| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BOO/TDss.O - Kein Zugriff auf Dateien mehrWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.07.2012, 21:19
| #1 |
 |  BOO/TDss.O - Kein Zugriff auf Dateien mehr Hallo zusammen, habe mir vorgestern anscheinend den BOO/TDss.O eingefangen - zumindest wurde der mir von Avira angezeigt. Der Desktophintergrund wurde schwarz und alle Desktopsymbole bis auf "Computer" und "Papierkorb" sind verschwunden. Innerhalb von Sekunden gingen zig Fenster aus mit der Meldung "Failed to save all components for the file" oder so etwas in der Art, dazu jede Menge andere Fehlerboxen. Nach dem ersten Versuch, das Ganze von Avira beseitigen zu lassen, bin ich in anderen Foren zuerst über den tdsskiller und Malwarebytes Anti-Malware gestolpert, damit wäre das Problem zu lösen. Hat sich leider als Schuss in den Ofen herausgestellt...und die Einträge hier haben meine Befürchtungen bestätigt, dass da wohl noch ein bisschen mehr ansteht um zumindest wieder an die Dateien heranzukommen... Seit den ersten bzw. mehrmaligen Versuchen mit tdsskiller und Malwarebytes Anti-Malware kommen zumindest derzeit keine Pop-Up Fenster mehr hoch, auch Avira hält still und man könnte fast meinen, dass es schon etwas gebracht hätte - aber dunkle Wasser sind ja tief. Habe jetzt schon einmal OTL laufen lassen in der Hoffnung, dass man damit vielleicht schon etwas anfangen kann. Code:
ATTFilter OTL logfile created on: 04.07.2012 22:12:26 - Run 2 OTL by OldTimer - Version 3.2.53.1 Folder = F:\ 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,85 Gb Total Physical Memory | 2,65 Gb Available Physical Memory | 68,83% Memory free 7,71 Gb Paging File | 6,31 Gb Available in Paging File | 81,90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 87,90 Gb Total Space | 51,94 Gb Free Space | 59,09% Space Free | Partition Type: NTFS Drive E: | 362,76 Gb Total Space | 284,10 Gb Free Space | 78,32% Space Free | Partition Type: NTFS Drive F: | 7,81 Gb Total Space | 7,80 Gb Free Space | 99,85% Space Free | Partition Type: FAT32 Computer Name: Sternekoch-PC | User Name: Sternekoch | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.04 18:51:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- F:\OTL.exe PRC - [2012.05.08 22:15:13 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.08 22:15:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.08 22:15:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.07.01 04:51:12 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2011.07.01 04:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2011.07.01 04:51:10 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2011.07.01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe PRC - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2011.04.02 23:34:42 | 000,340,848 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe PRC - [2011.03.29 04:49:06 | 000,408,432 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2011.03.29 04:48:54 | 000,202,608 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010.12.20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.12.20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2006.12.19 19:23:20 | 000,094,208 | -H-- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - [2012.06.23 11:10:27 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.05.08 22:15:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.08 22:15:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.10.08 21:13:45 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.07.01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2011.05.10 14:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV - [2011.04.02 23:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.12.20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.12.20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006.12.19 19:23:20 | 000,094,208 | -H-- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.08 22:15:14 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.08 22:15:14 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.08.16 09:23:34 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2011.08.16 09:23:34 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2011.08.16 09:23:34 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2011.07.14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.07.14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2011.03.10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2011.01.25 05:48:02 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.12.23 03:44:20 | 012,260,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.12.17 03:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.11.09 12:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.29 16:19:20 | 000,326,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2010.10.19 10:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [biiWPEJPdbnXvw.exe] C:\ProgramData\biiWPEJPdbnXvw.exe File not found O4 - HKCU..\Run: [Epson Stylus SX235(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Sternekoch\AppData\Local\Temp\E_SEE76.tmp" /EF "HKCU" File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{165E3CAD-B66C-41D8-B845-D44419A87475}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FC8A359-8699-4B25-9B91-FFA7CEBF435D}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.04 20:01:54 | 000,000,000 | ---D | C] -- C:\Users\Sternekoch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery [2012.07.04 19:09:18 | 000,000,000 | -H-D | C] -- C:\Users\Sternekoch\AppData\Roaming\Malwarebytes [2012.07.04 19:09:07 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.04 19:09:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes [2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.04 19:08:45 | 010,063,024 | -H-- | C] (Malwarebytes Corporation ) -- C:\Users\Sternekoch\Desktop\mbam-setup.exe [2012.07.04 19:07:25 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sternekoch\Desktop\tdsskiller.exe [2012.07.04 19:07:10 | 000,000,000 | -H-D | C] -- C:\TDSSKiller_Quarantine [2012.06.21 21:07:13 | 000,000,000 | -H-D | C] -- C:\Users\Sternekoch\.jenny [2012.06.21 08:31:56 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.06.21 08:31:56 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.06.21 08:31:56 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.06.21 08:31:51 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.06.21 08:31:51 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.06.21 08:31:51 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.06.21 08:31:46 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.06.21 08:31:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.06.14 07:59:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.06.14 07:59:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.06.14 07:59:56 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.06.14 07:59:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.06.14 07:59:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.06.14 07:59:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.06.14 07:59:54 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.06.14 07:59:54 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.06.14 07:59:53 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.06.14 07:59:53 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.06.14 07:59:53 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.06.14 07:59:53 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.06.14 07:59:52 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.06.13 09:17:01 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.06.13 09:17:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.06.13 09:17:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012.06.13 09:16:55 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.06.13 09:16:55 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.06.13 09:16:55 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.06.13 09:16:51 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012.06.13 09:16:46 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.06.13 09:16:46 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll ========== Files - Modified Within 30 Days ========== [2012.07.04 22:10:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.04 21:58:09 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.04 21:58:09 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.04 21:58:05 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.04 21:58:05 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.04 21:58:05 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.04 21:58:05 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.04 21:58:05 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.04 21:50:42 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat [2012.07.04 21:50:35 | 3103,838,208 | -HS- | M] () -- C:\hiberfil.sys [2012.07.04 20:54:48 | 000,009,290 | ---- | M] () -- C:\Users\Sternekoch\AppData\Roaming\Kommagetrennte Werte (DOS).EML [2012.07.04 20:13:02 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.04 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTrr [2012.07.04 20:01:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTr [2012.07.04 20:01:52 | 000,000,256 | ---- | M] () -- C:\ProgramData\fXO0KpQrs02mTr [2012.07.04 18:52:24 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Sternekoch\Desktop\tdsskiller.exe [2012.07.04 18:51:10 | 010,063,024 | -H-- | M] (Malwarebytes Corporation ) -- C:\Users\Sternekoch\Desktop\mbam-setup.exe [2012.06.23 11:10:24 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.06.23 11:10:24 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.06.23 11:10:08 | 009,815,752 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.06.14 18:54:07 | 000,360,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.07.04 20:53:44 | 000,009,290 | ---- | C] () -- C:\Users\Sternekoch\AppData\Roaming\Kommagetrennte Werte (DOS).EML [2012.07.04 20:13:02 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.04 20:01:55 | 000,000,152 | ---- | C] () -- C:\ProgramData\-fXO0KpQrs02mTrr [2012.07.04 20:01:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\-fXO0KpQrs02mTr [2012.07.04 20:01:51 | 000,000,256 | ---- | C] () -- C:\ProgramData\fXO0KpQrs02mTr [2011.08.16 09:16:01 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.08.16 09:15:05 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.08.16 09:15:04 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.08.16 09:15:02 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin < End of report > Vielen vielen Dank! Sternekoch |
|
05.07.2012, 15:50
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | BOO/TDss.O - Kein Zugriff auf Dateien mehr Ohne die Logs von Malwarebytes und Co wird das hier nichts.
__________________ Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
05.07.2012, 18:07
| #3 |
| | BOO/TDss.O - Kein Zugriff auf Dateien mehr Hallo Arne,
__________________vielen Dank für die schnelle Reaktion! Natürlich, du hast Recht... TDSS-log #1 Code:
ATTFilter 19:05:16.0579 1760 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
19:05:16.0860 1760 ============================================================
19:05:16.0860 1760 Current date / time: 2012/07/04 19:05:16.0860
19:05:16.0860 1760 SystemInfo:
19:05:16.0860 1760
19:05:16.0860 1760 OS Version: 6.1.7601 ServicePack: 1.0
19:05:16.0860 1760 Product type: Workstation
19:05:16.0860 1760 ComputerName: Sternekoch-PC
19:05:16.0860 1760 UserName: Sternekoch
19:05:16.0860 1760 Windows directory: C:\Windows
19:05:16.0860 1760 System windows directory: C:\Windows
19:05:16.0860 1760 Running under WOW64
19:05:16.0860 1760 Processor architecture: Intel x64
19:05:16.0860 1760 Number of processors: 4
19:05:16.0860 1760 Page size: 0x1000
19:05:16.0860 1760 Boot type: Safe boot with network
19:05:16.0860 1760 ============================================================
19:05:17.0406 1760 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:05:17.0421 1760 Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:05:17.0421 1760 ============================================================
19:05:17.0421 1760 \Device\Harddisk0\DR0:
19:05:17.0421 1760 MBR partitions:
19:05:17.0421 1760 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:05:17.0421 1760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
19:05:17.0437 1760 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
19:05:17.0437 1760 \Device\Harddisk1\DR1:
19:05:17.0437 1760 MBR partitions:
19:05:17.0437 1760 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
19:05:17.0437 1760 ============================================================
19:05:17.0484 1760 C: <-> \Device\Harddisk0\DR0\Partition1
19:05:17.0515 1760 E: <-> \Device\Harddisk0\DR0\Partition2
19:05:17.0515 1760 ============================================================
19:05:17.0515 1760 Initialize success
19:05:17.0515 1760 ============================================================
19:05:31.0399 0788 ============================================================
19:05:31.0399 0788 Scan started
19:05:31.0399 0788 Mode: Manual;
19:05:31.0399 0788 ============================================================
19:05:32.0023 0788 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:05:32.0023 0788 1394ohci - ok
19:05:32.0054 0788 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:05:32.0070 0788 ACPI - ok
19:05:32.0101 0788 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:05:32.0101 0788 AcpiPmi - ok
19:05:32.0210 0788 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:05:32.0210 0788 AdobeARMservice - ok
19:05:32.0335 0788 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:05:32.0335 0788 AdobeFlashPlayerUpdateSvc - ok
19:05:32.0397 0788 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:05:32.0428 0788 adp94xx - ok
19:05:32.0506 0788 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:05:32.0538 0788 adpahci - ok
19:05:32.0569 0788 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:05:32.0569 0788 adpu320 - ok
19:05:32.0584 0788 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:05:32.0616 0788 AeLookupSvc - ok
19:05:32.0678 0788 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:05:32.0709 0788 AFD - ok
19:05:32.0740 0788 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:05:32.0740 0788 agp440 - ok
19:05:32.0772 0788 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:05:32.0772 0788 ALG - ok
19:05:32.0787 0788 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:05:32.0787 0788 aliide - ok
19:05:32.0803 0788 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:05:32.0803 0788 amdide - ok
19:05:32.0818 0788 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:05:32.0818 0788 AmdK8 - ok
19:05:32.0834 0788 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:05:32.0850 0788 AmdPPM - ok
19:05:32.0881 0788 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:05:32.0881 0788 amdsata - ok
19:05:32.0912 0788 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:05:32.0912 0788 amdsbs - ok
19:05:32.0943 0788 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:05:32.0943 0788 amdxata - ok
19:05:33.0052 0788 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:05:33.0068 0788 AntiVirSchedulerService - ok
19:05:33.0084 0788 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:05:33.0084 0788 AntiVirService - ok
19:05:33.0115 0788 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:05:33.0115 0788 AppID - ok
19:05:33.0146 0788 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:05:33.0146 0788 AppIDSvc - ok
19:05:33.0162 0788 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:05:33.0162 0788 Appinfo - ok
19:05:33.0271 0788 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:05:33.0286 0788 Apple Mobile Device - ok
19:05:33.0302 0788 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:05:33.0302 0788 arc - ok
19:05:33.0318 0788 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:05:33.0333 0788 arcsas - ok
19:05:33.0349 0788 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:05:33.0349 0788 AsyncMac - ok
19:05:33.0380 0788 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:05:33.0380 0788 atapi - ok
19:05:33.0489 0788 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:05:33.0552 0788 athr - ok
19:05:33.0692 0788 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:05:33.0708 0788 AudioEndpointBuilder - ok
19:05:33.0708 0788 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:05:33.0723 0788 AudioSrv - ok
19:05:33.0770 0788 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:05:33.0770 0788 avgntflt - ok
19:05:33.0801 0788 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:05:33.0801 0788 avipbb - ok
19:05:33.0817 0788 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:05:33.0832 0788 avkmgr - ok
19:05:33.0895 0788 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:05:33.0895 0788 AxInstSV - ok
19:05:33.0942 0788 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:05:33.0973 0788 b06bdrv - ok
19:05:34.0020 0788 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:05:34.0020 0788 b57nd60a - ok
19:05:34.0066 0788 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:05:34.0066 0788 BDESVC - ok
19:05:34.0098 0788 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:05:34.0098 0788 Beep - ok
19:05:34.0160 0788 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:05:34.0176 0788 BFE - ok
19:05:34.0238 0788 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:05:34.0316 0788 BITS - ok
19:05:34.0378 0788 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:05:34.0378 0788 blbdrive - ok
19:05:34.0456 0788 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:05:34.0488 0788 Bonjour Service - ok
19:05:34.0503 0788 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:05:34.0503 0788 bowser - ok
19:05:34.0566 0788 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:05:34.0566 0788 BrFiltLo - ok
19:05:34.0566 0788 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:05:34.0566 0788 BrFiltUp - ok
19:05:34.0597 0788 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:05:34.0597 0788 Browser - ok
19:05:34.0644 0788 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:05:34.0644 0788 Brserid - ok
19:05:34.0644 0788 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:05:34.0644 0788 BrSerWdm - ok
19:05:34.0659 0788 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:05:34.0659 0788 BrUsbMdm - ok
19:05:34.0659 0788 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:05:34.0659 0788 BrUsbSer - ok
19:05:34.0675 0788 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:05:34.0675 0788 BTHMODEM - ok
19:05:34.0753 0788 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:05:34.0768 0788 BTHPORT - ok
19:05:34.0815 0788 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:05:34.0815 0788 bthserv - ok
19:05:34.0846 0788 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:05:34.0846 0788 BTHUSB - ok
19:05:34.0878 0788 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:05:34.0878 0788 cdfs - ok
19:05:34.0924 0788 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:05:34.0924 0788 cdrom - ok
19:05:34.0956 0788 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:05:34.0971 0788 CertPropSvc - ok
19:05:34.0987 0788 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:05:34.0987 0788 circlass - ok
19:05:35.0018 0788 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:05:35.0034 0788 CLFS - ok
19:05:35.0096 0788 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:05:35.0112 0788 clr_optimization_v2.0.50727_32 - ok
19:05:35.0158 0788 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:05:35.0158 0788 clr_optimization_v2.0.50727_64 - ok
19:05:35.0236 0788 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:05:35.0299 0788 clr_optimization_v4.0.30319_32 - ok
19:05:35.0314 0788 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:05:35.0330 0788 clr_optimization_v4.0.30319_64 - ok
19:05:35.0361 0788 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:05:35.0377 0788 CmBatt - ok
19:05:35.0392 0788 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:05:35.0392 0788 cmdide - ok
19:05:35.0439 0788 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:05:35.0455 0788 CNG - ok
19:05:35.0470 0788 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:05:35.0470 0788 Compbatt - ok
19:05:35.0486 0788 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:05:35.0502 0788 CompositeBus - ok
19:05:35.0502 0788 COMSysApp - ok
19:05:35.0517 0788 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:05:35.0517 0788 crcdisk - ok
19:05:35.0564 0788 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:05:35.0580 0788 CryptSvc - ok
19:05:35.0626 0788 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:05:35.0658 0788 DcomLaunch - ok
19:05:35.0720 0788 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:05:35.0736 0788 defragsvc - ok
19:05:35.0767 0788 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:05:35.0767 0788 DfsC - ok
19:05:35.0798 0788 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:05:35.0814 0788 Dhcp - ok
19:05:35.0845 0788 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:05:35.0845 0788 discache - ok
19:05:35.0876 0788 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:05:35.0876 0788 Disk - ok
19:05:35.0892 0788 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:05:35.0907 0788 Dnscache - ok
19:05:35.0923 0788 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:05:35.0923 0788 dot3svc - ok
19:05:35.0954 0788 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:05:35.0954 0788 DPS - ok
19:05:36.0016 0788 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:05:36.0016 0788 drmkaud - ok
19:05:36.0094 0788 DsiWMIService (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:05:36.0094 0788 DsiWMIService - ok
19:05:36.0157 0788 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:05:36.0188 0788 DXGKrnl - ok
19:05:36.0219 0788 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:05:36.0219 0788 EapHost - ok
19:05:36.0360 0788 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:05:36.0453 0788 ebdrv - ok
19:05:36.0531 0788 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:05:36.0531 0788 EFS - ok
19:05:36.0625 0788 EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:05:36.0640 0788 EgisTec Ticket Service - ok
19:05:36.0718 0788 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:05:36.0734 0788 ehRecvr - ok
19:05:36.0781 0788 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:05:36.0781 0788 ehSched - ok
19:05:36.0859 0788 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:05:36.0890 0788 elxstor - ok
19:05:36.0999 0788 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:05:37.0046 0788 ePowerSvc - ok
19:05:37.0093 0788 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:05:37.0124 0788 EpsonBidirectionalService - ok
19:05:37.0218 0788 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:05:37.0218 0788 ErrDev - ok
19:05:37.0264 0788 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:05:37.0280 0788 EventSystem - ok
19:05:37.0311 0788 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:05:37.0311 0788 exfat - ok
19:05:37.0342 0788 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:05:37.0342 0788 fastfat - ok
19:05:37.0405 0788 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:05:37.0420 0788 Fax - ok
19:05:37.0436 0788 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:05:37.0436 0788 fdc - ok
19:05:37.0467 0788 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:05:37.0467 0788 fdPHost - ok
19:05:37.0467 0788 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:05:37.0467 0788 FDResPub - ok
19:05:37.0498 0788 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:05:37.0498 0788 FileInfo - ok
19:05:37.0514 0788 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:05:37.0514 0788 Filetrace - ok
19:05:37.0623 0788 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:05:37.0639 0788 FLEXnet Licensing Service - ok
19:05:37.0686 0788 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:05:37.0686 0788 flpydisk - ok
19:05:37.0732 0788 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:05:37.0732 0788 FltMgr - ok
19:05:37.0795 0788 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:05:37.0842 0788 FontCache - ok
19:05:37.0904 0788 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:05:37.0904 0788 FontCache3.0.0.0 - ok
19:05:37.0951 0788 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:05:37.0951 0788 FsDepends - ok
19:05:37.0966 0788 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:05:37.0966 0788 Fs_Rec - ok
19:05:37.0998 0788 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:05:38.0013 0788 fvevol - ok
19:05:38.0044 0788 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:05:38.0044 0788 gagp30kx - ok
19:05:38.0076 0788 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:05:38.0076 0788 GEARAspiWDM - ok
19:05:38.0122 0788 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:05:38.0154 0788 gpsvc - ok
19:05:38.0169 0788 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:05:38.0169 0788 hcw85cir - ok
19:05:38.0216 0788 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:05:38.0232 0788 HdAudAddService - ok
19:05:38.0263 0788 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:05:38.0263 0788 HDAudBus - ok
19:05:38.0263 0788 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:05:38.0263 0788 HidBatt - ok
19:05:38.0278 0788 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:05:38.0278 0788 HidBth - ok
19:05:38.0278 0788 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:05:38.0294 0788 HidIr - ok
19:05:38.0310 0788 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:05:38.0310 0788 hidserv - ok
19:05:38.0341 0788 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:05:38.0341 0788 HidUsb - ok
19:05:38.0372 0788 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:05:38.0372 0788 hkmsvc - ok
19:05:38.0403 0788 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:05:38.0419 0788 HomeGroupListener - ok
19:05:38.0450 0788 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:05:38.0450 0788 HomeGroupProvider - ok
19:05:38.0450 0788 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:05:38.0466 0788 HpSAMD - ok
19:05:38.0512 0788 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:05:38.0544 0788 HTTP - ok
19:05:38.0544 0788 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:05:38.0544 0788 hwpolicy - ok
19:05:38.0575 0788 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:05:38.0575 0788 i8042prt - ok
19:05:38.0606 0788 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:05:38.0622 0788 iaStor - ok
19:05:38.0653 0788 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:05:38.0668 0788 iaStorV - ok
19:05:38.0778 0788 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:05:38.0809 0788 idsvc - ok
19:05:39.0417 0788 igfx (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:05:39.0636 0788 igfx - ok
19:05:39.0729 0788 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:05:39.0729 0788 iirsp - ok
19:05:39.0776 0788 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:05:39.0807 0788 IKEEXT - ok
19:05:39.0948 0788 IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
19:05:40.0010 0788 IntcAzAudAddService - ok
19:05:40.0119 0788 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:05:40.0135 0788 IntcDAud - ok
19:05:40.0166 0788 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:05:40.0166 0788 intelide - ok
19:05:40.0197 0788 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:05:40.0197 0788 intelppm - ok
19:05:40.0213 0788 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:05:40.0213 0788 IPBusEnum - ok
19:05:40.0244 0788 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:05:40.0244 0788 IpFilterDriver - ok
19:05:40.0291 0788 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:05:40.0306 0788 iphlpsvc - ok
19:05:40.0322 0788 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:05:40.0322 0788 IPMIDRV - ok
19:05:40.0338 0788 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:05:40.0369 0788 IPNAT - ok
19:05:40.0478 0788 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:05:40.0509 0788 iPod Service - ok
19:05:40.0525 0788 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:05:40.0525 0788 IRENUM - ok
19:05:40.0556 0788 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:05:40.0556 0788 isapnp - ok
19:05:40.0587 0788 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:05:40.0587 0788 iScsiPrt - ok
19:05:40.0618 0788 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:05:40.0618 0788 kbdclass - ok
19:05:40.0634 0788 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:05:40.0650 0788 kbdhid - ok
19:05:40.0665 0788 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:40.0681 0788 KeyIso - ok
19:05:40.0681 0788 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:05:40.0681 0788 KSecDD - ok
19:05:40.0712 0788 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:05:40.0712 0788 KSecPkg - ok
19:05:40.0743 0788 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:05:40.0743 0788 ksthunk - ok
19:05:40.0774 0788 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:05:40.0790 0788 KtmRm - ok
19:05:40.0837 0788 L1C (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:05:40.0837 0788 L1C - ok
19:05:40.0884 0788 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:05:40.0884 0788 LanmanServer - ok
19:05:40.0899 0788 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:05:40.0915 0788 LanmanWorkstation - ok
19:05:40.0993 0788 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:05:41.0008 0788 Live Updater Service - ok
19:05:41.0024 0788 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:05:41.0024 0788 lltdio - ok
19:05:41.0071 0788 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:05:41.0086 0788 lltdsvc - ok
19:05:41.0118 0788 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:05:41.0118 0788 lmhosts - ok
19:05:41.0196 0788 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:05:41.0211 0788 LMS - ok
19:05:41.0274 0788 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:05:41.0274 0788 LSI_FC - ok
19:05:41.0305 0788 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:05:41.0305 0788 LSI_SAS - ok
19:05:41.0320 0788 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:05:41.0320 0788 LSI_SAS2 - ok
19:05:41.0336 0788 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:05:41.0352 0788 LSI_SCSI - ok
19:05:41.0383 0788 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:05:41.0383 0788 luafv - ok
19:05:41.0414 0788 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:05:41.0414 0788 Mcx2Svc - ok
19:05:41.0414 0788 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:05:41.0414 0788 megasas - ok
19:05:41.0461 0788 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:05:41.0476 0788 MegaSR - ok
19:05:41.0539 0788 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:05:41.0539 0788 MEIx64 - ok
19:05:41.0601 0788 Microsoft SharePoint Workspace Audit Service - ok
19:05:41.0648 0788 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:05:41.0648 0788 MMCSS - ok
19:05:41.0664 0788 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:05:41.0664 0788 Modem - ok
19:05:41.0695 0788 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:05:41.0695 0788 monitor - ok
19:05:41.0710 0788 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:05:41.0710 0788 mouclass - ok
19:05:41.0726 0788 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:05:41.0742 0788 mouhid - ok
19:05:41.0757 0788 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:05:41.0773 0788 mountmgr - ok
19:05:41.0804 0788 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:05:41.0804 0788 mpio - ok
19:05:41.0820 0788 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:05:41.0820 0788 mpsdrv - ok
19:05:41.0866 0788 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:05:41.0898 0788 MpsSvc - ok
19:05:41.0913 0788 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:05:41.0913 0788 MRxDAV - ok
19:05:41.0929 0788 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:05:41.0929 0788 mrxsmb - ok
19:05:41.0991 0788 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:05:41.0991 0788 mrxsmb10 - ok
19:05:42.0007 0788 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:05:42.0007 0788 mrxsmb20 - ok
19:05:42.0022 0788 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:05:42.0022 0788 msahci - ok
19:05:42.0054 0788 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:05:42.0069 0788 msdsm - ok
19:05:42.0100 0788 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:05:42.0100 0788 MSDTC - ok
19:05:42.0116 0788 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:05:42.0116 0788 Msfs - ok
19:05:42.0132 0788 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:05:42.0132 0788 mshidkmdf - ok
19:05:42.0132 0788 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:05:42.0132 0788 msisadrv - ok
19:05:42.0194 0788 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:05:42.0194 0788 MSiSCSI - ok
19:05:42.0194 0788 msiserver - ok
19:05:42.0210 0788 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:05:42.0210 0788 MSKSSRV - ok
19:05:42.0225 0788 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:05:42.0225 0788 MSPCLOCK - ok
19:05:42.0225 0788 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:05:42.0225 0788 MSPQM - ok
19:05:42.0272 0788 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:05:42.0303 0788 MsRPC - ok
19:05:42.0303 0788 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:05:42.0303 0788 mssmbios - ok
19:05:42.0319 0788 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:05:42.0319 0788 MSTEE - ok
19:05:42.0334 0788 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:05:42.0334 0788 MTConfig - ok
19:05:42.0334 0788 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:05:42.0334 0788 Mup - ok
19:05:42.0350 0788 mwlPSDFilter (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:05:42.0350 0788 mwlPSDFilter - ok
19:05:42.0350 0788 mwlPSDNServ (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:05:42.0350 0788 mwlPSDNServ - ok
19:05:42.0366 0788 mwlPSDVDisk (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:05:42.0366 0788 mwlPSDVDisk - ok
19:05:42.0397 0788 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:05:42.0428 0788 napagent - ok
19:05:42.0490 0788 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:05:42.0506 0788 NativeWifiP - ok
19:05:42.0568 0788 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:05:42.0584 0788 NDIS - ok
19:05:42.0615 0788 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:05:42.0615 0788 NdisCap - ok
19:05:42.0615 0788 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:05:42.0631 0788 NdisTapi - ok
19:05:42.0631 0788 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:05:42.0631 0788 Ndisuio - ok
19:05:42.0646 0788 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:05:42.0646 0788 NdisWan - ok
19:05:42.0678 0788 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:05:42.0678 0788 NDProxy - ok
19:05:42.0678 0788 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:05:42.0678 0788 NetBIOS - ok
19:05:42.0709 0788 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:05:42.0724 0788 NetBT - ok
19:05:42.0756 0788 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:42.0756 0788 Netlogon - ok
19:05:42.0802 0788 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:05:42.0818 0788 Netman - ok
19:05:42.0849 0788 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:05:42.0865 0788 netprofm - ok
19:05:42.0927 0788 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:05:42.0943 0788 NetTcpPortSharing - ok
19:05:42.0990 0788 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:05:43.0005 0788 nfrd960 - ok
19:05:43.0052 0788 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:05:43.0068 0788 NlaSvc - ok
19:05:43.0068 0788 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:05:43.0083 0788 Npfs - ok
19:05:43.0083 0788 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:05:43.0083 0788 nsi - ok
19:05:43.0083 0788 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:05:43.0083 0788 nsiproxy - ok
19:05:43.0161 0788 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:05:43.0192 0788 Ntfs - ok
19:05:43.0255 0788 NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:05:43.0270 0788 NTI IScheduleSvc - ok
19:05:43.0364 0788 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:05:43.0364 0788 NTIDrvr - ok
19:05:43.0380 0788 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:05:43.0380 0788 Null - ok
19:05:43.0426 0788 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:05:43.0426 0788 nvraid - ok
19:05:43.0442 0788 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:05:43.0442 0788 nvstor - ok
19:05:43.0473 0788 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:05:43.0489 0788 nv_agp - ok
19:05:43.0489 0788 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:05:43.0504 0788 ohci1394 - ok
19:05:43.0582 0788 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:05:43.0582 0788 ose - ok
19:05:43.0848 0788 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:05:43.0957 0788 osppsvc - ok
19:05:44.0082 0788 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:05:44.0097 0788 p2pimsvc - ok
19:05:44.0128 0788 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:05:44.0144 0788 p2psvc - ok
19:05:44.0191 0788 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:05:44.0191 0788 Parport - ok
19:05:44.0222 0788 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:05:44.0222 0788 partmgr - ok
19:05:44.0253 0788 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:05:44.0253 0788 PcaSvc - ok
19:05:44.0269 0788 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:05:44.0284 0788 pci - ok
19:05:44.0300 0788 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:05:44.0300 0788 pciide - ok
19:05:44.0331 0788 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:05:44.0331 0788 pcmcia - ok
19:05:44.0331 0788 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:05:44.0331 0788 pcw - ok
19:05:44.0394 0788 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:05:44.0425 0788 PEAUTH - ok
19:05:44.0487 0788 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:05:44.0534 0788 PerfHost - ok
19:05:44.0612 0788 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:05:44.0659 0788 pla - ok
19:05:44.0706 0788 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:05:44.0706 0788 PlugPlay - ok
19:05:44.0737 0788 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:05:44.0737 0788 PNRPAutoReg - ok
19:05:44.0768 0788 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:05:44.0768 0788 PNRPsvc - ok
19:05:44.0799 0788 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:05:44.0830 0788 PolicyAgent - ok
19:05:44.0846 0788 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:05:44.0846 0788 Power - ok
19:05:44.0908 0788 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:05:44.0924 0788 PptpMiniport - ok
19:05:44.0940 0788 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:05:44.0940 0788 Processor - ok
19:05:44.0986 0788 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:05:45.0002 0788 ProfSvc - ok
19:05:45.0018 0788 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:45.0018 0788 ProtectedStorage - ok
19:05:45.0049 0788 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:05:45.0049 0788 Psched - ok
19:05:45.0127 0788 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:05:45.0158 0788 ql2300 - ok
19:05:45.0252 0788 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:05:45.0252 0788 ql40xx - ok
19:05:45.0283 0788 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:05:45.0283 0788 QWAVE - ok
19:05:45.0298 0788 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:05:45.0314 0788 QWAVEdrv - ok
19:05:45.0314 0788 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:05:45.0314 0788 RasAcd - ok
19:05:45.0330 0788 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:05:45.0330 0788 RasAgileVpn - ok
19:05:45.0345 0788 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:05:45.0361 0788 RasAuto - ok
19:05:45.0392 0788 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:05:45.0392 0788 Rasl2tp - ok
19:05:45.0423 0788 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:05:45.0439 0788 RasMan - ok
19:05:45.0454 0788 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:05:45.0454 0788 RasPppoe - ok
19:05:45.0470 0788 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:05:45.0470 0788 RasSstp - ok
19:05:45.0501 0788 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:05:45.0517 0788 rdbss - ok
19:05:45.0548 0788 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:05:45.0548 0788 rdpbus - ok
19:05:45.0564 0788 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:05:45.0564 0788 RDPCDD - ok
19:05:45.0579 0788 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:05:45.0579 0788 RDPENCDD - ok
19:05:45.0579 0788 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:05:45.0579 0788 RDPREFMP - ok
19:05:45.0626 0788 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:05:45.0626 0788 RDPWD - ok
19:05:45.0657 0788 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:05:45.0657 0788 rdyboost - ok
19:05:45.0688 0788 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:05:45.0688 0788 RemoteAccess - ok
19:05:45.0720 0788 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:05:45.0720 0788 RemoteRegistry - ok
19:05:45.0751 0788 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:05:45.0751 0788 RpcEptMapper - ok
19:05:45.0766 0788 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:05:45.0766 0788 RpcLocator - ok
19:05:45.0798 0788 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:05:45.0798 0788 RpcSs - ok
19:05:45.0876 0788 RSPCIESTOR (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:05:45.0891 0788 RSPCIESTOR - ok
19:05:45.0922 0788 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:05:45.0922 0788 rspndr - ok
19:05:45.0938 0788 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:45.0938 0788 SamSs - ok
19:05:45.0969 0788 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:05:45.0969 0788 sbp2port - ok
19:05:46.0016 0788 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:05:46.0016 0788 SCardSvr - ok
19:05:46.0032 0788 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:05:46.0032 0788 scfilter - ok
19:05:46.0094 0788 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:05:46.0141 0788 Schedule - ok
19:05:46.0172 0788 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:05:46.0172 0788 SCPolicySvc - ok
19:05:46.0203 0788 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:05:46.0203 0788 SDRSVC - ok
19:05:46.0266 0788 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:05:46.0266 0788 secdrv - ok
19:05:46.0297 0788 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:05:46.0297 0788 seclogon - ok
19:05:46.0312 0788 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:05:46.0328 0788 SENS - ok
19:05:46.0359 0788 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:05:46.0359 0788 SensrSvc - ok
19:05:46.0390 0788 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:05:46.0390 0788 Serenum - ok
19:05:46.0437 0788 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:05:46.0468 0788 Serial - ok
19:05:46.0468 0788 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:05:46.0468 0788 sermouse - ok
19:05:46.0515 0788 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:05:46.0515 0788 SessionEnv - ok
19:05:46.0515 0788 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:05:46.0515 0788 sffdisk - ok
19:05:46.0531 0788 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:05:46.0531 0788 sffp_mmc - ok
19:05:46.0531 0788 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:05:46.0531 0788 sffp_sd - ok
19:05:46.0546 0788 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:05:46.0546 0788 sfloppy - ok
19:05:46.0578 0788 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:05:46.0593 0788 SharedAccess - ok
19:05:46.0624 0788 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:05:46.0624 0788 ShellHWDetection - ok
19:05:46.0671 0788 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:05:46.0671 0788 SiSRaid2 - ok
19:05:46.0687 0788 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:05:46.0687 0788 SiSRaid4 - ok
19:05:46.0718 0788 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:05:46.0734 0788 Smb - ok
19:05:46.0780 0788 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:05:46.0780 0788 SNMPTRAP - ok
19:05:46.0796 0788 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:05:46.0796 0788 spldr - ok
19:05:46.0827 0788 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:05:46.0858 0788 Spooler - ok
19:05:47.0014 0788 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:05:47.0092 0788 sppsvc - ok
19:05:47.0186 0788 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:05:47.0202 0788 sppuinotify - ok
19:05:47.0233 0788 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:05:47.0248 0788 srv - ok
19:05:47.0264 0788 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:05:47.0280 0788 srv2 - ok
19:05:47.0295 0788 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:05:47.0311 0788 srvnet - ok
19:05:47.0358 0788 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:05:47.0358 0788 SSDPSRV - ok
19:05:47.0373 0788 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:05:47.0373 0788 SstpSvc - ok
19:05:47.0389 0788 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:05:47.0389 0788 stexstor - ok
19:05:47.0451 0788 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:05:47.0467 0788 stisvc - ok
19:05:47.0498 0788 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:05:47.0498 0788 swenum - ok
19:05:47.0514 0788 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:05:47.0545 0788 swprv - ok
19:05:47.0638 0788 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:05:47.0638 0788 SynTP - ok
19:05:47.0794 0788 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:05:47.0857 0788 SysMain - ok
19:05:47.0919 0788 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:05:47.0919 0788 TabletInputService - ok
19:05:47.0950 0788 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:05:47.0950 0788 TapiSrv - ok
19:05:47.0997 0788 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:05:47.0997 0788 TBS - ok
19:05:48.0122 0788 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:05:48.0153 0788 Tcpip - ok
19:05:48.0325 0788 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:05:48.0325 0788 TCPIP6 - ok
19:05:48.0418 0788 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:05:48.0418 0788 tcpipreg - ok
19:05:48.0434 0788 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:05:48.0434 0788 TDPIPE - ok
19:05:48.0465 0788 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:05:48.0465 0788 TDTCP - ok
19:05:48.0512 0788 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:05:48.0528 0788 tdx - ok
19:05:48.0528 0788 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:05:48.0543 0788 TermDD - ok
19:05:48.0574 0788 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:05:48.0606 0788 TermService - ok
19:05:48.0606 0788 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:05:48.0606 0788 Themes - ok
19:05:48.0637 0788 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:05:48.0637 0788 THREADORDER - ok
19:05:48.0652 0788 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:05:48.0652 0788 TrkWks - ok
19:05:48.0699 0788 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:05:48.0699 0788 TrustedInstaller - ok
19:05:48.0730 0788 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:05:48.0730 0788 tssecsrv - ok
19:05:48.0762 0788 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:05:48.0762 0788 TsUsbFlt - ok
19:05:48.0777 0788 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:05:48.0777 0788 TsUsbGD - ok
19:05:48.0793 0788 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:05:48.0808 0788 tunnel - ok
19:05:48.0808 0788 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:05:48.0824 0788 uagp35 - ok
19:05:48.0824 0788 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:05:48.0824 0788 UBHelper - ok
19:05:48.0840 0788 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:05:48.0840 0788 udfs - ok
19:05:48.0871 0788 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:05:48.0871 0788 UI0Detect - ok
19:05:48.0918 0788 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:05:48.0918 0788 uliagpkx - ok
19:05:48.0949 0788 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:05:48.0949 0788 umbus - ok
19:05:48.0949 0788 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:05:48.0949 0788 UmPass - ok
19:05:49.0105 0788 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:05:49.0167 0788 UNS - ok
19:05:49.0261 0788 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:05:49.0276 0788 upnphost - ok
19:05:49.0323 0788 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:05:49.0339 0788 USBAAPL64 - ok
19:05:49.0354 0788 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:05:49.0370 0788 usbccgp - ok
19:05:49.0401 0788 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:05:49.0401 0788 usbcir - ok
19:05:49.0401 0788 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:05:49.0417 0788 usbehci - ok
19:05:49.0479 0788 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:05:49.0495 0788 usbhub - ok
19:05:49.0510 0788 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:05:49.0510 0788 usbohci - ok
19:05:49.0542 0788 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:05:49.0542 0788 usbprint - ok
19:05:49.0557 0788 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:05:49.0557 0788 USBSTOR - ok
19:05:49.0588 0788 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:05:49.0588 0788 usbuhci - ok
19:05:49.0620 0788 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:05:49.0635 0788 usbvideo - ok
19:05:49.0651 0788 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:05:49.0651 0788 UxSms - ok
19:05:49.0682 0788 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:05:49.0682 0788 VaultSvc - ok
19:05:49.0682 0788 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:05:49.0698 0788 vdrvroot - ok
19:05:49.0729 0788 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:05:49.0744 0788 vds - ok
19:05:49.0776 0788 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:05:49.0776 0788 vga - ok
19:05:49.0776 0788 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:05:49.0776 0788 VgaSave - ok
19:05:49.0791 0788 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:05:49.0807 0788 vhdmp - ok
19:05:49.0807 0788 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:05:49.0807 0788 viaide - ok
19:05:49.0807 0788 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:05:49.0807 0788 volmgr - ok
19:05:49.0854 0788 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:05:49.0869 0788 volmgrx - ok
19:05:49.0885 0788 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:05:49.0885 0788 volsnap - ok
19:05:49.0916 0788 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:05:49.0916 0788 vsmraid - ok
19:05:50.0010 0788 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:05:50.0041 0788 VSS - ok
19:05:50.0134 0788 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:05:50.0134 0788 vwifibus - ok
19:05:50.0150 0788 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:05:50.0150 0788 vwififlt - ok
19:05:50.0197 0788 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:05:50.0197 0788 W32Time - ok
19:05:50.0228 0788 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:05:50.0228 0788 WacomPen - ok
19:05:50.0244 0788 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:50.0244 0788 WANARP - ok
19:05:50.0259 0788 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:50.0259 0788 Wanarpv6 - ok
19:05:50.0337 0788 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:05:50.0368 0788 wbengine - ok
19:05:50.0446 0788 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:05:50.0446 0788 WbioSrvc - ok
19:05:50.0478 0788 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:05:50.0493 0788 wcncsvc - ok
19:05:50.0509 0788 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:05:50.0509 0788 WcsPlugInService - ok
19:05:50.0540 0788 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:05:50.0556 0788 Wd - ok
19:05:50.0587 0788 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:05:50.0602 0788 Wdf01000 - ok
19:05:50.0634 0788 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:05:50.0634 0788 WdiServiceHost - ok
19:05:50.0634 0788 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:05:50.0634 0788 WdiSystemHost - ok
19:05:50.0665 0788 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:05:50.0665 0788 WebClient - ok
19:05:50.0696 0788 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:05:50.0696 0788 Wecsvc - ok
19:05:50.0712 0788 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:05:50.0727 0788 wercplsupport - ok
19:05:50.0743 0788 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:05:50.0743 0788 WerSvc - ok
19:05:50.0790 0788 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:05:50.0790 0788 WfpLwf - ok
19:05:50.0805 0788 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:05:50.0805 0788 WIMMount - ok
19:05:50.0836 0788 WinDefend - ok
19:05:50.0852 0788 WinHttpAutoProxySvc - ok
19:05:50.0914 0788 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:05:50.0914 0788 Winmgmt - ok
19:05:51.0008 0788 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:05:51.0070 0788 WinRM - ok
19:05:51.0195 0788 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:05:51.0226 0788 Wlansvc - ok
19:05:51.0398 0788 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:05:51.0492 0788 wlidsvc - ok
19:05:51.0648 0788 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:05:51.0648 0788 WmiAcpi - ok
19:05:51.0726 0788 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:05:51.0726 0788 wmiApSrv - ok
19:05:51.0772 0788 WMPNetworkSvc - ok
19:05:51.0804 0788 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:05:51.0819 0788 WPCSvc - ok
19:05:51.0835 0788 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:05:51.0835 0788 WPDBusEnum - ok
19:05:51.0866 0788 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:05:51.0866 0788 ws2ifsl - ok
19:05:51.0882 0788 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:05:51.0882 0788 wscsvc - ok
19:05:51.0882 0788 WSearch - ok
19:05:52.0022 0788 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:05:52.0100 0788 wuauserv - ok
19:05:52.0194 0788 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:05:52.0194 0788 WudfPf - ok
19:05:52.0209 0788 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:05:52.0209 0788 WUDFRd - ok
19:05:52.0240 0788 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:05:52.0240 0788 wudfsvc - ok
19:05:52.0272 0788 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:05:52.0272 0788 WwanSvc - ok
19:05:52.0318 0788 MBR (0x1B8) (b8cb9ca08162bc8d433b18adb3001662) \Device\Harddisk0\DR0
19:05:52.0350 0788 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
19:05:52.0350 0788 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
19:05:52.0350 0788 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
19:05:58.0761 0788 \Device\Harddisk1\DR1 - ok
19:05:58.0777 0788 Boot (0x1200) (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
19:05:58.0777 0788 \Device\Harddisk0\DR0\Partition0 - ok
19:05:58.0792 0788 Boot (0x1200) (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
19:05:58.0792 0788 \Device\Harddisk0\DR0\Partition1 - ok
19:05:58.0808 0788 Boot (0x1200) (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
19:05:58.0808 0788 \Device\Harddisk0\DR0\Partition2 - ok
19:05:58.0824 0788 Boot (0x1200) (675ea52261ecc3d86690e1e341cbbd5d) \Device\Harddisk1\DR1\Partition0
19:05:58.0824 0788 \Device\Harddisk1\DR1\Partition0 - ok
19:05:58.0824 0788 ============================================================
19:05:58.0824 0788 Scan finished
19:05:58.0824 0788 ============================================================
19:05:58.0839 1916 Detected object count: 1
19:05:58.0839 1916 Actual detected object count: 1
19:07:10.0615 1916 \Device\Harddisk0\DR0\# - copied to quarantine
19:07:10.0615 1916 \Device\Harddisk0\DR0 - copied to quarantine
19:07:10.0833 1916 \Device\Harddisk0\DR0 - processing error
19:07:17.0027 1916 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure
19:07:21.0504 1820 Deinitialize success
TDSS-log #2 Code:
ATTFilter 19:07:27.0369 1708 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
19:07:27.0463 1708 ============================================================
19:07:27.0463 1708 Current date / time: 2012/07/04 19:07:27.0463
19:07:27.0463 1708 SystemInfo:
19:07:27.0463 1708
19:07:27.0463 1708 OS Version: 6.1.7601 ServicePack: 1.0
19:07:27.0463 1708 Product type: Workstation
19:07:27.0463 1708 ComputerName: Sternekoch-PC
19:07:27.0463 1708 UserName: Sternekoch
19:07:27.0463 1708 Windows directory: C:\Windows
19:07:27.0463 1708 System windows directory: C:\Windows
19:07:27.0463 1708 Running under WOW64
19:07:27.0463 1708 Processor architecture: Intel x64
19:07:27.0463 1708 Number of processors: 4
19:07:27.0463 1708 Page size: 0x1000
19:07:27.0463 1708 Boot type: Safe boot with network
19:07:27.0463 1708 ============================================================
19:07:27.0962 1708 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:07:27.0978 1708 Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:07:27.0978 1708 ============================================================
19:07:27.0978 1708 \Device\Harddisk0\DR0:
19:07:27.0978 1708 MBR partitions:
19:07:27.0978 1708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:07:27.0978 1708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
19:07:27.0993 1708 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
19:07:27.0993 1708 \Device\Harddisk1\DR1:
19:07:27.0993 1708 MBR partitions:
19:07:27.0993 1708 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
19:07:27.0993 1708 ============================================================
19:07:28.0025 1708 C: <-> \Device\Harddisk0\DR0\Partition1
19:07:28.0040 1708 E: <-> \Device\Harddisk0\DR0\Partition2
19:07:28.0040 1708 ============================================================
19:07:28.0040 1708 Initialize success
19:07:28.0040 1708 ============================================================
19:07:29.0522 1192 ============================================================
19:07:29.0522 1192 Scan started
19:07:29.0522 1192 Mode: Manual;
19:07:29.0522 1192 ============================================================
19:07:30.0053 1192 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:07:30.0053 1192 1394ohci - ok
19:07:30.0099 1192 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:07:30.0099 1192 ACPI - ok
19:07:30.0131 1192 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:07:30.0131 1192 AcpiPmi - ok
19:07:30.0240 1192 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:07:30.0240 1192 AdobeARMservice - ok
19:07:30.0349 1192 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:07:30.0349 1192 AdobeFlashPlayerUpdateSvc - ok
19:07:30.0411 1192 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:07:30.0411 1192 adp94xx - ok
19:07:30.0489 1192 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:07:30.0505 1192 adpahci - ok
19:07:30.0521 1192 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:07:30.0521 1192 adpu320 - ok
19:07:30.0567 1192 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:07:30.0567 1192 AeLookupSvc - ok
19:07:30.0645 1192 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:07:30.0661 1192 AFD - ok
19:07:30.0677 1192 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:07:30.0692 1192 agp440 - ok
19:07:30.0708 1192 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:07:30.0708 1192 ALG - ok
19:07:30.0739 1192 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:07:30.0739 1192 aliide - ok
19:07:30.0770 1192 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:07:30.0770 1192 amdide - ok
19:07:30.0770 1192 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:07:30.0770 1192 AmdK8 - ok
19:07:30.0786 1192 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:07:30.0786 1192 AmdPPM - ok
19:07:30.0817 1192 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:07:30.0817 1192 amdsata - ok
19:07:30.0848 1192 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:07:30.0848 1192 amdsbs - ok
19:07:30.0879 1192 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:07:30.0879 1192 amdxata - ok
19:07:31.0004 1192 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:07:31.0004 1192 AntiVirSchedulerService - ok
19:07:31.0004 1192 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:07:31.0004 1192 AntiVirService - ok
19:07:31.0051 1192 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:07:31.0051 1192 AppID - ok
19:07:31.0082 1192 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:07:31.0082 1192 AppIDSvc - ok
19:07:31.0098 1192 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:07:31.0098 1192 Appinfo - ok
19:07:31.0191 1192 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:07:31.0191 1192 Apple Mobile Device - ok
19:07:31.0223 1192 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:07:31.0223 1192 arc - ok
19:07:31.0238 1192 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:07:31.0238 1192 arcsas - ok
19:07:31.0269 1192 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:07:31.0269 1192 AsyncMac - ok
19:07:31.0285 1192 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:07:31.0285 1192 atapi - ok
19:07:31.0394 1192 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:07:31.0410 1192 athr - ok
19:07:31.0535 1192 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:07:31.0535 1192 AudioEndpointBuilder - ok
19:07:31.0550 1192 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:07:31.0566 1192 AudioSrv - ok
19:07:31.0597 1192 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:07:31.0597 1192 avgntflt - ok
19:07:31.0628 1192 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:07:31.0628 1192 avipbb - ok
19:07:31.0659 1192 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:07:31.0659 1192 avkmgr - ok
19:07:31.0722 1192 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:07:31.0722 1192 AxInstSV - ok
19:07:31.0784 1192 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:07:31.0784 1192 b06bdrv - ok
19:07:31.0815 1192 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:07:31.0815 1192 b57nd60a - ok
19:07:31.0847 1192 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:07:31.0847 1192 BDESVC - ok
19:07:31.0878 1192 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:07:31.0878 1192 Beep - ok
19:07:31.0925 1192 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:07:31.0925 1192 BFE - ok
19:07:31.0987 1192 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:07:32.0003 1192 BITS - ok
19:07:32.0081 1192 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:07:32.0081 1192 blbdrive - ok
19:07:32.0159 1192 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:07:32.0174 1192 Bonjour Service - ok
19:07:32.0205 1192 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:07:32.0205 1192 bowser - ok
19:07:32.0221 1192 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:07:32.0221 1192 BrFiltLo - ok
19:07:32.0221 1192 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:07:32.0221 1192 BrFiltUp - ok
19:07:32.0252 1192 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:07:32.0268 1192 Browser - ok
19:07:32.0299 1192 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:07:32.0299 1192 Brserid - ok
19:07:32.0299 1192 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:07:32.0299 1192 BrSerWdm - ok
19:07:32.0315 1192 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:07:32.0315 1192 BrUsbMdm - ok
19:07:32.0315 1192 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:07:32.0315 1192 BrUsbSer - ok
19:07:32.0315 1192 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:07:32.0315 1192 BTHMODEM - ok
19:07:32.0393 1192 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:07:32.0393 1192 BTHPORT - ok
19:07:32.0439 1192 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:07:32.0455 1192 bthserv - ok
19:07:32.0486 1192 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:07:32.0486 1192 BTHUSB - ok
19:07:32.0517 1192 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:07:32.0517 1192 cdfs - ok
19:07:32.0549 1192 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:07:32.0549 1192 cdrom - ok
19:07:32.0595 1192 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:07:32.0595 1192 CertPropSvc - ok
19:07:32.0627 1192 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:07:32.0627 1192 circlass - ok
19:07:32.0658 1192 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:07:32.0658 1192 CLFS - ok
19:07:32.0720 1192 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:07:32.0720 1192 clr_optimization_v2.0.50727_32 - ok
19:07:32.0767 1192 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:07:32.0767 1192 clr_optimization_v2.0.50727_64 - ok
19:07:32.0861 1192 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:07:32.0861 1192 clr_optimization_v4.0.30319_32 - ok
19:07:32.0892 1192 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:07:32.0892 1192 clr_optimization_v4.0.30319_64 - ok
19:07:32.0923 1192 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:07:32.0923 1192 CmBatt - ok
19:07:32.0954 1192 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:07:32.0954 1192 cmdide - ok
19:07:33.0001 1192 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:07:33.0001 1192 CNG - ok
19:07:33.0048 1192 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:07:33.0048 1192 Compbatt - ok
19:07:33.0048 1192 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:07:33.0048 1192 CompositeBus - ok
19:07:33.0063 1192 COMSysApp - ok
19:07:33.0079 1192 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:07:33.0079 1192 crcdisk - ok
19:07:33.0110 1192 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:07:33.0126 1192 CryptSvc - ok
19:07:33.0173 1192 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:07:33.0173 1192 DcomLaunch - ok
19:07:33.0235 1192 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:07:33.0235 1192 defragsvc - ok
19:07:33.0251 1192 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:07:33.0251 1192 DfsC - ok
19:07:33.0297 1192 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:07:33.0297 1192 Dhcp - ok
19:07:33.0313 1192 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:07:33.0313 1192 discache - ok
19:07:33.0344 1192 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:07:33.0344 1192 Disk - ok
19:07:33.0375 1192 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:07:33.0375 1192 Dnscache - ok
19:07:33.0407 1192 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:07:33.0407 1192 dot3svc - ok
19:07:33.0438 1192 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:07:33.0438 1192 DPS - ok
19:07:33.0485 1192 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:07:33.0485 1192 drmkaud - ok
19:07:33.0578 1192 DsiWMIService (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:07:33.0578 1192 DsiWMIService - ok
19:07:33.0641 1192 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:07:33.0656 1192 DXGKrnl - ok
19:07:33.0703 1192 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:07:33.0703 1192 EapHost - ok
19:07:33.0843 1192 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:07:33.0859 1192 ebdrv - ok
19:07:33.0968 1192 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:07:33.0968 1192 EFS - ok
19:07:34.0046 1192 EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:07:34.0046 1192 EgisTec Ticket Service - ok
19:07:34.0124 1192 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:07:34.0124 1192 ehRecvr - ok
19:07:34.0155 1192 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:07:34.0155 1192 ehSched - ok
19:07:34.0249 1192 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:07:34.0249 1192 elxstor - ok
19:07:34.0358 1192 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:07:34.0374 1192 ePowerSvc - ok
19:07:34.0436 1192 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:07:34.0436 1192 EpsonBidirectionalService - ok
19:07:34.0530 1192 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:07:34.0530 1192 ErrDev - ok
19:07:34.0592 1192 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:07:34.0592 1192 EventSystem - ok
19:07:34.0608 1192 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:07:34.0608 1192 exfat - ok
19:07:34.0639 1192 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:07:34.0639 1192 fastfat - ok
19:07:34.0686 1192 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:07:34.0686 1192 Fax - ok
19:07:34.0701 1192 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:07:34.0701 1192 fdc - ok
19:07:34.0717 1192 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:07:34.0717 1192 fdPHost - ok
19:07:34.0717 1192 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:07:34.0717 1192 FDResPub - ok
19:07:34.0764 1192 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:07:34.0764 1192 FileInfo - ok
19:07:34.0779 1192 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:07:34.0779 1192 Filetrace - ok
19:07:34.0904 1192 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:07:34.0904 1192 FLEXnet Licensing Service - ok
19:07:34.0935 1192 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:07:34.0935 1192 flpydisk - ok
19:07:34.0982 1192 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:07:34.0982 1192 FltMgr - ok
19:07:35.0045 1192 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:07:35.0045 1192 FontCache - ok
19:07:35.0123 1192 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:07:35.0123 1192 FontCache3.0.0.0 - ok
19:07:35.0154 1192 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:07:35.0154 1192 FsDepends - ok
19:07:35.0185 1192 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:07:35.0185 1192 Fs_Rec - ok
19:07:35.0216 1192 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:07:35.0216 1192 fvevol - ok
19:07:35.0247 1192 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:07:35.0247 1192 gagp30kx - ok
19:07:35.0279 1192 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:07:35.0279 1192 GEARAspiWDM - ok
19:07:35.0341 1192 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:07:35.0341 1192 gpsvc - ok
19:07:35.0372 1192 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:07:35.0372 1192 hcw85cir - ok
19:07:35.0435 1192 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:07:35.0435 1192 HdAudAddService - ok
19:07:35.0466 1192 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:07:35.0466 1192 HDAudBus - ok
19:07:35.0481 1192 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:07:35.0481 1192 HidBatt - ok
19:07:35.0497 1192 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:07:35.0497 1192 HidBth - ok
19:07:35.0497 1192 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:07:35.0497 1192 HidIr - ok
19:07:35.0544 1192 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:07:35.0544 1192 hidserv - ok
19:07:35.0559 1192 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:07:35.0559 1192 HidUsb - ok
19:07:35.0591 1192 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:07:35.0591 1192 hkmsvc - ok
19:07:35.0606 1192 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:07:35.0606 1192 HomeGroupListener - ok
19:07:35.0637 1192 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:07:35.0637 1192 HomeGroupProvider - ok
19:07:35.0669 1192 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:07:35.0669 1192 HpSAMD - ok
19:07:35.0731 1192 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:07:35.0731 1192 HTTP - ok
19:07:35.0731 1192 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:07:35.0731 1192 hwpolicy - ok
19:07:35.0762 1192 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:07:35.0762 1192 i8042prt - ok
19:07:35.0793 1192 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:07:35.0809 1192 iaStor - ok
19:07:35.0840 1192 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:07:35.0840 1192 iaStorV - ok
19:07:35.0934 1192 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:07:35.0934 1192 idsvc - ok
19:07:36.0558 1192 igfx (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:07:36.0620 1192 igfx - ok
19:07:36.0714 1192 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:07:36.0714 1192 iirsp - ok
19:07:36.0761 1192 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:07:36.0761 1192 IKEEXT - ok
19:07:36.0917 1192 IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
19:07:36.0932 1192 IntcAzAudAddService - ok
19:07:37.0041 1192 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:07:37.0041 1192 IntcDAud - ok
19:07:37.0057 1192 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:07:37.0057 1192 intelide - ok
19:07:37.0088 1192 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:07:37.0088 1192 intelppm - ok
19:07:37.0135 1192 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:07:37.0135 1192 IPBusEnum - ok
19:07:37.0135 1192 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:07:37.0135 1192 IpFilterDriver - ok
19:07:37.0166 1192 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:07:37.0166 1192 iphlpsvc - ok
19:07:37.0182 1192 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:07:37.0182 1192 IPMIDRV - ok
19:07:37.0229 1192 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:07:37.0229 1192 IPNAT - ok
19:07:37.0353 1192 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:07:37.0353 1192 iPod Service - ok
19:07:37.0385 1192 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:07:37.0385 1192 IRENUM - ok
19:07:37.0400 1192 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:07:37.0400 1192 isapnp - ok
19:07:37.0416 1192 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:07:37.0416 1192 iScsiPrt - ok
19:07:37.0431 1192 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:07:37.0431 1192 kbdclass - ok
19:07:37.0447 1192 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:07:37.0447 1192 kbdhid - ok
19:07:37.0478 1192 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:37.0478 1192 KeyIso - ok
19:07:37.0494 1192 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:07:37.0494 1192 KSecDD - ok
19:07:37.0525 1192 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:07:37.0525 1192 KSecPkg - ok
19:07:37.0541 1192 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:07:37.0541 1192 ksthunk - ok
19:07:37.0587 1192 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:07:37.0587 1192 KtmRm - ok
19:07:37.0619 1192 L1C (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:07:37.0619 1192 L1C - ok
19:07:37.0665 1192 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:07:37.0665 1192 LanmanServer - ok
19:07:37.0697 1192 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:07:37.0697 1192 LanmanWorkstation - ok
19:07:37.0759 1192 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:07:37.0775 1192 Live Updater Service - ok
19:07:37.0806 1192 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:07:37.0806 1192 lltdio - ok
19:07:37.0837 1192 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:07:37.0837 1192 lltdsvc - ok
19:07:37.0853 1192 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:07:37.0853 1192 lmhosts - ok
19:07:37.0931 1192 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:07:37.0931 1192 LMS - ok
19:07:37.0962 1192 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:07:37.0962 1192 LSI_FC - ok
19:07:37.0993 1192 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:07:37.0993 1192 LSI_SAS - ok
19:07:37.0993 1192 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:07:37.0993 1192 LSI_SAS2 - ok
19:07:38.0009 1192 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:07:38.0009 1192 LSI_SCSI - ok
19:07:38.0071 1192 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:07:38.0071 1192 luafv - ok
19:07:38.0102 1192 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:07:38.0102 1192 Mcx2Svc - ok
19:07:38.0102 1192 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:07:38.0102 1192 megasas - ok
19:07:38.0149 1192 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:07:38.0149 1192 MegaSR - ok
19:07:38.0180 1192 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:07:38.0180 1192 MEIx64 - ok
19:07:38.0243 1192 Microsoft SharePoint Workspace Audit Service - ok
19:07:38.0274 1192 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:07:38.0274 1192 MMCSS - ok
19:07:38.0289 1192 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:07:38.0289 1192 Modem - ok
19:07:38.0321 1192 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:07:38.0321 1192 monitor - ok
19:07:38.0336 1192 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:07:38.0336 1192 mouclass - ok
19:07:38.0352 1192 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:07:38.0352 1192 mouhid - ok
19:07:38.0367 1192 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:07:38.0367 1192 mountmgr - ok
19:07:38.0383 1192 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:07:38.0383 1192 mpio - ok
19:07:38.0414 1192 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:07:38.0414 1192 mpsdrv - ok
19:07:38.0477 1192 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:07:38.0477 1192 MpsSvc - ok
19:07:38.0492 1192 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:07:38.0492 1192 MRxDAV - ok
19:07:38.0508 1192 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:07:38.0508 1192 mrxsmb - ok
19:07:38.0555 1192 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:07:38.0555 1192 mrxsmb10 - ok
19:07:38.0570 1192 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:07:38.0570 1192 mrxsmb20 - ok
19:07:38.0570 1192 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:07:38.0570 1192 msahci - ok
19:07:38.0586 1192 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:07:38.0586 1192 msdsm - ok
19:07:38.0617 1192 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:07:38.0617 1192 MSDTC - ok
19:07:38.0633 1192 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:07:38.0633 1192 Msfs - ok
19:07:38.0648 1192 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:07:38.0648 1192 mshidkmdf - ok
19:07:38.0648 1192 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:07:38.0648 1192 msisadrv - ok
19:07:38.0695 1192 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:07:38.0695 1192 MSiSCSI - ok
19:07:38.0695 1192 msiserver - ok
19:07:38.0726 1192 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:07:38.0726 1192 MSKSSRV - ok
19:07:38.0726 1192 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:07:38.0726 1192 MSPCLOCK - ok
19:07:38.0726 1192 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:07:38.0742 1192 MSPQM - ok
19:07:38.0773 1192 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:07:38.0773 1192 MsRPC - ok
19:07:38.0773 1192 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:07:38.0773 1192 mssmbios - ok
19:07:38.0789 1192 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:07:38.0789 1192 MSTEE - ok
19:07:38.0789 1192 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:07:38.0789 1192 MTConfig - ok
19:07:38.0804 1192 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:07:38.0804 1192 Mup - ok
19:07:38.0804 1192 mwlPSDFilter (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:07:38.0804 1192 mwlPSDFilter - ok
19:07:38.0804 1192 mwlPSDNServ (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:07:38.0804 1192 mwlPSDNServ - ok
19:07:38.0804 1192 mwlPSDVDisk (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:07:38.0804 1192 mwlPSDVDisk - ok
19:07:38.0851 1192 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:07:38.0851 1192 napagent - ok
19:07:38.0898 1192 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:07:38.0913 1192 NativeWifiP - ok
19:07:38.0976 1192 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:07:38.0976 1192 NDIS - ok
19:07:39.0007 1192 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:07:39.0007 1192 NdisCap - ok
19:07:39.0007 1192 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:07:39.0007 1192 NdisTapi - ok
19:07:39.0007 1192 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:07:39.0007 1192 Ndisuio - ok
19:07:39.0023 1192 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:07:39.0038 1192 NdisWan - ok
19:07:39.0069 1192 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:07:39.0069 1192 NDProxy - ok
19:07:39.0085 1192 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:07:39.0085 1192 NetBIOS - ok
19:07:39.0116 1192 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:07:39.0116 1192 NetBT - ok
19:07:39.0132 1192 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:39.0132 1192 Netlogon - ok
19:07:39.0194 1192 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:07:39.0194 1192 Netman - ok
19:07:39.0210 1192 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:07:39.0225 1192 netprofm - ok
19:07:39.0303 1192 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:07:39.0303 1192 NetTcpPortSharing - ok
19:07:39.0350 1192 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:07:39.0350 1192 nfrd960 - ok
19:07:39.0397 1192 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:07:39.0397 1192 NlaSvc - ok
19:07:39.0413 1192 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:07:39.0413 1192 Npfs - ok
19:07:39.0413 1192 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:07:39.0413 1192 nsi - ok
19:07:39.0428 1192 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:07:39.0428 1192 nsiproxy - ok
19:07:39.0491 1192 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:07:39.0491 1192 Ntfs - ok
19:07:39.0569 1192 NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:07:39.0569 1192 NTI IScheduleSvc - ok
19:07:39.0647 1192 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:07:39.0647 1192 NTIDrvr - ok
19:07:39.0678 1192 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:07:39.0678 1192 Null - ok
19:07:39.0709 1192 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:07:39.0709 1192 nvraid - ok
19:07:39.0740 1192 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:07:39.0740 1192 nvstor - ok
19:07:39.0771 1192 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:07:39.0771 1192 nv_agp - ok
19:07:39.0771 1192 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:07:39.0771 1192 ohci1394 - ok
19:07:39.0881 1192 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:07:39.0881 1192 ose - ok
19:07:40.0161 1192 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:07:40.0193 1192 osppsvc - ok
19:07:40.0317 1192 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:07:40.0317 1192 p2pimsvc - ok
19:07:40.0333 1192 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:07:40.0333 1192 p2psvc - ok
19:07:40.0364 1192 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:07:40.0364 1192 Parport - ok
19:07:40.0395 1192 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:07:40.0395 1192 partmgr - ok
19:07:40.0427 1192 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:07:40.0427 1192 PcaSvc - ok
19:07:40.0442 1192 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:07:40.0442 1192 pci - ok
19:07:40.0458 1192 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:07:40.0458 1192 pciide - ok
19:07:40.0489 1192 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:07:40.0489 1192 pcmcia - ok
19:07:40.0489 1192 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:07:40.0489 1192 pcw - ok
19:07:40.0551 1192 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:07:40.0567 1192 PEAUTH - ok
19:07:40.0629 1192 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:07:40.0629 1192 PerfHost - ok
19:07:40.0723 1192 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:07:40.0723 1192 pla - ok
19:07:40.0770 1192 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:07:40.0770 1192 PlugPlay - ok
19:07:40.0801 1192 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:07:40.0801 1192 PNRPAutoReg - ok
19:07:40.0832 1192 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:07:40.0832 1192 PNRPsvc - ok
19:07:40.0863 1192 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:07:40.0863 1192 PolicyAgent - ok
19:07:40.0895 1192 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:07:40.0895 1192 Power - ok
19:07:40.0973 1192 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:07:40.0973 1192 PptpMiniport - ok
19:07:40.0988 1192 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:07:40.0988 1192 Processor - ok
19:07:41.0035 1192 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:07:41.0051 1192 ProfSvc - ok
19:07:41.0066 1192 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:41.0066 1192 ProtectedStorage - ok
19:07:41.0129 1192 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:07:41.0129 1192 Psched - ok
19:07:41.0191 1192 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:07:41.0207 1192 ql2300 - ok
19:07:41.0300 1192 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:07:41.0300 1192 ql40xx - ok
19:07:41.0347 1192 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:07:41.0347 1192 QWAVE - ok
19:07:41.0363 1192 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:07:41.0363 1192 QWAVEdrv - ok
19:07:41.0378 1192 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:07:41.0378 1192 RasAcd - ok
19:07:41.0394 1192 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:07:41.0394 1192 RasAgileVpn - ok
19:07:41.0409 1192 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:07:41.0409 1192 RasAuto - ok
19:07:41.0456 1192 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:07:41.0456 1192 Rasl2tp - ok
19:07:41.0487 1192 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:07:41.0487 1192 RasMan - ok
19:07:41.0503 1192 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:07:41.0503 1192 RasPppoe - ok
19:07:41.0519 1192 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:07:41.0519 1192 RasSstp - ok
19:07:41.0565 1192 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:07:41.0565 1192 rdbss - ok
19:07:41.0597 1192 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:07:41.0597 1192 rdpbus - ok
19:07:41.0612 1192 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:07:41.0612 1192 RDPCDD - ok
19:07:41.0628 1192 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:07:41.0628 1192 RDPENCDD - ok
19:07:41.0628 1192 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:07:41.0628 1192 RDPREFMP - ok
19:07:41.0690 1192 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:07:41.0690 1192 RDPWD - ok
19:07:41.0721 1192 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:07:41.0721 1192 rdyboost - ok
19:07:41.0753 1192 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:07:41.0753 1192 RemoteAccess - ok
19:07:41.0784 1192 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:07:41.0784 1192 RemoteRegistry - ok
19:07:41.0815 1192 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:07:41.0815 1192 RpcEptMapper - ok
19:07:41.0831 1192 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:07:41.0831 1192 RpcLocator - ok
19:07:41.0862 1192 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:07:41.0862 1192 RpcSs - ok
19:07:41.0924 1192 RSPCIESTOR (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:07:41.0940 1192 RSPCIESTOR - ok
19:07:41.0971 1192 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:07:41.0971 1192 rspndr - ok
19:07:42.0002 1192 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:42.0002 1192 SamSs - ok
19:07:42.0018 1192 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:07:42.0018 1192 sbp2port - ok
19:07:42.0049 1192 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:07:42.0049 1192 SCardSvr - ok
19:07:42.0080 1192 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:07:42.0080 1192 scfilter - ok
19:07:42.0158 1192 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:07:42.0158 1192 Schedule - ok
19:07:42.0205 1192 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:07:42.0205 1192 SCPolicySvc - ok
19:07:42.0221 1192 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:07:42.0221 1192 SDRSVC - ok
19:07:42.0299 1192 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:07:42.0299 1192 secdrv - ok
19:07:42.0314 1192 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:07:42.0314 1192 seclogon - ok
19:07:42.0330 1192 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:07:42.0345 1192 SENS - ok
19:07:42.0377 1192 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:07:42.0377 1192 SensrSvc - ok
19:07:42.0392 1192 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:07:42.0392 1192 Serenum - ok
19:07:42.0439 1192 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:07:42.0439 1192 Serial - ok
19:07:42.0439 1192 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:07:42.0439 1192 sermouse - ok
19:07:42.0455 1192 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:07:42.0455 1192 SessionEnv - ok
19:07:42.0455 1192 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:07:42.0455 1192 sffdisk - ok
19:07:42.0470 1192 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:07:42.0470 1192 sffp_mmc - ok
19:07:42.0470 1192 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:07:42.0470 1192 sffp_sd - ok
19:07:42.0486 1192 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:07:42.0486 1192 sfloppy - ok
19:07:42.0517 1192 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:07:42.0517 1192 SharedAccess - ok
19:07:42.0533 1192 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:07:42.0533 1192 ShellHWDetection - ok
19:07:42.0564 1192 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:07:42.0564 1192 SiSRaid2 - ok
19:07:42.0579 1192 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:07:42.0579 1192 SiSRaid4 - ok
19:07:42.0595 1192 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:07:42.0595 1192 Smb - ok
19:07:42.0611 1192 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:07:42.0611 1192 SNMPTRAP - ok
19:07:42.0642 1192 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:07:42.0642 1192 spldr - ok
19:07:42.0673 1192 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:07:42.0673 1192 Spooler - ok
19:07:42.0813 1192 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:07:42.0829 1192 sppsvc - ok
19:07:42.0907 1192 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:07:42.0923 1192 sppuinotify - ok
19:07:42.0969 1192 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:07:42.0969 1192 srv - ok
19:07:42.0985 1192 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:07:42.0985 1192 srv2 - ok
19:07:43.0001 1192 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:07:43.0001 1192 srvnet - ok
19:07:43.0032 1192 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:07:43.0047 1192 SSDPSRV - ok
19:07:43.0047 1192 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:07:43.0047 1192 SstpSvc - ok
19:07:43.0063 1192 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:07:43.0063 1192 stexstor - ok
19:07:43.0125 1192 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:07:43.0141 1192 stisvc - ok
19:07:43.0172 1192 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:07:43.0172 1192 swenum - ok
19:07:43.0219 1192 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:07:43.0219 1192 swprv - ok
19:07:43.0313 1192 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:07:43.0328 1192 SynTP - ok
19:07:43.0484 1192 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:07:43.0500 1192 SysMain - ok
19:07:43.0578 1192 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:07:43.0578 1192 TabletInputService - ok
19:07:43.0609 1192 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:07:43.0609 1192 TapiSrv - ok
19:07:43.0640 1192 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:07:43.0640 1192 TBS - ok
19:07:43.0749 1192 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:07:43.0765 1192 Tcpip - ok
19:07:43.0905 1192 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:07:43.0921 1192 TCPIP6 - ok
19:07:43.0983 1192 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:07:43.0983 1192 tcpipreg - ok
19:07:44.0015 1192 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:07:44.0015 1192 TDPIPE - ok
19:07:44.0046 1192 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:07:44.0046 1192 TDTCP - ok
19:07:44.0061 1192 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:07:44.0061 1192 tdx - ok
19:07:44.0077 1192 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:07:44.0077 1192 TermDD - ok
19:07:44.0124 1192 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:07:44.0124 1192 TermService - ok
19:07:44.0139 1192 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:07:44.0139 1192 Themes - ok
19:07:44.0155 1192 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:07:44.0155 1192 THREADORDER - ok
19:07:44.0171 1192 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:07:44.0171 1192 TrkWks - ok
19:07:44.0217 1192 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:07:44.0233 1192 TrustedInstaller - ok
19:07:44.0249 1192 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:07:44.0249 1192 tssecsrv - ok
19:07:44.0264 1192 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:07:44.0264 1192 TsUsbFlt - ok
19:07:44.0280 1192 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:07:44.0280 1192 TsUsbGD - ok
19:07:44.0311 1192 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:07:44.0311 1192 tunnel - ok
19:07:44.0327 1192 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:07:44.0327 1192 uagp35 - ok
19:07:44.0327 1192 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:07:44.0327 1192 UBHelper - ok
19:07:44.0358 1192 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:07:44.0358 1192 udfs - ok
19:07:44.0389 1192 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:07:44.0389 1192 UI0Detect - ok
19:07:44.0420 1192 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:07:44.0420 1192 uliagpkx - ok
19:07:44.0451 1192 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:07:44.0451 1192 umbus - ok
19:07:44.0451 1192 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:07:44.0467 1192 UmPass - ok
19:07:44.0623 1192 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:07:44.0639 1192 UNS - ok
19:07:44.0748 1192 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:07:44.0748 1192 upnphost - ok
19:07:44.0795 1192 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:07:44.0795 1192 USBAAPL64 - ok
19:07:44.0826 1192 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:07:44.0826 1192 usbccgp - ok
19:07:44.0857 1192 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:07:44.0857 1192 usbcir - ok
19:07:44.0857 1192 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:07:44.0857 1192 usbehci - ok
19:07:44.0904 1192 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:07:44.0904 1192 usbhub - ok
19:07:44.0919 1192 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:07:44.0919 1192 usbohci - ok
19:07:44.0919 1192 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:07:44.0919 1192 usbprint - ok
19:07:44.0935 1192 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:07:44.0935 1192 USBSTOR - ok
19:07:44.0951 1192 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:07:44.0951 1192 usbuhci - ok
19:07:44.0982 1192 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:07:44.0982 1192 usbvideo - ok
19:07:44.0997 1192 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:07:44.0997 1192 UxSms - ok
19:07:45.0029 1192 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:07:45.0029 1192 VaultSvc - ok
19:07:45.0044 1192 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:07:45.0044 1192 vdrvroot - ok
19:07:45.0091 1192 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:07:45.0091 1192 vds - ok
19:07:45.0122 1192 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:07:45.0122 1192 vga - ok
19:07:45.0122 1192 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:07:45.0122 1192 VgaSave - ok
19:07:45.0138 1192 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:07:45.0138 1192 vhdmp - ok
19:07:45.0153 1192 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:07:45.0153 1192 viaide - ok
19:07:45.0169 1192 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:07:45.0169 1192 volmgr - ok
19:07:45.0200 1192 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:07:45.0200 1192 volmgrx - ok
19:07:45.0231 1192 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:07:45.0231 1192 volsnap - ok
19:07:45.0263 1192 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:07:45.0263 1192 vsmraid - ok
19:07:45.0356 1192 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:07:45.0356 1192 VSS - ok
19:07:45.0450 1192 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:07:45.0465 1192 vwifibus - ok
19:07:45.0481 1192 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:07:45.0481 1192 vwififlt - ok
19:07:45.0512 1192 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:07:45.0512 1192 W32Time - ok
19:07:45.0543 1192 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:07:45.0543 1192 WacomPen - ok
19:07:45.0575 1192 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:07:45.0575 1192 WANARP - ok
19:07:45.0590 1192 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:07:45.0590 1192 Wanarpv6 - ok
19:07:45.0668 1192 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:07:45.0668 1192 wbengine - ok
19:07:45.0762 1192 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:07:45.0762 1192 WbioSrvc - ok
19:07:45.0777 1192 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:07:45.0777 1192 wcncsvc - ok
19:07:45.0793 1192 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:07:45.0809 1192 WcsPlugInService - ok
19:07:45.0840 1192 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:07:45.0840 1192 Wd - ok
19:07:45.0887 1192 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:07:45.0887 1192 Wdf01000 - ok
19:07:45.0918 1192 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:07:45.0918 1192 WdiServiceHost - ok
19:07:45.0918 1192 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:07:45.0918 1192 WdiSystemHost - ok
19:07:45.0949 1192 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:07:45.0949 1192 WebClient - ok
19:07:45.0980 1192 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:07:45.0980 1192 Wecsvc - ok
19:07:45.0996 1192 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:07:45.0996 1192 wercplsupport - ok
19:07:46.0027 1192 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:07:46.0027 1192 WerSvc - ok
19:07:46.0074 1192 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:07:46.0074 1192 WfpLwf - ok
19:07:46.0089 1192 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:07:46.0089 1192 WIMMount - ok
19:07:46.0121 1192 WinDefend - ok
19:07:46.0121 1192 WinHttpAutoProxySvc - ok
19:07:46.0199 1192 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:07:46.0199 1192 Winmgmt - ok
19:07:46.0308 1192 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:07:46.0323 1192 WinRM - ok
19:07:46.0448 1192 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:07:46.0448 1192 Wlansvc - ok
19:07:46.0635 1192 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:07:46.0635 1192 wlidsvc - ok
19:07:46.0745 1192 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:07:46.0745 1192 WmiAcpi - ok
19:07:46.0807 1192 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:07:46.0807 1192 wmiApSrv - ok
19:07:46.0854 1192 WMPNetworkSvc - ok
19:07:46.0901 1192 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:07:46.0901 1192 WPCSvc - ok
19:07:46.0916 1192 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:07:46.0932 1192 WPDBusEnum - ok
19:07:46.0947 1192 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:07:46.0947 1192 ws2ifsl - ok
19:07:46.0963 1192 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:07:46.0963 1192 wscsvc - ok
19:07:46.0963 1192 WSearch - ok
19:07:47.0088 1192 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:07:47.0103 1192 wuauserv - ok
19:07:47.0197 1192 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:07:47.0197 1192 WudfPf - ok
19:07:47.0213 1192 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:07:47.0213 1192 WUDFRd - ok
19:07:47.0244 1192 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:07:47.0259 1192 wudfsvc - ok
19:07:47.0259 1192 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:07:47.0259 1192 WwanSvc - ok
19:07:47.0306 1192 MBR (0x1B8) (b8cb9ca08162bc8d433b18adb3001662) \Device\Harddisk0\DR0
19:07:47.0337 1192 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
19:07:47.0337 1192 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
19:07:47.0337 1192 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
19:07:53.0843 1192 \Device\Harddisk1\DR1 - ok
19:07:53.0905 1192 Boot (0x1200) (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
19:07:53.0967 1192 \Device\Harddisk0\DR0\Partition0 - ok
19:07:53.0983 1192 Boot (0x1200) (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
19:07:53.0983 1192 \Device\Harddisk0\DR0\Partition1 - ok
19:07:54.0014 1192 Boot (0x1200) (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
19:07:54.0014 1192 \Device\Harddisk0\DR0\Partition2 - ok
19:07:54.0014 1192 Boot (0x1200) (675ea52261ecc3d86690e1e341cbbd5d) \Device\Harddisk1\DR1\Partition0
19:07:54.0014 1192 \Device\Harddisk1\DR1\Partition0 - ok
19:07:54.0014 1192 ============================================================
19:07:54.0014 1192 Scan finished
19:07:54.0014 1192 ============================================================
19:07:54.0030 0296 Detected object count: 1
19:07:54.0030 0296 Actual detected object count: 1
19:08:23.0670 0296 \Device\Harddisk0\DR0\# - copied to quarantine
19:08:23.0670 0296 \Device\Harddisk0\DR0 - copied to quarantine
19:08:23.0888 0296 \Device\Harddisk0\DR0 - processing error
19:08:30.0471 0296 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure
19:08:37.0476 1844 Deinitialize success
 |
|
05.07.2012, 18:09
| #4 |
| | BOO/TDss.O - Kein Zugriff auf Dateien mehr Hier der nächste Teil von TDSS-Killer: TDSS-log #3 Code:
ATTFilter 19:51:29.0379 1960 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
19:51:29.0488 1960 ============================================================
19:51:29.0488 1960 Current date / time: 2012/07/04 19:51:29.0488
19:51:29.0488 1960 SystemInfo:
19:51:29.0488 1960
19:51:29.0488 1960 OS Version: 6.1.7601 ServicePack: 1.0
19:51:29.0488 1960 Product type: Workstation
19:51:29.0488 1960 ComputerName: Sternekoch-PC
19:51:29.0488 1960 UserName: Sternekoch
19:51:29.0488 1960 Windows directory: C:\Windows
19:51:29.0488 1960 System windows directory: C:\Windows
19:51:29.0488 1960 Running under WOW64
19:51:29.0488 1960 Processor architecture: Intel x64
19:51:29.0488 1960 Number of processors: 4
19:51:29.0488 1960 Page size: 0x1000
19:51:29.0488 1960 Boot type: Safe boot with network
19:51:29.0488 1960 ============================================================
19:51:29.0956 1960 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:51:29.0956 1960 Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:51:29.0956 1960 ============================================================
19:51:29.0956 1960 \Device\Harddisk0\DR0:
19:51:29.0956 1960 MBR partitions:
19:51:29.0956 1960 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:51:29.0956 1960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
19:51:29.0971 1960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
19:51:29.0971 1960 \Device\Harddisk1\DR1:
19:51:29.0971 1960 MBR partitions:
19:51:29.0971 1960 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
19:51:29.0971 1960 ============================================================
19:51:30.0018 1960 C: <-> \Device\Harddisk0\DR0\Partition1
19:51:30.0034 1960 E: <-> \Device\Harddisk0\DR0\Partition2
19:51:30.0034 1960 ============================================================
19:51:30.0034 1960 Initialize success
19:51:30.0034 1960 ============================================================
19:51:37.0522 1540 ============================================================
19:51:37.0522 1540 Scan started
19:51:37.0522 1540 Mode: Manual;
19:51:37.0522 1540 ============================================================
19:51:38.0567 1540 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:51:38.0567 1540 1394ohci - ok
19:51:38.0614 1540 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:51:38.0629 1540 ACPI - ok
19:51:38.0645 1540 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:51:38.0645 1540 AcpiPmi - ok
19:51:38.0739 1540 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:51:38.0754 1540 AdobeARMservice - ok
19:51:38.0879 1540 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:51:38.0879 1540 AdobeFlashPlayerUpdateSvc - ok
19:51:38.0941 1540 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:51:38.0957 1540 adp94xx - ok
19:51:39.0019 1540 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:51:39.0035 1540 adpahci - ok
19:51:39.0035 1540 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:51:39.0051 1540 adpu320 - ok
19:51:39.0066 1540 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:51:39.0082 1540 AeLookupSvc - ok
19:51:39.0144 1540 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:51:39.0160 1540 AFD - ok
19:51:39.0207 1540 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:51:39.0207 1540 agp440 - ok
19:51:39.0238 1540 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:51:39.0238 1540 ALG - ok
19:51:39.0253 1540 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:51:39.0253 1540 aliide - ok
19:51:39.0269 1540 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:51:39.0269 1540 amdide - ok
19:51:39.0285 1540 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:51:39.0285 1540 AmdK8 - ok
19:51:39.0300 1540 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:51:39.0316 1540 AmdPPM - ok
19:51:39.0347 1540 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:51:39.0347 1540 amdsata - ok
19:51:39.0378 1540 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:51:39.0378 1540 amdsbs - ok
19:51:39.0409 1540 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:51:39.0409 1540 amdxata - ok
19:51:39.0519 1540 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:51:39.0534 1540 AntiVirSchedulerService - ok
19:51:39.0550 1540 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:51:39.0550 1540 AntiVirService - ok
19:51:39.0597 1540 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:51:39.0597 1540 AppID - ok
19:51:39.0628 1540 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:51:39.0628 1540 AppIDSvc - ok
19:51:39.0643 1540 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:51:39.0643 1540 Appinfo - ok
19:51:39.0737 1540 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:51:39.0753 1540 Apple Mobile Device - ok
19:51:39.0768 1540 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:51:39.0768 1540 arc - ok
19:51:39.0799 1540 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:51:39.0799 1540 arcsas - ok
19:51:39.0815 1540 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:51:39.0815 1540 AsyncMac - ok
19:51:39.0846 1540 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:51:39.0846 1540 atapi - ok
19:51:39.0971 1540 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:51:40.0033 1540 athr - ok
19:51:40.0174 1540 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:51:40.0189 1540 AudioEndpointBuilder - ok
19:51:40.0189 1540 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:51:40.0205 1540 AudioSrv - ok
19:51:40.0252 1540 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:51:40.0252 1540 avgntflt - ok
19:51:40.0283 1540 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:51:40.0283 1540 avipbb - ok
19:51:40.0314 1540 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:51:40.0314 1540 avkmgr - ok
19:51:40.0377 1540 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:51:40.0377 1540 AxInstSV - ok
19:51:40.0439 1540 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:51:40.0455 1540 b06bdrv - ok
19:51:40.0501 1540 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:51:40.0517 1540 b57nd60a - ok
19:51:40.0564 1540 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:51:40.0564 1540 BDESVC - ok
19:51:40.0579 1540 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:51:40.0579 1540 Beep - ok
19:51:40.0642 1540 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:51:40.0657 1540 BFE - ok
19:51:40.0704 1540 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:51:40.0813 1540 BITS - ok
19:51:40.0876 1540 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:51:40.0876 1540 blbdrive - ok
19:51:40.0954 1540 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:51:40.0969 1540 Bonjour Service - ok
19:51:40.0985 1540 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:51:40.0985 1540 bowser - ok
19:51:41.0032 1540 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:51:41.0032 1540 BrFiltLo - ok
19:51:41.0032 1540 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:51:41.0032 1540 BrFiltUp - ok
19:51:41.0063 1540 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:51:41.0079 1540 Browser - ok
19:51:41.0110 1540 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:51:41.0125 1540 Brserid - ok
19:51:41.0141 1540 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:51:41.0141 1540 BrSerWdm - ok
19:51:41.0157 1540 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:51:41.0157 1540 BrUsbMdm - ok
19:51:41.0157 1540 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:51:41.0157 1540 BrUsbSer - ok
19:51:41.0172 1540 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:51:41.0172 1540 BTHMODEM - ok
19:51:41.0219 1540 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:51:41.0250 1540 BTHPORT - ok
19:51:41.0281 1540 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:51:41.0281 1540 bthserv - ok
19:51:41.0313 1540 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:51:41.0313 1540 BTHUSB - ok
19:51:41.0344 1540 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:51:41.0344 1540 cdfs - ok
19:51:41.0391 1540 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:51:41.0391 1540 cdrom - ok
19:51:41.0437 1540 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:51:41.0437 1540 CertPropSvc - ok
19:51:41.0469 1540 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:51:41.0469 1540 circlass - ok
19:51:41.0500 1540 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:51:41.0500 1540 CLFS - ok
19:51:41.0578 1540 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:51:41.0578 1540 clr_optimization_v2.0.50727_32 - ok
19:51:41.0625 1540 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:51:41.0625 1540 clr_optimization_v2.0.50727_64 - ok
19:51:41.0703 1540 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:51:41.0703 1540 clr_optimization_v4.0.30319_32 - ok
19:51:41.0734 1540 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:51:41.0734 1540 clr_optimization_v4.0.30319_64 - ok
19:51:41.0765 1540 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:51:41.0765 1540 CmBatt - ok
19:51:41.0796 1540 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:51:41.0796 1540 cmdide - ok
19:51:41.0843 1540 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:51:41.0843 1540 CNG - ok
19:51:41.0890 1540 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:51:41.0890 1540 Compbatt - ok
19:51:41.0905 1540 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:51:41.0905 1540 CompositeBus - ok
19:51:41.0921 1540 COMSysApp - ok
19:51:41.0937 1540 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:51:41.0937 1540 crcdisk - ok
19:51:41.0968 1540 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:51:41.0968 1540 CryptSvc - ok
19:51:42.0015 1540 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:51:42.0046 1540 DcomLaunch - ok
19:51:42.0077 1540 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:51:42.0093 1540 defragsvc - ok
19:51:42.0124 1540 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:51:42.0124 1540 DfsC - ok
19:51:42.0171 1540 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:51:42.0171 1540 Dhcp - ok
19:51:42.0202 1540 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:51:42.0202 1540 discache - ok
19:51:42.0233 1540 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:51:42.0233 1540 Disk - ok
19:51:42.0249 1540 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:51:42.0249 1540 Dnscache - ok
19:51:42.0280 1540 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:51:42.0295 1540 dot3svc - ok
19:51:42.0311 1540 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:51:42.0311 1540 DPS - ok
19:51:42.0358 1540 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:51:42.0358 1540 drmkaud - ok
19:51:42.0451 1540 DsiWMIService (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:51:42.0467 1540 DsiWMIService - ok
19:51:42.0529 1540 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:51:42.0561 1540 DXGKrnl - ok
19:51:42.0592 1540 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:51:42.0592 1540 EapHost - ok
19:51:42.0732 1540 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:51:42.0826 1540 ebdrv - ok
19:51:42.0919 1540 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:51:42.0919 1540 EFS - ok
19:51:43.0013 1540 EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:51:43.0013 1540 EgisTec Ticket Service - ok
19:51:43.0107 1540 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:51:43.0138 1540 ehRecvr - ok
19:51:43.0169 1540 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:51:43.0169 1540 ehSched - ok
19:51:43.0263 1540 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:51:43.0278 1540 elxstor - ok
19:51:43.0387 1540 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:51:43.0419 1540 ePowerSvc - ok
19:51:43.0528 1540 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:51:43.0528 1540 EpsonBidirectionalService - ok
19:51:43.0606 1540 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:51:43.0606 1540 ErrDev - ok
19:51:43.0637 1540 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:51:43.0653 1540 EventSystem - ok
19:51:43.0684 1540 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:51:43.0684 1540 exfat - ok
19:51:43.0699 1540 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:51:43.0699 1540 fastfat - ok
19:51:43.0762 1540 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:51:43.0777 1540 Fax - ok
19:51:43.0793 1540 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:51:43.0793 1540 fdc - ok
19:51:43.0809 1540 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:51:43.0809 1540 fdPHost - ok
19:51:43.0809 1540 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:51:43.0824 1540 FDResPub - ok
19:51:43.0840 1540 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:51:43.0840 1540 FileInfo - ok
19:51:43.0871 1540 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:51:43.0871 1540 Filetrace - ok
19:51:43.0965 1540 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:51:43.0980 1540 FLEXnet Licensing Service - ok
19:51:44.0011 1540 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:51:44.0011 1540 flpydisk - ok
19:51:44.0043 1540 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:51:44.0058 1540 FltMgr - ok
19:51:44.0121 1540 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:51:44.0152 1540 FontCache - ok
19:51:44.0214 1540 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:51:44.0230 1540 FontCache3.0.0.0 - ok
19:51:44.0261 1540 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:51:44.0261 1540 FsDepends - ok
19:51:44.0292 1540 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:51:44.0292 1540 Fs_Rec - ok
19:51:44.0323 1540 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:51:44.0323 1540 fvevol - ok
19:51:44.0355 1540 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:51:44.0355 1540 gagp30kx - ok
19:51:44.0386 1540 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:51:44.0386 1540 GEARAspiWDM - ok
19:51:44.0433 1540 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:51:44.0464 1540 gpsvc - ok
19:51:44.0464 1540 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:51:44.0479 1540 hcw85cir - ok
19:51:44.0511 1540 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:51:44.0511 1540 HdAudAddService - ok
19:51:44.0557 1540 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:51:44.0557 1540 HDAudBus - ok
19:51:44.0557 1540 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:51:44.0557 1540 HidBatt - ok
19:51:44.0573 1540 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:51:44.0573 1540 HidBth - ok
19:51:44.0573 1540 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:51:44.0589 1540 HidIr - ok
19:51:44.0604 1540 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:51:44.0604 1540 hidserv - ok
19:51:44.0620 1540 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:51:44.0635 1540 HidUsb - ok
19:51:44.0651 1540 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:51:44.0651 1540 hkmsvc - ok
19:51:44.0682 1540 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:51:44.0698 1540 HomeGroupListener - ok
19:51:44.0729 1540 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:51:44.0745 1540 HomeGroupProvider - ok
19:51:44.0760 1540 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:51:44.0760 1540 HpSAMD - ok
19:51:44.0823 1540 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:51:44.0838 1540 HTTP - ok
19:51:44.0838 1540 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:51:44.0854 1540 hwpolicy - ok
19:51:44.0869 1540 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:51:44.0869 1540 i8042prt - ok
19:51:44.0916 1540 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:51:44.0916 1540 iaStor - ok
19:51:44.0947 1540 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:51:44.0963 1540 iaStorV - ok
19:51:45.0057 1540 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:51:45.0088 1540 idsvc - ok
19:51:45.0587 1540 igfx (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:51:45.0837 1540 igfx - ok
19:51:45.0961 1540 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:51:45.0961 1540 iirsp - ok
19:51:46.0008 1540 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:51:46.0039 1540 IKEEXT - ok
19:51:46.0195 1540 IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
19:51:46.0273 1540 IntcAzAudAddService - ok
19:51:46.0383 1540 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:51:46.0398 1540 IntcDAud - ok
19:51:46.0414 1540 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:51:46.0414 1540 intelide - ok
19:51:46.0461 1540 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:51:46.0461 1540 intelppm - ok
19:51:46.0476 1540 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:51:46.0476 1540 IPBusEnum - ok
19:51:46.0507 1540 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:51:46.0523 1540 IpFilterDriver - ok
19:51:46.0570 1540 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:51:46.0601 1540 iphlpsvc - ok
19:51:46.0601 1540 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:51:46.0601 1540 IPMIDRV - ok
19:51:46.0617 1540 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:51:46.0617 1540 IPNAT - ok
19:51:46.0741 1540 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:51:46.0788 1540 iPod Service - ok
19:51:46.0804 1540 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:51:46.0804 1540 IRENUM - ok
19:51:46.0835 1540 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:51:46.0835 1540 isapnp - ok
19:51:46.0866 1540 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:51:46.0866 1540 iScsiPrt - ok
19:51:46.0897 1540 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:51:46.0897 1540 kbdclass - ok
19:51:46.0913 1540 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:51:46.0913 1540 kbdhid - ok
19:51:46.0944 1540 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:46.0944 1540 KeyIso - ok
19:51:46.0960 1540 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:51:46.0960 1540 KSecDD - ok
19:51:46.0975 1540 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:51:46.0975 1540 KSecPkg - ok
19:51:46.0991 1540 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:51:47.0007 1540 ksthunk - ok
19:51:47.0053 1540 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:51:47.0069 1540 KtmRm - ok
19:51:47.0116 1540 L1C (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:51:47.0116 1540 L1C - ok
19:51:47.0163 1540 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:51:47.0178 1540 LanmanServer - ok
19:51:47.0194 1540 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:51:47.0209 1540 LanmanWorkstation - ok
19:51:47.0272 1540 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:51:47.0287 1540 Live Updater Service - ok
19:51:47.0303 1540 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:51:47.0319 1540 lltdio - ok
19:51:47.0350 1540 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:51:47.0365 1540 lltdsvc - ok
19:51:47.0381 1540 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:51:47.0381 1540 lmhosts - ok
19:51:47.0443 1540 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:51:47.0459 1540 LMS - ok
19:51:47.0490 1540 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:51:47.0506 1540 LSI_FC - ok
19:51:47.0537 1540 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:51:47.0537 1540 LSI_SAS - ok
19:51:47.0553 1540 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:51:47.0553 1540 LSI_SAS2 - ok
19:51:47.0584 1540 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:51:47.0599 1540 LSI_SCSI - ok
19:51:47.0631 1540 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:51:47.0631 1540 luafv - ok
19:51:47.0662 1540 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:51:47.0662 1540 Mcx2Svc - ok
19:51:47.0662 1540 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:51:47.0662 1540 megasas - ok
19:51:47.0724 1540 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:51:47.0724 1540 MegaSR - ok
19:51:47.0787 1540 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:51:47.0787 1540 MEIx64 - ok
19:51:47.0849 1540 Microsoft SharePoint Workspace Audit Service - ok
19:51:47.0865 1540 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:51:47.0880 1540 MMCSS - ok
19:51:47.0896 1540 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:51:47.0896 1540 Modem - ok
19:51:47.0943 1540 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:51:47.0943 1540 monitor - ok
19:51:47.0958 1540 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:51:47.0958 1540 mouclass - ok
19:51:47.0974 1540 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:51:47.0989 1540 mouhid - ok
19:51:48.0005 1540 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:51:48.0021 1540 mountmgr - ok
19:51:48.0052 1540 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:51:48.0052 1540 mpio - ok
19:51:48.0052 1540 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:51:48.0052 1540 mpsdrv - ok
19:51:48.0114 1540 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:51:48.0145 1540 MpsSvc - ok
19:51:48.0161 1540 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:51:48.0161 1540 MRxDAV - ok
19:51:48.0192 1540 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:51:48.0192 1540 mrxsmb - ok
19:51:48.0270 1540 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:51:48.0286 1540 mrxsmb10 - ok
19:51:48.0301 1540 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:51:48.0301 1540 mrxsmb20 - ok
19:51:48.0317 1540 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:51:48.0317 1540 msahci - ok
19:51:48.0333 1540 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:51:48.0348 1540 msdsm - ok
19:51:48.0379 1540 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:51:48.0379 1540 MSDTC - ok
19:51:48.0395 1540 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:51:48.0395 1540 Msfs - ok
19:51:48.0411 1540 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:51:48.0411 1540 mshidkmdf - ok
19:51:48.0411 1540 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:51:48.0411 1540 msisadrv - ok
19:51:48.0473 1540 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:51:48.0473 1540 MSiSCSI - ok
19:51:48.0473 1540 msiserver - ok
19:51:48.0489 1540 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:51:48.0504 1540 MSKSSRV - ok
19:51:48.0504 1540 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:51:48.0504 1540 MSPCLOCK - ok
19:51:48.0504 1540 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:51:48.0504 1540 MSPQM - ok
19:51:48.0551 1540 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:51:48.0551 1540 MsRPC - ok
19:51:48.0551 1540 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:51:48.0551 1540 mssmbios - ok
19:51:48.0567 1540 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:51:48.0567 1540 MSTEE - ok
19:51:48.0582 1540 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:51:48.0582 1540 MTConfig - ok
19:51:48.0582 1540 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:51:48.0582 1540 Mup - ok
19:51:48.0598 1540 mwlPSDFilter (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:51:48.0598 1540 mwlPSDFilter - ok
19:51:48.0598 1540 mwlPSDNServ (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:51:48.0598 1540 mwlPSDNServ - ok
19:51:48.0598 1540 mwlPSDVDisk (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:51:48.0613 1540 mwlPSDVDisk - ok
19:51:48.0660 1540 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:51:48.0691 1540 napagent - ok
19:51:48.0754 1540 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:51:48.0769 1540 NativeWifiP - ok
19:51:48.0816 1540 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:51:48.0847 1540 NDIS - ok
19:51:48.0879 1540 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:51:48.0879 1540 NdisCap - ok
19:51:48.0879 1540 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:51:48.0879 1540 NdisTapi - ok
19:51:48.0894 1540 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:51:48.0894 1540 Ndisuio - ok
19:51:48.0910 1540 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:51:48.0910 1540 NdisWan - ok
19:51:48.0925 1540 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:51:48.0925 1540 NDProxy - ok
19:51:48.0941 1540 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:51:48.0941 1540 NetBIOS - ok
19:51:48.0972 1540 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:51:49.0003 1540 NetBT - ok
19:51:49.0019 1540 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:49.0019 1540 Netlogon - ok
19:51:49.0050 1540 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:51:49.0066 1540 Netman - ok
19:51:49.0097 1540 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:51:49.0113 1540 netprofm - ok
19:51:49.0175 1540 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:51:49.0175 1540 NetTcpPortSharing - ok
19:51:49.0206 1540 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:51:49.0206 1540 nfrd960 - ok
19:51:49.0253 1540 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:51:49.0269 1540 NlaSvc - ok
19:51:49.0284 1540 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:51:49.0284 1540 Npfs - ok
19:51:49.0284 1540 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:51:49.0284 1540 nsi - ok
19:51:49.0284 1540 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:51:49.0284 1540 nsiproxy - ok
19:51:49.0362 1540 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:51:49.0409 1540 Ntfs - ok
19:51:49.0471 1540 NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:51:49.0487 1540 NTI IScheduleSvc - ok
19:51:49.0565 1540 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:51:49.0581 1540 NTIDrvr - ok
19:51:49.0581 1540 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:51:49.0581 1540 Null - ok
19:51:49.0627 1540 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:51:49.0627 1540 nvraid - ok
19:51:49.0643 1540 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:51:49.0643 1540 nvstor - ok
19:51:49.0690 1540 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:51:49.0705 1540 nv_agp - ok
19:51:49.0705 1540 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:51:49.0721 1540 ohci1394 - ok
19:51:49.0783 1540 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:51:49.0799 1540 ose - ok
19:51:50.0080 1540 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:51:50.0189 1540 osppsvc - ok
19:51:50.0439 1540 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:51:50.0454 1540 p2pimsvc - ok
19:51:50.0485 1540 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:51:50.0517 1540 p2psvc - ok
19:51:50.0563 1540 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:51:50.0563 1540 Parport - ok
19:51:50.0595 1540 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:51:50.0595 1540 partmgr - ok
19:51:50.0626 1540 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:51:50.0641 1540 PcaSvc - ok
19:51:50.0657 1540 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:51:50.0657 1540 pci - ok
19:51:50.0673 1540 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:51:50.0673 1540 pciide - ok
19:51:50.0688 1540 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:51:50.0688 1540 pcmcia - ok
19:51:50.0704 1540 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:51:50.0704 1540 pcw - ok
19:51:50.0766 1540 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:51:50.0797 1540 PEAUTH - ok
19:51:50.0891 1540 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:51:50.0891 1540 PerfHost - ok
19:51:50.0969 1540 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:51:51.0031 1540 pla - ok
19:51:51.0063 1540 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:51:51.0078 1540 PlugPlay - ok
19:51:51.0094 1540 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:51:51.0109 1540 PNRPAutoReg - ok
19:51:51.0125 1540 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:51:51.0141 1540 PNRPsvc - ok
19:51:51.0187 1540 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:51:51.0203 1540 PolicyAgent - ok
19:51:51.0234 1540 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:51:51.0234 1540 Power - ok
19:51:51.0297 1540 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:51:51.0297 1540 PptpMiniport - ok
19:51:51.0328 1540 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:51:51.0328 1540 Processor - ok
19:51:51.0375 1540 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:51:51.0390 1540 ProfSvc - ok
19:51:51.0406 1540 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:51.0406 1540 ProtectedStorage - ok
19:51:51.0437 1540 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:51:51.0437 1540 Psched - ok
19:51:51.0515 1540 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:51:51.0577 1540 ql2300 - ok
19:51:51.0671 1540 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:51:51.0671 1540 ql40xx - ok
19:51:51.0702 1540 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:51:51.0718 1540 QWAVE - ok
19:51:51.0733 1540 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:51:51.0733 1540 QWAVEdrv - ok
19:51:51.0733 1540 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:51:51.0733 1540 RasAcd - ok
19:51:51.0765 1540 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:51:51.0765 1540 RasAgileVpn - ok
19:51:51.0780 1540 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:51:51.0780 1540 RasAuto - ok
19:51:51.0811 1540 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:51:51.0811 1540 Rasl2tp - ok
19:51:51.0843 1540 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:51:51.0858 1540 RasMan - ok
19:51:51.0889 1540 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:51:51.0889 1540 RasPppoe - ok
19:51:51.0889 1540 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:51:51.0889 1540 RasSstp - ok
19:51:51.0936 1540 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:51:51.0952 1540 rdbss - ok
19:51:51.0967 1540 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:51:51.0967 1540 rdpbus - ok
19:51:51.0983 1540 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:51:51.0983 1540 RDPCDD - ok
19:51:51.0999 1540 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:51:51.0999 1540 RDPENCDD - ok
19:51:51.0999 1540 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:51:52.0014 1540 RDPREFMP - ok
19:51:52.0045 1540 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:51:52.0045 1540 RDPWD - ok
19:51:52.0092 1540 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:51:52.0092 1540 rdyboost - ok
19:51:52.0123 1540 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:51:52.0123 1540 RemoteAccess - ok
19:51:52.0155 1540 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:51:52.0155 1540 RemoteRegistry - ok
19:51:52.0170 1540 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:51:52.0170 1540 RpcEptMapper - ok
19:51:52.0201 1540 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:51:52.0201 1540 RpcLocator - ok
19:51:52.0233 1540 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:51:52.0233 1540 RpcSs - ok
19:51:52.0311 1540 RSPCIESTOR (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:51:52.0311 1540 RSPCIESTOR - ok
19:51:52.0342 1540 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:51:52.0357 1540 rspndr - ok
19:51:52.0373 1540 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:52.0373 1540 SamSs - ok
19:51:52.0389 1540 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:51:52.0389 1540 sbp2port - ok
19:51:52.0435 1540 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:51:52.0435 1540 SCardSvr - ok
19:51:52.0451 1540 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:51:52.0467 1540 scfilter - ok
19:51:52.0513 1540 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:51:52.0545 1540 Schedule - ok
19:51:52.0560 1540 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:51:52.0560 1540 SCPolicySvc - ok
19:51:52.0591 1540 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:51:52.0591 1540 SDRSVC - ok
19:51:52.0654 1540 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:51:52.0654 1540 secdrv - ok
19:51:52.0669 1540 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:51:52.0669 1540 seclogon - ok
19:51:52.0685 1540 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:51:52.0685 1540 SENS - ok
19:51:52.0716 1540 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:51:52.0716 1540 SensrSvc - ok
19:51:52.0747 1540 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:51:52.0747 1540 Serenum - ok
19:51:52.0794 1540 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:51:52.0810 1540 Serial - ok
19:51:52.0810 1540 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:51:52.0825 1540 sermouse - ok
19:51:52.0857 1540 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:51:52.0857 1540 SessionEnv - ok
19:51:52.0872 1540 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:51:52.0872 1540 sffdisk - ok
19:51:52.0872 1540 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:51:52.0888 1540 sffp_mmc - ok
19:51:52.0888 1540 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:51:52.0888 1540 sffp_sd - ok
19:51:52.0888 1540 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:51:52.0888 1540 sfloppy - ok
19:51:52.0950 1540 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:51:52.0966 1540 SharedAccess - ok
19:51:52.0997 1540 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:51:53.0013 1540 ShellHWDetection - ok
19:51:53.0044 1540 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:51:53.0044 1540 SiSRaid2 - ok
19:51:53.0075 1540 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:51:53.0075 1540 SiSRaid4 - ok
19:51:53.0106 1540 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:51:53.0122 1540 Smb - ok
19:51:53.0153 1540 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:51:53.0153 1540 SNMPTRAP - ok
19:51:53.0169 1540 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:51:53.0169 1540 spldr - ok
19:51:53.0200 1540 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:51:53.0215 1540 Spooler - ok
19:51:53.0356 1540 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:51:53.0434 1540 sppsvc - ok
19:51:53.0527 1540 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:51:53.0527 1540 sppuinotify - ok
19:51:53.0574 1540 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:51:53.0574 1540 srv - ok
19:51:53.0605 1540 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:51:53.0621 1540 srv2 - ok
19:51:53.0637 1540 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:51:53.0637 1540 srvnet - ok
19:51:53.0668 1540 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:51:53.0683 1540 SSDPSRV - ok
19:51:53.0699 1540 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:51:53.0699 1540 SstpSvc - ok
19:51:53.0715 1540 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:51:53.0715 1540 stexstor - ok
19:51:53.0777 1540 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:51:53.0793 1540 stisvc - ok
19:51:53.0824 1540 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:51:53.0824 1540 swenum - ok
19:51:53.0871 1540 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:51:53.0886 1540 swprv - ok
19:51:53.0980 1540 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:51:54.0027 1540 SynTP - ok
19:51:54.0198 1540 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:51:54.0261 1540 SysMain - ok
19:51:54.0323 1540 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:51:54.0323 1540 TabletInputService - ok
19:51:54.0354 1540 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:51:54.0370 1540 TapiSrv - ok
19:51:54.0385 1540 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:51:54.0385 1540 TBS - ok
19:51:54.0510 1540 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:51:54.0557 1540 Tcpip - ok
19:51:54.0729 1540 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:51:54.0744 1540 TCPIP6 - ok
19:51:54.0807 1540 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:51:54.0807 1540 tcpipreg - ok
19:51:54.0838 1540 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:51:54.0838 1540 TDPIPE - ok
19:51:54.0869 1540 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:51:54.0869 1540 TDTCP - ok
19:51:54.0885 1540 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:51:54.0916 1540 tdx - ok
19:51:54.0916 1540 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:51:54.0916 1540 TermDD - ok
19:51:54.0963 1540 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:51:54.0994 1540 TermService - ok
19:51:54.0994 1540 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:51:55.0009 1540 Themes - ok
19:51:55.0025 1540 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:51:55.0025 1540 THREADORDER - ok
19:51:55.0041 1540 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:51:55.0041 1540 TrkWks - ok
19:51:55.0087 1540 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:51:55.0087 1540 TrustedInstaller - ok
19:51:55.0103 1540 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:51:55.0103 1540 tssecsrv - ok
19:51:55.0134 1540 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:51:55.0134 1540 TsUsbFlt - ok
19:51:55.0150 1540 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:51:55.0150 1540 TsUsbGD - ok
19:51:55.0181 1540 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:51:55.0181 1540 tunnel - ok
19:51:55.0197 1540 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:51:55.0197 1540 uagp35 - ok
19:51:55.0197 1540 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:51:55.0197 1540 UBHelper - ok
19:51:55.0228 1540 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:51:55.0243 1540 udfs - ok
19:51:55.0259 1540 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:51:55.0275 1540 UI0Detect - ok
19:51:55.0306 1540 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:51:55.0306 1540 uliagpkx - ok
19:51:55.0337 1540 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:51:55.0337 1540 umbus - ok
19:51:55.0337 1540 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:51:55.0337 1540 UmPass - ok
19:51:55.0493 1540 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:51:55.0571 1540 UNS - ok
19:51:55.0680 1540 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:51:55.0696 1540 upnphost - ok
19:51:55.0743 1540 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:51:55.0743 1540 USBAAPL64 - ok
19:51:55.0774 1540 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:51:55.0774 1540 usbccgp - ok
19:51:55.0805 1540 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:51:55.0805 1540 usbcir - ok
19:51:55.0821 1540 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:51:55.0821 1540 usbehci - ok
19:51:55.0852 1540 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:51:55.0867 1540 usbhub - ok
19:51:55.0883 1540 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:51:55.0883 1540 usbohci - ok
19:51:55.0899 1540 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:51:55.0899 1540 usbprint - ok
19:51:55.0914 1540 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:51:55.0914 1540 USBSTOR - ok
19:51:55.0945 1540 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:51:55.0945 1540 usbuhci - ok
19:51:55.0977 1540 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:51:55.0977 1540 usbvideo - ok
19:51:56.0008 1540 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:51:56.0008 1540 UxSms - ok
19:51:56.0039 1540 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:56.0039 1540 VaultSvc - ok
19:51:56.0055 1540 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:51:56.0055 1540 vdrvroot - ok
19:51:56.0086 1540 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:51:56.0101 1540 vds - ok
19:51:56.0133 1540 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:51:56.0133 1540 vga - ok
19:51:56.0133 1540 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:51:56.0148 1540 VgaSave - ok
19:51:56.0164 1540 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:51:56.0179 1540 vhdmp - ok
19:51:56.0179 1540 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:51:56.0195 1540 viaide - ok
19:51:56.0195 1540 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:51:56.0195 1540 volmgr - ok
19:51:56.0242 1540 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:51:56.0257 1540 volmgrx - ok
19:51:56.0273 1540 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:51:56.0289 1540 volsnap - ok
19:51:56.0320 1540 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:51:56.0320 1540 vsmraid - ok
19:51:56.0413 1540 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:51:56.0445 1540 VSS - ok
19:51:56.0523 1540 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:51:56.0523 1540 vwifibus - ok
19:51:56.0538 1540 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:51:56.0538 1540 vwififlt - ok
19:51:56.0585 1540 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:51:56.0601 1540 W32Time - ok
19:51:56.0616 1540 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:51:56.0616 1540 WacomPen - ok
19:51:56.0647 1540 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:51:56.0647 1540 WANARP - ok
19:51:56.0647 1540 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:51:56.0647 1540 Wanarpv6 - ok
19:51:56.0725 1540 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:51:56.0757 1540 wbengine - ok
19:51:56.0850 1540 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:51:56.0850 1540 WbioSrvc - ok
19:51:56.0881 1540 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:51:56.0881 1540 wcncsvc - ok
19:51:56.0913 1540 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:51:56.0913 1540 WcsPlugInService - ok
19:51:56.0944 1540 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:51:56.0944 1540 Wd - ok
19:51:56.0991 1540 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:51:57.0006 1540 Wdf01000 - ok
19:51:57.0037 1540 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:51:57.0037 1540 WdiServiceHost - ok
19:51:57.0037 1540 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:51:57.0037 1540 WdiSystemHost - ok
19:51:57.0069 1540 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:51:57.0069 1540 WebClient - ok
19:51:57.0100 1540 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:51:57.0100 1540 Wecsvc - ok
19:51:57.0115 1540 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:51:57.0115 1540 wercplsupport - ok
19:51:57.0147 1540 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:51:57.0147 1540 WerSvc - ok
19:51:57.0193 1540 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:51:57.0193 1540 WfpLwf - ok
19:51:57.0209 1540 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:51:57.0209 1540 WIMMount - ok
19:51:57.0240 1540 WinDefend - ok
19:51:57.0240 1540 WinHttpAutoProxySvc - ok
19:51:57.0318 1540 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:51:57.0318 1540 Winmgmt - ok
19:51:57.0412 1540 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:51:57.0474 1540 WinRM - ok
19:51:57.0599 1540 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:51:57.0630 1540 Wlansvc - ok
19:51:57.0802 1540 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:51:57.0849 1540 wlidsvc - ok
19:51:57.0958 1540 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:51:57.0958 1540 WmiAcpi - ok
19:51:58.0036 1540 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:51:58.0036 1540 wmiApSrv - ok
19:51:58.0098 1540 WMPNetworkSvc - ok
19:51:58.0129 1540 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:51:58.0145 1540 WPCSvc - ok
19:51:58.0145 1540 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:51:58.0161 1540 WPDBusEnum - ok
19:51:58.0176 1540 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:51:58.0176 1540 ws2ifsl - ok
19:51:58.0192 1540 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:51:58.0192 1540 wscsvc - ok
19:51:58.0192 1540 WSearch - ok
19:51:58.0317 1540 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:51:58.0363 1540 wuauserv - ok
19:51:58.0457 1540 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:51:58.0473 1540 WudfPf - ok
19:51:58.0488 1540 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:51:58.0488 1540 WUDFRd - ok
19:51:58.0519 1540 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:51:58.0519 1540 wudfsvc - ok
19:51:58.0535 1540 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:51:58.0535 1540 WwanSvc - ok
19:51:58.0582 1540 MBR (0x1B8) (b8cb9ca08162bc8d433b18adb3001662) \Device\Harddisk0\DR0
19:51:58.0613 1540 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
19:51:58.0613 1540 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
19:51:58.0629 1540 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
19:52:05.0118 1540 \Device\Harddisk1\DR1 - ok
19:52:05.0181 1540 Boot (0x1200) (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
19:52:05.0181 1540 \Device\Harddisk0\DR0\Partition0 - ok
19:52:05.0196 1540 Boot (0x1200) (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
19:52:05.0196 1540 \Device\Harddisk0\DR0\Partition1 - ok
19:52:05.0212 1540 Boot (0x1200) (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
19:52:05.0212 1540 \Device\Harddisk0\DR0\Partition2 - ok
19:52:05.0227 1540 Boot (0x1200) (675ea52261ecc3d86690e1e341cbbd5d) \Device\Harddisk1\DR1\Partition0
19:52:05.0227 1540 \Device\Harddisk1\DR1\Partition0 - ok
19:52:05.0227 1540 ============================================================
19:52:05.0227 1540 Scan finished
19:52:05.0227 1540 ============================================================
19:52:05.0227 1288 Detected object count: 1
19:52:05.0227 1288 Actual detected object count: 1
19:52:17.0551 1288 \Device\Harddisk0\DR0\# - copied to quarantine
19:52:17.0551 1288 \Device\Harddisk0\DR0 - copied to quarantine
19:52:17.0770 1288 \Device\Harddisk0\DR0 - processing error
19:52:22.0949 1288 \Device\Harddisk0\DR0 - will be restored on reboot
19:52:23.0027 1288 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore
19:52:26.0833 2044 Deinitialize success
|
|
05.07.2012, 18:12
| #5 |
| | BOO/TDss.O - Kein Zugriff auf Dateien mehr Und hier davon der vorerst Letzte - hier schien das fiese Viech zumindest schon verschwunden...zumindest gab es auch keine Meldung mehr über schlimme Dinge. Das wird aber wohl nicht allzu heißen denke ich mal... TDSS-log #4 Code:
ATTFilter 19:54:23.0402 1856 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
19:54:23.0683 1856 ============================================================
19:54:23.0683 1856 Current date / time: 2012/07/04 19:54:23.0683
19:54:23.0683 1856 SystemInfo:
19:54:23.0683 1856
19:54:23.0683 1856 OS Version: 6.1.7601 ServicePack: 1.0
19:54:23.0683 1856 Product type: Workstation
19:54:23.0683 1856 ComputerName: Sternekoch-PC
19:54:23.0683 1856 UserName: Sternekoch
19:54:23.0683 1856 Windows directory: C:\Windows
19:54:23.0683 1856 System windows directory: C:\Windows
19:54:23.0683 1856 Running under WOW64
19:54:23.0683 1856 Processor architecture: Intel x64
19:54:23.0683 1856 Number of processors: 4
19:54:23.0683 1856 Page size: 0x1000
19:54:23.0683 1856 Boot type: Safe boot with network
19:54:23.0683 1856 ============================================================
19:54:24.0572 1856 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:24.0588 1856 Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:54:24.0588 1856 ============================================================
19:54:24.0588 1856 \Device\Harddisk0\DR0:
19:54:24.0588 1856 MBR partitions:
19:54:24.0588 1856 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:54:24.0588 1856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
19:54:24.0604 1856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
19:54:24.0604 1856 \Device\Harddisk1\DR1:
19:54:24.0604 1856 MBR partitions:
19:54:24.0604 1856 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
19:54:24.0604 1856 ============================================================
19:54:24.0650 1856 C: <-> \Device\Harddisk0\DR0\Partition1
19:54:24.0682 1856 E: <-> \Device\Harddisk0\DR0\Partition2
19:54:24.0682 1856 ============================================================
19:54:24.0682 1856 Initialize success
19:54:24.0682 1856 ============================================================
19:54:28.0348 1900 ============================================================
19:54:28.0348 1900 Scan started
19:54:28.0348 1900 Mode: Manual;
19:54:28.0348 1900 ============================================================
19:54:28.0972 1900 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:54:28.0972 1900 1394ohci - ok
19:54:29.0018 1900 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:54:29.0034 1900 ACPI - ok
19:54:29.0065 1900 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:54:29.0065 1900 AcpiPmi - ok
19:54:29.0206 1900 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:54:29.0206 1900 AdobeARMservice - ok
19:54:29.0362 1900 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:54:29.0362 1900 AdobeFlashPlayerUpdateSvc - ok
19:54:29.0424 1900 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:54:29.0455 1900 adp94xx - ok
19:54:29.0502 1900 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:54:29.0518 1900 adpahci - ok
19:54:29.0533 1900 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:54:29.0533 1900 adpu320 - ok
19:54:29.0549 1900 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:54:29.0549 1900 AeLookupSvc - ok
19:54:29.0627 1900 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:54:29.0627 1900 AFD - ok
19:54:29.0658 1900 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:54:29.0658 1900 agp440 - ok
19:54:29.0689 1900 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:54:29.0689 1900 ALG - ok
19:54:29.0720 1900 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:54:29.0720 1900 aliide - ok
19:54:29.0720 1900 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:54:29.0720 1900 amdide - ok
19:54:29.0720 1900 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:54:29.0720 1900 AmdK8 - ok
19:54:29.0736 1900 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:54:29.0736 1900 AmdPPM - ok
19:54:29.0767 1900 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:54:29.0767 1900 amdsata - ok
19:54:29.0814 1900 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:54:29.0814 1900 amdsbs - ok
19:54:29.0845 1900 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:54:29.0845 1900 amdxata - ok
19:54:29.0954 1900 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:54:29.0954 1900 AntiVirSchedulerService - ok
19:54:29.0986 1900 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:54:29.0986 1900 AntiVirService - ok
19:54:30.0032 1900 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:54:30.0032 1900 AppID - ok
19:54:30.0064 1900 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:54:30.0064 1900 AppIDSvc - ok
19:54:30.0079 1900 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:54:30.0079 1900 Appinfo - ok
19:54:30.0157 1900 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:54:30.0173 1900 Apple Mobile Device - ok
19:54:30.0188 1900 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:54:30.0188 1900 arc - ok
19:54:30.0220 1900 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:54:30.0220 1900 arcsas - ok
19:54:30.0235 1900 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:54:30.0235 1900 AsyncMac - ok
19:54:30.0251 1900 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:54:30.0251 1900 atapi - ok
19:54:30.0376 1900 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
19:54:30.0438 1900 athr - ok
19:54:30.0563 1900 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:54:30.0594 1900 AudioEndpointBuilder - ok
19:54:30.0610 1900 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:54:30.0610 1900 AudioSrv - ok
19:54:30.0672 1900 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:54:30.0672 1900 avgntflt - ok
19:54:30.0688 1900 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:54:30.0688 1900 avipbb - ok
19:54:30.0719 1900 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:54:30.0719 1900 avkmgr - ok
19:54:30.0781 1900 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:54:30.0781 1900 AxInstSV - ok
19:54:30.0844 1900 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:54:30.0859 1900 b06bdrv - ok
19:54:30.0890 1900 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:54:30.0906 1900 b57nd60a - ok
19:54:30.0937 1900 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:54:30.0937 1900 BDESVC - ok
19:54:30.0968 1900 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:54:30.0968 1900 Beep - ok
19:54:31.0046 1900 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:54:31.0078 1900 BFE - ok
19:54:31.0140 1900 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:54:31.0156 1900 BITS - ok
19:54:31.0218 1900 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:54:31.0218 1900 blbdrive - ok
19:54:31.0296 1900 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:54:31.0296 1900 Bonjour Service - ok
19:54:31.0327 1900 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:54:31.0327 1900 bowser - ok
19:54:31.0374 1900 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:54:31.0374 1900 BrFiltLo - ok
19:54:31.0374 1900 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:54:31.0374 1900 BrFiltUp - ok
19:54:31.0421 1900 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:54:31.0421 1900 Browser - ok
19:54:31.0452 1900 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:54:31.0452 1900 Brserid - ok
19:54:31.0468 1900 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:54:31.0468 1900 BrSerWdm - ok
19:54:31.0483 1900 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:54:31.0483 1900 BrUsbMdm - ok
19:54:31.0499 1900 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:54:31.0499 1900 BrUsbSer - ok
19:54:31.0530 1900 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:54:31.0530 1900 BTHMODEM - ok
19:54:31.0592 1900 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:54:31.0608 1900 BTHPORT - ok
19:54:31.0639 1900 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:54:31.0655 1900 bthserv - ok
19:54:31.0670 1900 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:54:31.0670 1900 BTHUSB - ok
19:54:31.0717 1900 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:54:31.0717 1900 cdfs - ok
19:54:31.0748 1900 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:54:31.0748 1900 cdrom - ok
19:54:31.0795 1900 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:54:31.0795 1900 CertPropSvc - ok
19:54:31.0826 1900 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:54:31.0826 1900 circlass - ok
19:54:31.0858 1900 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:54:31.0873 1900 CLFS - ok
19:54:31.0951 1900 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:54:31.0967 1900 clr_optimization_v2.0.50727_32 - ok
19:54:32.0029 1900 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:54:32.0029 1900 clr_optimization_v2.0.50727_64 - ok
19:54:32.0107 1900 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:54:32.0170 1900 clr_optimization_v4.0.30319_32 - ok
19:54:32.0185 1900 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:54:32.0201 1900 clr_optimization_v4.0.30319_64 - ok
19:54:32.0232 1900 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:54:32.0232 1900 CmBatt - ok
19:54:32.0248 1900 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:54:32.0248 1900 cmdide - ok
19:54:32.0294 1900 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:54:32.0310 1900 CNG - ok
19:54:32.0357 1900 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:54:32.0357 1900 Compbatt - ok
19:54:32.0388 1900 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:54:32.0404 1900 CompositeBus - ok
19:54:32.0404 1900 COMSysApp - ok
19:54:32.0419 1900 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:54:32.0419 1900 crcdisk - ok
19:54:32.0466 1900 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:54:32.0466 1900 CryptSvc - ok
19:54:32.0528 1900 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:54:32.0544 1900 DcomLaunch - ok
19:54:32.0591 1900 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:54:32.0606 1900 defragsvc - ok
19:54:32.0638 1900 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:54:32.0638 1900 DfsC - ok
19:54:32.0669 1900 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:54:32.0669 1900 Dhcp - ok
19:54:32.0700 1900 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:54:32.0700 1900 discache - ok
19:54:32.0731 1900 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:54:32.0731 1900 Disk - ok
19:54:32.0762 1900 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:54:32.0762 1900 Dnscache - ok
19:54:32.0794 1900 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:54:32.0794 1900 dot3svc - ok
19:54:32.0825 1900 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:54:32.0825 1900 DPS - ok
19:54:32.0872 1900 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:54:32.0872 1900 drmkaud - ok
19:54:32.0965 1900 DsiWMIService (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:54:32.0965 1900 DsiWMIService - ok
19:54:33.0043 1900 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:54:33.0043 1900 DXGKrnl - ok
19:54:33.0090 1900 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:54:33.0090 1900 EapHost - ok
19:54:33.0230 1900 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:54:33.0308 1900 ebdrv - ok
19:54:33.0402 1900 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:54:33.0402 1900 EFS - ok
19:54:33.0496 1900 EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:54:33.0496 1900 EgisTec Ticket Service - ok
19:54:33.0574 1900 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:54:33.0605 1900 ehRecvr - ok
19:54:33.0652 1900 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:54:33.0652 1900 ehSched - ok
19:54:33.0730 1900 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:54:33.0761 1900 elxstor - ok
19:54:33.0870 1900 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:54:33.0870 1900 ePowerSvc - ok
19:54:33.0948 1900 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:54:33.0948 1900 EpsonBidirectionalService - ok
19:54:34.0026 1900 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:54:34.0026 1900 ErrDev - ok
19:54:34.0073 1900 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:54:34.0088 1900 EventSystem - ok
19:54:34.0135 1900 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:54:34.0135 1900 exfat - ok
19:54:34.0151 1900 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:54:34.0166 1900 fastfat - ok
19:54:34.0229 1900 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:54:34.0244 1900 Fax - ok
19:54:34.0260 1900 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:54:34.0260 1900 fdc - ok
19:54:34.0291 1900 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:54:34.0291 1900 fdPHost - ok
19:54:34.0291 1900 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:54:34.0291 1900 FDResPub - ok
19:54:34.0322 1900 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:54:34.0322 1900 FileInfo - ok
19:54:34.0338 1900 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:54:34.0338 1900 Filetrace - ok
19:54:34.0432 1900 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:54:34.0478 1900 FLEXnet Licensing Service - ok
19:54:34.0510 1900 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:54:34.0510 1900 flpydisk - ok
19:54:34.0556 1900 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:54:34.0572 1900 FltMgr - ok
19:54:34.0619 1900 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:54:34.0666 1900 FontCache - ok
19:54:34.0728 1900 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:54:34.0728 1900 FontCache3.0.0.0 - ok
19:54:34.0775 1900 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:54:34.0775 1900 FsDepends - ok
19:54:34.0790 1900 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:54:34.0790 1900 Fs_Rec - ok
19:54:34.0822 1900 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:54:34.0837 1900 fvevol - ok
19:54:34.0868 1900 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:54:34.0868 1900 gagp30kx - ok
19:54:34.0900 1900 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:54:34.0900 1900 GEARAspiWDM - ok
19:54:34.0946 1900 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:54:34.0993 1900 gpsvc - ok
19:54:35.0009 1900 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:54:35.0009 1900 hcw85cir - ok
19:54:35.0056 1900 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:54:35.0071 1900 HdAudAddService - ok
19:54:35.0102 1900 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:54:35.0102 1900 HDAudBus - ok
19:54:35.0118 1900 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:54:35.0118 1900 HidBatt - ok
19:54:35.0134 1900 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:54:35.0134 1900 HidBth - ok
19:54:35.0149 1900 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:54:35.0149 1900 HidIr - ok
19:54:35.0243 1900 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:54:35.0243 1900 hidserv - ok
19:54:35.0290 1900 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:54:35.0290 1900 HidUsb - ok
19:54:35.0321 1900 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:54:35.0321 1900 hkmsvc - ok
19:54:35.0352 1900 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:54:35.0368 1900 HomeGroupListener - ok
19:54:35.0399 1900 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:54:35.0399 1900 HomeGroupProvider - ok
19:54:35.0414 1900 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:54:35.0430 1900 HpSAMD - ok
19:54:35.0477 1900 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:54:35.0492 1900 HTTP - ok
19:54:35.0492 1900 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:54:35.0492 1900 hwpolicy - ok
19:54:35.0508 1900 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:54:35.0508 1900 i8042prt - ok
19:54:35.0586 1900 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:54:35.0586 1900 iaStor - ok
19:54:35.0633 1900 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:54:35.0648 1900 iaStorV - ok
19:54:35.0742 1900 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:54:35.0789 1900 idsvc - ok
19:54:36.0319 1900 igfx (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:54:36.0538 1900 igfx - ok
19:54:36.0631 1900 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:54:36.0631 1900 iirsp - ok
19:54:36.0678 1900 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:54:36.0709 1900 IKEEXT - ok
19:54:36.0850 1900 IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
19:54:36.0912 1900 IntcAzAudAddService - ok
19:54:37.0037 1900 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:54:37.0037 1900 IntcDAud - ok
19:54:37.0068 1900 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:54:37.0068 1900 intelide - ok
19:54:37.0099 1900 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:54:37.0099 1900 intelppm - ok
19:54:37.0130 1900 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:54:37.0130 1900 IPBusEnum - ok
19:54:37.0146 1900 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:54:37.0146 1900 IpFilterDriver - ok
19:54:37.0177 1900 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:54:37.0208 1900 iphlpsvc - ok
19:54:37.0224 1900 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:54:37.0224 1900 IPMIDRV - ok
19:54:37.0286 1900 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:54:37.0286 1900 IPNAT - ok
19:54:37.0427 1900 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:54:37.0442 1900 iPod Service - ok
19:54:37.0474 1900 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:54:37.0474 1900 IRENUM - ok
19:54:37.0489 1900 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:54:37.0489 1900 isapnp - ok
19:54:37.0520 1900 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:54:37.0536 1900 iScsiPrt - ok
19:54:37.0552 1900 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:54:37.0552 1900 kbdclass - ok
19:54:37.0567 1900 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:54:37.0567 1900 kbdhid - ok
19:54:37.0598 1900 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:37.0598 1900 KeyIso - ok
19:54:37.0614 1900 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:54:37.0614 1900 KSecDD - ok
19:54:37.0630 1900 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:54:37.0630 1900 KSecPkg - ok
19:54:37.0645 1900 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:54:37.0645 1900 ksthunk - ok
19:54:37.0676 1900 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:54:37.0692 1900 KtmRm - ok
19:54:37.0739 1900 L1C (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:54:37.0739 1900 L1C - ok
19:54:37.0786 1900 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:54:37.0786 1900 LanmanServer - ok
19:54:37.0817 1900 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:54:37.0817 1900 LanmanWorkstation - ok
19:54:37.0895 1900 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:54:37.0895 1900 Live Updater Service - ok
19:54:37.0910 1900 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:54:37.0910 1900 lltdio - ok
19:54:37.0957 1900 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:54:37.0973 1900 lltdsvc - ok
19:54:37.0988 1900 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:54:37.0988 1900 lmhosts - ok
19:54:38.0066 1900 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:54:38.0082 1900 LMS - ok
19:54:38.0113 1900 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:54:38.0113 1900 LSI_FC - ok
19:54:38.0144 1900 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:54:38.0144 1900 LSI_SAS - ok
19:54:38.0144 1900 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:54:38.0144 1900 LSI_SAS2 - ok
19:54:38.0160 1900 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:54:38.0160 1900 LSI_SCSI - ok
19:54:38.0191 1900 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:54:38.0191 1900 luafv - ok
19:54:38.0222 1900 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:54:38.0222 1900 Mcx2Svc - ok
19:54:38.0238 1900 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:54:38.0238 1900 megasas - ok
19:54:38.0269 1900 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:54:38.0285 1900 MegaSR - ok
19:54:38.0332 1900 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:54:38.0332 1900 MEIx64 - ok
19:54:38.0378 1900 Microsoft SharePoint Workspace Audit Service - ok
19:54:38.0410 1900 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:54:38.0410 1900 MMCSS - ok
19:54:38.0425 1900 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:54:38.0425 1900 Modem - ok
19:54:38.0472 1900 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:54:38.0472 1900 monitor - ok
19:54:38.0488 1900 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:54:38.0488 1900 mouclass - ok
19:54:38.0503 1900 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:54:38.0503 1900 mouhid - ok
19:54:38.0566 1900 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:54:38.0566 1900 mountmgr - ok
19:54:38.0815 1900 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:54:38.0815 1900 mpio - ok
19:54:38.0831 1900 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:54:38.0831 1900 mpsdrv - ok
19:54:38.0893 1900 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:54:38.0924 1900 MpsSvc - ok
19:54:38.0940 1900 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:54:38.0940 1900 MRxDAV - ok
19:54:38.0971 1900 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:54:38.0971 1900 mrxsmb - ok
19:54:39.0018 1900 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:54:39.0018 1900 mrxsmb10 - ok
19:54:39.0034 1900 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:54:39.0034 1900 mrxsmb20 - ok
19:54:39.0065 1900 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:54:39.0065 1900 msahci - ok
19:54:39.0065 1900 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:54:39.0065 1900 msdsm - ok
19:54:39.0096 1900 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:54:39.0112 1900 MSDTC - ok
19:54:39.0112 1900 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:54:39.0127 1900 Msfs - ok
19:54:39.0127 1900 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:54:39.0127 1900 mshidkmdf - ok
19:54:39.0127 1900 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:54:39.0127 1900 msisadrv - ok
19:54:39.0174 1900 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:54:39.0174 1900 MSiSCSI - ok
19:54:39.0174 1900 msiserver - ok
19:54:39.0205 1900 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:54:39.0205 1900 MSKSSRV - ok
19:54:39.0205 1900 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:54:39.0205 1900 MSPCLOCK - ok
19:54:39.0205 1900 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:54:39.0221 1900 MSPQM - ok
19:54:39.0236 1900 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:54:39.0252 1900 MsRPC - ok
19:54:39.0268 1900 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:54:39.0268 1900 mssmbios - ok
19:54:39.0268 1900 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:54:39.0268 1900 MSTEE - ok
19:54:39.0268 1900 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:54:39.0268 1900 MTConfig - ok
19:54:39.0268 1900 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:54:39.0268 1900 Mup - ok
19:54:39.0283 1900 mwlPSDFilter (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:54:39.0283 1900 mwlPSDFilter - ok
19:54:39.0283 1900 mwlPSDNServ (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:54:39.0283 1900 mwlPSDNServ - ok
19:54:39.0283 1900 mwlPSDVDisk (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:54:39.0283 1900 mwlPSDVDisk - ok
19:54:39.0330 1900 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:54:39.0346 1900 napagent - ok
19:54:39.0408 1900 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:54:39.0408 1900 NativeWifiP - ok
19:54:39.0486 1900 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:54:39.0517 1900 NDIS - ok
19:54:39.0533 1900 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:54:39.0533 1900 NdisCap - ok
19:54:39.0548 1900 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:54:39.0548 1900 NdisTapi - ok
19:54:39.0564 1900 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:54:39.0564 1900 Ndisuio - ok
19:54:39.0580 1900 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:54:39.0580 1900 NdisWan - ok
19:54:39.0611 1900 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:54:39.0611 1900 NDProxy - ok
19:54:39.0611 1900 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:54:39.0611 1900 NetBIOS - ok
19:54:39.0626 1900 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:54:39.0626 1900 NetBT - ok
19:54:39.0658 1900 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:39.0658 1900 Netlogon - ok
19:54:39.0704 1900 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:54:39.0720 1900 Netman - ok
19:54:39.0736 1900 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:54:39.0751 1900 netprofm - ok
19:54:39.0814 1900 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:54:39.0814 1900 NetTcpPortSharing - ok
19:54:39.0845 1900 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:54:39.0845 1900 nfrd960 - ok
19:54:39.0907 1900 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:54:39.0907 1900 NlaSvc - ok
19:54:39.0923 1900 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:54:39.0923 1900 Npfs - ok
19:54:39.0923 1900 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:54:39.0923 1900 nsi - ok
19:54:39.0938 1900 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:54:39.0938 1900 nsiproxy - ok
19:54:40.0001 1900 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:54:40.0032 1900 Ntfs - ok
19:54:40.0094 1900 NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:54:40.0110 1900 NTI IScheduleSvc - ok
19:54:40.0188 1900 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:54:40.0188 1900 NTIDrvr - ok
19:54:40.0204 1900 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:54:40.0204 1900 Null - ok
19:54:40.0250 1900 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:54:40.0250 1900 nvraid - ok
19:54:40.0250 1900 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:54:40.0250 1900 nvstor - ok
19:54:40.0282 1900 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:54:40.0282 1900 nv_agp - ok
19:54:40.0297 1900 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:54:40.0297 1900 ohci1394 - ok
19:54:40.0360 1900 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:54:40.0375 1900 ose - ok
19:54:40.0640 1900 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:54:40.0750 1900 osppsvc - ok
19:54:40.0874 1900 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:54:40.0874 1900 p2pimsvc - ok
19:54:40.0906 1900 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:54:40.0906 1900 p2psvc - ok
19:54:40.0952 1900 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:54:40.0952 1900 Parport - ok
19:54:40.0968 1900 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:54:40.0968 1900 partmgr - ok
19:54:40.0999 1900 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:54:40.0999 1900 PcaSvc - ok
19:54:41.0015 1900 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:54:41.0030 1900 pci - ok
19:54:41.0030 1900 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:54:41.0030 1900 pciide - ok
19:54:41.0062 1900 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:54:41.0062 1900 pcmcia - ok
19:54:41.0062 1900 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:54:41.0062 1900 pcw - ok
19:54:41.0124 1900 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:54:41.0124 1900 PEAUTH - ok
19:54:41.0186 1900 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:54:41.0186 1900 PerfHost - ok
19:54:41.0280 1900 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:54:41.0311 1900 pla - ok
19:54:41.0342 1900 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:54:41.0358 1900 PlugPlay - ok
19:54:41.0374 1900 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:54:41.0374 1900 PNRPAutoReg - ok
19:54:41.0405 1900 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:54:41.0420 1900 PNRPsvc - ok
19:54:41.0467 1900 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:54:41.0483 1900 PolicyAgent - ok
19:54:41.0514 1900 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:54:41.0514 1900 Power - ok
19:54:41.0592 1900 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:54:41.0592 1900 PptpMiniport - ok
19:54:41.0608 1900 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:54:41.0608 1900 Processor - ok
19:54:41.0654 1900 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:54:41.0670 1900 ProfSvc - ok
19:54:41.0701 1900 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:41.0701 1900 ProtectedStorage - ok
19:54:41.0748 1900 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:54:41.0748 1900 Psched - ok
19:54:41.0826 1900 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:54:41.0888 1900 ql2300 - ok
19:54:41.0966 1900 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:54:41.0966 1900 ql40xx - ok
19:54:42.0013 1900 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:54:42.0013 1900 QWAVE - ok
19:54:42.0029 1900 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:54:42.0029 1900 QWAVEdrv - ok
19:54:42.0029 1900 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:54:42.0029 1900 RasAcd - ok
19:54:42.0060 1900 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:54:42.0060 1900 RasAgileVpn - ok
19:54:42.0076 1900 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:54:42.0076 1900 RasAuto - ok
19:54:42.0107 1900 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:54:42.0107 1900 Rasl2tp - ok
19:54:42.0138 1900 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:54:42.0154 1900 RasMan - ok
19:54:42.0169 1900 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:54:42.0169 1900 RasPppoe - ok
19:54:42.0185 1900 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:54:42.0185 1900 RasSstp - ok
19:54:42.0216 1900 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:54:42.0216 1900 rdbss - ok
19:54:42.0232 1900 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:54:42.0232 1900 rdpbus - ok
19:54:42.0247 1900 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:54:42.0247 1900 RDPCDD - ok
19:54:42.0263 1900 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:54:42.0263 1900 RDPENCDD - ok
19:54:42.0278 1900 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:54:42.0278 1900 RDPREFMP - ok
19:54:42.0310 1900 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:54:42.0325 1900 RDPWD - ok
19:54:42.0341 1900 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:54:42.0341 1900 rdyboost - ok
19:54:42.0372 1900 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:54:42.0372 1900 RemoteAccess - ok
19:54:42.0403 1900 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:54:42.0403 1900 RemoteRegistry - ok
19:54:42.0434 1900 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:54:42.0434 1900 RpcEptMapper - ok
19:54:42.0450 1900 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:54:42.0466 1900 RpcLocator - ok
19:54:42.0497 1900 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:54:42.0497 1900 RpcSs - ok
19:54:42.0575 1900 RSPCIESTOR (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:54:42.0575 1900 RSPCIESTOR - ok
19:54:42.0606 1900 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:54:42.0606 1900 rspndr - ok
19:54:42.0622 1900 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:42.0622 1900 SamSs - ok
19:54:42.0653 1900 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:54:42.0653 1900 sbp2port - ok
19:54:42.0684 1900 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:54:42.0700 1900 SCardSvr - ok
19:54:42.0715 1900 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:54:42.0715 1900 scfilter - ok
19:54:42.0778 1900 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:54:42.0824 1900 Schedule - ok
19:54:42.0856 1900 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:54:42.0856 1900 SCPolicySvc - ok
19:54:42.0871 1900 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:54:42.0887 1900 SDRSVC - ok
19:54:42.0949 1900 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:54:42.0949 1900 secdrv - ok
19:54:42.0965 1900 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:54:42.0965 1900 seclogon - ok
19:54:42.0996 1900 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:54:42.0996 1900 SENS - ok
19:54:43.0027 1900 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:54:43.0027 1900 SensrSvc - ok
19:54:43.0058 1900 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:54:43.0058 1900 Serenum - ok
19:54:43.0090 1900 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:54:43.0090 1900 Serial - ok
19:54:43.0105 1900 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:54:43.0105 1900 sermouse - ok
19:54:43.0152 1900 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:54:43.0152 1900 SessionEnv - ok
19:54:43.0152 1900 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:54:43.0152 1900 sffdisk - ok
19:54:43.0168 1900 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:54:43.0168 1900 sffp_mmc - ok
19:54:43.0168 1900 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:54:43.0168 1900 sffp_sd - ok
19:54:43.0183 1900 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:54:43.0183 1900 sfloppy - ok
19:54:43.0214 1900 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:54:43.0230 1900 SharedAccess - ok
19:54:43.0261 1900 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:54:43.0277 1900 ShellHWDetection - ok
19:54:43.0324 1900 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:54:43.0324 1900 SiSRaid2 - ok
19:54:43.0324 1900 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:54:43.0324 1900 SiSRaid4 - ok
19:54:43.0339 1900 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:54:43.0339 1900 Smb - ok
19:54:43.0417 1900 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:54:43.0417 1900 SNMPTRAP - ok
19:54:43.0433 1900 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:54:43.0433 1900 spldr - ok
19:54:43.0464 1900 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:54:43.0480 1900 Spooler - ok
19:54:43.0682 1900 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:54:43.0760 1900 sppsvc - ok
19:54:43.0854 1900 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:54:43.0854 1900 sppuinotify - ok
19:54:43.0901 1900 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:54:43.0901 1900 srv - ok
19:54:43.0932 1900 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:54:43.0932 1900 srv2 - ok
19:54:43.0948 1900 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:54:43.0948 1900 srvnet - ok
19:54:43.0979 1900 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:54:43.0994 1900 SSDPSRV - ok
19:54:43.0994 1900 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:54:44.0010 1900 SstpSvc - ok
19:54:44.0026 1900 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:54:44.0026 1900 stexstor - ok
19:54:44.0072 1900 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:54:44.0104 1900 stisvc - ok
19:54:44.0135 1900 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:54:44.0135 1900 swenum - ok
19:54:44.0150 1900 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:54:44.0182 1900 swprv - ok
19:54:44.0275 1900 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:54:44.0291 1900 SynTP - ok
19:54:44.0462 1900 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:54:44.0494 1900 SysMain - ok
19:54:44.0556 1900 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:54:44.0556 1900 TabletInputService - ok
19:54:44.0587 1900 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:54:44.0587 1900 TapiSrv - ok
19:54:44.0603 1900 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:54:44.0603 1900 TBS - ok
19:54:44.0712 1900 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:54:44.0759 1900 Tcpip - ok
19:54:44.0915 1900 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:54:44.0930 1900 TCPIP6 - ok
19:54:45.0008 1900 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:54:45.0008 1900 tcpipreg - ok
19:54:45.0040 1900 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:54:45.0040 1900 TDPIPE - ok
19:54:45.0071 1900 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:54:45.0071 1900 TDTCP - ok
19:54:45.0086 1900 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:54:45.0086 1900 tdx - ok
19:54:45.0102 1900 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:54:45.0102 1900 TermDD - ok
19:54:45.0164 1900 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:54:45.0180 1900 TermService - ok
19:54:45.0196 1900 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:54:45.0196 1900 Themes - ok
19:54:45.0227 1900 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:54:45.0227 1900 THREADORDER - ok
19:54:45.0242 1900 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:54:45.0242 1900 TrkWks - ok
19:54:45.0289 1900 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:54:45.0289 1900 TrustedInstaller - ok
19:54:45.0305 1900 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:54:45.0305 1900 tssecsrv - ok
19:54:45.0336 1900 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:54:45.0336 1900 TsUsbFlt - ok
19:54:45.0352 1900 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:54:45.0352 1900 TsUsbGD - ok
19:54:45.0383 1900 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:54:45.0383 1900 tunnel - ok
19:54:45.0398 1900 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:54:45.0398 1900 uagp35 - ok
19:54:45.0398 1900 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:54:45.0398 1900 UBHelper - ok
19:54:45.0430 1900 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:54:45.0445 1900 udfs - ok
19:54:45.0461 1900 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:54:45.0476 1900 UI0Detect - ok
19:54:45.0508 1900 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:54:45.0508 1900 uliagpkx - ok
19:54:45.0539 1900 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:54:45.0539 1900 umbus - ok
19:54:45.0554 1900 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:54:45.0554 1900 UmPass - ok
19:54:45.0710 1900 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:54:45.0773 1900 UNS - ok
19:54:45.0882 1900 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:54:45.0882 1900 upnphost - ok
19:54:45.0929 1900 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:54:45.0929 1900 USBAAPL64 - ok
19:54:45.0960 1900 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:54:45.0960 1900 usbccgp - ok
19:54:45.0991 1900 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:54:45.0991 1900 usbcir - ok
19:54:46.0007 1900 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:54:46.0007 1900 usbehci - ok
19:54:46.0054 1900 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:54:46.0054 1900 usbhub - ok
19:54:46.0085 1900 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:54:46.0085 1900 usbohci - ok
19:54:46.0100 1900 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:54:46.0100 1900 usbprint - ok
19:54:46.0116 1900 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:54:46.0116 1900 USBSTOR - ok
19:54:46.0132 1900 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:54:46.0132 1900 usbuhci - ok
19:54:46.0147 1900 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:54:46.0147 1900 usbvideo - ok
19:54:46.0163 1900 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:54:46.0178 1900 UxSms - ok
19:54:46.0194 1900 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:46.0194 1900 VaultSvc - ok
19:54:46.0210 1900 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:54:46.0210 1900 vdrvroot - ok
19:54:46.0225 1900 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:54:46.0256 1900 vds - ok
19:54:46.0272 1900 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:54:46.0288 1900 vga - ok
19:54:46.0288 1900 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:54:46.0288 1900 VgaSave - ok
19:54:46.0303 1900 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:54:46.0303 1900 vhdmp - ok
19:54:46.0303 1900 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:54:46.0303 1900 viaide - ok
19:54:46.0319 1900 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:54:46.0319 1900 volmgr - ok
19:54:46.0366 1900 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:54:46.0381 1900 volmgrx - ok
19:54:46.0397 1900 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:54:46.0397 1900 volsnap - ok
19:54:46.0428 1900 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:54:46.0428 1900 vsmraid - ok
19:54:46.0522 1900 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:54:46.0584 1900 VSS - ok
19:54:46.0678 1900 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:54:46.0678 1900 vwifibus - ok
19:54:46.0709 1900 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:54:46.0709 1900 vwififlt - ok
19:54:46.0740 1900 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:54:46.0756 1900 W32Time - ok
19:54:46.0771 1900 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:54:46.0771 1900 WacomPen - ok
19:54:46.0802 1900 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:54:46.0802 1900 WANARP - ok
19:54:46.0802 1900 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:54:46.0802 1900 Wanarpv6 - ok
19:54:46.0880 1900 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:54:46.0912 1900 wbengine - ok
19:54:46.0990 1900 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:54:46.0990 1900 WbioSrvc - ok
19:54:47.0036 1900 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:54:47.0036 1900 wcncsvc - ok
19:54:47.0052 1900 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:54:47.0052 1900 WcsPlugInService - ok
19:54:47.0099 1900 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:54:47.0099 1900 Wd - ok
19:54:47.0146 1900 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:54:47.0177 1900 Wdf01000 - ok
19:54:47.0208 1900 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:54:47.0208 1900 WdiServiceHost - ok
19:54:47.0208 1900 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:54:47.0208 1900 WdiSystemHost - ok
19:54:47.0239 1900 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:54:47.0239 1900 WebClient - ok
19:54:47.0270 1900 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:54:47.0270 1900 Wecsvc - ok
19:54:47.0286 1900 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:54:47.0286 1900 wercplsupport - ok
19:54:47.0317 1900 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:54:47.0317 1900 WerSvc - ok
19:54:47.0364 1900 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:54:47.0364 1900 WfpLwf - ok
19:54:47.0380 1900 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:54:47.0380 1900 WIMMount - ok
19:54:47.0411 1900 WinDefend - ok
19:54:47.0411 1900 WinHttpAutoProxySvc - ok
19:54:47.0489 1900 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:54:47.0489 1900 Winmgmt - ok
19:54:47.0583 1900 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:54:47.0629 1900 WinRM - ok
19:54:47.0770 1900 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:54:47.0801 1900 Wlansvc - ok
19:54:47.0973 1900 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:54:48.0035 1900 wlidsvc - ok
19:54:48.0144 1900 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:54:48.0144 1900 WmiAcpi - ok
19:54:48.0207 1900 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:54:48.0222 1900 wmiApSrv - ok
19:54:48.0285 1900 WMPNetworkSvc - ok
19:54:48.0316 1900 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:54:48.0316 1900 WPCSvc - ok
19:54:48.0331 1900 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:54:48.0331 1900 WPDBusEnum - ok
19:54:48.0363 1900 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:54:48.0363 1900 ws2ifsl - ok
19:54:48.0378 1900 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:54:48.0378 1900 wscsvc - ok
19:54:48.0378 1900 WSearch - ok
19:54:48.0503 1900 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:54:48.0550 1900 wuauserv - ok
19:54:48.0643 1900 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:54:48.0643 1900 WudfPf - ok
19:54:48.0659 1900 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:54:48.0659 1900 WUDFRd - ok
19:54:48.0690 1900 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:54:48.0690 1900 wudfsvc - ok
19:54:48.0706 1900 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:54:48.0721 1900 WwanSvc - ok
19:54:48.0753 1900 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:54:48.0955 1900 \Device\Harddisk0\DR0 - ok
19:54:48.0955 1900 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
19:54:55.0398 1900 \Device\Harddisk1\DR1 - ok
19:54:55.0414 1900 Boot (0x1200) (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
19:54:55.0414 1900 \Device\Harddisk0\DR0\Partition0 - ok
19:54:55.0476 1900 Boot (0x1200) (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
19:54:55.0476 1900 \Device\Harddisk0\DR0\Partition1 - ok
19:54:55.0507 1900 Boot (0x1200) (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
19:54:55.0507 1900 \Device\Harddisk0\DR0\Partition2 - ok
19:54:55.0507 1900 Boot (0x1200) (fc67aa68c489909a3bf015625b206d8a) \Device\Harddisk1\DR1\Partition0
19:54:55.0507 1900 \Device\Harddisk1\DR1\Partition0 - ok
19:54:55.0507 1900 ============================================================
19:54:55.0507 1900 Scan finished
19:54:55.0507 1900 ============================================================
19:54:55.0523 1892 Detected object count: 0
19:54:55.0523 1892 Actual detected object count: 0
19:54:59.0844 1852 Deinitialize success
Code:
ATTFilter 21:51:42.0582 3332 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
21:51:42.0940 3332 ============================================================
21:51:42.0940 3332 Current date / time: 2012/07/04 21:51:42.0940
21:51:42.0940 3332 SystemInfo:
21:51:42.0940 3332
21:51:42.0940 3332 OS Version: 6.1.7601 ServicePack: 1.0
21:51:42.0940 3332 Product type: Workstation
21:51:42.0940 3332 ComputerName: Sternekoch-PC
21:51:42.0940 3332 UserName: Sternekoch
21:51:42.0940 3332 Windows directory: C:\Windows
21:51:42.0940 3332 System windows directory: C:\Windows
21:51:42.0940 3332 Running under WOW64
21:51:42.0940 3332 Processor architecture: Intel x64
21:51:42.0940 3332 Number of processors: 4
21:51:42.0940 3332 Page size: 0x1000
21:51:42.0940 3332 Boot type: Normal boot
21:51:42.0940 3332 ============================================================
21:51:44.0750 3332 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:51:44.0766 3332 Drive \Device\Harddisk1\DR1 - Size: 0x1F4C00000 (7.82 Gb), SectorSize: 0x200, Cylinders: 0x3FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:51:44.0766 3332 ============================================================
21:51:44.0766 3332 \Device\Harddisk0\DR0:
21:51:44.0766 3332 MBR partitions:
21:51:44.0766 3332 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
21:51:44.0766 3332 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0xAFCA645
21:51:44.0781 3332 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDFCE84, BlocksNum 0x2D5841AC
21:51:44.0781 3332 \Device\Harddisk1\DR1:
21:51:44.0781 3332 MBR partitions:
21:51:44.0781 3332 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xFA5FC0
21:51:44.0781 3332 ============================================================
21:51:44.0890 3332 C: <-> \Device\Harddisk0\DR0\Partition1
21:51:44.0906 3332 E: <-> \Device\Harddisk0\DR0\Partition2
21:51:44.0906 3332 ============================================================
21:51:44.0906 3332 Initialize success
21:51:44.0906 3332 ============================================================
21:51:52.0815 4312 ============================================================
21:51:52.0815 4312 Scan started
21:51:52.0815 4312 Mode: Manual;
21:51:52.0815 4312 ============================================================
21:51:54.0110 4312 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:51:54.0126 4312 1394ohci - ok
21:51:54.0172 4312 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:51:54.0188 4312 ACPI - ok
21:51:54.0219 4312 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:51:54.0219 4312 AcpiPmi - ok
21:51:54.0422 4312 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:51:54.0438 4312 AdobeARMservice - ok
21:51:55.0202 4312 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:51:55.0218 4312 AdobeFlashPlayerUpdateSvc - ok
21:51:55.0280 4312 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:51:55.0311 4312 adp94xx - ok
21:51:55.0405 4312 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:51:55.0436 4312 adpahci - ok
21:51:55.0483 4312 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:51:55.0483 4312 adpu320 - ok
21:51:55.0514 4312 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:51:55.0530 4312 AeLookupSvc - ok
21:51:55.0873 4312 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:51:55.0920 4312 AFD - ok
21:51:55.0951 4312 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:51:55.0966 4312 agp440 - ok
21:51:55.0998 4312 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:51:55.0998 4312 ALG - ok
21:51:56.0013 4312 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:51:56.0029 4312 aliide - ok
21:51:56.0029 4312 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:51:56.0044 4312 amdide - ok
21:51:56.0044 4312 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:51:56.0060 4312 AmdK8 - ok
21:51:56.0060 4312 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:51:56.0076 4312 AmdPPM - ok
21:51:56.0107 4312 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:51:56.0122 4312 amdsata - ok
21:51:56.0138 4312 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:51:56.0169 4312 amdsbs - ok
21:51:56.0185 4312 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:51:56.0200 4312 amdxata - ok
21:51:56.0450 4312 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:51:56.0450 4312 AntiVirSchedulerService - ok
21:51:56.0466 4312 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:51:56.0481 4312 AntiVirService - ok
21:51:56.0544 4312 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:51:56.0544 4312 AppID - ok
21:51:56.0622 4312 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:51:56.0622 4312 AppIDSvc - ok
21:51:56.0668 4312 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:51:56.0668 4312 Appinfo - ok
21:51:56.0793 4312 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:51:56.0809 4312 Apple Mobile Device - ok
21:51:56.0824 4312 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:51:56.0840 4312 arc - ok
21:51:56.0871 4312 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:51:56.0871 4312 arcsas - ok
21:51:56.0902 4312 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:51:56.0902 4312 AsyncMac - ok
21:51:56.0934 4312 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:51:56.0934 4312 atapi - ok
21:51:57.0277 4312 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
21:51:57.0355 4312 athr - ok
21:51:57.0714 4312 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:51:57.0870 4312 AudioEndpointBuilder - ok
21:51:57.0885 4312 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:51:57.0885 4312 AudioSrv - ok
21:51:57.0963 4312 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
21:51:57.0963 4312 avgntflt - ok
21:51:57.0994 4312 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
21:51:57.0994 4312 avipbb - ok
21:51:58.0026 4312 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:51:58.0026 4312 avkmgr - ok
21:51:58.0072 4312 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:51:58.0072 4312 AxInstSV - ok
21:51:58.0135 4312 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:51:58.0166 4312 b06bdrv - ok
21:51:58.0228 4312 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:51:58.0260 4312 b57nd60a - ok
21:51:58.0322 4312 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:51:58.0322 4312 BDESVC - ok
21:51:58.0338 4312 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:51:58.0338 4312 Beep - ok
21:51:58.0400 4312 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:51:58.0431 4312 BFE - ok
21:51:58.0494 4312 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:51:58.0572 4312 BITS - ok
21:51:58.0634 4312 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
21:51:58.0650 4312 blbdrive - ok
21:51:58.0743 4312 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
21:51:58.0743 4312 Bonjour Service - ok
21:51:58.0790 4312 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:51:58.0790 4312 bowser - ok
21:51:58.0837 4312 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:51:58.0837 4312 BrFiltLo - ok
21:51:58.0852 4312 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:51:58.0852 4312 BrFiltUp - ok
21:51:58.0884 4312 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:51:58.0899 4312 Browser - ok
21:51:58.0930 4312 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:51:58.0946 4312 Brserid - ok
21:51:58.0946 4312 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:51:58.0962 4312 BrSerWdm - ok
21:51:58.0962 4312 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:51:58.0962 4312 BrUsbMdm - ok
21:51:58.0962 4312 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:51:58.0962 4312 BrUsbSer - ok
21:51:58.0977 4312 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:51:58.0993 4312 BTHMODEM - ok
21:51:59.0071 4312 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
21:51:59.0086 4312 BTHPORT - ok
21:51:59.0149 4312 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:51:59.0149 4312 bthserv - ok
21:51:59.0180 4312 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
21:51:59.0196 4312 BTHUSB - ok
21:51:59.0274 4312 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:51:59.0274 4312 cdfs - ok
21:51:59.0320 4312 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:51:59.0320 4312 cdrom - ok
21:51:59.0383 4312 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:51:59.0383 4312 CertPropSvc - ok
21:51:59.0414 4312 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:51:59.0430 4312 circlass - ok
21:51:59.0461 4312 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:51:59.0508 4312 CLFS - ok
21:51:59.0570 4312 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:51:59.0586 4312 clr_optimization_v2.0.50727_32 - ok
21:51:59.0648 4312 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:51:59.0648 4312 clr_optimization_v2.0.50727_64 - ok
21:51:59.0742 4312 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:51:59.0820 4312 clr_optimization_v4.0.30319_32 - ok
21:51:59.0851 4312 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:51:59.0866 4312 clr_optimization_v4.0.30319_64 - ok
21:51:59.0913 4312 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:51:59.0913 4312 CmBatt - ok
21:51:59.0929 4312 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:51:59.0929 4312 cmdide - ok
21:52:00.0007 4312 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:52:00.0022 4312 CNG - ok
21:52:00.0085 4312 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:52:00.0085 4312 Compbatt - ok
21:52:00.0116 4312 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:52:00.0116 4312 CompositeBus - ok
21:52:00.0132 4312 COMSysApp - ok
21:52:00.0132 4312 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:52:00.0147 4312 crcdisk - ok
21:52:00.0194 4312 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
21:52:00.0334 4312 CryptSvc - ok
21:52:00.0444 4312 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:52:00.0475 4312 DcomLaunch - ok
21:52:00.0506 4312 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:52:00.0537 4312 defragsvc - ok
21:52:00.0568 4312 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:52:00.0568 4312 DfsC - ok
21:52:00.0615 4312 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:52:00.0631 4312 Dhcp - ok
21:52:00.0646 4312 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:52:00.0662 4312 discache - ok
21:52:00.0693 4312 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:52:00.0693 4312 Disk - ok
21:52:00.0740 4312 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:52:00.0756 4312 Dnscache - ok
21:52:00.0787 4312 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:52:00.0802 4312 dot3svc - ok
21:52:00.0834 4312 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:52:00.0834 4312 DPS - ok
21:52:00.0880 4312 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:52:00.0880 4312 drmkaud - ok
21:52:00.0990 4312 DsiWMIService (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
21:52:00.0990 4312 DsiWMIService - ok
21:52:01.0068 4312 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:52:01.0068 4312 DXGKrnl - ok
21:52:01.0099 4312 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:52:01.0114 4312 EapHost - ok
21:52:01.0224 4312 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:52:01.0333 4312 ebdrv - ok
21:52:01.0442 4312 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:52:01.0442 4312 EFS - ok
21:52:01.0520 4312 EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
21:52:01.0520 4312 EgisTec Ticket Service - ok
21:52:01.0614 4312 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:52:01.0645 4312 ehRecvr - ok
21:52:01.0707 4312 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:52:01.0754 4312 ehSched - ok
21:52:01.0863 4312 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:52:01.0879 4312 elxstor - ok
21:52:02.0004 4312 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:52:02.0050 4312 ePowerSvc - ok
21:52:02.0113 4312 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
21:52:02.0128 4312 EpsonBidirectionalService - ok
21:52:02.0222 4312 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:52:02.0222 4312 ErrDev - ok
21:52:02.0269 4312 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:52:02.0300 4312 EventSystem - ok
21:52:02.0331 4312 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:52:02.0331 4312 exfat - ok
21:52:02.0362 4312 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:52:02.0378 4312 fastfat - ok
21:52:02.0425 4312 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:52:02.0440 4312 Fax - ok
21:52:02.0456 4312 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:52:02.0472 4312 fdc - ok
21:52:02.0487 4312 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:52:02.0503 4312 fdPHost - ok
21:52:02.0503 4312 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:52:02.0503 4312 FDResPub - ok
21:52:02.0550 4312 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:52:02.0550 4312 FileInfo - ok
21:52:02.0565 4312 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:52:02.0565 4312 Filetrace - ok
21:52:02.0659 4312 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:52:02.0706 4312 FLEXnet Licensing Service - ok
21:52:02.0737 4312 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:52:02.0737 4312 flpydisk - ok
21:52:02.0752 4312 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:52:02.0768 4312 FltMgr - ok
21:52:02.0830 4312 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:52:02.0908 4312 FontCache - ok
21:52:02.0986 4312 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:52:02.0986 4312 FontCache3.0.0.0 - ok
21:52:03.0033 4312 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:52:03.0049 4312 FsDepends - ok
21:52:03.0064 4312 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:52:03.0080 4312 Fs_Rec - ok
21:52:03.0220 4312 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:52:03.0252 4312 fvevol - ok
21:52:03.0283 4312 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:52:03.0283 4312 gagp30kx - ok
21:52:03.0314 4312 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:52:03.0330 4312 GEARAspiWDM - ok
21:52:03.0361 4312 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:52:03.0408 4312 gpsvc - ok
21:52:03.0454 4312 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:52:03.0454 4312 hcw85cir - ok
21:52:03.0501 4312 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:52:03.0517 4312 HdAudAddService - ok
21:52:03.0579 4312 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:52:03.0579 4312 HDAudBus - ok
21:52:03.0579 4312 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:52:03.0595 4312 HidBatt - ok
21:52:03.0610 4312 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:52:03.0610 4312 HidBth - ok
21:52:03.0657 4312 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:52:03.0657 4312 HidIr - ok
21:52:03.0720 4312 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:52:03.0720 4312 hidserv - ok
21:52:03.0751 4312 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:52:03.0766 4312 HidUsb - ok
21:52:03.0782 4312 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:52:03.0782 4312 hkmsvc - ok
21:52:03.0813 4312 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:52:03.0829 4312 HomeGroupListener - ok
21:52:03.0860 4312 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:52:03.0876 4312 HomeGroupProvider - ok
21:52:03.0907 4312 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:52:03.0907 4312 HpSAMD - ok
21:52:03.0969 4312 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:52:04.0032 4312 HTTP - ok
21:52:04.0063 4312 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:52:04.0078 4312 hwpolicy - ok
21:52:04.0078 4312 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:52:04.0110 4312 i8042prt - ok
21:52:04.0156 4312 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
21:52:04.0172 4312 iaStor - ok
21:52:04.0203 4312 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:52:04.0234 4312 iaStorV - ok
21:52:04.0344 4312 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:52:04.0500 4312 idsvc - ok
21:52:05.0186 4312 igfx (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:52:05.0529 4312 igfx - ok
21:52:05.0638 4312 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:52:05.0654 4312 iirsp - ok
21:52:05.0732 4312 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:52:05.0810 4312 IKEEXT - ok
21:52:05.0982 4312 IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
21:52:06.0013 4312 IntcAzAudAddService - ok
21:52:06.0153 4312 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:52:06.0200 4312 IntcDAud - ok
21:52:06.0216 4312 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:52:06.0231 4312 intelide - ok
21:52:06.0262 4312 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:52:06.0262 4312 intelppm - ok
21:52:06.0309 4312 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:52:06.0325 4312 IPBusEnum - ok
21:52:06.0340 4312 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:52:06.0372 4312 IpFilterDriver - ok
21:52:06.0450 4312 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:52:06.0512 4312 iphlpsvc - ok
21:52:06.0528 4312 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:52:06.0528 4312 IPMIDRV - ok
21:52:06.0559 4312 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:52:06.0574 4312 IPNAT - ok
21:52:06.0715 4312 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
21:52:06.0793 4312 iPod Service - ok
21:52:06.0808 4312 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:52:06.0824 4312 IRENUM - ok
21:52:06.0840 4312 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:52:06.0855 4312 isapnp - ok
21:52:06.0871 4312 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:52:06.0902 4312 iScsiPrt - ok
21:52:06.0933 4312 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:52:06.0933 4312 kbdclass - ok
21:52:06.0949 4312 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:52:06.0949 4312 kbdhid - ok
21:52:06.0980 4312 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:06.0980 4312 KeyIso - ok
21:52:06.0996 4312 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:52:07.0011 4312 KSecDD - ok
21:52:07.0027 4312 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:52:07.0042 4312 KSecPkg - ok
21:52:07.0058 4312 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:52:07.0074 4312 ksthunk - ok
21:52:07.0120 4312 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:52:07.0152 4312 KtmRm - ok
21:52:07.0198 4312 L1C (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
21:52:07.0198 4312 L1C - ok
21:52:07.0245 4312 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:52:07.0276 4312 LanmanServer - ok
21:52:07.0308 4312 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:52:07.0339 4312 LanmanWorkstation - ok
21:52:07.0401 4312 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:52:07.0417 4312 Live Updater Service - ok
21:52:07.0479 4312 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:52:07.0479 4312 lltdio - ok
21:52:07.0510 4312 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:52:07.0542 4312 lltdsvc - ok
21:52:07.0557 4312 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:52:07.0573 4312 lmhosts - ok
21:52:07.0635 4312 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:52:07.0682 4312 LMS - ok
21:52:07.0713 4312 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:52:07.0729 4312 LSI_FC - ok
21:52:07.0744 4312 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:52:07.0760 4312 LSI_SAS - ok
21:52:07.0776 4312 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:52:07.0776 4312 LSI_SAS2 - ok
21:52:07.0791 4312 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:52:07.0807 4312 LSI_SCSI - ok
21:52:07.0822 4312 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:52:07.0822 4312 luafv - ok
21:52:07.0854 4312 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:52:07.0869 4312 Mcx2Svc - ok
21:52:07.0885 4312 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:52:07.0885 4312 megasas - ok
21:52:07.0916 4312 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:52:07.0963 4312 MegaSR - ok
21:52:07.0994 4312 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
21:52:08.0010 4312 MEIx64 - ok
21:52:08.0056 4312 Microsoft SharePoint Workspace Audit Service - ok
21:52:08.0103 4312 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:52:08.0119 4312 MMCSS - ok
21:52:08.0134 4312 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:52:08.0134 4312 Modem - ok
21:52:08.0181 4312 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:52:08.0181 4312 monitor - ok
21:52:08.0212 4312 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:52:08.0228 4312 mouclass - ok
21:52:08.0259 4312 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
21:52:08.0275 4312 mouhid - ok
21:52:08.0290 4312 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:52:08.0290 4312 mountmgr - ok
21:52:08.0306 4312 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:52:08.0322 4312 mpio - ok
21:52:08.0337 4312 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:52:08.0337 4312 mpsdrv - ok
21:52:08.0415 4312 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:52:08.0493 4312 MpsSvc - ok
21:52:08.0509 4312 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:52:08.0524 4312 MRxDAV - ok
21:52:08.0540 4312 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:52:08.0556 4312 mrxsmb - ok
21:52:08.0634 4312 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:52:08.0680 4312 mrxsmb10 - ok
21:52:08.0696 4312 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:52:08.0696 4312 mrxsmb20 - ok
21:52:08.0712 4312 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:52:08.0712 4312 msahci - ok
21:52:08.0727 4312 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:52:08.0743 4312 msdsm - ok
21:52:08.0774 4312 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:52:08.0774 4312 MSDTC - ok
21:52:08.0790 4312 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:52:08.0790 4312 Msfs - ok
21:52:08.0821 4312 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:52:08.0821 4312 mshidkmdf - ok
21:52:08.0821 4312 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:52:08.0821 4312 msisadrv - ok
21:52:08.0868 4312 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:52:08.0883 4312 MSiSCSI - ok
21:52:08.0899 4312 msiserver - ok
21:52:08.0930 4312 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:52:08.0930 4312 MSKSSRV - ok
21:52:08.0930 4312 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:52:08.0946 4312 MSPCLOCK - ok
21:52:08.0961 4312 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:52:08.0977 4312 MSPQM - ok
21:52:09.0024 4312 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:52:09.0039 4312 MsRPC - ok
21:52:09.0055 4312 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:52:09.0055 4312 mssmbios - ok
21:52:09.0055 4312 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:52:09.0070 4312 MSTEE - ok
21:52:09.0070 4312 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:52:09.0070 4312 MTConfig - ok
21:52:09.0086 4312 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:52:09.0086 4312 Mup - ok
21:52:09.0086 4312 mwlPSDFilter (c009123b206c56854f4e88596035231d) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:52:09.0086 4312 mwlPSDFilter - ok
21:52:09.0102 4312 mwlPSDNServ (bf3739eeb9f008b1debac115089a53f8) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:52:09.0102 4312 mwlPSDNServ - ok
21:52:09.0102 4312 mwlPSDVDisk (38dd143d95e7a01b86f219dda9c28779) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:52:09.0117 4312 mwlPSDVDisk - ok
21:52:09.0148 4312 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:52:09.0180 4312 napagent - ok
21:52:09.0226 4312 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:52:09.0226 4312 NativeWifiP - ok
21:52:09.0289 4312 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:52:09.0320 4312 NDIS - ok
21:52:09.0351 4312 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:52:09.0351 4312 NdisCap - ok
21:52:09.0367 4312 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:52:09.0382 4312 NdisTapi - ok
21:52:09.0398 4312 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:52:09.0414 4312 Ndisuio - ok
21:52:09.0429 4312 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:52:09.0429 4312 NdisWan - ok
21:52:09.0460 4312 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:52:09.0460 4312 NDProxy - ok
21:52:09.0476 4312 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:52:09.0476 4312 NetBIOS - ok
21:52:09.0507 4312 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:52:09.0507 4312 NetBT - ok
21:52:09.0538 4312 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:09.0538 4312 Netlogon - ok
21:52:09.0585 4312 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:52:09.0601 4312 Netman - ok
21:52:09.0632 4312 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:52:09.0648 4312 netprofm - ok
21:52:09.0726 4312 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:52:09.0741 4312 NetTcpPortSharing - ok
21:52:09.0788 4312 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:52:09.0788 4312 nfrd960 - ok
21:52:09.0850 4312 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:52:09.0866 4312 NlaSvc - ok
21:52:09.0882 4312 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:52:09.0897 4312 Npfs - ok
21:52:09.0897 4312 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:52:09.0913 4312 nsi - ok
21:52:09.0913 4312 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:52:09.0928 4312 nsiproxy - ok
21:52:10.0053 4312 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:52:10.0131 4312 Ntfs - ok
21:52:10.0412 4312 NTI IScheduleSvc (1873214666f6f0a883742df91fbc48c9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
21:52:10.0428 4312 NTI IScheduleSvc - ok
21:52:10.0833 4312 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
21:52:10.0833 4312 NTIDrvr - ok
21:52:10.0849 4312 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:52:10.0849 4312 Null - ok
21:52:11.0052 4312 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:52:11.0067 4312 nvraid - ok
21:52:11.0286 4312 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:52:11.0332 4312 nvstor - ok
21:52:11.0520 4312 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:52:11.0551 4312 nv_agp - ok
21:52:11.0660 4312 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:52:11.0722 4312 ohci1394 - ok
21:52:12.0159 4312 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:52:12.0190 4312 ose - ok
21:52:13.0111 4312 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:52:13.0407 4312 osppsvc - ok
21:52:13.0875 4312 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:52:13.0891 4312 p2pimsvc - ok
21:52:13.0938 4312 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:52:13.0984 4312 p2psvc - ok
21:52:14.0047 4312 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:52:14.0062 4312 Parport - ok
21:52:14.0094 4312 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:52:14.0109 4312 partmgr - ok
21:52:14.0156 4312 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:52:14.0187 4312 PcaSvc - ok
21:52:14.0218 4312 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:52:14.0250 4312 pci - ok
21:52:14.0281 4312 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:52:14.0281 4312 pciide - ok
21:52:14.0312 4312 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:52:14.0343 4312 pcmcia - ok
21:52:14.0359 4312 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:52:14.0359 4312 pcw - ok
21:52:14.0452 4312 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:52:14.0484 4312 PEAUTH - ok
21:52:14.0577 4312 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:52:14.0608 4312 PerfHost - ok
21:52:14.0702 4312 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:52:14.0780 4312 pla - ok
21:52:14.0827 4312 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:52:14.0858 4312 PlugPlay - ok
21:52:14.0874 4312 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:52:14.0874 4312 PNRPAutoReg - ok
21:52:14.0920 4312 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:52:14.0920 4312 PNRPsvc - ok
21:52:14.0998 4312 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:52:15.0030 4312 PolicyAgent - ok
21:52:15.0076 4312 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:52:15.0108 4312 Power - ok
21:52:15.0186 4312 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:52:15.0186 4312 PptpMiniport - ok
21:52:15.0217 4312 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:52:15.0232 4312 Processor - ok
21:52:15.0279 4312 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
21:52:15.0310 4312 ProfSvc - ok
21:52:15.0342 4312 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:15.0342 4312 ProtectedStorage - ok
21:52:15.0373 4312 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:52:15.0388 4312 Psched - ok
21:52:15.0482 4312 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:52:15.0576 4312 ql2300 - ok
21:52:15.0669 4312 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:52:15.0685 4312 ql40xx - ok
21:52:15.0732 4312 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:52:15.0763 4312 QWAVE - ok
21:52:15.0778 4312 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:52:15.0778 4312 QWAVEdrv - ok
21:52:15.0794 4312 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:52:15.0794 4312 RasAcd - ok
21:52:15.0841 4312 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:52:15.0841 4312 RasAgileVpn - ok
21:52:15.0872 4312 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:52:15.0872 4312 RasAuto - ok
21:52:15.0919 4312 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:52:15.0919 4312 Rasl2tp - ok
21:52:15.0966 4312 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:52:15.0997 4312 RasMan - ok
21:52:16.0012 4312 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:52:16.0012 4312 RasPppoe - ok
21:52:16.0028 4312 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:52:16.0044 4312 RasSstp - ok
21:52:16.0075 4312 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:52:16.0090 4312 rdbss - ok
21:52:16.0106 4312 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:52:16.0106 4312 rdpbus - ok
21:52:16.0137 4312 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:52:16.0137 4312 RDPCDD - ok
21:52:16.0137 4312 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:52:16.0137 4312 RDPENCDD - ok
21:52:16.0153 4312 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:52:16.0153 4312 RDPREFMP - ok
21:52:16.0184 4312 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
21:52:16.0200 4312 RDPWD - ok
21:52:16.0246 4312 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:52:16.0262 4312 rdyboost - ok
21:52:16.0293 4312 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:52:16.0309 4312 RemoteAccess - ok
21:52:16.0340 4312 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:52:16.0356 4312 RemoteRegistry - ok
21:52:16.0371 4312 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:52:16.0387 4312 RpcEptMapper - ok
21:52:16.0402 4312 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:52:16.0402 4312 RpcLocator - ok
21:52:16.0449 4312 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:52:16.0449 4312 RpcSs - ok
21:52:16.0512 4312 RSPCIESTOR (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
21:52:16.0527 4312 RSPCIESTOR - ok
21:52:16.0558 4312 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:52:16.0574 4312 rspndr - ok
21:52:16.0590 4312 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:16.0590 4312 SamSs - ok
21:52:16.0636 4312 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:52:16.0652 4312 sbp2port - ok
21:52:16.0699 4312 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:52:16.0714 4312 SCardSvr - ok
21:52:16.0746 4312 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:52:16.0761 4312 scfilter - ok
21:52:16.0886 4312 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:52:17.0026 4312 Schedule - ok
21:52:17.0073 4312 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:52:17.0073 4312 SCPolicySvc - ok
21:52:17.0104 4312 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:52:17.0136 4312 SDRSVC - ok
21:52:17.0214 4312 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:52:17.0214 4312 secdrv - ok
21:52:17.0245 4312 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:52:17.0260 4312 seclogon - ok
21:52:17.0292 4312 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:52:17.0292 4312 SENS - ok
21:52:17.0323 4312 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:52:17.0323 4312 SensrSvc - ok
21:52:17.0354 4312 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:52:17.0370 4312 Serenum - ok
21:52:17.0416 4312 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:52:17.0432 4312 Serial - ok
21:52:17.0432 4312 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:52:17.0448 4312 sermouse - ok
21:52:17.0463 4312 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:52:17.0479 4312 SessionEnv - ok
21:52:17.0479 4312 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:52:17.0494 4312 sffdisk - ok
21:52:17.0494 4312 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:52:17.0494 4312 sffp_mmc - ok
21:52:17.0510 4312 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:52:17.0510 4312 sffp_sd - ok
21:52:17.0526 4312 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:52:17.0541 4312 sfloppy - ok
21:52:17.0588 4312 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:52:17.0619 4312 SharedAccess - ok
21:52:17.0666 4312 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:52:17.0697 4312 ShellHWDetection - ok
21:52:17.0728 4312 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:52:17.0744 4312 SiSRaid2 - ok
21:52:17.0760 4312 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:52:17.0760 4312 SiSRaid4 - ok
21:52:17.0791 4312 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:52:17.0806 4312 Smb - ok
21:52:17.0838 4312 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:52:17.0838 4312 SNMPTRAP - ok
21:52:17.0853 4312 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:52:17.0869 4312 spldr - ok
21:52:17.0900 4312 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:52:17.0916 4312 Spooler - ok
21:52:18.0134 4312 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:52:18.0321 4312 sppsvc - ok
21:52:18.0415 4312 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:52:18.0430 4312 sppuinotify - ok
21:52:18.0477 4312 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:52:18.0508 4312 srv - ok
21:52:18.0555 4312 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:52:18.0602 4312 srv2 - ok
21:52:18.0633 4312 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:52:18.0633 4312 srvnet - ok
21:52:18.0664 4312 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:52:18.0680 4312 SSDPSRV - ok
21:52:18.0696 4312 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:52:18.0711 4312 SstpSvc - ok
21:52:18.0711 4312 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:52:18.0727 4312 stexstor - ok
21:52:18.0805 4312 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:52:18.0852 4312 stisvc - ok
21:52:18.0867 4312 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:52:18.0867 4312 swenum - ok
21:52:18.0914 4312 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:52:18.0945 4312 swprv - ok
21:52:19.0054 4312 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
21:52:19.0086 4312 SynTP - ok
21:52:19.0273 4312 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:52:19.0335 4312 SysMain - ok
21:52:19.0413 4312 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:52:19.0429 4312 TabletInputService - ok
21:52:19.0460 4312 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:52:19.0491 4312 TapiSrv - ok
21:52:19.0507 4312 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:52:19.0507 4312 TBS - ok
21:52:19.0647 4312 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:52:19.0772 4312 Tcpip - ok
21:52:19.0959 4312 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:52:19.0975 4312 TCPIP6 - ok
21:52:20.0053 4312 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:52:20.0068 4312 tcpipreg - ok
21:52:20.0084 4312 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:52:20.0100 4312 TDPIPE - ok
21:52:20.0131 4312 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:52:20.0131 4312 TDTCP - ok
21:52:20.0162 4312 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:52:20.0162 4312 tdx - ok
21:52:20.0209 4312 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:52:20.0224 4312 TermDD - ok
21:52:20.0271 4312 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:52:20.0349 4312 TermService - ok
21:52:20.0365 4312 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:52:20.0380 4312 Themes - ok
21:52:20.0396 4312 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:52:20.0412 4312 THREADORDER - ok
21:52:20.0427 4312 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:52:20.0443 4312 TrkWks - ok
21:52:20.0490 4312 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:52:20.0521 4312 TrustedInstaller - ok
21:52:20.0536 4312 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:52:20.0552 4312 tssecsrv - ok
21:52:20.0599 4312 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:52:20.0599 4312 TsUsbFlt - ok
21:52:20.0630 4312 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:52:20.0646 4312 TsUsbGD - ok
21:52:20.0677 4312 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:52:20.0677 4312 tunnel - ok
21:52:20.0692 4312 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:52:20.0692 4312 uagp35 - ok
21:52:20.0708 4312 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
21:52:20.0708 4312 UBHelper - ok
21:52:20.0739 4312 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:52:20.0770 4312 udfs - ok
21:52:20.0802 4312 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:52:20.0817 4312 UI0Detect - ok
21:52:20.0848 4312 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:52:20.0864 4312 uliagpkx - ok
21:52:20.0895 4312 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:52:20.0895 4312 umbus - ok
21:52:20.0911 4312 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:52:20.0911 4312 UmPass - ok
21:52:21.0114 4312 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:52:21.0254 4312 UNS - ok
21:52:21.0363 4312 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:52:21.0426 4312 upnphost - ok
21:52:21.0488 4312 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
21:52:21.0488 4312 USBAAPL64 - ok
21:52:21.0535 4312 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:52:21.0550 4312 usbccgp - ok
21:52:21.0582 4312 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:52:21.0597 4312 usbcir - ok
21:52:21.0613 4312 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:52:21.0613 4312 usbehci - ok
21:52:21.0660 4312 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:52:21.0675 4312 usbhub - ok
21:52:21.0691 4312 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:52:21.0691 4312 usbohci - ok
21:52:21.0706 4312 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:52:21.0722 4312 usbprint - ok
21:52:21.0738 4312 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:52:21.0753 4312 USBSTOR - ok
21:52:21.0753 4312 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:52:21.0769 4312 usbuhci - ok
21:52:21.0800 4312 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
21:52:21.0816 4312 usbvideo - ok
21:52:21.0847 4312 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:52:21.0847 4312 UxSms - ok
21:52:21.0894 4312 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:52:21.0894 4312 VaultSvc - ok
21:52:21.0925 4312 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:52:21.0940 4312 vdrvroot - ok
21:52:21.0972 4312 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:52:22.0003 4312 vds - ok
21:52:22.0034 4312 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:52:22.0034 4312 vga - ok
21:52:22.0034 4312 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:52:22.0050 4312 VgaSave - ok
21:52:22.0081 4312 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:52:22.0096 4312 vhdmp - ok
21:52:22.0128 4312 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:52:22.0128 4312 viaide - ok
21:52:22.0174 4312 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:52:22.0190 4312 volmgr - ok
21:52:22.0221 4312 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:52:22.0237 4312 volmgrx - ok
21:52:22.0299 4312 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:52:22.0315 4312 volsnap - ok
21:52:22.0346 4312 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:52:22.0377 4312 vsmraid - ok
21:52:22.0486 4312 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:52:22.0596 4312 VSS - ok
21:52:22.0689 4312 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:52:22.0705 4312 vwifibus - ok
21:52:22.0720 4312 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:52:22.0720 4312 vwififlt - ok
21:52:22.0783 4312 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:52:22.0814 4312 W32Time - ok
21:52:22.0830 4312 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:52:22.0830 4312 WacomPen - ok
21:52:22.0861 4312 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:52:22.0876 4312 WANARP - ok
21:52:22.0892 4312 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:52:22.0892 4312 Wanarpv6 - ok
21:52:22.0986 4312 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:52:23.0048 4312 wbengine - ok
21:52:23.0157 4312 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:52:23.0204 4312 WbioSrvc - ok
21:52:23.0235 4312 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:52:23.0266 4312 wcncsvc - ok
21:52:23.0298 4312 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:52:23.0313 4312 WcsPlugInService - ok
21:52:23.0344 4312 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:52:23.0360 4312 Wd - ok
21:52:23.0407 4312 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:52:23.0454 4312 Wdf01000 - ok
21:52:23.0500 4312 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:52:23.0516 4312 WdiServiceHost - ok
21:52:23.0516 4312 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:52:23.0516 4312 WdiSystemHost - ok
21:52:23.0563 4312 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:52:23.0578 4312 WebClient - ok
21:52:23.0610 4312 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:52:23.0625 4312 Wecsvc - ok
21:52:23.0656 4312 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:52:23.0672 4312 wercplsupport - ok
21:52:23.0688 4312 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:52:23.0688 4312 WerSvc - ok
21:52:23.0750 4312 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:52:23.0750 4312 WfpLwf - ok
21:52:23.0781 4312 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:52:23.0781 4312 WIMMount - ok
21:52:23.0828 4312 WinDefend - ok
21:52:23.0828 4312 WinHttpAutoProxySvc - ok
21:52:23.0906 4312 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:52:23.0937 4312 Winmgmt - ok
21:52:24.0078 4312 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:52:24.0187 4312 WinRM - ok
21:52:24.0327 4312 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:52:24.0390 4312 Wlansvc - ok
21:52:24.0592 4312 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:52:24.0655 4312 wlidsvc - ok
21:52:24.0764 4312 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:52:24.0764 4312 WmiAcpi - ok
21:52:24.0826 4312 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:52:24.0858 4312 wmiApSrv - ok
21:52:24.0920 4312 WMPNetworkSvc - ok
21:52:24.0967 4312 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:52:24.0983 4312 WPCSvc - ok
21:52:25.0014 4312 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:52:25.0029 4312 WPDBusEnum - ok
21:52:25.0045 4312 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:52:25.0061 4312 ws2ifsl - ok
21:52:25.0076 4312 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
21:52:25.0107 4312 wscsvc - ok
21:52:25.0107 4312 WSearch - ok
21:52:25.0263 4312 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
21:52:25.0373 4312 wuauserv - ok
21:52:25.0482 4312 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:52:25.0497 4312 WudfPf - ok
21:52:25.0529 4312 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:52:25.0544 4312 WUDFRd - ok
21:52:25.0607 4312 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:52:25.0622 4312 wudfsvc - ok
21:52:25.0653 4312 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:52:25.0669 4312 WwanSvc - ok
21:52:25.0716 4312 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:52:25.0950 4312 \Device\Harddisk0\DR0 - ok
21:52:25.0965 4312 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
21:52:34.0046 4312 \Device\Harddisk1\DR1 - ok
21:52:34.0046 4312 Boot (0x1200) (f494eebb12317aeb711ce5a97bf79e1d) \Device\Harddisk0\DR0\Partition0
21:52:34.0046 4312 \Device\Harddisk0\DR0\Partition0 - ok
21:52:34.0062 4312 Boot (0x1200) (b14c0dbb6d6812493d18e7aeec8c43fd) \Device\Harddisk0\DR0\Partition1
21:52:34.0077 4312 \Device\Harddisk0\DR0\Partition1 - ok
21:52:34.0093 4312 Boot (0x1200) (9af3525313fe8e4c06e7a9f82f87e017) \Device\Harddisk0\DR0\Partition2
21:52:34.0093 4312 \Device\Harddisk0\DR0\Partition2 - ok
21:52:34.0093 4312 Boot (0x1200) (d1877a7947ed729088843e8335f23f94) \Device\Harddisk1\DR1\Partition0
21:52:34.0109 4312 \Device\Harddisk1\DR1\Partition0 - ok
21:52:34.0109 4312 ============================================================
21:52:34.0109 4312 Scan finished
21:52:34.0109 4312 ============================================================
21:52:34.0124 2796 Detected object count: 0
21:52:34.0124 2796 Actual detected object count: 0
21:52:38.0726 5116 Deinitialize success
Und hier noch das, was ich von Malwarebytes habe: Malwarebytes #1 Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.04.05 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 Sternekoch :: Sternekoch-PC [Administrator] 04.07.2012 19:10:10 mbam-log-2012-07-04 (19-10-10).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 334947 Laufzeit: 40 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.04.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Sternekoch :: Sternekoch-PC [Administrator] 04.07.2012 20:13:30 mbam-log-2012-07-04 (20-13-30).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 206969 Laufzeit: 3 Minute(n), 18 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.04.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Sternekoch :: Sternekoch-PC [Administrator] 04.07.2012 20:17:09 mbam-log-2012-07-04 (20-17-09).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 206909 Laufzeit: 1 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.04.06 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 Sternekoch :: Sternekoch-PC [Administrator] 04.07.2012 21:36:44 mbam-log-2012-07-04 (21-36-44).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 204918 Laufzeit: 2 Minute(n), 23 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.04.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Sternekoch :: Sternekoch-PC [Administrator] 04.07.2012 21:54:28 mbam-log-2012-07-04 (21-54-28).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 205702 Laufzeit: 3 Minute(n), 48 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Ich schau jetzt noch fix, ob ich aus Avira auch noch etwas rausgekitzelt bekomme... Und hier noch der grad durchgeführte Scan von Avira... Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 5. Juli 2012 19:22
Es wird nach 3836369 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : Sternekoch
Computername : Sternekoch-PC
Versionsinformationen:
BUILD.DAT : 12.0.0.1125 41829 Bytes 02.05.2012 16:34:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 08.05.2012 20:15:13
AVSCAN.DLL : 12.3.0.15 66256 Bytes 08.05.2012 20:15:13
LUKE.DLL : 12.3.0.15 68304 Bytes 08.05.2012 20:15:13
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 08.05.2012 20:15:14
AVREG.DLL : 12.3.0.17 232200 Bytes 11.05.2012 05:55:46
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 23:31:49
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 21:30:41
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 07:08:44
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 06:36:34
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 05:41:32
VBASE006.VDF : 7.11.34.117 2048 Bytes 29.06.2012 05:41:32
VBASE007.VDF : 7.11.34.118 2048 Bytes 29.06.2012 05:41:32
VBASE008.VDF : 7.11.34.119 2048 Bytes 29.06.2012 05:41:32
VBASE009.VDF : 7.11.34.120 2048 Bytes 29.06.2012 05:41:32
VBASE010.VDF : 7.11.34.121 2048 Bytes 29.06.2012 05:41:32
VBASE011.VDF : 7.11.34.122 2048 Bytes 29.06.2012 05:41:32
VBASE012.VDF : 7.11.34.123 2048 Bytes 29.06.2012 05:41:32
VBASE013.VDF : 7.11.34.124 2048 Bytes 29.06.2012 05:41:32
VBASE014.VDF : 7.11.34.201 169472 Bytes 02.07.2012 18:18:57
VBASE015.VDF : 7.11.35.19 122368 Bytes 04.07.2012 18:03:21
VBASE016.VDF : 7.11.35.20 2048 Bytes 04.07.2012 18:03:21
VBASE017.VDF : 7.11.35.21 2048 Bytes 04.07.2012 18:03:22
VBASE018.VDF : 7.11.35.22 2048 Bytes 04.07.2012 18:03:22
VBASE019.VDF : 7.11.35.23 2048 Bytes 04.07.2012 18:03:22
VBASE020.VDF : 7.11.35.24 2048 Bytes 04.07.2012 18:03:22
VBASE021.VDF : 7.11.35.25 2048 Bytes 04.07.2012 18:03:22
VBASE022.VDF : 7.11.35.26 2048 Bytes 04.07.2012 18:03:22
VBASE023.VDF : 7.11.35.27 2048 Bytes 04.07.2012 18:03:22
VBASE024.VDF : 7.11.35.28 2048 Bytes 04.07.2012 18:03:22
VBASE025.VDF : 7.11.35.29 2048 Bytes 04.07.2012 18:03:23
VBASE026.VDF : 7.11.35.30 2048 Bytes 04.07.2012 18:03:23
VBASE027.VDF : 7.11.35.31 2048 Bytes 04.07.2012 18:03:23
VBASE028.VDF : 7.11.35.32 2048 Bytes 04.07.2012 18:03:23
VBASE029.VDF : 7.11.35.33 2048 Bytes 04.07.2012 18:03:23
VBASE030.VDF : 7.11.35.34 2048 Bytes 04.07.2012 18:03:23
VBASE031.VDF : 7.11.35.46 22016 Bytes 04.07.2012 18:03:23
Engineversion : 8.2.10.102
AEVDF.DLL : 8.1.2.8 106867 Bytes 02.06.2012 09:58:05
AESCRIPT.DLL : 8.1.4.28 455035 Bytes 21.06.2012 19:20:40
AESCN.DLL : 8.1.8.2 131444 Bytes 28.01.2012 10:21:09
AESBX.DLL : 8.2.5.12 606578 Bytes 15.06.2012 06:04:14
AERDL.DLL : 8.1.9.15 639348 Bytes 14.12.2011 23:31:02
AEPACK.DLL : 8.2.16.22 807288 Bytes 21.06.2012 19:20:39
AEOFFICE.DLL : 8.1.2.40 201082 Bytes 29.06.2012 05:00:34
AEHEUR.DLL : 8.1.4.58 4993399 Bytes 29.06.2012 05:00:34
AEHELP.DLL : 8.1.23.2 258422 Bytes 29.06.2012 05:00:31
AEGEN.DLL : 8.1.5.30 422261 Bytes 15.06.2012 06:04:11
AEEXP.DLL : 8.1.0.58 82292 Bytes 29.06.2012 05:00:34
AEEMU.DLL : 8.1.3.0 393589 Bytes 14.12.2011 23:30:58
AECORE.DLL : 8.1.25.10 201080 Bytes 01.06.2012 06:01:57
AEBB.DLL : 8.1.1.0 53618 Bytes 14.12.2011 23:30:58
AVWINLL.DLL : 12.3.0.15 27344 Bytes 08.05.2012 20:15:13
AVPREF.DLL : 12.3.0.15 51920 Bytes 08.05.2012 20:15:13
AVREP.DLL : 12.3.0.15 179208 Bytes 08.05.2012 20:15:14
AVARKT.DLL : 12.3.0.15 211408 Bytes 08.05.2012 20:15:13
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 08.05.2012 20:15:13
SQLITE3.DLL : 3.7.0.1 398288 Bytes 08.05.2012 20:15:14
AVSMTP.DLL : 12.3.0.15 63440 Bytes 08.05.2012 20:15:13
NETNT.DLL : 12.3.0.15 17104 Bytes 08.05.2012 20:15:13
RCIMAGE.DLL : 12.3.0.15 4447952 Bytes 08.05.2012 20:15:13
RCTEXT.DLL : 12.3.0.15 98512 Bytes 08.05.2012 20:15:13
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Suche nach Rootkits und aktiver Malware
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\rootkit.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: vollständig
Beginn des Suchlaufs: Donnerstag, 5. Juli 2012 19:22
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'EgisUpdate.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMworker.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'LManager.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'PmmUpdate.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'SuiteTray.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'IScheduleSvc.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdaterService.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMutilps32.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'dsiwmis.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'eEBSVC.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '40' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '769' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:' <Acer>
C:\ProgramData\Microsoft\WLSetup\CabLogs\Logs.CAB
[WARNUNG] Einige Dateien dieses Archives sind auf mehrere Teilarchive verteilt (multiple volume)
C:\ProgramData\Microsoft\WLSetup\CabLogs\Logs2.CAB
[WARNUNG] Einige Dateien dieses Archives sind auf mehrere Teilarchive verteilt (multiple volume)
C:\ProgramData\Microsoft\WLSetup\CabLogs\Logs3.CAB
[WARNUNG] Einige Dateien dieses Archives sind auf mehrere Teilarchive verteilt (multiple volume)
Ende des Suchlaufs: Donnerstag, 5. Juli 2012 20:05
Benötigte Zeit: 42:24 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
24146 Verzeichnisse wurden überprüft
346609 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
346609 Dateien ohne Befall
3314 Archive wurden durchsucht
3 Warnungen
0 Hinweise
589312 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Kann ich noch irgendwas nachliefern/machen, was bei der Analyse helfen könnte? Bis dahin schonmal:  |
|
05.07.2012, 20:13
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O - Kein Zugriff auf Dateien mehr Führ bitte auch ESET aus, danach sehen wir weiter. Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden. ESET Online Scanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
 + R Taste und kopiere folgenden Text in das Ausführen Fenster.Code:
ATTFilter "%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"
Code:
ATTFilter "%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
__________________ --> BOO/TDss.O - Kein Zugriff auf Dateien mehr |
|
05.07.2012, 22:27
| #7 |
| | BOO/TDss.O - Kein Zugriff auf Dateien mehr Ok, erledigt Code:
ATTFilter ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3422847af5e7fe4c896b55be4a8f9a5e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-05 09:22:49
# local_time=2012-07-05 11:22:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 15289221 15289221 0 0
# compatibility_mode=5893 16776573 100 94 90633 93146472 0 0
# compatibility_mode=8192 67108863 100 0 151 151 0 0
# scanned=138275
# found=0
# cleaned=0
# scan_time=6748
|
|
06.07.2012, 09:49
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O - Kein Zugriff auf Dateien mehr Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.07.2012, 12:24
| #9 |
| | BOO/TDss.O - Kein Zugriff auf Dateien mehr Hi, 1.) Windows fährt zwar ganz normal wieder hoch, und es gibt auch nicht mehr die ständigen Pop-Ups oder Warnmeldungen, dass irgendetwas nicht auf die Festplatte geschrieben werden kann, aber: 2.) Genau das: im Startmenü ist nichts mehr drin (außer 3 Office Verknüpfungen und 'Computer'; der gesamte Rest fehlt). Unter "Alle Programme" hängen auch jede Menge leere Ordner. Zusätzlich fehlen alle Desktop-Verknüpfungen, die mal da waren und ich kommen an keine Dateien mehr ran, weder über 'Computer' noch sonst irgendwie  Vielen Dank!! |
|
06.07.2012, 14:02
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O - Kein Zugriff auf Dateien mehr Das Startmenü wurde von der Ransomware gelöscht, wenn überhaupt kannst du mit unhide noch was wiederherstellen. Wenn nicht bist du ohne Backup angeschmiert Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.07.2012, 08:44
| #11 |
| | BOO/TDss.O - Kein Zugriff auf Dateien mehr Hey, unhide hat funktioniert (ging auch richtig fix) - ich komme wieder an die Dateien heran und das Startmenü ist auch wieder komplett  Code:
ATTFilter Unhide by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
hxxp://www.bleepingcomputer.com/forums/topic405109.html
Program started at: 07/07/2012 09:26:00 AM
Windows Version: Windows 7
Please be patient while your files are made visible again.
Processing the C:\ drive
Finished processing the C:\ drive. 134922 files processed.
Processing the E:\ drive
Finished processing the E:\ drive. 28274 files processed.
Restoring the Start Menu.
* 141 Shortcuts and Desktop items were restored.
Searching for Windows Registry changes made by FakeHDD rogues.
- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
* NoActiveDesktopChanges policy was found and deleted!
- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
* Start_ShowControlPanel was set to 0! It was set back to 1!
* Start_ShowHelp was set to 0! It was set back to 1!
* Start_ShowMyDocs was set to 0! It was set back to 1!
* Start_ShowMyMusic was set to 0! It was set back to 1!
* Start_ShowMyPics was set to 0! It was set back to 1!
* Start_ShowPrinters was set to 0! It was set back to 1!
* Start_ShowRun was set to 0! It was set back to 1!
* Start_ShowSetProgramAccessAndDefaults was set to 0! It was set back to 1!
* Start_ShowRecentDocs was set to 0! It was set back to 2!
* Start_ShowNetConn was set to 0! It was set back to 1!
* Start_ShowNetPlaces was set to 0! It was set back to 1!
* Start_TrackDocs was set to 0! It was set back to 1!
* Start_TrackProgs was set to 0! It was set back to 1!
* Start_ShowUser was set to 0! It was set back to 1!
* Start_ShowMyGames was set to 0! It was set back to 1!
Restarting Explorer.exe in order to apply changes.
Program finished at: 07/07/2012 09:29:52 AM
Execution time: 0 hours(s), 3 minute(s), and 52 seconds(s)
Muss/Kann ich jetzt noch etwas machen? |
|
09.07.2012, 10:04
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O - Kein Zugriff auf Dateien mehr Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.07.2012, 19:29
| #13 |
| | BOO/TDss.O - Kein Zugriff auf Dateien mehr Hi, erledigt: OTL Logfile: Code:
ATTFilter OTL logfile created on: 09.07.2012 20:11:48 - Run 3 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Sternekoch\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,85 Gb Total Physical Memory | 2,65 Gb Available Physical Memory | 68,78% Memory free 7,71 Gb Paging File | 6,31 Gb Available in Paging File | 81,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 87,90 Gb Total Space | 51,83 Gb Free Space | 58,96% Space Free | Partition Type: NTFS Drive E: | 362,76 Gb Total Space | 284,09 Gb Free Space | 78,31% Space Free | Partition Type: NTFS Drive F: | 7,81 Gb Total Space | 7,79 Gb Free Space | 99,82% Space Free | Partition Type: FAT32 Computer Name: Sternekoch-PC | User Name: Sternekoch | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.04 18:51:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sternekoch\Desktop\OTL.exe PRC - [2012.05.08 22:15:13 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.08 22:15:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.08 22:15:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.07.01 04:51:12 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2011.07.01 04:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2011.07.01 04:51:10 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2011.07.01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe PRC - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2011.04.02 23:34:42 | 000,340,848 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe PRC - [2011.03.29 04:49:06 | 000,408,432 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2011.03.29 04:48:54 | 000,202,608 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010.12.20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.12.20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2006.12.19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe ========== Modules (No Company Name) ========== MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ========== Win32 Services (SafeList) ========== SRV - [2012.06.23 11:10:27 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.05.08 22:15:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.08 22:15:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.10.08 21:13:45 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.07.01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2011.05.10 14:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2011.04.24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011.04.22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV - [2011.04.02 23:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.12.20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.12.20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006.12.19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.08 22:15:14 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.08 22:15:14 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.08.16 09:23:34 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2011.08.16 09:23:34 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2011.08.16 09:23:34 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2011.07.14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.07.14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2011.03.10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2011.01.25 05:48:02 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.12.23 03:44:20 | 012,260,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.12.17 03:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.11.09 12:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.29 16:19:20 | 000,326,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2010.10.19 10:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001..\Run: [biiWPEJPdbnXvw.exe] C:\ProgramData\biiWPEJPdbnXvw.exe File not found O4 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001..\Run: [Epson Stylus SX235(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Sternekoch\AppData\Local\Temp\E_SEE76.tmp" /EF "HKCU" File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Policies\Microsoft\Internet Explorer\Recovery present O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{165E3CAD-B66C-41D8-B845-D44419A87475}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FC8A359-8699-4B25-9B91-FFA7CEBF435D}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: BackupManagerTray - hkey= - key= - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: Global Registration - hkey= - key= - File not found MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: MCODS - Reg Error: Value error. SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: MCODS - Reg Error: Value error. SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: MCODS - Reg Error: Value error. SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: MCODS - Reg Error: Value error. SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.07.09 20:08:28 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Sternekoch\Desktop\OTL.exe [2012.07.07 09:57:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.07.07 09:57:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.07.07 09:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.07.07 09:57:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.07.07 09:49:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.07.07 09:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012.07.05 21:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.07.05 19:48:45 | 000,000,000 | ---D | C] -- C:\Neuer Ordner [2012.07.04 20:01:54 | 000,000,000 | ---D | C] -- C:\Users\Sternekoch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery [2012.07.04 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\Sternekoch\AppData\Roaming\Malwarebytes [2012.07.04 19:09:07 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.04 19:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.04 19:07:10 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012.06.21 21:07:13 | 000,000,000 | ---D | C] -- C:\Users\Sternekoch\.jenny ========== Files - Modified Within 30 Days ========== [2012.07.09 20:10:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.09 20:09:22 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.09 20:09:22 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.09 20:09:22 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.09 20:09:22 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.09 20:09:22 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.09 19:57:14 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.09 19:57:14 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.09 19:49:45 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2012.07.09 19:49:38 | 3103,838,208 | -HS- | M] () -- C:\hiberfil.sys [2012.07.07 09:57:59 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.07.04 20:54:48 | 000,009,290 | ---- | M] () -- C:\Users\Sternekoch\AppData\Roaming\Kommagetrennte Werte (DOS).EML [2012.07.04 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTrr [2012.07.04 20:01:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTr [2012.07.04 20:01:52 | 000,000,256 | ---- | M] () -- C:\ProgramData\fXO0KpQrs02mTr [2012.07.04 18:51:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sternekoch\Desktop\OTL.exe [2012.06.14 18:54:07 | 000,360,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.07.07 09:57:59 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.07.07 09:29:46 | 000,002,498 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012.07.07 09:29:46 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.07.07 09:29:46 | 000,001,955 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fooz Kids.lnk [2012.07.07 09:29:46 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012.07.07 09:29:46 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012.07.07 09:29:46 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [2012.07.07 09:29:46 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.07.07 09:29:46 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [2012.07.07 09:29:46 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.07.07 09:29:46 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk [2012.07.07 09:29:46 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [2012.07.07 09:29:46 | 000,001,193 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk [2012.07.07 09:29:46 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk [2012.07.07 09:29:45 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012.07.07 09:29:45 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.07.04 20:53:44 | 000,009,290 | ---- | C] () -- C:\Users\Sternekoch\AppData\Roaming\Kommagetrennte Werte (DOS).EML [2012.07.04 20:01:55 | 000,000,152 | ---- | C] () -- C:\ProgramData\-fXO0KpQrs02mTrr [2012.07.04 20:01:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\-fXO0KpQrs02mTr [2012.07.04 20:01:51 | 000,000,256 | ---- | C] () -- C:\ProgramData\fXO0KpQrs02mTr [2011.08.16 09:16:01 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.08.16 09:15:05 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.08.16 09:15:04 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.08.16 09:15:02 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin ========== LOP Check ========== [2012.01.28 17:23:21 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\elsterformular [2012.01.10 22:49:26 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Opera [2012.07.04 20:20:23 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.01.10 21:50:23 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Adobe [2012.01.29 13:19:43 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Apple Computer [2012.01.10 23:35:28 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Avira [2012.01.10 21:39:59 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\CyberLink [2012.01.28 17:23:21 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\elsterformular [2012.01.10 21:42:01 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Identities [2012.01.22 18:43:08 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\InstallShield [2012.01.10 21:42:18 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Macromedia [2012.07.04 19:09:18 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Malwarebytes [2010.11.21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Media Center Programs [2012.04.13 18:12:30 | 000,000,000 | --SD | M] -- C:\Users\Sternekoch\AppData\Roaming\Microsoft [2012.01.10 22:49:26 | 000,000,000 | ---D | M] -- C:\Users\Sternekoch\AppData\Roaming\Opera < %APPDATA%\*.exe /s > [2012.05.06 19:54:40 | 005,480,584 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\Sternekoch\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_09_8086_8623.exe [2012.05.06 19:54:49 | 006,388,152 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\Sternekoch\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_10_8086_8623.exe [2012.05.06 19:55:00 | 007,634,320 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\Sternekoch\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_11_8086_8623.exe [2012.05.06 19:54:23 | 007,941,880 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\Sternekoch\AppData\Roaming\elsterformular\pluginmanager\tmp\update_pica_0_8086_8623.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTOR.SYS > [2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\iaStor.sys [2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys [2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < End of report > Danke schonmal! |
|
10.07.2012, 10:43
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO/TDss.O - Kein Zugriff auf Dateien mehr Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O4 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001..\Run: [biiWPEJPdbnXvw.exe] C:\ProgramData\biiWPEJPdbnXvw.exe File not found
O4 - HKU\S-1-5-21-544826835-3425188021-2362706795-1001..\Run: [Epson Stylus SX235(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Sternekoch\AppData\Local\Temp\E_SEE76.tmp" /EF "HKCU" File not found
[2012.07.04 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTrr
[2012.07.04 20:01:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\-fXO0KpQrs02mTr
[2012.07.04 20:01:52 | 000,000,256 | ---- | M] () -- C:\ProgramData\fXO0KpQrs02mTr
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.07.2012, 19:09
| #15 |
| | BOO/TDss.O - Kein Zugriff auf Dateien mehr Hi, auch erledigt  Code:
ATTFilter All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
Registry value HKEY_USERS\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Microsoft\Windows\CurrentVersion\Run\\biiWPEJPdbnXvw.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-544826835-3425188021-2362706795-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Epson Stylus SX235(Netzwerk) deleted successfully.
C:\ProgramData\-fXO0KpQrs02mTrr moved successfully.
C:\ProgramData\-fXO0KpQrs02mTr moved successfully.
C:\ProgramData\fXO0KpQrs02mTr moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Sternekoch
->Temp folder emptied: 112931344 bytes
->Temporary Internet Files folder emptied: 90891273 bytes
->Java cache emptied: 540433 bytes
->Opera cache emptied: 42863367 bytes
->Flash cache emptied: 1394 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 227344618 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 234445743 bytes
Total Files Cleaned = 676,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Sternekoch
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.53.1 log created on 07102012_200156
Files\Folders moved on Reboot...
C:\Users\Sternekoch\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sternekoch\AppData\Local\Temp\MMDUtl.log moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
File C:\Users\Sternekoch\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Sternekoch\AppData\Local\Temp\MMDUtl.log not found!
[2012.07.10 20:03:20 | 001,181,742 | ---- | M] () C:\Windows\temp\dsiwmis.log : Unable to obtain MD5
[2012.07.10 20:03:16 | 001,155,003 | ---- | M] () C:\Windows\temp\LMutilps32.log : Unable to obtain MD5
Registry entries deleted on Reboot...
Wie immer, ein Riesen- |
|
| Themen zu BOO/TDss.O - Kein Zugriff auf Dateien mehr |
| antivir, autorun, avg, avira, bho, bonjour, browser, computer, document, failed, firefox, flash player, format, home, kaspersky, langsam, launch, logfile, netzwerk, plug-in, pop-up fenster, problem, realtek, registry, scan, searchscopes, sekunden, software, windows |
Button.
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
