:36.0869 3544 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 22:24:36.0882 3544 sfloppy - ok 22:24:36.0892 3544 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 22:24:36.0905 3544 SiSRaid2 - ok 22:24:36.0914 3544 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 22:24:36.0927 3544 SiSRaid4 - ok 22:24:36.0937 3544 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 22:24:36.0965 3544 Smb - ok 22:24:36.0976 3544 SOFTHIDUSBK - ok 22:24:36.0984 3544 SOFTUSBK - ok 22:24:36.0994 3544 SOFTUSBTESTHUB - ok 22:24:37.0002 3544 SOFTWADP - ok 22:24:37.0012 3544 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 22:24:37.0024 3544 spldr - ok 22:24:37.0039 3544 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 22:24:37.0066 3544 srv - ok 22:24:37.0077 3544 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 22:24:37.0103 3544 srv2 - ok 22:24:37.0114 3544 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 22:24:37.0135 3544 srvnet - ok 22:24:37.0149 3544 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 22:24:37.0161 3544 stexstor - ok 22:24:37.0171 3544 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 22:24:37.0182 3544 swenum - ok 22:24:37.0195 3544 tap0901 (595cb8da5b522ad8cc28193dc21fd496) C:\Windows\system32\DRIVERS\tap0901.sys 22:24:37.0206 3544 tap0901 - ok 22:24:37.0228 3544 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 22:24:37.0279 3544 Tcpip - ok 22:24:37.0300 3544 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 22:24:37.0367 3544 TCPIP6 - ok 22:24:37.0378 3544 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 22:24:37.0405 3544 tcpipreg - ok 22:24:37.0415 3544 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 22:24:37.0441 3544 TDPIPE - ok 22:24:37.0450 3544 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 22:24:37.0476 3544 TDTCP - ok 22:24:37.0486 3544 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 22:24:37.0514 3544 tdx - ok 22:24:37.0524 3544 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 22:24:37.0537 3544 TermDD - ok 22:24:37.0551 3544 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys 22:24:37.0569 3544 truecrypt - ok 22:24:37.0580 3544 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 22:24:37.0608 3544 tssecsrv - ok 22:24:37.0618 3544 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 22:24:37.0636 3544 TsUsbFlt - ok 22:24:37.0645 3544 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 22:24:37.0662 3544 TsUsbGD - ok 22:24:37.0672 3544 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 22:24:37.0702 3544 tunnel - ok 22:24:37.0712 3544 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 22:24:37.0728 3544 uagp35 - ok 22:24:37.0739 3544 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 22:24:37.0774 3544 udfs - ok 22:24:37.0786 3544 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 22:24:37.0801 3544 uliagpkx - ok 22:24:37.0811 3544 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 22:24:37.0825 3544 umbus - ok 22:24:37.0834 3544 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 22:24:37.0847 3544 UmPass - ok 22:24:37.0858 3544 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 22:24:37.0871 3544 USBAAPL64 - ok 22:24:37.0881 3544 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 22:24:37.0898 3544 usbaudio - ok 22:24:37.0908 3544 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 22:24:37.0923 3544 usbccgp - ok 22:24:37.0932 3544 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 22:24:37.0951 3544 usbcir - ok 22:24:37.0960 3544 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 22:24:37.0976 3544 usbehci - ok 22:24:37.0987 3544 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 22:24:38.0011 3544 usbhub - ok 22:24:38.0021 3544 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 22:24:38.0036 3544 usbohci - ok 22:24:38.0045 3544 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 22:24:38.0062 3544 usbprint - ok 22:24:38.0071 3544 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:24:38.0088 3544 USBSTOR - ok 22:24:38.0097 3544 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 22:24:38.0111 3544 usbuhci - ok 22:24:38.0122 3544 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 22:24:38.0135 3544 vdrvroot - ok 22:24:38.0145 3544 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 22:24:38.0159 3544 vga - ok 22:24:38.0168 3544 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 22:24:38.0195 3544 VgaSave - ok 22:24:38.0205 3544 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 22:24:38.0224 3544 vhdmp - ok 22:24:38.0233 3544 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 22:24:38.0246 3544 viaide - ok 22:24:38.0255 3544 VKbms (3b59bb6d10cf969dbe4db93d9ead7fb4) C:\Windows\system32\DRIVERS\VKbms.sys 22:24:38.0267 3544 VKbms - ok 22:24:38.0279 3544 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys 22:24:38.0293 3544 vmci - ok 22:24:38.0303 3544 vmkbd (3a717d3e29c107351347b478a9d0043f) C:\Windows\system32\drivers\VMkbd.sys 22:24:38.0317 3544 vmkbd - ok 22:24:38.0326 3544 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys 22:24:38.0340 3544 VMnetAdapter - ok 22:24:38.0350 3544 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys 22:24:38.0364 3544 VMnetBridge - ok 22:24:38.0376 3544 VMnetuserif (b6a3766c3e99fb1f6663c6b4b7c3f3a1) C:\Windows\system32\drivers\vmnetuserif.sys 22:24:38.0392 3544 VMnetuserif - ok 22:24:38.0404 3544 vmx86 (e53cad9b1fa901ca2046501ee88f9cef) C:\Windows\system32\drivers\vmx86.sys 22:24:38.0419 3544 vmx86 - ok 22:24:38.0429 3544 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 22:24:38.0445 3544 volmgr - ok 22:24:38.0456 3544 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 22:24:38.0479 3544 volmgrx - ok 22:24:38.0490 3544 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 22:24:38.0511 3544 volsnap - ok 22:24:38.0521 3544 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 22:24:38.0536 3544 vsmraid - ok 22:24:38.0547 3544 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 22:24:38.0565 3544 vwifibus - ok 22:24:38.0576 3544 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 22:24:38.0592 3544 WacomPen - ok 22:24:38.0602 3544 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 22:24:38.0631 3544 WANARP - ok 22:24:38.0633 3544 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 22:24:38.0662 3544 Wanarpv6 - ok 22:24:38.0675 3544 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 22:24:38.0691 3544 Wd - ok 22:24:38.0704 3544 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 22:24:38.0735 3544 Wdf01000 - ok 22:24:38.0749 3544 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 22:24:38.0775 3544 WfpLwf - ok 22:24:38.0784 3544 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 22:24:38.0796 3544 WIMMount - ok 22:24:38.0812 3544 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 22:24:38.0827 3544 WinUsb - ok 22:24:38.0839 3544 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 22:24:38.0851 3544 WmiAcpi - ok 22:24:38.0864 3544 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 22:24:38.0891 3544 ws2ifsl - ok 22:24:38.0910 3544 WSOFTUSBK - ok 22:24:38.0921 3544 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 22:24:38.0951 3544 WudfPf - ok 22:24:38.0962 3544 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 22:24:38.0995 3544 WUDFRd - ok 22:24:39.0004 3544 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 22:24:39.0015 3544 \Device\Harddisk0\DR0 - ok 22:24:39.0016 3544 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 22:24:39.0104 3544 \Device\Harddisk1\DR1 - ok 22:24:39.0108 3544 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2 22:24:39.0602 3544 \Device\Harddisk2\DR2 - ok 22:24:39.0605 3544 Boot (0x1200) (5624f33f91837a09178c78a327bf89db) \Device\Harddisk0\DR0\Partition0 22:24:39.0606 3544 \Device\Harddisk0\DR0\Partition0 - ok 22:24:39.0608 3544 Boot (0x1200) (041b4a37212cc8773320efd6d908b548) \Device\Harddisk1\DR1\Partition0 22:24:39.0609 3544 \Device\Harddisk1\DR1\Partition0 - ok 22:24:39.0613 3544 Boot (0x1200) (0403420f3b08da76fc1db5f65d67aeb7) \Device\Harddisk2\DR2\Partition0 22:24:39.0613 3544 \Device\Harddisk2\DR2\Partition0 - ok 22:24:39.0614 3544 ============================================================ 22:24:39.0614 3544 Scan finished 22:24:39.0614 3544 ============================================================ 22:24:39.0622 4916 Detected object count: 1 22:24:39.0622 4916 Actual detected object count: 1 22:27:24.0304 4916 danewFltr ( UnsignedFile.Multi.Generic ) - skipped by user 22:27:24.0304 4916 danewFltr ( UnsignedFile.Multi.Generic ) - User select action: Skip Attach.rar
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.