| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte DateienWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.07.2012, 15:01
| #16 |
 |  Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien Hier das Killer-Log: Code:
ATTFilter 15:56:09.0355 2472 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
15:56:09.0422 2472 ============================================================
15:56:09.0422 2472 Current date / time: 2012/07/15 15:56:09.0422
15:56:09.0422 2472 SystemInfo:
15:56:09.0422 2472
15:56:09.0422 2472 OS Version: 6.1.7601 ServicePack: 1.0
15:56:09.0422 2472 Product type: Workstation
15:56:09.0423 2472 ComputerName: STEFFI-PC
15:56:09.0423 2472 UserName: Steffi
15:56:09.0423 2472 Windows directory: C:\Windows
15:56:09.0423 2472 System windows directory: C:\Windows
15:56:09.0423 2472 Running under WOW64
15:56:09.0423 2472 Processor architecture: Intel x64
15:56:09.0423 2472 Number of processors: 4
15:56:09.0423 2472 Page size: 0x1000
15:56:09.0423 2472 Boot type: Normal boot
15:56:09.0423 2472 ============================================================
15:56:09.0592 2472 Drive \Device\Harddisk1\DR1 - Size: 0x1BF31C0000 (111.80 Gb), SectorSize: 0x200, Cylinders: 0x3902, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
15:56:09.0614 2472 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:56:09.0616 2472 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:56:09.0623 2472 Drive \Device\Harddisk3\DR3 - Size: 0x0 (0.00 Gb), SectorSize: 0x200, Cylinders: 0x0, SectorsPerTrack: 0x0, TracksPerCylinder: 0x0, Type 'W'
15:56:09.0623 2472 ============================================================
15:56:09.0623 2472 \Device\Harddisk1\DR1:
15:56:09.0623 2472 MBR partitions:
15:56:09.0623 2472 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:56:09.0624 2472 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6175800
15:56:09.0624 2472 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x61A8000, BlocksNum 0x7DF0000
15:56:09.0624 2472 \Device\Harddisk0\DR0:
15:56:09.0624 2472 MBR partitions:
15:56:09.0624 2472 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x61A8000
15:56:09.0624 2472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A8800, BlocksNum 0xC870800
15:56:09.0624 2472 \Device\Harddisk2\DR2:
15:56:09.0624 2472 MBR partitions:
15:56:09.0624 2472 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:56:09.0624 2472 ============================================================
15:56:09.0625 2472 C: <-> \Device\Harddisk1\DR1\Partition1
15:56:09.0625 2472 D: <-> \Device\Harddisk1\DR1\Partition2
15:56:09.0631 2472 G: <-> \Device\Harddisk0\DR0\Partition0
15:56:09.0646 2472 H: <-> \Device\Harddisk0\DR0\Partition1
15:56:09.0669 2472 I: <-> \Device\Harddisk2\DR2\Partition0
15:56:09.0669 2472 ============================================================
15:56:09.0669 2472 Initialize success
15:56:09.0669 2472 ============================================================
15:57:34.0103 3204 ============================================================
15:57:34.0103 3204 Scan started
15:57:34.0103 3204 Mode: Manual; SigCheck; TDLFS;
15:57:34.0103 3204 ============================================================
15:57:34.0477 3204 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:57:34.0509 3204 1394ohci - ok
15:57:34.0524 3204 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:57:34.0524 3204 ACPI - ok
15:57:34.0540 3204 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:57:34.0540 3204 AcpiPmi - ok
15:57:34.0571 3204 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:57:34.0571 3204 AdobeFlashPlayerUpdateSvc - ok
15:57:34.0587 3204 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:57:34.0602 3204 adp94xx - ok
15:57:34.0618 3204 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:57:34.0633 3204 adpahci - ok
15:57:34.0633 3204 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:57:34.0649 3204 adpu320 - ok
15:57:34.0649 3204 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:57:34.0665 3204 AeLookupSvc - ok
15:57:34.0696 3204 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:57:34.0696 3204 AFD - ok
15:57:34.0696 3204 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:57:34.0711 3204 agp440 - ok
15:57:34.0711 3204 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:57:34.0727 3204 ALG - ok
15:57:34.0727 3204 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:57:34.0727 3204 aliide - ok
15:57:34.0727 3204 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:57:34.0743 3204 amdide - ok
15:57:34.0743 3204 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:57:34.0743 3204 AmdK8 - ok
15:57:34.0758 3204 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:57:34.0758 3204 AmdPPM - ok
15:57:34.0758 3204 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:57:34.0774 3204 amdsata - ok
15:57:34.0774 3204 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:57:34.0789 3204 amdsbs - ok
15:57:34.0789 3204 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:57:34.0789 3204 amdxata - ok
15:57:34.0805 3204 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:57:34.0821 3204 AppID - ok
15:57:34.0821 3204 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:57:34.0852 3204 AppIDSvc - ok
15:57:34.0852 3204 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:57:34.0867 3204 Appinfo - ok
15:57:34.0883 3204 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:57:34.0883 3204 Apple Mobile Device - ok
15:57:34.0883 3204 AppleCharger (301aa64f9643bc453d90a66c4c0e7204) C:\Windows\system32\DRIVERS\AppleCharger.sys
15:57:34.0899 3204 AppleCharger - ok
15:57:34.0899 3204 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
15:57:34.0899 3204 AppleChargerSrv - ok
15:57:34.0914 3204 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:57:34.0914 3204 AppMgmt - ok
15:57:34.0930 3204 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:57:34.0930 3204 arc - ok
15:57:34.0930 3204 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:57:34.0945 3204 arcsas - ok
15:57:34.0945 3204 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:57:34.0961 3204 AsyncMac - ok
15:57:34.0977 3204 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:57:34.0977 3204 atapi - ok
15:57:34.0992 3204 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:57:35.0023 3204 AudioEndpointBuilder - ok
15:57:35.0023 3204 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:57:35.0055 3204 AudioSrv - ok
15:57:35.0055 3204 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:57:35.0070 3204 AxInstSV - ok
15:57:35.0086 3204 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:57:35.0101 3204 b06bdrv - ok
15:57:35.0117 3204 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:57:35.0117 3204 b57nd60a - ok
15:57:35.0133 3204 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:57:35.0133 3204 BDESVC - ok
15:57:35.0133 3204 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:57:35.0164 3204 Beep - ok
15:57:35.0179 3204 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:57:35.0211 3204 BFE - ok
15:57:35.0242 3204 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:57:35.0257 3204 BITS - ok
15:57:35.0273 3204 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:57:35.0273 3204 blbdrive - ok
15:57:35.0289 3204 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:57:35.0304 3204 Bonjour Service - ok
15:57:35.0304 3204 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:57:35.0320 3204 bowser - ok
15:57:35.0320 3204 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:57:35.0320 3204 BrFiltLo - ok
15:57:35.0320 3204 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:57:35.0335 3204 BrFiltUp - ok
15:57:35.0335 3204 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:57:35.0367 3204 BridgeMP - ok
15:57:35.0367 3204 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:57:35.0382 3204 Browser - ok
15:57:35.0398 3204 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:57:35.0413 3204 Brserid - ok
15:57:35.0413 3204 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:57:35.0429 3204 BrSerWdm - ok
15:57:35.0429 3204 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:57:35.0429 3204 BrUsbMdm - ok
15:57:35.0429 3204 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:57:35.0445 3204 BrUsbSer - ok
15:57:35.0445 3204 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:57:35.0460 3204 BTHMODEM - ok
15:57:35.0460 3204 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:57:35.0476 3204 bthserv - ok
15:57:35.0476 3204 catchme - ok
15:57:35.0491 3204 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:57:35.0507 3204 cdfs - ok
15:57:35.0523 3204 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:57:35.0523 3204 cdrom - ok
15:57:35.0523 3204 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:57:35.0554 3204 CertPropSvc - ok
15:57:35.0554 3204 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:57:35.0569 3204 circlass - ok
15:57:35.0569 3204 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:57:35.0585 3204 CLFS - ok
15:57:35.0585 3204 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:35.0601 3204 clr_optimization_v2.0.50727_32 - ok
15:57:35.0601 3204 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:57:35.0616 3204 clr_optimization_v2.0.50727_64 - ok
15:57:35.0616 3204 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:35.0632 3204 clr_optimization_v4.0.30319_32 - ok
15:57:35.0632 3204 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:57:35.0647 3204 clr_optimization_v4.0.30319_64 - ok
15:57:35.0647 3204 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:57:35.0647 3204 CmBatt - ok
15:57:35.0647 3204 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:57:35.0663 3204 cmdide - ok
15:57:35.0679 3204 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:57:35.0694 3204 CNG - ok
15:57:35.0694 3204 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:57:35.0694 3204 Compbatt - ok
15:57:35.0710 3204 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:57:35.0710 3204 CompositeBus - ok
15:57:35.0710 3204 COMSysApp - ok
15:57:35.0710 3204 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
15:57:35.0725 3204 cpuz135 - ok
15:57:35.0725 3204 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:57:35.0725 3204 crcdisk - ok
15:57:35.0741 3204 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:57:35.0741 3204 CryptSvc - ok
15:57:35.0772 3204 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
15:57:35.0772 3204 CSC - ok
15:57:35.0803 3204 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
15:57:35.0803 3204 CscService - ok
15:57:35.0835 3204 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:57:35.0850 3204 DcomLaunch - ok
15:57:35.0866 3204 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:57:35.0881 3204 defragsvc - ok
15:57:35.0897 3204 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:57:35.0913 3204 DfsC - ok
15:57:35.0928 3204 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:57:35.0959 3204 Dhcp - ok
15:57:35.0959 3204 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:57:35.0975 3204 discache - ok
15:57:35.0975 3204 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:57:35.0991 3204 Disk - ok
15:57:35.0991 3204 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:57:36.0006 3204 Dnscache - ok
15:57:36.0022 3204 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:57:36.0037 3204 dot3svc - ok
15:57:36.0037 3204 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:57:36.0069 3204 DPS - ok
15:57:36.0069 3204 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:57:36.0069 3204 drmkaud - ok
15:57:36.0115 3204 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:57:36.0131 3204 DXGKrnl - ok
15:57:36.0131 3204 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:57:36.0147 3204 EapHost - ok
15:57:36.0240 3204 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:57:36.0287 3204 ebdrv - ok
15:57:36.0303 3204 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:57:36.0318 3204 EFS - ok
15:57:36.0334 3204 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:57:36.0349 3204 ehRecvr - ok
15:57:36.0349 3204 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:57:36.0365 3204 ehSched - ok
15:57:36.0381 3204 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:57:36.0396 3204 elxstor - ok
15:57:36.0396 3204 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:57:36.0396 3204 ErrDev - ok
15:57:36.0412 3204 ES lite Service (b8fa96995726d1fa58476e352c02ad82) C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
15:57:36.0412 3204 ES lite Service - ok
15:57:36.0427 3204 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:57:36.0459 3204 EventSystem - ok
15:57:36.0474 3204 ewusbmbb (334c907536e815e56cd13108a6d5fb9d) C:\Windows\system32\DRIVERS\ewusbwwan.sys
15:57:36.0474 3204 ewusbmbb - ok
15:57:36.0474 3204 ewusbnet - ok
15:57:36.0490 3204 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
15:57:36.0490 3204 ew_hwusbdev - ok
15:57:36.0505 3204 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:57:36.0521 3204 exfat - ok
15:57:36.0537 3204 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:57:36.0552 3204 fastfat - ok
15:57:36.0583 3204 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:57:36.0583 3204 Fax - ok
15:57:36.0599 3204 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:57:36.0599 3204 fdc - ok
15:57:36.0599 3204 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:57:36.0615 3204 fdPHost - ok
15:57:36.0630 3204 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:57:36.0646 3204 FDResPub - ok
15:57:36.0646 3204 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:57:36.0661 3204 FileInfo - ok
15:57:36.0661 3204 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:57:36.0677 3204 Filetrace - ok
15:57:36.0677 3204 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:57:36.0693 3204 flpydisk - ok
15:57:36.0708 3204 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:57:36.0708 3204 FltMgr - ok
15:57:36.0739 3204 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:57:36.0755 3204 FontCache - ok
15:57:36.0771 3204 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:57:36.0771 3204 FontCache3.0.0.0 - ok
15:57:36.0771 3204 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:57:36.0786 3204 FsDepends - ok
15:57:36.0786 3204 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:57:36.0786 3204 Fs_Rec - ok
15:57:36.0802 3204 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:57:36.0817 3204 fvevol - ok
15:57:36.0817 3204 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:57:36.0817 3204 gagp30kx - ok
15:57:36.0833 3204 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
15:57:36.0833 3204 gdrv - ok
15:57:36.0833 3204 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:57:36.0833 3204 GEARAspiWDM - ok
15:57:36.0864 3204 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:57:36.0895 3204 gpsvc - ok
15:57:36.0895 3204 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:36.0911 3204 gupdate - ok
15:57:36.0911 3204 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:36.0911 3204 gupdatem - ok
15:57:36.0911 3204 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:57:36.0927 3204 hcw85cir - ok
15:57:36.0942 3204 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:57:36.0942 3204 HdAudAddService - ok
15:57:36.0958 3204 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:57:36.0958 3204 HDAudBus - ok
15:57:36.0958 3204 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:57:36.0973 3204 HidBatt - ok
15:57:36.0973 3204 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:57:36.0989 3204 HidBth - ok
15:57:36.0989 3204 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:57:36.0989 3204 HidIr - ok
15:57:36.0989 3204 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:57:37.0020 3204 hidserv - ok
15:57:37.0020 3204 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:57:37.0036 3204 HidUsb - ok
15:57:37.0036 3204 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:57:37.0051 3204 hkmsvc - ok
15:57:37.0067 3204 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:57:37.0067 3204 HomeGroupListener - ok
15:57:37.0083 3204 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:57:37.0083 3204 HomeGroupProvider - ok
15:57:37.0098 3204 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:57:37.0098 3204 HpSAMD - ok
15:57:37.0129 3204 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:57:37.0145 3204 HTTP - ok
15:57:37.0161 3204 huawei_enumerator (1642c62f1fd5e1ff44608283994a7bb8) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
15:57:37.0161 3204 huawei_enumerator - ok
15:57:37.0176 3204 hwdatacard (04d1de1e8ace40ca396502c90524e945) C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:57:37.0192 3204 hwdatacard - ok
15:57:37.0192 3204 HWDeviceService64.exe - ok
15:57:37.0192 3204 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:57:37.0192 3204 hwpolicy - ok
15:57:37.0207 3204 hwusbdev - ok
15:57:37.0207 3204 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:57:37.0223 3204 i8042prt - ok
15:57:37.0239 3204 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:57:37.0239 3204 iaStorV - ok
15:57:37.0254 3204 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:57:37.0254 3204 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:57:37.0254 3204 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:57:37.0270 3204 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:57:37.0285 3204 idsvc - ok
15:57:37.0317 3204 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:57:37.0317 3204 iirsp - ok
15:57:37.0348 3204 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:57:37.0379 3204 IKEEXT - ok
15:57:37.0488 3204 IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys
15:57:37.0519 3204 IntcAzAudAddService - ok
15:57:37.0551 3204 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:57:37.0551 3204 intelide - ok
15:57:37.0551 3204 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:57:37.0566 3204 intelppm - ok
15:57:37.0566 3204 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:57:37.0597 3204 IPBusEnum - ok
15:57:37.0597 3204 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:57:37.0613 3204 IpFilterDriver - ok
15:57:37.0629 3204 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:57:37.0660 3204 iphlpsvc - ok
15:57:37.0660 3204 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:57:37.0675 3204 IPMIDRV - ok
15:57:37.0675 3204 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:57:37.0691 3204 IPNAT - ok
15:57:37.0722 3204 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
15:57:37.0738 3204 iPod Service - ok
15:57:37.0738 3204 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:57:37.0753 3204 IRENUM - ok
15:57:37.0769 3204 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:57:37.0769 3204 isapnp - ok
15:57:37.0785 3204 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:57:37.0785 3204 iScsiPrt - ok
15:57:37.0785 3204 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:57:37.0800 3204 kbdclass - ok
15:57:37.0800 3204 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:57:37.0800 3204 kbdhid - ok
15:57:37.0816 3204 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:37.0816 3204 KeyIso - ok
15:57:37.0816 3204 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:57:37.0831 3204 KSecDD - ok
15:57:37.0831 3204 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:57:37.0847 3204 KSecPkg - ok
15:57:37.0847 3204 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:57:37.0863 3204 ksthunk - ok
15:57:37.0878 3204 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:57:37.0909 3204 KtmRm - ok
15:57:37.0909 3204 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:57:37.0941 3204 LanmanServer - ok
15:57:37.0941 3204 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:57:37.0956 3204 LanmanWorkstation - ok
15:57:37.0972 3204 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:57:37.0987 3204 lltdio - ok
15:57:38.0003 3204 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:57:38.0019 3204 lltdsvc - ok
15:57:38.0034 3204 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:57:38.0050 3204 lmhosts - ok
15:57:38.0050 3204 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:57:38.0065 3204 LSI_FC - ok
15:57:38.0065 3204 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:57:38.0081 3204 LSI_SAS - ok
15:57:38.0081 3204 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:57:38.0081 3204 LSI_SAS2 - ok
15:57:38.0097 3204 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:57:38.0097 3204 LSI_SCSI - ok
15:57:38.0112 3204 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:57:38.0128 3204 luafv - ok
15:57:38.0128 3204 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
15:57:38.0143 3204 MBAMProtector - ok
15:57:38.0159 3204 MBAMService (ba400ed640bca1eae5c727ae17c10207) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
15:57:38.0175 3204 MBAMService - ok
15:57:38.0175 3204 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:57:38.0190 3204 Mcx2Svc - ok
15:57:38.0190 3204 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:57:38.0190 3204 megasas - ok
15:57:38.0206 3204 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:57:38.0206 3204 MegaSR - ok
15:57:38.0221 3204 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:57:38.0237 3204 MMCSS - ok
15:57:38.0237 3204 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:57:38.0268 3204 Modem - ok
15:57:38.0268 3204 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:57:38.0268 3204 monitor - ok
15:57:38.0284 3204 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:57:38.0284 3204 mouclass - ok
15:57:38.0284 3204 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:57:38.0299 3204 mouhid - ok
15:57:38.0299 3204 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:57:38.0299 3204 mountmgr - ok
15:57:38.0315 3204 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:57:38.0315 3204 mpio - ok
15:57:38.0331 3204 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:57:38.0346 3204 mpsdrv - ok
15:57:38.0377 3204 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:57:38.0393 3204 MpsSvc - ok
15:57:38.0409 3204 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:57:38.0424 3204 MRxDAV - ok
15:57:38.0424 3204 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:57:38.0424 3204 mrxsmb - ok
15:57:38.0440 3204 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:57:38.0455 3204 mrxsmb10 - ok
15:57:38.0455 3204 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:57:38.0471 3204 mrxsmb20 - ok
15:57:38.0471 3204 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:57:38.0471 3204 msahci - ok
15:57:38.0487 3204 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:57:38.0487 3204 msdsm - ok
15:57:38.0487 3204 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:57:38.0502 3204 MSDTC - ok
15:57:38.0502 3204 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:57:38.0533 3204 Msfs - ok
15:57:38.0533 3204 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:57:38.0549 3204 mshidkmdf - ok
15:57:38.0549 3204 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:57:38.0565 3204 msisadrv - ok
15:57:38.0565 3204 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:57:38.0580 3204 MSiSCSI - ok
15:57:38.0596 3204 msiserver - ok
15:57:38.0596 3204 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:57:38.0611 3204 MSKSSRV - ok
15:57:38.0611 3204 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:57:38.0643 3204 MSPCLOCK - ok
15:57:38.0643 3204 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:57:38.0658 3204 MSPQM - ok
15:57:38.0674 3204 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:57:38.0689 3204 MsRPC - ok
15:57:38.0689 3204 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:57:38.0689 3204 mssmbios - ok
15:57:38.0689 3204 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:57:38.0721 3204 MSTEE - ok
15:57:38.0721 3204 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:57:38.0721 3204 MTConfig - ok
15:57:38.0736 3204 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:57:38.0736 3204 Mup - ok
15:57:38.0752 3204 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:57:38.0783 3204 napagent - ok
15:57:38.0783 3204 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:57:38.0799 3204 NativeWifiP - ok
15:57:38.0830 3204 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:57:38.0845 3204 NDIS - ok
15:57:38.0845 3204 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:57:38.0877 3204 NdisCap - ok
15:57:38.0877 3204 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:57:38.0892 3204 NdisTapi - ok
15:57:38.0908 3204 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:57:38.0923 3204 Ndisuio - ok
15:57:38.0923 3204 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:57:38.0955 3204 NdisWan - ok
15:57:38.0955 3204 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:57:38.0970 3204 NDProxy - ok
15:57:38.0986 3204 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:57:39.0001 3204 NetBIOS - ok
15:57:39.0017 3204 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:57:39.0033 3204 NetBT - ok
15:57:39.0033 3204 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:39.0048 3204 Netlogon - ok
15:57:39.0064 3204 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:57:39.0079 3204 Netman - ok
15:57:39.0079 3204 NetMsmqActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:57:39.0095 3204 NetMsmqActivator - ok
15:57:39.0095 3204 NetPipeActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:57:39.0095 3204 NetPipeActivator - ok
15:57:39.0111 3204 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:57:39.0142 3204 netprofm - ok
15:57:39.0142 3204 NetTcpActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:57:39.0142 3204 NetTcpActivator - ok
15:57:39.0157 3204 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:57:39.0157 3204 NetTcpPortSharing - ok
15:57:39.0157 3204 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:57:39.0173 3204 nfrd960 - ok
15:57:39.0173 3204 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:57:39.0204 3204 NlaSvc - ok
15:57:39.0204 3204 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:57:39.0220 3204 Npfs - ok
15:57:39.0235 3204 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:57:39.0251 3204 nsi - ok
15:57:39.0251 3204 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:57:39.0282 3204 nsiproxy - ok
15:57:39.0345 3204 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:57:39.0391 3204 Ntfs - ok
15:57:39.0407 3204 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:57:39.0423 3204 Null - ok
15:57:39.0438 3204 nusb3hub (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:57:39.0438 3204 nusb3hub - ok
15:57:39.0454 3204 nusb3xhc (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:57:39.0454 3204 nusb3xhc - ok
15:57:39.0469 3204 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
15:57:39.0469 3204 NVHDA - ok
15:57:39.0922 3204 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:57:40.0093 3204 nvlddmkm - ok
15:57:40.0125 3204 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:57:40.0140 3204 nvraid - ok
15:57:40.0140 3204 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:57:40.0156 3204 nvstor - ok
15:57:40.0187 3204 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
15:57:40.0203 3204 nvsvc - ok
15:57:40.0265 3204 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:57:40.0296 3204 nvUpdatusService - ok
15:57:40.0327 3204 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:57:40.0327 3204 nv_agp - ok
15:57:40.0343 3204 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:57:40.0343 3204 ohci1394 - ok
15:57:40.0343 3204 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:57:40.0359 3204 ose - ok
15:57:40.0374 3204 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:57:40.0374 3204 p2pimsvc - ok
15:57:40.0390 3204 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:57:40.0405 3204 p2psvc - ok
15:57:40.0405 3204 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:57:40.0421 3204 Parport - ok
15:57:40.0421 3204 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:57:40.0421 3204 partmgr - ok
15:57:40.0437 3204 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:57:40.0452 3204 PcaSvc - ok
15:57:40.0452 3204 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:57:40.0468 3204 pci - ok
15:57:40.0468 3204 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:57:40.0468 3204 pciide - ok
15:57:40.0483 3204 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:57:40.0483 3204 pcmcia - ok
15:57:40.0483 3204 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:57:40.0499 3204 pcw - ok
15:57:40.0499 3204 PdiPorts (25fd4d8109114266a610fd1088bfd522) C:\Windows\system32\DRIVERS\PdiPorts.sys
15:57:40.0499 3204 PdiPorts - ok
15:57:40.0515 3204 PdiService (fed28c565de5f73b7c5b32841229e496) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
15:57:40.0515 3204 PdiService - ok
15:57:40.0546 3204 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:57:40.0561 3204 PEAUTH - ok
15:57:40.0624 3204 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:57:40.0655 3204 PeerDistSvc - ok
15:57:40.0671 3204 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:57:40.0686 3204 PerfHost - ok
15:57:40.0749 3204 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:57:40.0780 3204 pla - ok
15:57:40.0795 3204 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:57:40.0795 3204 PlugPlay - ok
15:57:40.0811 3204 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:57:40.0811 3204 PNRPAutoReg - ok
15:57:40.0827 3204 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:57:40.0827 3204 PNRPsvc - ok
15:57:40.0842 3204 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:57:40.0873 3204 PolicyAgent - ok
15:57:40.0873 3204 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:57:40.0905 3204 Power - ok
15:57:40.0905 3204 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:57:40.0936 3204 PptpMiniport - ok
15:57:40.0936 3204 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:57:40.0951 3204 Processor - ok
15:57:40.0951 3204 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
15:57:40.0967 3204 ProfSvc - ok
15:57:40.0967 3204 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:40.0967 3204 ProtectedStorage - ok
15:57:40.0983 3204 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:57:40.0998 3204 Psched - ok
15:57:41.0045 3204 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:57:41.0076 3204 ql2300 - ok
15:57:41.0092 3204 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:57:41.0107 3204 ql40xx - ok
15:57:41.0107 3204 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:57:41.0123 3204 QWAVE - ok
15:57:41.0123 3204 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:57:41.0139 3204 QWAVEdrv - ok
15:57:41.0139 3204 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:57:41.0170 3204 RasAcd - ok
15:57:41.0170 3204 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:57:41.0185 3204 RasAgileVpn - ok
15:57:41.0201 3204 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:57:41.0217 3204 RasAuto - ok
15:57:41.0217 3204 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:57:41.0248 3204 Rasl2tp - ok
15:57:41.0263 3204 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:57:41.0279 3204 RasMan - ok
15:57:41.0279 3204 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:57:41.0310 3204 RasPppoe - ok
15:57:41.0310 3204 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:57:41.0326 3204 RasSstp - ok
15:57:41.0341 3204 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:57:41.0373 3204 rdbss - ok
15:57:41.0373 3204 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:57:41.0373 3204 rdpbus - ok
15:57:41.0373 3204 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:57:41.0404 3204 RDPCDD - ok
15:57:41.0404 3204 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:57:41.0419 3204 RDPDR - ok
15:57:41.0419 3204 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:57:41.0435 3204 RDPENCDD - ok
15:57:41.0451 3204 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:57:41.0466 3204 RDPREFMP - ok
15:57:41.0482 3204 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:57:41.0482 3204 RDPWD - ok
15:57:41.0497 3204 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:57:41.0497 3204 rdyboost - ok
15:57:41.0497 3204 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:57:41.0529 3204 RemoteAccess - ok
15:57:41.0529 3204 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:57:41.0560 3204 RemoteRegistry - ok
15:57:41.0560 3204 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:57:41.0575 3204 RpcEptMapper - ok
15:57:41.0591 3204 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:57:41.0591 3204 RpcLocator - ok
15:57:41.0607 3204 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:57:41.0638 3204 RpcSs - ok
15:57:41.0638 3204 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:57:41.0653 3204 rspndr - ok
15:57:41.0669 3204 rtkio (5dc26837e5af8244233f78cb9c3ac988) C:\Program Files (x86)\Realtek\Smart Dual Lan\rtkio.sys
15:57:41.0669 3204 rtkio - ok
15:57:41.0685 3204 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:57:41.0685 3204 RTL8167 - ok
15:57:41.0700 3204 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:57:41.0700 3204 s3cap - ok
15:57:41.0700 3204 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:41.0700 3204 SamSs - ok
15:57:41.0716 3204 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:57:41.0716 3204 sbp2port - ok
15:57:41.0731 3204 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:57:41.0747 3204 SCardSvr - ok
15:57:41.0747 3204 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:57:41.0778 3204 scfilter - ok
15:57:41.0809 3204 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:57:41.0841 3204 Schedule - ok
15:57:41.0841 3204 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:57:41.0872 3204 SCPolicySvc - ok
15:57:41.0872 3204 SDLService (b0e6ca5d36dc5f0019a73b8aab35c5dc) C:\Program Files (x86)\Realtek\Smart Dual Lan\SDLService.exe
15:57:41.0872 3204 SDLService ( UnsignedFile.Multi.Generic ) - warning
15:57:41.0872 3204 SDLService - detected UnsignedFile.Multi.Generic (1)
15:57:41.0887 3204 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:57:41.0887 3204 SDRSVC - ok
15:57:41.0887 3204 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:57:41.0919 3204 secdrv - ok
15:57:41.0919 3204 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:57:41.0934 3204 seclogon - ok
15:57:41.0950 3204 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:57:41.0965 3204 SENS - ok
15:57:41.0965 3204 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:57:41.0981 3204 SensrSvc - ok
15:57:41.0981 3204 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:57:41.0981 3204 Serenum - ok
15:57:41.0997 3204 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:57:41.0997 3204 Serial - ok
15:57:41.0997 3204 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:57:42.0012 3204 sermouse - ok
15:57:42.0012 3204 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:57:42.0043 3204 SessionEnv - ok
15:57:42.0043 3204 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:57:42.0043 3204 sffdisk - ok
15:57:42.0043 3204 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:57:42.0059 3204 sffp_mmc - ok
15:57:42.0059 3204 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:57:42.0059 3204 sffp_sd - ok
15:57:42.0059 3204 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:57:42.0075 3204 sfloppy - ok
15:57:42.0090 3204 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:57:42.0106 3204 SharedAccess - ok
15:57:42.0121 3204 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:57:42.0153 3204 ShellHWDetection - ok
15:57:42.0153 3204 Si3124r5 (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\DRIVERS\Si3124r5.sys
15:57:42.0168 3204 Si3124r5 - ok
15:57:42.0168 3204 SiFilter (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\DRIVERS\SiWinAcc.sys
15:57:42.0168 3204 SiFilter - ok
15:57:42.0184 3204 SiRemFil (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\DRIVERS\SiRemFil.sys
15:57:42.0184 3204 SiRemFil - ok
15:57:42.0184 3204 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:57:42.0199 3204 SiSRaid2 - ok
15:57:42.0199 3204 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:57:42.0199 3204 SiSRaid4 - ok
15:57:42.0215 3204 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:57:42.0231 3204 Smb - ok
15:57:42.0231 3204 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:57:42.0246 3204 SNMPTRAP - ok
15:57:42.0246 3204 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:57:42.0246 3204 spldr - ok
15:57:42.0277 3204 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:57:42.0293 3204 Spooler - ok
15:57:42.0449 3204 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:57:42.0496 3204 sppsvc - ok
15:57:42.0527 3204 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:57:42.0543 3204 sppuinotify - ok
15:57:42.0558 3204 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:57:42.0574 3204 srv - ok
15:57:42.0589 3204 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:57:42.0605 3204 srv2 - ok
15:57:42.0605 3204 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:57:42.0621 3204 srvnet - ok
15:57:42.0621 3204 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:57:42.0652 3204 SSDPSRV - ok
15:57:42.0652 3204 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:57:42.0667 3204 SstpSvc - ok
15:57:42.0683 3204 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:57:42.0699 3204 Stereo Service - ok
15:57:42.0699 3204 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:57:42.0714 3204 stexstor - ok
15:57:42.0730 3204 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:57:42.0745 3204 stisvc - ok
15:57:42.0745 3204 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
15:57:42.0745 3204 storflt - ok
15:57:42.0761 3204 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
15:57:42.0761 3204 StorSvc - ok
15:57:42.0761 3204 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:57:42.0777 3204 storvsc - ok
15:57:42.0777 3204 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:57:42.0777 3204 swenum - ok
15:57:42.0792 3204 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:57:42.0808 3204 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:57:42.0808 3204 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:57:42.0823 3204 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:57:42.0855 3204 swprv - ok
15:57:42.0933 3204 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:57:42.0948 3204 SysMain - ok
15:57:42.0979 3204 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:57:42.0995 3204 TabletInputService - ok
15:57:42.0995 3204 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:57:43.0026 3204 TapiSrv - ok
15:57:43.0026 3204 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:57:43.0042 3204 TBS - ok
15:57:43.0104 3204 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:57:43.0135 3204 Tcpip - ok
15:57:43.0213 3204 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:57:43.0245 3204 TCPIP6 - ok
15:57:43.0260 3204 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:57:43.0291 3204 tcpipreg - ok
15:57:43.0291 3204 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:57:43.0291 3204 TDPIPE - ok
15:57:43.0307 3204 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:57:43.0307 3204 TDTCP - ok
15:57:43.0307 3204 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:57:43.0338 3204 tdx - ok
15:57:43.0338 3204 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:57:43.0338 3204 TermDD - ok
15:57:43.0369 3204 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:57:43.0385 3204 TermService - ok
15:57:43.0401 3204 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:57:43.0401 3204 Themes - ok
15:57:43.0416 3204 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:57:43.0432 3204 THREADORDER - ok
15:57:43.0432 3204 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:57:43.0463 3204 TrkWks - ok
15:57:43.0463 3204 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:57:43.0494 3204 TrustedInstaller - ok
15:57:43.0494 3204 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:57:43.0510 3204 tssecsrv - ok
15:57:43.0525 3204 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:57:43.0525 3204 TsUsbFlt - ok
15:57:43.0525 3204 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:57:43.0557 3204 tunnel - ok
15:57:43.0557 3204 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:57:43.0557 3204 uagp35 - ok
15:57:43.0572 3204 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:57:43.0603 3204 udfs - ok
15:57:43.0603 3204 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:57:43.0619 3204 UI0Detect - ok
15:57:43.0619 3204 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:57:43.0619 3204 uliagpkx - ok
15:57:43.0635 3204 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:57:43.0635 3204 umbus - ok
15:57:43.0635 3204 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:57:43.0650 3204 UmPass - ok
15:57:43.0650 3204 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
15:57:43.0666 3204 UmRdpService - ok
15:57:43.0681 3204 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:57:43.0697 3204 upnphost - ok
15:57:43.0697 3204 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:57:43.0713 3204 USBAAPL64 - ok
15:57:43.0713 3204 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:57:43.0728 3204 usbccgp - ok
15:57:43.0728 3204 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:57:43.0744 3204 usbcir - ok
15:57:43.0744 3204 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:57:43.0744 3204 usbehci - ok
15:57:43.0759 3204 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:57:43.0759 3204 usbhub - ok
15:57:43.0775 3204 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
15:57:43.0775 3204 usbohci - ok
15:57:43.0775 3204 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:57:43.0791 3204 usbprint - ok
15:57:43.0791 3204 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:57:43.0791 3204 USBSTOR - ok
15:57:43.0806 3204 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:57:43.0806 3204 usbuhci - ok
15:57:43.0806 3204 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:57:43.0837 3204 UxSms - ok
15:57:43.0837 3204 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:43.0837 3204 VaultSvc - ok
15:57:43.0837 3204 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:57:43.0853 3204 vdrvroot - ok
15:57:43.0869 3204 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:57:43.0900 3204 vds - ok
15:57:43.0900 3204 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:57:43.0900 3204 vga - ok
15:57:43.0900 3204 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:57:43.0931 3204 VgaSave - ok
15:57:43.0931 3204 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:57:43.0947 3204 vhdmp - ok
15:57:43.0947 3204 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:57:43.0947 3204 viaide - ok
15:57:43.0962 3204 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
15:57:43.0978 3204 vmbus - ok
15:57:43.0978 3204 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:57:43.0978 3204 VMBusHID - ok
15:57:43.0978 3204 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:57:43.0993 3204 volmgr - ok
15:57:44.0009 3204 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:57:44.0009 3204 volmgrx - ok
15:57:44.0025 3204 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:57:44.0040 3204 volsnap - ok
15:57:44.0040 3204 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:57:44.0056 3204 vsmraid - ok
15:57:44.0118 3204 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:57:44.0149 3204 VSS - ok
15:57:44.0181 3204 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:57:44.0181 3204 vwifibus - ok
15:57:44.0196 3204 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:57:44.0227 3204 W32Time - ok
15:57:44.0227 3204 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:57:44.0227 3204 WacomPen - ok
15:57:44.0243 3204 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:57:44.0259 3204 WANARP - ok
15:57:44.0259 3204 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:57:44.0290 3204 Wanarpv6 - ok
15:57:44.0321 3204 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:57:44.0352 3204 WatAdminSvc - ok
15:57:44.0415 3204 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:57:44.0446 3204 wbengine - ok
15:57:44.0477 3204 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:57:44.0477 3204 WbioSrvc - ok
15:57:44.0493 3204 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:57:44.0508 3204 wcncsvc - ok
15:57:44.0508 3204 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:57:44.0524 3204 WcsPlugInService - ok
15:57:44.0524 3204 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:57:44.0524 3204 Wd - ok
15:57:44.0555 3204 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:57:44.0571 3204 Wdf01000 - ok
15:57:44.0571 3204 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:57:44.0586 3204 WdiServiceHost - ok
15:57:44.0586 3204 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:57:44.0602 3204 WdiSystemHost - ok
15:57:44.0617 3204 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:57:44.0617 3204 WebClient - ok
15:57:44.0633 3204 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:57:44.0664 3204 Wecsvc - ok
15:57:44.0664 3204 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:57:44.0680 3204 wercplsupport - ok
15:57:44.0695 3204 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:57:44.0711 3204 WerSvc - ok
15:57:44.0711 3204 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:57:44.0742 3204 WfpLwf - ok
15:57:44.0742 3204 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:57:44.0742 3204 WIMMount - ok
15:57:44.0742 3204 WinDefend - ok
15:57:44.0758 3204 WinHttpAutoProxySvc - ok
15:57:44.0758 3204 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:57:44.0789 3204 Winmgmt - ok
15:57:44.0851 3204 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:57:44.0883 3204 WinRM - ok
15:57:44.0914 3204 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:57:44.0929 3204 WinUsb - ok
15:57:44.0945 3204 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:57:44.0976 3204 Wlansvc - ok
15:57:44.0976 3204 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:57:44.0976 3204 WmiAcpi - ok
15:57:44.0992 3204 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:57:44.0992 3204 wmiApSrv - ok
15:57:45.0007 3204 WMPNetworkSvc - ok
15:57:45.0007 3204 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:57:45.0007 3204 WPCSvc - ok
15:57:45.0023 3204 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:57:45.0023 3204 WPDBusEnum - ok
15:57:45.0039 3204 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:57:45.0054 3204 ws2ifsl - ok
15:57:45.0054 3204 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:57:45.0070 3204 wscsvc - ok
15:57:45.0070 3204 WSearch - ok
15:57:45.0179 3204 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:57:45.0226 3204 wuauserv - ok
15:57:45.0241 3204 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:57:45.0273 3204 WudfPf - ok
15:57:45.0273 3204 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:57:45.0304 3204 WUDFRd - ok
15:57:45.0304 3204 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:57:45.0319 3204 wudfsvc - ok
15:57:45.0335 3204 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:57:45.0351 3204 WwanSvc - ok
15:57:45.0351 3204 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:57:45.0475 3204 \Device\Harddisk1\DR1 - ok
15:57:45.0491 3204 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk0\DR0
15:57:45.0507 3204 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:57:45.0507 3204 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:57:45.0522 3204 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
15:57:45.0585 3204 \Device\Harddisk2\DR2 - ok
15:57:45.0585 3204 Boot (0x1200) (0d73b2af4ecc292ce8e6c047e8b15d90) \Device\Harddisk1\DR1\Partition0
15:57:45.0600 3204 \Device\Harddisk1\DR1\Partition0 - ok
15:57:45.0600 3204 Boot (0x1200) (d24332b2d8897728f512deb0076e707c) \Device\Harddisk1\DR1\Partition1
15:57:45.0600 3204 \Device\Harddisk1\DR1\Partition1 - ok
15:57:45.0616 3204 Boot (0x1200) (29d66b9199e8e2f665759041c375e59f) \Device\Harddisk1\DR1\Partition2
15:57:45.0616 3204 \Device\Harddisk1\DR1\Partition2 - ok
15:57:45.0616 3204 Boot (0x1200) (383fb4de964492816f1a75903b47ab9f) \Device\Harddisk0\DR0\Partition0
15:57:45.0631 3204 \Device\Harddisk0\DR0\Partition0 - ok
15:57:45.0631 3204 Boot (0x1200) (4c328a704b24d56b0ccee729b19864b4) \Device\Harddisk0\DR0\Partition1
15:57:45.0631 3204 \Device\Harddisk0\DR0\Partition1 - ok
15:57:45.0631 3204 Boot (0x1200) (6437db7024f5cdba5c5f8d5140089dab) \Device\Harddisk2\DR2\Partition0
15:57:45.0631 3204 \Device\Harddisk2\DR2\Partition0 - ok
15:57:45.0631 3204 ============================================================
15:57:45.0631 3204 Scan finished
15:57:45.0631 3204 ============================================================
15:57:45.0647 1932 Detected object count: 4
15:57:45.0647 1932 Actual detected object count: 4
15:58:17.0674 1932 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:17.0674 1932 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:17.0674 1932 SDLService ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:17.0674 1932 SDLService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:17.0674 1932 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:17.0674 1932 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:17.0690 1932 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:58:17.0690 1932 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
15.07.2012, 15:06
| #17 |
| /// Malware-holic   | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien ne, meine zweite, schlimmere vermutung hat sich bestätigt
__________________15:58:17.0690 1932 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip bei diesem eintrag erst mal cure wählen, dann neustart und neues log erstellen.
__________________ |
|
15.07.2012, 15:18
| #18 |
| | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien Ich habe nur die Möglichkeiten "Skip", "Copy to quarantine" und "Delete".
__________________Hallo Markus, "Cure" wird wohl nur angeboten bei schädllichen Objekten. Bei mir hat er aber nur "verdächtige" gefunden. Was soll ich nun mit dem Fund anfangen? |
|
16.07.2012, 17:57
| #19 |
| | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien Hallo Markus, vermutlich hast du mich wieder aus den Augen verloren. Ich wüsste doch gerne, wie ich nun weiter verfahren soll. Leider bin ich wegen der vielen Dinge, die gerade nebeneinander verlaufen, etwas unsicher und vermutlich auch wehleidig, aber ich würde die Sache gerne zeitnah abschließen, sofern das überhaupt möglich ist. Man bekommt ja auch nicht mit, wie der Status Quo gerade ist. An der Unmöglichkeit Windows Update auszuführen hat sich nichts geändert. Was mit dem TDSS passieren soll, ist auch nicht geklärt. Und der ursprüngliche Bundespolizei-Trojaner schlendert womöglich auch noch irgendwo umher. Es wäre wirklich super, wenn du nochmal etwas Zeit investieren könntest. Ich würde mir dann ebenfalls die Zeit nehmen, bei der Sache zu bleiben. Gruß Stefan |
|
17.07.2012, 19:16
| #20 |
| /// Malware-holic | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien hi, ich wartete eigendlich auf das tdss killer log, auf c: zu finden.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.07.2012, 19:34
| #21 |
| | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien Hallo Markus, das Log hatte ich dir schon am 15. um 16 Uhr gepostet. Daraufhin sollte ich die Option "cure" wählen, die es nicht gab. Siehe die letzten Postings von mir. |
|
18.07.2012, 23:41
| #22 |
| | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien Hallo Markus, falls du keine Zeit hast, mir deine Ratschläge weiterhin zur Verfügung zu stellen, dann empfehle mir doch bitte einen Kollegen. Ich habe nicht die Zeit und die Nerven, tagelang suf Antworten zu warten, und wenn Sie dann kommen, feststellen zu müssen, dass du die letzten Postings gar nicht gelesen hast. Ich habe die Forenregeln gelesen und weiß, dass Crosspostings oder Parallelthreads verpönt sind, sonst hätte ich schon längst jemand anderen gebeten, mit zu helfen. Der Thread wurde am 6. Juli eröffnet, das war vor zwei Wochen. Bis jetzt hat sich an meinem System NICHTS verändert. Als ich 2010 ein Problem mit einem Trojaner hatte, hat mir Arne innerhalb dieser Zeit alles in Ordnung gebracht. Ich möchte natürlich niemanden verurteilen, dessen Beweggründe ich nicht kenne, und es ist auch nicht persönlich gemeint, aber ich möchte gene mein System säubern, und ich hatte mir von dir, respektive dem TB Hilfe erhofft. Falls du noch eine Möglichkeit siehst, meinen Karren aus dem Dreck zu ziehen, melde dich bitte, ansonsten werde ich wohl oder übel einen neuen Thread starten müssen. Gruß Stefan |
|
19.07.2012, 15:04
| #23 |
| /// Malware-holic | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien hi malwrre entwickelt sich innerhalb von 2 jahren sie wird komplexxer und kann sich dadurch besser im system verstecken. ichhatte dir auf der vorhergehenen seite ein rootkit eintrag gezeigt, dies ist eine versteckte partition des tdss rootkits. deswegen führe den scan noch mal mit den selben einstellungen aus. dann müsste dir der tdss killer eine "cure" option ausgeben. prüfe dies bitte erneut. außerdem solltest du dir überlegen, dass wir jetzt sicher das doppelte an anfragen im vergleich zu früher haben, was einiges an mehr aufwand bedeutet, nen privat leben und arbeitsleben haben wir zusätzlich zu bestreiten...
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet Geändert von markusg (19.07.2012 um 15:28 Uhr) |
|
19.07.2012, 16:21
| #24 |
| | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien Hallo Markus, wie gesagt, hatte ich mich nur gewundert, dass du das Log nicht bemerkt hast, bzw. die Postings übersehen. Habe nochmals das aktuelle Killer-Log, wobei sich nichts geändert hat. Eine "cure"-Option wird nicht angeboten. Code:
ATTFilter 17:13:56.0857 0576 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
17:13:57.0339 0576 ============================================================
17:13:57.0339 0576 Current date / time: 2012/07/19 17:13:57.0339
17:13:57.0339 0576 SystemInfo:
17:13:57.0339 0576
17:13:57.0339 0576 OS Version: 6.1.7601 ServicePack: 1.0
17:13:57.0339 0576 Product type: Workstation
17:13:57.0339 0576 ComputerName: STEFFI-PC
17:13:57.0340 0576 UserName: Steffi
17:13:57.0340 0576 Windows directory: C:\Windows
17:13:57.0340 0576 System windows directory: C:\Windows
17:13:57.0340 0576 Running under WOW64
17:13:57.0340 0576 Processor architecture: Intel x64
17:13:57.0340 0576 Number of processors: 4
17:13:57.0340 0576 Page size: 0x1000
17:13:57.0340 0576 Boot type: Normal boot
17:13:57.0340 0576 ============================================================
17:13:57.0511 0576 Drive \Device\Harddisk2\DR2 - Size: 0x1BF31C0000 (111.80 Gb), SectorSize: 0x200, Cylinders: 0x3902, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
17:13:57.0981 0576 Drive \Device\Harddisk0\DR0 - Size: 0x950AC4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13000, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:13:57.0990 0576 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:13:57.0999 0576 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:13:58.0008 0576 Drive \Device\Harddisk4\DR5 - Size: 0x3BA815A00 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:13:58.0012 0576 ============================================================
17:13:58.0012 0576 \Device\Harddisk2\DR2:
17:13:58.0012 0576 MBR partitions:
17:13:58.0012 0576 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:13:58.0012 0576 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6175800
17:13:58.0012 0576 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x61A8000, BlocksNum 0x7DEF800
17:13:58.0012 0576 \Device\Harddisk0\DR0:
17:13:58.0013 0576 MBR partitions:
17:13:58.0013 0576 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856231
17:13:58.0013 0576 \Device\Harddisk1\DR1:
17:13:58.0013 0576 MBR partitions:
17:13:58.0013 0576 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18000
17:13:58.0013 0576 \Device\Harddisk3\DR3:
17:13:58.0013 0576 MBR partitions:
17:13:58.0013 0576 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:13:58.0013 0576 \Device\Harddisk4\DR5:
17:13:58.0014 0576 MBR partitions:
17:13:58.0014 0576 \Device\Harddisk4\DR5\Partition0: MBR, Type 0xC, StartLBA 0xCC, BlocksNum 0x1DD3FE4
17:13:58.0014 0576 ============================================================
17:13:58.0015 0576 C: <-> \Device\Harddisk2\DR2\Partition1
17:13:58.0016 0576 D: <-> \Device\Harddisk2\DR2\Partition2
17:13:58.0037 0576 I: <-> \Device\Harddisk3\DR3\Partition0
17:13:58.0051 0576 F: <-> \Device\Harddisk0\DR0\Partition0
17:13:58.0057 0576 S: <-> \Device\Harddisk1\DR1\Partition0
17:13:58.0057 0576 G: <-> \Device\Harddisk4\DR5\Partition0
17:13:58.0058 0576 ============================================================
17:13:58.0058 0576 Initialize success
17:13:58.0058 0576 ============================================================
17:14:39.0344 4728 ============================================================
17:14:39.0344 4728 Scan started
17:14:39.0344 4728 Mode: Manual; SigCheck; TDLFS;
17:14:39.0344 4728 ============================================================
17:14:39.0532 4728 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:14:39.0563 4728 1394ohci - ok
17:14:39.0576 4728 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:14:39.0586 4728 ACPI - ok
17:14:39.0588 4728 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:14:39.0603 4728 AcpiPmi - ok
17:14:39.0627 4728 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:14:39.0635 4728 AdobeFlashPlayerUpdateSvc - ok
17:14:39.0652 4728 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:14:39.0665 4728 adp94xx - ok
17:14:39.0677 4728 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:14:39.0687 4728 adpahci - ok
17:14:39.0694 4728 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:14:39.0703 4728 adpu320 - ok
17:14:39.0709 4728 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:14:39.0754 4728 AeLookupSvc - ok
17:14:39.0770 4728 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:14:39.0782 4728 AFD - ok
17:14:39.0787 4728 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:14:39.0794 4728 agp440 - ok
17:14:39.0798 4728 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:14:39.0807 4728 ALG - ok
17:14:39.0809 4728 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:14:39.0816 4728 aliide - ok
17:14:39.0818 4728 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:14:39.0825 4728 amdide - ok
17:14:39.0829 4728 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:14:39.0838 4728 AmdK8 - ok
17:14:39.0842 4728 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:14:39.0849 4728 AmdPPM - ok
17:14:39.0854 4728 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:14:39.0861 4728 amdsata - ok
17:14:39.0869 4728 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:14:39.0878 4728 amdsbs - ok
17:14:39.0881 4728 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:14:39.0888 4728 amdxata - ok
17:14:39.0892 4728 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:14:39.0939 4728 AppID - ok
17:14:39.0942 4728 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:14:39.0965 4728 AppIDSvc - ok
17:14:39.0969 4728 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:14:39.0990 4728 Appinfo - ok
17:14:39.0995 4728 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:14:40.0001 4728 Apple Mobile Device - ok
17:14:40.0005 4728 AppleCharger (ba957e7acd2b44fa3b01faa64f6a9060) C:\Windows\system32\DRIVERS\AppleCharger.sys
17:14:40.0272 4728 AppleCharger - ok
17:14:40.0275 4728 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
17:14:40.0284 4728 AppleChargerSrv - ok
17:14:40.0293 4728 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
17:14:40.0307 4728 AppMgmt - ok
17:14:40.0312 4728 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:14:40.0322 4728 arc - ok
17:14:40.0326 4728 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:14:40.0334 4728 arcsas - ok
17:14:40.0338 4728 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:14:40.0360 4728 AsyncMac - ok
17:14:40.0363 4728 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:14:40.0370 4728 atapi - ok
17:14:40.0392 4728 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:14:40.0420 4728 AudioEndpointBuilder - ok
17:14:40.0425 4728 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:14:40.0450 4728 AudioSrv - ok
17:14:40.0455 4728 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:14:40.0472 4728 AxInstSV - ok
17:14:40.0487 4728 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:14:40.0499 4728 b06bdrv - ok
17:14:40.0508 4728 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:14:40.0518 4728 b57nd60a - ok
17:14:40.0524 4728 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:14:40.0533 4728 BDESVC - ok
17:14:40.0535 4728 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:14:40.0557 4728 Beep - ok
17:14:40.0579 4728 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:14:40.0607 4728 BFE - ok
17:14:40.0636 4728 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
17:14:40.0666 4728 BITS - ok
17:14:40.0672 4728 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:14:40.0679 4728 blbdrive - ok
17:14:40.0695 4728 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:14:40.0705 4728 Bonjour Service - ok
17:14:40.0711 4728 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:14:40.0718 4728 bowser - ok
17:14:40.0720 4728 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:14:40.0735 4728 BrFiltLo - ok
17:14:40.0737 4728 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:14:40.0746 4728 BrFiltUp - ok
17:14:40.0752 4728 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:14:40.0775 4728 Bridge - ok
17:14:40.0777 4728 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:14:40.0798 4728 BridgeMP - ok
17:14:40.0805 4728 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:14:40.0827 4728 Browser - ok
17:14:40.0841 4728 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:14:40.0851 4728 Brserid - ok
17:14:40.0855 4728 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:14:40.0864 4728 BrSerWdm - ok
17:14:40.0867 4728 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:14:40.0875 4728 BrUsbMdm - ok
17:14:40.0877 4728 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:14:40.0885 4728 BrUsbSer - ok
17:14:40.0889 4728 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:14:40.0898 4728 BTHMODEM - ok
17:14:40.0904 4728 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:14:40.0926 4728 bthserv - ok
17:14:40.0928 4728 catchme - ok
17:14:40.0935 4728 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:14:40.0957 4728 cdfs - ok
17:14:40.0964 4728 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:14:40.0972 4728 cdrom - ok
17:14:40.0977 4728 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:14:40.0999 4728 CertPropSvc - ok
17:14:41.0003 4728 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:14:41.0012 4728 circlass - ok
17:14:41.0025 4728 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:14:41.0036 4728 CLFS - ok
17:14:41.0042 4728 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:14:41.0049 4728 clr_optimization_v2.0.50727_32 - ok
17:14:41.0054 4728 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:14:41.0060 4728 clr_optimization_v2.0.50727_64 - ok
17:14:41.0070 4728 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:14:41.0077 4728 clr_optimization_v4.0.30319_32 - ok
17:14:41.0086 4728 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:14:41.0092 4728 clr_optimization_v4.0.30319_64 - ok
17:14:41.0095 4728 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:14:41.0102 4728 CmBatt - ok
17:14:41.0104 4728 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:14:41.0111 4728 cmdide - ok
17:14:41.0126 4728 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:14:41.0142 4728 CNG - ok
17:14:41.0145 4728 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:14:41.0153 4728 Compbatt - ok
17:14:41.0156 4728 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:14:41.0164 4728 CompositeBus - ok
17:14:41.0166 4728 COMSysApp - ok
17:14:41.0171 4728 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
17:14:41.0176 4728 cpuz135 - ok
17:14:41.0178 4728 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:14:41.0185 4728 crcdisk - ok
17:14:41.0193 4728 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:14:41.0202 4728 CryptSvc - ok
17:14:41.0221 4728 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:14:41.0234 4728 CSC - ok
17:14:41.0257 4728 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
17:14:41.0274 4728 CscService - ok
17:14:41.0292 4728 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:14:41.0318 4728 DcomLaunch - ok
17:14:41.0329 4728 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:14:41.0354 4728 defragsvc - ok
17:14:41.0361 4728 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:14:41.0383 4728 DfsC - ok
17:14:41.0395 4728 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:14:41.0419 4728 Dhcp - ok
17:14:41.0423 4728 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:14:41.0445 4728 discache - ok
17:14:41.0449 4728 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:14:41.0456 4728 Disk - ok
17:14:41.0464 4728 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:14:41.0473 4728 Dnscache - ok
17:14:41.0482 4728 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:14:41.0505 4728 dot3svc - ok
17:14:41.0512 4728 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:14:41.0535 4728 DPS - ok
17:14:41.0537 4728 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:14:41.0545 4728 drmkaud - ok
17:14:41.0585 4728 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:14:41.0642 4728 DXGKrnl - ok
17:14:41.0648 4728 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:14:41.0682 4728 EapHost - ok
17:14:41.0778 4728 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:14:41.0827 4728 ebdrv - ok
17:14:41.0850 4728 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:14:41.0861 4728 EFS - ok
17:14:41.0884 4728 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:14:41.0904 4728 ehRecvr - ok
17:14:41.0911 4728 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:14:41.0921 4728 ehSched - ok
17:14:41.0940 4728 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:14:41.0952 4728 elxstor - ok
17:14:41.0955 4728 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:14:41.0962 4728 ErrDev - ok
17:14:41.0967 4728 ES lite Service (b8fa96995726d1fa58476e352c02ad82) C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
17:14:41.0972 4728 ES lite Service - ok
17:14:41.0988 4728 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:14:42.0013 4728 EventSystem - ok
17:14:42.0028 4728 ewusbmbb (334c907536e815e56cd13108a6d5fb9d) C:\Windows\system32\DRIVERS\ewusbwwan.sys
17:14:42.0038 4728 ewusbmbb - ok
17:14:42.0040 4728 ewusbnet - ok
17:14:42.0047 4728 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
17:14:42.0056 4728 ew_hwusbdev - ok
17:14:42.0064 4728 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:14:42.0087 4728 exfat - ok
17:14:42.0096 4728 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:14:42.0120 4728 fastfat - ok
17:14:42.0141 4728 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:14:42.0154 4728 Fax - ok
17:14:42.0158 4728 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:14:42.0165 4728 fdc - ok
17:14:42.0167 4728 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:14:42.0189 4728 fdPHost - ok
17:14:42.0193 4728 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:14:42.0215 4728 FDResPub - ok
17:14:42.0219 4728 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:14:42.0226 4728 FileInfo - ok
17:14:42.0229 4728 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:14:42.0250 4728 Filetrace - ok
17:14:42.0253 4728 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:14:42.0260 4728 flpydisk - ok
17:14:42.0270 4728 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:14:42.0280 4728 FltMgr - ok
17:14:42.0316 4728 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:14:42.0334 4728 FontCache - ok
17:14:42.0339 4728 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:14:42.0344 4728 FontCache3.0.0.0 - ok
17:14:42.0350 4728 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:14:42.0357 4728 FsDepends - ok
17:14:42.0360 4728 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:14:42.0366 4728 Fs_Rec - ok
17:14:42.0375 4728 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:14:42.0386 4728 fvevol - ok
17:14:42.0390 4728 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:14:42.0398 4728 gagp30kx - ok
17:14:42.0400 4728 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
17:14:42.0405 4728 gdrv - ok
17:14:42.0408 4728 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:14:42.0413 4728 GEARAspiWDM - ok
17:14:42.0439 4728 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:14:42.0467 4728 gpsvc - ok
17:14:42.0475 4728 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:14:42.0481 4728 gupdate - ok
17:14:42.0483 4728 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:14:42.0489 4728 gupdatem - ok
17:14:42.0492 4728 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:14:42.0500 4728 hcw85cir - ok
17:14:42.0513 4728 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:14:42.0525 4728 HdAudAddService - ok
17:14:42.0531 4728 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:14:42.0541 4728 HDAudBus - ok
17:14:42.0543 4728 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:14:42.0551 4728 HidBatt - ok
17:14:42.0556 4728 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:14:42.0565 4728 HidBth - ok
17:14:42.0568 4728 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:14:42.0577 4728 HidIr - ok
17:14:42.0580 4728 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
17:14:42.0603 4728 hidserv - ok
17:14:42.0606 4728 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:14:42.0613 4728 HidUsb - ok
17:14:42.0617 4728 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:14:42.0640 4728 hkmsvc - ok
17:14:42.0650 4728 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:14:42.0660 4728 HomeGroupListener - ok
17:14:42.0668 4728 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:14:42.0677 4728 HomeGroupProvider - ok
17:14:42.0681 4728 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:14:42.0689 4728 HpSAMD - ok
17:14:42.0715 4728 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:14:42.0743 4728 HTTP - ok
17:14:42.0749 4728 huawei_enumerator (1642c62f1fd5e1ff44608283994a7bb8) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
17:14:42.0757 4728 huawei_enumerator - ok
17:14:42.0768 4728 hwdatacard (04d1de1e8ace40ca396502c90524e945) C:\Windows\system32\DRIVERS\ewusbmdm.sys
17:14:42.0779 4728 hwdatacard - ok
17:14:42.0781 4728 HWDeviceService64.exe - ok
17:14:42.0785 4728 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:14:42.0791 4728 hwpolicy - ok
17:14:42.0794 4728 hwusbdev - ok
17:14:42.0804 4728 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:14:42.0812 4728 i8042prt - ok
17:14:42.0825 4728 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:14:42.0837 4728 iaStorV - ok
17:14:42.0842 4728 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:14:42.0845 4728 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:14:42.0845 4728 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:14:42.0870 4728 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:14:42.0885 4728 idsvc - ok
17:14:42.0908 4728 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:14:42.0915 4728 iirsp - ok
17:14:42.0943 4728 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:14:42.0972 4728 IKEEXT - ok
17:14:43.0050 4728 IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys
17:14:43.0077 4728 IntcAzAudAddService - ok
17:14:43.0100 4728 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:14:43.0106 4728 intelide - ok
17:14:43.0111 4728 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:14:43.0118 4728 intelppm - ok
17:14:43.0123 4728 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:14:43.0146 4728 IPBusEnum - ok
17:14:43.0150 4728 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:14:43.0172 4728 IpFilterDriver - ok
17:14:43.0190 4728 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:14:43.0216 4728 iphlpsvc - ok
17:14:43.0220 4728 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:14:43.0228 4728 IPMIDRV - ok
17:14:43.0234 4728 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:14:43.0257 4728 IPNAT - ok
17:14:43.0285 4728 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
17:14:43.0299 4728 iPod Service - ok
17:14:43.0302 4728 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:14:43.0311 4728 IRENUM - ok
17:14:43.0314 4728 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:14:43.0321 4728 isapnp - ok
17:14:43.0331 4728 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:14:43.0340 4728 iScsiPrt - ok
17:14:43.0344 4728 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:14:43.0351 4728 kbdclass - ok
17:14:43.0354 4728 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:14:43.0361 4728 kbdhid - ok
17:14:43.0364 4728 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:43.0371 4728 KeyIso - ok
17:14:43.0376 4728 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:14:43.0383 4728 KSecDD - ok
17:14:43.0390 4728 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:14:43.0398 4728 KSecPkg - ok
17:14:43.0401 4728 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:14:43.0423 4728 ksthunk - ok
17:14:43.0434 4728 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:14:43.0459 4728 KtmRm - ok
17:14:43.0469 4728 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
17:14:43.0492 4728 LanmanServer - ok
17:14:43.0498 4728 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:14:43.0520 4728 LanmanWorkstation - ok
17:14:43.0526 4728 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:14:43.0548 4728 lltdio - ok
17:14:43.0559 4728 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:14:43.0584 4728 lltdsvc - ok
17:14:43.0587 4728 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:14:43.0610 4728 lmhosts - ok
17:14:43.0617 4728 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:14:43.0625 4728 LSI_FC - ok
17:14:43.0630 4728 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:14:43.0637 4728 LSI_SAS - ok
17:14:43.0642 4728 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:14:43.0649 4728 LSI_SAS2 - ok
17:14:43.0655 4728 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:14:43.0662 4728 LSI_SCSI - ok
17:14:43.0667 4728 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:14:43.0690 4728 luafv - ok
17:14:43.0694 4728 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
17:14:43.0700 4728 MBAMProtector - ok
17:14:43.0720 4728 MBAMService (43683e970f008c93c9429ef428147a54) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:14:43.0731 4728 MBAMService - ok
17:14:43.0736 4728 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:14:43.0744 4728 Mcx2Svc - ok
17:14:43.0747 4728 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:14:43.0754 4728 megasas - ok
17:14:43.0764 4728 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:14:43.0773 4728 MegaSR - ok
17:14:43.0778 4728 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:14:43.0801 4728 MMCSS - ok
17:14:43.0804 4728 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:14:43.0826 4728 Modem - ok
17:14:43.0829 4728 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:14:43.0838 4728 monitor - ok
17:14:43.0842 4728 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:14:43.0848 4728 mouclass - ok
17:14:43.0851 4728 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:14:43.0858 4728 mouhid - ok
17:14:43.0864 4728 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:14:43.0871 4728 mountmgr - ok
17:14:43.0878 4728 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:14:43.0886 4728 mpio - ok
17:14:43.0891 4728 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:14:43.0913 4728 mpsdrv - ok
17:14:43.0940 4728 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:14:43.0969 4728 MpsSvc - ok
17:14:43.0975 4728 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:14:43.0987 4728 MRxDAV - ok
17:14:43.0994 4728 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:14:44.0002 4728 mrxsmb - ok
17:14:44.0013 4728 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:14:44.0022 4728 mrxsmb10 - ok
17:14:44.0029 4728 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:14:44.0036 4728 mrxsmb20 - ok
17:14:44.0039 4728 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:14:44.0046 4728 msahci - ok
17:14:44.0052 4728 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:14:44.0060 4728 msdsm - ok
17:14:44.0066 4728 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:14:44.0075 4728 MSDTC - ok
17:14:44.0080 4728 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:14:44.0102 4728 Msfs - ok
17:14:44.0105 4728 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:14:44.0126 4728 mshidkmdf - ok
17:14:44.0129 4728 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:14:44.0135 4728 msisadrv - ok
17:14:44.0142 4728 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:14:44.0165 4728 MSiSCSI - ok
17:14:44.0167 4728 msiserver - ok
17:14:44.0171 4728 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:14:44.0192 4728 MSKSSRV - ok
17:14:44.0195 4728 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:14:44.0217 4728 MSPCLOCK - ok
17:14:44.0219 4728 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:14:44.0241 4728 MSPQM - ok
17:14:44.0254 4728 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:14:44.0264 4728 MsRPC - ok
17:14:44.0269 4728 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:14:44.0276 4728 mssmbios - ok
17:14:44.0278 4728 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:14:44.0300 4728 MSTEE - ok
17:14:44.0303 4728 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:14:44.0310 4728 MTConfig - ok
17:14:44.0314 4728 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:14:44.0321 4728 Mup - ok
17:14:44.0338 4728 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:14:44.0364 4728 napagent - ok
17:14:44.0376 4728 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:14:44.0389 4728 NativeWifiP - ok
17:14:44.0420 4728 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:14:44.0439 4728 NDIS - ok
17:14:44.0442 4728 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:14:44.0464 4728 NdisCap - ok
17:14:44.0467 4728 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:14:44.0489 4728 NdisTapi - ok
17:14:44.0493 4728 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:14:44.0514 4728 Ndisuio - ok
17:14:44.0521 4728 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:14:44.0544 4728 NdisWan - ok
17:14:44.0548 4728 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:14:44.0569 4728 NDProxy - ok
17:14:44.0573 4728 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:14:44.0594 4728 NetBIOS - ok
17:14:44.0605 4728 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:14:44.0629 4728 NetBT - ok
17:14:44.0634 4728 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:44.0644 4728 Netlogon - ok
17:14:44.0657 4728 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:14:44.0682 4728 Netman - ok
17:14:44.0688 4728 NetMsmqActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:14:44.0695 4728 NetMsmqActivator - ok
17:14:44.0697 4728 NetPipeActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:14:44.0703 4728 NetPipeActivator - ok
17:14:44.0718 4728 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:14:44.0744 4728 netprofm - ok
17:14:44.0747 4728 NetTcpActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:14:44.0753 4728 NetTcpActivator - ok
17:14:44.0755 4728 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:14:44.0761 4728 NetTcpPortSharing - ok
17:14:44.0765 4728 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:14:44.0772 4728 nfrd960 - ok
17:14:44.0783 4728 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:14:44.0808 4728 NlaSvc - ok
17:14:44.0811 4728 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:14:44.0833 4728 Npfs - ok
17:14:44.0836 4728 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:14:44.0859 4728 nsi - ok
17:14:44.0862 4728 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:14:44.0884 4728 nsiproxy - ok
17:14:44.0941 4728 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:14:44.0968 4728 Ntfs - ok
17:14:44.0990 4728 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:14:45.0012 4728 Null - ok
17:14:45.0017 4728 nusb3hub (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:14:45.0023 4728 nusb3hub - ok
17:14:45.0031 4728 nusb3xhc (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:14:45.0038 4728 nusb3xhc - ok
17:14:45.0046 4728 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
17:14:45.0053 4728 NVHDA - ok
17:14:45.0608 4728 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:14:45.0747 4728 nvlddmkm - ok
17:14:45.0776 4728 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:14:45.0784 4728 nvraid - ok
17:14:45.0791 4728 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:14:45.0799 4728 nvstor - ok
17:14:45.0826 4728 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
17:14:45.0842 4728 nvsvc - ok
17:14:45.0930 4728 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:14:45.0972 4728 nvUpdatusService - ok
17:14:45.0999 4728 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:14:46.0010 4728 nv_agp - ok
17:14:46.0016 4728 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:14:46.0025 4728 ohci1394 - ok
17:14:46.0030 4728 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:14:46.0036 4728 ose - ok
17:14:46.0049 4728 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:14:46.0059 4728 p2pimsvc - ok
17:14:46.0074 4728 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:14:46.0085 4728 p2psvc - ok
17:14:46.0091 4728 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:14:46.0098 4728 Parport - ok
17:14:46.0103 4728 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:14:46.0110 4728 partmgr - ok
17:14:46.0117 4728 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:14:46.0130 4728 PcaSvc - ok
17:14:46.0137 4728 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:14:46.0145 4728 pci - ok
17:14:46.0148 4728 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:14:46.0154 4728 pciide - ok
17:14:46.0162 4728 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:14:46.0171 4728 pcmcia - ok
17:14:46.0175 4728 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:14:46.0182 4728 pcw - ok
17:14:46.0185 4728 PdiPorts (25fd4d8109114266a610fd1088bfd522) C:\Windows\system32\DRIVERS\PdiPorts.sys
17:14:46.0190 4728 PdiPorts - ok
17:14:46.0196 4728 PdiService (fed28c565de5f73b7c5b32841229e496) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
17:14:46.0202 4728 PdiService - ok
17:14:46.0228 4728 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:14:46.0256 4728 PEAUTH - ok
17:14:46.0314 4728 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
17:14:46.0345 4728 PeerDistSvc - ok
17:14:46.0364 4728 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:14:46.0375 4728 PerfHost - ok
17:14:46.0455 4728 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:14:46.0506 4728 pla - ok
17:14:46.0521 4728 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:14:46.0532 4728 PlugPlay - ok
17:14:46.0535 4728 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:14:46.0543 4728 PNRPAutoReg - ok
17:14:46.0555 4728 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:14:46.0564 4728 PNRPsvc - ok
17:14:46.0580 4728 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:14:46.0606 4728 PolicyAgent - ok
17:14:46.0615 4728 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:14:46.0639 4728 Power - ok
17:14:46.0647 4728 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:14:46.0669 4728 PptpMiniport - ok
17:14:46.0673 4728 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:14:46.0681 4728 Processor - ok
17:14:46.0689 4728 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:14:46.0699 4728 ProfSvc - ok
17:14:46.0702 4728 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:46.0709 4728 ProtectedStorage - ok
17:14:46.0715 4728 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:14:46.0737 4728 Psched - ok
17:14:46.0781 4728 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:14:46.0805 4728 ql2300 - ok
17:14:46.0831 4728 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:14:46.0839 4728 ql40xx - ok
17:14:46.0848 4728 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:14:46.0860 4728 QWAVE - ok
17:14:46.0864 4728 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:14:46.0874 4728 QWAVEdrv - ok
17:14:46.0876 4728 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:14:46.0898 4728 RasAcd - ok
17:14:46.0902 4728 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:14:46.0925 4728 RasAgileVpn - ok
17:14:46.0930 4728 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:14:46.0954 4728 RasAuto - ok
17:14:46.0961 4728 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:14:46.0983 4728 Rasl2tp - ok
17:14:46.0995 4728 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:14:47.0020 4728 RasMan - ok
17:14:47.0026 4728 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:14:47.0048 4728 RasPppoe - ok
17:14:47.0053 4728 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:14:47.0075 4728 RasSstp - ok
17:14:47.0087 4728 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:14:47.0111 4728 rdbss - ok
17:14:47.0114 4728 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:14:47.0123 4728 rdpbus - ok
17:14:47.0125 4728 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:14:47.0147 4728 RDPCDD - ok
17:14:47.0155 4728 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:14:47.0164 4728 RDPDR - ok
17:14:47.0166 4728 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:14:47.0187 4728 RDPENCDD - ok
17:14:47.0191 4728 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:14:47.0213 4728 RDPREFMP - ok
17:14:47.0221 4728 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:14:47.0230 4728 RDPWD - ok
17:14:47.0239 4728 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:14:47.0248 4728 rdyboost - ok
17:14:47.0253 4728 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:14:47.0276 4728 RemoteAccess - ok
17:14:47.0282 4728 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:14:47.0306 4728 RemoteRegistry - ok
17:14:47.0311 4728 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:14:47.0334 4728 RpcEptMapper - ok
17:14:47.0336 4728 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:14:47.0344 4728 RpcLocator - ok
17:14:47.0360 4728 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:14:47.0385 4728 RpcSs - ok
17:14:47.0390 4728 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:14:47.0413 4728 rspndr - ok
17:14:47.0416 4728 rtkio (5dc26837e5af8244233f78cb9c3ac988) C:\Program Files (x86)\Realtek\Smart Dual Lan\rtkio.sys
17:14:47.0421 4728 rtkio - ok
17:14:47.0434 4728 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:14:47.0442 4728 RTL8167 - ok
17:14:47.0446 4728 RtNdPt60 (2b38c905492f36fe42b59da52d6b4eb7) C:\Windows\system32\DRIVERS\RtNdPt60.sys
17:14:47.0451 4728 RtNdPt60 - ok
17:14:47.0455 4728 RTTEAMPT (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
17:14:47.0462 4728 RTTEAMPT - ok
17:14:47.0465 4728 RTVLANPT (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVlan60.sys
17:14:47.0470 4728 RTVLANPT - ok
17:14:47.0472 4728 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
17:14:47.0479 4728 s3cap - ok
17:14:47.0482 4728 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:47.0489 4728 SamSs - ok
17:14:47.0494 4728 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:14:47.0502 4728 sbp2port - ok
17:14:47.0509 4728 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:14:47.0533 4728 SCardSvr - ok
17:14:47.0536 4728 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:14:47.0558 4728 scfilter - ok
17:14:47.0592 4728 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:14:47.0625 4728 Schedule - ok
17:14:47.0629 4728 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:14:47.0650 4728 SCPolicySvc - ok
17:14:47.0656 4728 SDLService (b0e6ca5d36dc5f0019a73b8aab35c5dc) C:\Program Files (x86)\Realtek\Smart Dual Lan\SDLService.exe
17:14:47.0659 4728 SDLService ( UnsignedFile.Multi.Generic ) - warning
17:14:47.0659 4728 SDLService - detected UnsignedFile.Multi.Generic (1)
17:14:47.0666 4728 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:14:47.0675 4728 SDRSVC - ok
17:14:47.0680 4728 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:14:47.0702 4728 secdrv - ok
17:14:47.0705 4728 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:14:47.0727 4728 seclogon - ok
17:14:47.0731 4728 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
17:14:47.0755 4728 SENS - ok
17:14:47.0758 4728 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:14:47.0765 4728 SensrSvc - ok
17:14:47.0768 4728 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:14:47.0775 4728 Serenum - ok
17:14:47.0780 4728 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:14:47.0787 4728 Serial - ok
17:14:47.0791 4728 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:14:47.0798 4728 sermouse - ok
17:14:47.0808 4728 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:14:47.0830 4728 SessionEnv - ok
17:14:47.0833 4728 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:14:47.0840 4728 sffdisk - ok
17:14:47.0842 4728 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:14:47.0849 4728 sffp_mmc - ok
17:14:47.0851 4728 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:14:47.0859 4728 sffp_sd - ok
17:14:47.0862 4728 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:14:47.0868 4728 sfloppy - ok
17:14:47.0881 4728 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:14:47.0906 4728 SharedAccess - ok
17:14:47.0918 4728 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:14:47.0943 4728 ShellHWDetection - ok
17:14:47.0956 4728 Si3124r5 (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\DRIVERS\Si3124r5.sys
17:14:47.0965 4728 Si3124r5 - ok
17:14:47.0968 4728 SiFilter (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\DRIVERS\SiWinAcc.sys
17:14:47.0972 4728 SiFilter - ok
17:14:47.0975 4728 SiRemFil (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\DRIVERS\SiRemFil.sys
17:14:47.0980 4728 SiRemFil - ok
17:14:47.0983 4728 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:14:47.0990 4728 SiSRaid2 - ok
17:14:47.0995 4728 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:14:48.0002 4728 SiSRaid4 - ok
17:14:48.0007 4728 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:14:48.0030 4728 Smb - ok
17:14:48.0036 4728 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:14:48.0044 4728 SNMPTRAP - ok
17:14:48.0047 4728 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:14:48.0053 4728 spldr - ok
17:14:48.0071 4728 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:14:48.0098 4728 Spooler - ok
17:14:48.0265 4728 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:14:48.0347 4728 sppsvc - ok
17:14:48.0371 4728 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:14:48.0394 4728 sppuinotify - ok
17:14:48.0412 4728 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:14:48.0424 4728 srv - ok
17:14:48.0438 4728 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:14:48.0448 4728 srv2 - ok
17:14:48.0456 4728 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:14:48.0464 4728 srvnet - ok
17:14:48.0471 4728 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:14:48.0495 4728 SSDPSRV - ok
17:14:48.0500 4728 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:14:48.0523 4728 SstpSvc - ok
17:14:48.0538 4728 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:14:48.0548 4728 Stereo Service - ok
17:14:48.0551 4728 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:14:48.0558 4728 stexstor - ok
17:14:48.0576 4728 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:14:48.0593 4728 stisvc - ok
17:14:48.0596 4728 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
17:14:48.0603 4728 storflt - ok
17:14:48.0606 4728 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
17:14:48.0613 4728 StorSvc - ok
17:14:48.0617 4728 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
17:14:48.0624 4728 storvsc - ok
17:14:48.0626 4728 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:14:48.0633 4728 swenum - ok
17:14:48.0650 4728 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:14:48.0661 4728 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
17:14:48.0661 4728 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
17:14:48.0679 4728 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:14:48.0707 4728 swprv - ok
17:14:48.0780 4728 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:14:48.0815 4728 SysMain - ok
17:14:48.0839 4728 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:14:48.0850 4728 TabletInputService - ok
17:14:48.0862 4728 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:14:48.0886 4728 TapiSrv - ok
17:14:48.0891 4728 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:14:48.0914 4728 TBS - ok
17:14:48.0991 4728 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:14:49.0028 4728 Tcpip - ok
17:14:49.0133 4728 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:14:49.0171 4728 TCPIP6 - ok
17:14:49.0196 4728 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:14:49.0218 4728 tcpipreg - ok
17:14:49.0222 4728 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:14:49.0229 4728 TDPIPE - ok
17:14:49.0232 4728 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:14:49.0238 4728 TDTCP - ok
17:14:49.0244 4728 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:14:49.0266 4728 tdx - ok
17:14:49.0270 4728 TEAM (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
17:14:49.0275 4728 TEAM - ok
17:14:49.0279 4728 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:14:49.0286 4728 TermDD - ok
17:14:49.0308 4728 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:14:49.0337 4728 TermService - ok
17:14:49.0341 4728 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:14:49.0351 4728 Themes - ok
17:14:49.0356 4728 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:14:49.0378 4728 THREADORDER - ok
17:14:49.0383 4728 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:14:49.0406 4728 TrkWks - ok
17:14:49.0414 4728 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:14:49.0436 4728 TrustedInstaller - ok
17:14:49.0441 4728 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:14:49.0462 4728 tssecsrv - ok
17:14:49.0467 4728 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:14:49.0474 4728 TsUsbFlt - ok
17:14:49.0480 4728 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:14:49.0502 4728 tunnel - ok
17:14:49.0506 4728 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:14:49.0513 4728 uagp35 - ok
17:14:49.0525 4728 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:14:49.0549 4728 udfs - ok
17:14:49.0555 4728 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:14:49.0564 4728 UI0Detect - ok
17:14:49.0568 4728 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:14:49.0575 4728 uliagpkx - ok
17:14:49.0579 4728 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:14:49.0586 4728 umbus - ok
17:14:49.0588 4728 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:14:49.0595 4728 UmPass - ok
17:14:49.0603 4728 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
17:14:49.0612 4728 UmRdpService - ok
17:14:49.0625 4728 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:14:49.0651 4728 upnphost - ok
17:14:49.0658 4728 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
17:14:49.0664 4728 USBAAPL64 - ok
17:14:49.0670 4728 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:14:49.0677 4728 usbccgp - ok
17:14:49.0682 4728 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:14:49.0692 4728 usbcir - ok
17:14:49.0695 4728 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:14:49.0702 4728 usbehci - ok
17:14:49.0714 4728 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:14:49.0724 4728 usbhub - ok
17:14:49.0727 4728 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:14:49.0734 4728 usbohci - ok
17:14:49.0736 4728 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:14:49.0745 4728 usbprint - ok
17:14:49.0750 4728 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:14:49.0758 4728 USBSTOR - ok
17:14:49.0761 4728 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:14:49.0769 4728 usbuhci - ok
17:14:49.0772 4728 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:14:49.0794 4728 UxSms - ok
17:14:49.0797 4728 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:49.0804 4728 VaultSvc - ok
17:14:49.0807 4728 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:14:49.0814 4728 vdrvroot - ok
17:14:49.0833 4728 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:14:49.0861 4728 vds - ok
17:14:49.0865 4728 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:14:49.0873 4728 vga - ok
17:14:49.0877 4728 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:14:49.0899 4728 VgaSave - ok
17:14:49.0907 4728 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:14:49.0916 4728 vhdmp - ok
17:14:49.0919 4728 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:14:49.0925 4728 viaide - ok
17:14:49.0928 4728 VLAN (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVLAN60.sys
17:14:49.0933 4728 VLAN - ok
17:14:49.0942 4728 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
17:14:49.0950 4728 vmbus - ok
17:14:49.0953 4728 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
17:14:49.0960 4728 VMBusHID - ok
17:14:49.0964 4728 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:14:49.0971 4728 volmgr - ok
17:14:49.0984 4728 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:14:49.0995 4728 volmgrx - ok
17:14:50.0006 4728 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:14:50.0016 4728 volsnap - ok
17:14:50.0022 4728 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:14:50.0031 4728 vsmraid - ok
17:14:50.0099 4728 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:14:50.0185 4728 VSS - ok
17:14:50.0209 4728 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:14:50.0217 4728 vwifibus - ok
17:14:50.0230 4728 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:14:50.0255 4728 W32Time - ok
17:14:50.0260 4728 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:14:50.0267 4728 WacomPen - ok
17:14:50.0272 4728 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:14:50.0294 4728 WANARP - ok
17:14:50.0296 4728 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:14:50.0318 4728 Wanarpv6 - ok
17:14:50.0361 4728 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:14:50.0383 4728 WatAdminSvc - ok
17:14:50.0445 4728 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:14:50.0517 4728 wbengine - ok
17:14:50.0546 4728 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:14:50.0563 4728 WbioSrvc - ok
17:14:50.0577 4728 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:14:50.0592 4728 wcncsvc - ok
17:14:50.0595 4728 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:14:50.0603 4728 WcsPlugInService - ok
17:14:50.0608 4728 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:14:50.0615 4728 Wd - ok
17:14:50.0637 4728 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:14:50.0651 4728 Wdf01000 - ok
17:14:50.0656 4728 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:14:50.0678 4728 WdiServiceHost - ok
17:14:50.0680 4728 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:14:50.0691 4728 WdiSystemHost - ok
17:14:50.0701 4728 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:14:50.0713 4728 WebClient - ok
17:14:50.0723 4728 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:14:50.0747 4728 Wecsvc - ok
17:14:50.0752 4728 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:14:50.0776 4728 wercplsupport - ok
17:14:50.0781 4728 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:14:50.0804 4728 WerSvc - ok
17:14:50.0809 4728 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:14:50.0831 4728 WfpLwf - ok
17:14:50.0834 4728 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:14:50.0840 4728 WIMMount - ok
17:14:50.0842 4728 WinDefend - ok
17:14:50.0847 4728 WinHttpAutoProxySvc - ok
17:14:50.0859 4728 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:14:50.0883 4728 Winmgmt - ok
17:14:50.0942 4728 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:14:50.0983 4728 WinRM - ok
17:14:51.0010 4728 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:14:51.0019 4728 WinUsb - ok
17:14:51.0048 4728 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:14:51.0066 4728 Wlansvc - ok
17:14:51.0069 4728 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:14:51.0075 4728 WmiAcpi - ok
17:14:51.0087 4728 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:14:51.0096 4728 wmiApSrv - ok
17:14:51.0098 4728 WMPNetworkSvc - ok
17:14:51.0102 4728 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:14:51.0110 4728 WPCSvc - ok
17:14:51.0115 4728 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:14:51.0125 4728 WPDBusEnum - ok
17:14:51.0128 4728 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:14:51.0149 4728 ws2ifsl - ok
17:14:51.0155 4728 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
17:14:51.0166 4728 wscsvc - ok
17:14:51.0168 4728 WSearch - ok
17:14:51.0270 4728 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:14:51.0332 4728 wuauserv - ok
17:14:51.0357 4728 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:14:51.0380 4728 WudfPf - ok
17:14:51.0387 4728 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:14:51.0409 4728 WUDFRd - ok
17:14:51.0414 4728 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:14:51.0435 4728 wudfsvc - ok
17:14:51.0445 4728 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:14:51.0457 4728 WwanSvc - ok
17:14:51.0465 4728 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
17:14:51.0596 4728 \Device\Harddisk2\DR2 - ok
17:14:52.0072 4728 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:14:52.0165 4728 \Device\Harddisk0\DR0 - ok
17:14:52.0171 4728 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk1\DR1
17:14:52.0201 4728 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
17:14:52.0201 4728 \Device\Harddisk1\DR1 - detected TDSS File System (1)
17:14:52.0208 4728 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
17:14:52.0280 4728 \Device\Harddisk3\DR3 - ok
17:14:52.0287 4728 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR5
17:14:52.0440 4728 \Device\Harddisk4\DR5 - ok
17:14:52.0447 4728 Boot (0x1200) (0d73b2af4ecc292ce8e6c047e8b15d90) \Device\Harddisk2\DR2\Partition0
17:14:52.0450 4728 \Device\Harddisk2\DR2\Partition0 - ok
17:14:52.0458 4728 Boot (0x1200) (d24332b2d8897728f512deb0076e707c) \Device\Harddisk2\DR2\Partition1
17:14:52.0461 4728 \Device\Harddisk2\DR2\Partition1 - ok
17:14:52.0469 4728 Boot (0x1200) (c5c35e74f15558173a239b3b66521b3b) \Device\Harddisk2\DR2\Partition2
17:14:52.0472 4728 \Device\Harddisk2\DR2\Partition2 - ok
17:14:52.0479 4728 Boot (0x1200) (9a612828ccaff8f4176a0ee72f68167d) \Device\Harddisk0\DR0\Partition0
17:14:52.0482 4728 \Device\Harddisk0\DR0\Partition0 - ok
17:14:52.0489 4728 Boot (0x1200) (9a23352c3f96ac06b162c402a277d079) \Device\Harddisk1\DR1\Partition0
17:14:52.0493 4728 \Device\Harddisk1\DR1\Partition0 - ok
17:14:52.0501 4728 Boot (0x1200) (6437db7024f5cdba5c5f8d5140089dab) \Device\Harddisk3\DR3\Partition0
17:14:52.0504 4728 \Device\Harddisk3\DR3\Partition0 - ok
17:14:52.0512 4728 Boot (0x1200) (a586c8f341b52f2fea6645cc991749f6) \Device\Harddisk4\DR5\Partition0
17:14:52.0514 4728 \Device\Harddisk4\DR5\Partition0 - ok
17:14:52.0517 4728 ============================================================
17:14:52.0517 4728 Scan finished
17:14:52.0517 4728 ============================================================
17:14:52.0534 4160 Detected object count: 4
17:14:52.0534 4160 Actual detected object count: 4
17:15:18.0967 4160 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:18.0967 4160 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:18.0970 4160 SDLService ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:18.0971 4160 SDLService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:18.0974 4160 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:18.0974 4160 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:18.0978 4160 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
17:15:18.0978 4160 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
Gruß Stefan |
|
19.07.2012, 23:37
| #25 |
| /// Malware-holic | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien ja, lasse es trotzdem sperren. ich hatte das log schon gesehen, war vllt missverständlich ausgedrückt 17:15:18.0978 4160 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip eigendlich müsste kaspersky für das hier ein cure anbieten da ist dass rootkit befor du fragst, das kann man nicht mit den bisherigen logs erkennen, sondern nur über den tdss killer. :-) wir entfernen das noch, dann muss aber neu aufgesetzt werden. lade hitmanpro: http://www.trojaner-board.de/99424-c...o-scannen.html settings, license, activate test license dann scan, funde entfernen lassen, am ende das log als xml exportieren und posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
20.07.2012, 11:48
| #26 |
| | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien Hallo Markus, hier ist das hitmanlog. Anschließend habe ich nochmal den TDSS-Killer laufen lassen mit dem gleichen Ergebnis wie vorher. Code:
ATTFilter - <Log computer="STEFFI-PC" scan="Normal" version="3.6.0.160" date="2012-07-20T12:29:02" timeSpentInSecs="173" filesProcessed="21267">
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:2o7.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.360yield.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.ad-srv.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.adc-serv.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.adserver01.de" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.beepworld.de" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.yieldmanager.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.zanox.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:adbrite.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.creative-serving.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.immobilienscout24.de" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.intergi.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.pubmatic.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.quartermedia.de" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:adtech.de" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:advertising.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:adviva.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:aka-cdn-ns.adtech.de" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:apmebf.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:atdmt.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:bs.serving-sys.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:casalemedia.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:collective-media.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:doubleclick.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:eas.apm.emediate.eu" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:fastclick.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:interclick.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:invitemedia.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:media6degrees.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:mediaplex.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:nikonmypicturetown.122.2o7.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:questionmarket.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:revsci.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ru4.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:serving-sys.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:smartadserver.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:specificclick.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:statse.webtrendslive.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:track.adform.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:tradedoubler.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:tribalfusion.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:tvtv.122.2o7.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:wolverineworldwide.112.2o7.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:www.etracker.de" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:www.googleadservices.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:xiti.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:yadro.ru" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:yieldmanager.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:zedo.com" />
</Item>
</Log>
Code:
ATTFilter 12:34:04.0967 4380 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
12:34:05.0210 4380 ============================================================
12:34:05.0210 4380 Current date / time: 2012/07/20 12:34:05.0210
12:34:05.0210 4380 SystemInfo:
12:34:05.0210 4380
12:34:05.0210 4380 OS Version: 6.1.7601 ServicePack: 1.0
12:34:05.0210 4380 Product type: Workstation
12:34:05.0210 4380 ComputerName: STEFFI-PC
12:34:05.0210 4380 UserName: Steffi
12:34:05.0210 4380 Windows directory: C:\Windows
12:34:05.0210 4380 System windows directory: C:\Windows
12:34:05.0210 4380 Running under WOW64
12:34:05.0210 4380 Processor architecture: Intel x64
12:34:05.0210 4380 Number of processors: 4
12:34:05.0210 4380 Page size: 0x1000
12:34:05.0210 4380 Boot type: Normal boot
12:34:05.0210 4380 ============================================================
12:34:05.0374 4380 Drive \Device\Harddisk2\DR2 - Size: 0x1BF31C0000 (111.80 Gb), SectorSize: 0x200, Cylinders: 0x3902, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
12:34:05.0835 4380 Drive \Device\Harddisk0\DR0 - Size: 0x950AC4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13000, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:34:05.0853 4380 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:34:05.0855 4380 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:34:05.0868 4380 Drive \Device\Harddisk4\DR4 - Size: 0x3BA815A00 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:34:05.0869 4380 ============================================================
12:34:05.0869 4380 \Device\Harddisk2\DR2:
12:34:05.0869 4380 MBR partitions:
12:34:05.0869 4380 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:34:05.0869 4380 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6175800
12:34:05.0869 4380 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x61A8000, BlocksNum 0x7DEF800
12:34:05.0869 4380 \Device\Harddisk0\DR0:
12:34:05.0869 4380 MBR partitions:
12:34:05.0869 4380 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856231
12:34:05.0870 4380 \Device\Harddisk1\DR1:
12:34:05.0870 4380 MBR partitions:
12:34:05.0870 4380 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18000
12:34:05.0870 4380 \Device\Harddisk3\DR3:
12:34:05.0870 4380 MBR partitions:
12:34:05.0870 4380 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:34:05.0870 4380 \Device\Harddisk4\DR4:
12:34:05.0870 4380 MBR partitions:
12:34:05.0870 4380 \Device\Harddisk4\DR4\Partition0: MBR, Type 0xC, StartLBA 0xCC, BlocksNum 0x1DD3FE4
12:34:05.0870 4380 ============================================================
12:34:05.0871 4380 C: <-> \Device\Harddisk2\DR2\Partition1
12:34:05.0872 4380 D: <-> \Device\Harddisk2\DR2\Partition2
12:34:05.0873 4380 I: <-> \Device\Harddisk3\DR3\Partition0
12:34:05.0882 4380 F: <-> \Device\Harddisk0\DR0\Partition0
12:34:05.0883 4380 S: <-> \Device\Harddisk1\DR1\Partition0
12:34:05.0884 4380 G: <-> \Device\Harddisk4\DR4\Partition0
12:34:05.0884 4380 ============================================================
12:34:05.0884 4380 Initialize success
12:34:05.0884 4380 ============================================================
12:35:13.0056 1196 ============================================================
12:35:13.0056 1196 Scan started
12:35:13.0056 1196 Mode: Manual; SigCheck; TDLFS;
12:35:13.0056 1196 ============================================================
12:35:13.0181 1196 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:35:13.0243 1196 1394ohci - ok
12:35:13.0243 1196 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:35:13.0259 1196 ACPI - ok
12:35:13.0259 1196 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:35:13.0274 1196 AcpiPmi - ok
12:35:13.0305 1196 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:35:13.0305 1196 AdobeFlashPlayerUpdateSvc - ok
12:35:13.0321 1196 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:35:13.0337 1196 adp94xx - ok
12:35:13.0352 1196 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:35:13.0352 1196 adpahci - ok
12:35:13.0368 1196 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:35:13.0368 1196 adpu320 - ok
12:35:13.0383 1196 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:35:13.0430 1196 AeLookupSvc - ok
12:35:13.0446 1196 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:35:13.0446 1196 AFD - ok
12:35:13.0461 1196 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:35:13.0461 1196 agp440 - ok
12:35:13.0461 1196 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:35:13.0477 1196 ALG - ok
12:35:13.0477 1196 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:35:13.0477 1196 aliide - ok
12:35:13.0477 1196 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:35:13.0493 1196 amdide - ok
12:35:13.0493 1196 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:35:13.0508 1196 AmdK8 - ok
12:35:13.0508 1196 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:35:13.0508 1196 AmdPPM - ok
12:35:13.0524 1196 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:35:13.0524 1196 amdsata - ok
12:35:13.0524 1196 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:35:13.0539 1196 amdsbs - ok
12:35:13.0539 1196 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:35:13.0555 1196 amdxata - ok
12:35:13.0555 1196 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:35:13.0602 1196 AppID - ok
12:35:13.0602 1196 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:35:13.0617 1196 AppIDSvc - ok
12:35:13.0633 1196 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:35:13.0649 1196 Appinfo - ok
12:35:13.0649 1196 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:35:13.0664 1196 Apple Mobile Device - ok
12:35:13.0664 1196 AppleCharger (ba957e7acd2b44fa3b01faa64f6a9060) C:\Windows\system32\DRIVERS\AppleCharger.sys
12:35:13.0680 1196 AppleCharger - ok
12:35:13.0680 1196 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
12:35:13.0680 1196 AppleChargerSrv - ok
12:35:13.0695 1196 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
12:35:13.0695 1196 AppMgmt - ok
12:35:13.0711 1196 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:35:13.0711 1196 arc - ok
12:35:13.0711 1196 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:35:13.0727 1196 arcsas - ok
12:35:13.0727 1196 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:35:13.0742 1196 AsyncMac - ok
12:35:13.0758 1196 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:35:13.0758 1196 atapi - ok
12:35:13.0773 1196 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:35:13.0805 1196 AudioEndpointBuilder - ok
12:35:13.0805 1196 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:35:13.0836 1196 AudioSrv - ok
12:35:13.0836 1196 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:35:13.0851 1196 AxInstSV - ok
12:35:13.0867 1196 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:35:13.0883 1196 b06bdrv - ok
12:35:13.0898 1196 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:35:13.0898 1196 b57nd60a - ok
12:35:13.0914 1196 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:35:13.0914 1196 BDESVC - ok
12:35:13.0914 1196 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:35:13.0945 1196 Beep - ok
12:35:13.0961 1196 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:35:13.0992 1196 BFE - ok
12:35:14.0023 1196 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
12:35:14.0039 1196 BITS - ok
12:35:14.0054 1196 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:35:14.0054 1196 blbdrive - ok
12:35:14.0070 1196 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:35:14.0085 1196 Bonjour Service - ok
12:35:14.0085 1196 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:35:14.0085 1196 bowser - ok
12:35:14.0101 1196 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:35:14.0117 1196 BrFiltLo - ok
12:35:14.0117 1196 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:35:14.0117 1196 BrFiltUp - ok
12:35:14.0132 1196 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:35:14.0148 1196 Bridge - ok
12:35:14.0148 1196 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:35:14.0163 1196 BridgeMP - ok
12:35:14.0179 1196 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:35:14.0195 1196 Browser - ok
12:35:14.0210 1196 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:35:14.0210 1196 Brserid - ok
12:35:14.0226 1196 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:35:14.0226 1196 BrSerWdm - ok
12:35:14.0226 1196 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:35:14.0241 1196 BrUsbMdm - ok
12:35:14.0241 1196 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:35:14.0241 1196 BrUsbSer - ok
12:35:14.0257 1196 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:35:14.0257 1196 BTHMODEM - ok
12:35:14.0273 1196 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:35:14.0288 1196 bthserv - ok
12:35:14.0288 1196 catchme - ok
12:35:14.0304 1196 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:35:14.0319 1196 cdfs - ok
12:35:14.0319 1196 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:35:14.0335 1196 cdrom - ok
12:35:14.0335 1196 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:35:14.0351 1196 CertPropSvc - ok
12:35:14.0366 1196 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:35:14.0366 1196 circlass - ok
12:35:14.0382 1196 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:35:14.0397 1196 CLFS - ok
12:35:14.0397 1196 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:35:14.0413 1196 clr_optimization_v2.0.50727_32 - ok
12:35:14.0413 1196 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:35:14.0413 1196 clr_optimization_v2.0.50727_64 - ok
12:35:14.0429 1196 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:35:14.0429 1196 clr_optimization_v4.0.30319_32 - ok
12:35:14.0444 1196 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:35:14.0444 1196 clr_optimization_v4.0.30319_64 - ok
12:35:14.0444 1196 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:35:14.0460 1196 CmBatt - ok
12:35:14.0460 1196 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:35:14.0460 1196 cmdide - ok
12:35:14.0475 1196 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:35:14.0491 1196 CNG - ok
12:35:14.0507 1196 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:35:14.0507 1196 Compbatt - ok
12:35:14.0507 1196 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:35:14.0522 1196 CompositeBus - ok
12:35:14.0522 1196 COMSysApp - ok
12:35:14.0522 1196 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
12:35:14.0522 1196 cpuz135 - ok
12:35:14.0538 1196 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:35:14.0538 1196 crcdisk - ok
12:35:14.0538 1196 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
12:35:14.0553 1196 CryptSvc - ok
12:35:14.0569 1196 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
12:35:14.0585 1196 CSC - ok
12:35:14.0600 1196 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
12:35:14.0616 1196 CscService - ok
12:35:14.0631 1196 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:35:14.0663 1196 DcomLaunch - ok
12:35:14.0678 1196 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:35:14.0694 1196 defragsvc - ok
12:35:14.0709 1196 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:35:14.0725 1196 DfsC - ok
12:35:14.0741 1196 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:35:14.0756 1196 Dhcp - ok
12:35:14.0756 1196 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:35:14.0787 1196 discache - ok
12:35:14.0787 1196 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:35:14.0787 1196 Disk - ok
12:35:14.0803 1196 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:35:14.0803 1196 Dnscache - ok
12:35:14.0819 1196 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:35:14.0850 1196 dot3svc - ok
12:35:14.0850 1196 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:35:14.0865 1196 DPS - ok
12:35:14.0881 1196 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:35:14.0881 1196 drmkaud - ok
12:35:14.0912 1196 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:35:14.0928 1196 DXGKrnl - ok
12:35:14.0943 1196 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:35:14.0959 1196 EapHost - ok
12:35:15.0053 1196 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:35:15.0099 1196 ebdrv - ok
12:35:15.0131 1196 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:35:15.0131 1196 EFS - ok
12:35:15.0146 1196 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:35:15.0162 1196 ehRecvr - ok
12:35:15.0177 1196 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:35:15.0177 1196 ehSched - ok
12:35:15.0193 1196 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:35:15.0209 1196 elxstor - ok
12:35:15.0209 1196 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:35:15.0224 1196 ErrDev - ok
12:35:15.0224 1196 ES lite Service (b8fa96995726d1fa58476e352c02ad82) C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
12:35:15.0224 1196 ES lite Service - ok
12:35:15.0240 1196 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:35:15.0271 1196 EventSystem - ok
12:35:15.0287 1196 ewusbmbb (334c907536e815e56cd13108a6d5fb9d) C:\Windows\system32\DRIVERS\ewusbwwan.sys
12:35:15.0287 1196 ewusbmbb - ok
12:35:15.0302 1196 ewusbnet - ok
12:35:15.0302 1196 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
12:35:15.0318 1196 ew_hwusbdev - ok
12:35:15.0318 1196 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:35:15.0349 1196 exfat - ok
12:35:15.0349 1196 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:35:15.0380 1196 fastfat - ok
12:35:15.0396 1196 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:35:15.0411 1196 Fax - ok
12:35:15.0411 1196 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:35:15.0411 1196 fdc - ok
12:35:15.0427 1196 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:35:15.0443 1196 fdPHost - ok
12:35:15.0443 1196 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:35:15.0458 1196 FDResPub - ok
12:35:15.0474 1196 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:35:15.0474 1196 FileInfo - ok
12:35:15.0474 1196 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:35:15.0505 1196 Filetrace - ok
12:35:15.0505 1196 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:35:15.0505 1196 flpydisk - ok
12:35:15.0521 1196 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:35:15.0536 1196 FltMgr - ok
12:35:15.0567 1196 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:35:15.0583 1196 FontCache - ok
12:35:15.0583 1196 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:35:15.0599 1196 FontCache3.0.0.0 - ok
12:35:15.0599 1196 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:35:15.0599 1196 FsDepends - ok
12:35:15.0599 1196 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:35:15.0614 1196 Fs_Rec - ok
12:35:15.0614 1196 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:35:15.0630 1196 fvevol - ok
12:35:15.0630 1196 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:35:15.0645 1196 gagp30kx - ok
12:35:15.0645 1196 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
12:35:15.0645 1196 gdrv - ok
12:35:15.0661 1196 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:35:15.0661 1196 GEARAspiWDM - ok
12:35:15.0677 1196 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:35:15.0708 1196 gpsvc - ok
12:35:15.0723 1196 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:35:15.0723 1196 gupdate - ok
12:35:15.0723 1196 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:35:15.0739 1196 gupdatem - ok
12:35:15.0739 1196 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:35:15.0739 1196 hcw85cir - ok
12:35:15.0755 1196 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:35:15.0770 1196 HdAudAddService - ok
12:35:15.0770 1196 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:35:15.0786 1196 HDAudBus - ok
12:35:15.0786 1196 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:35:15.0786 1196 HidBatt - ok
12:35:15.0801 1196 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:35:15.0801 1196 HidBth - ok
12:35:15.0801 1196 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:35:15.0817 1196 HidIr - ok
12:35:15.0817 1196 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:35:15.0833 1196 hidserv - ok
12:35:15.0848 1196 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:35:15.0848 1196 HidUsb - ok
12:35:15.0848 1196 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:35:15.0879 1196 hkmsvc - ok
12:35:15.0879 1196 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:35:15.0895 1196 HomeGroupListener - ok
12:35:15.0895 1196 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:35:15.0911 1196 HomeGroupProvider - ok
12:35:15.0911 1196 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:35:15.0926 1196 HpSAMD - ok
12:35:15.0942 1196 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:35:15.0973 1196 HTTP - ok
12:35:15.0973 1196 huawei_enumerator (1642c62f1fd5e1ff44608283994a7bb8) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
12:35:15.0989 1196 huawei_enumerator - ok
12:35:16.0004 1196 hwdatacard (04d1de1e8ace40ca396502c90524e945) C:\Windows\system32\DRIVERS\ewusbmdm.sys
12:35:16.0004 1196 hwdatacard - ok
12:35:16.0004 1196 HWDeviceService64.exe - ok
12:35:16.0020 1196 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:35:16.0020 1196 hwpolicy - ok
12:35:16.0020 1196 hwusbdev - ok
12:35:16.0035 1196 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:35:16.0035 1196 i8042prt - ok
12:35:16.0051 1196 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:35:16.0067 1196 iaStorV - ok
12:35:16.0067 1196 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:35:16.0067 1196 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:35:16.0067 1196 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:35:16.0098 1196 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:35:16.0113 1196 idsvc - ok
12:35:16.0129 1196 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:35:16.0145 1196 iirsp - ok
12:35:16.0176 1196 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:35:16.0191 1196 IKEEXT - ok
12:35:16.0301 1196 IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys
12:35:16.0332 1196 IntcAzAudAddService - ok
12:35:16.0363 1196 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:35:16.0363 1196 intelide - ok
12:35:16.0363 1196 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:35:16.0379 1196 intelppm - ok
12:35:16.0379 1196 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:35:16.0394 1196 IPBusEnum - ok
12:35:16.0410 1196 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:35:16.0425 1196 IpFilterDriver - ok
12:35:16.0441 1196 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:35:16.0472 1196 iphlpsvc - ok
12:35:16.0472 1196 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:35:16.0488 1196 IPMIDRV - ok
12:35:16.0488 1196 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:35:16.0503 1196 IPNAT - ok
12:35:16.0535 1196 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
12:35:16.0550 1196 iPod Service - ok
12:35:16.0550 1196 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:35:16.0566 1196 IRENUM - ok
12:35:16.0566 1196 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:35:16.0566 1196 isapnp - ok
12:35:16.0581 1196 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:35:16.0597 1196 iScsiPrt - ok
12:35:16.0597 1196 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:35:16.0597 1196 kbdclass - ok
12:35:16.0597 1196 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:35:16.0613 1196 kbdhid - ok
12:35:16.0613 1196 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:16.0613 1196 KeyIso - ok
12:35:16.0628 1196 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:35:16.0628 1196 KSecDD - ok
12:35:16.0644 1196 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:35:16.0644 1196 KSecPkg - ok
12:35:16.0644 1196 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:35:16.0675 1196 ksthunk - ok
12:35:16.0675 1196 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:35:16.0706 1196 KtmRm - ok
12:35:16.0706 1196 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
12:35:16.0737 1196 LanmanServer - ok
12:35:16.0737 1196 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:35:16.0769 1196 LanmanWorkstation - ok
12:35:16.0769 1196 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:35:16.0784 1196 lltdio - ok
12:35:16.0800 1196 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:35:16.0831 1196 lltdsvc - ok
12:35:16.0831 1196 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:35:16.0847 1196 lmhosts - ok
12:35:16.0862 1196 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:35:16.0862 1196 LSI_FC - ok
12:35:16.0862 1196 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:35:16.0878 1196 LSI_SAS - ok
12:35:16.0878 1196 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:35:16.0893 1196 LSI_SAS2 - ok
12:35:16.0893 1196 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:35:16.0893 1196 LSI_SCSI - ok
12:35:16.0909 1196 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:35:16.0925 1196 luafv - ok
12:35:16.0925 1196 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
12:35:16.0940 1196 MBAMProtector - ok
12:35:16.0956 1196 MBAMService (43683e970f008c93c9429ef428147a54) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
12:35:16.0971 1196 MBAMService - ok
12:35:16.0971 1196 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:35:16.0987 1196 Mcx2Svc - ok
12:35:16.0987 1196 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:35:17.0003 1196 megasas - ok
12:35:17.0003 1196 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:35:17.0018 1196 MegaSR - ok
12:35:17.0018 1196 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:35:17.0034 1196 MMCSS - ok
12:35:17.0049 1196 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:35:17.0065 1196 Modem - ok
12:35:17.0065 1196 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:35:17.0081 1196 monitor - ok
12:35:17.0081 1196 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
12:35:17.0081 1196 mouclass - ok
12:35:17.0096 1196 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:35:17.0096 1196 mouhid - ok
12:35:17.0096 1196 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:35:17.0112 1196 mountmgr - ok
12:35:17.0112 1196 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:35:17.0127 1196 mpio - ok
12:35:17.0127 1196 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:35:17.0143 1196 mpsdrv - ok
12:35:17.0174 1196 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:35:17.0205 1196 MpsSvc - ok
12:35:17.0205 1196 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:35:17.0221 1196 MRxDAV - ok
12:35:17.0221 1196 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:35:17.0237 1196 mrxsmb - ok
12:35:17.0252 1196 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:35:17.0252 1196 mrxsmb10 - ok
12:35:17.0268 1196 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:35:17.0268 1196 mrxsmb20 - ok
12:35:17.0268 1196 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:35:17.0283 1196 msahci - ok
12:35:17.0283 1196 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:35:17.0283 1196 msdsm - ok
12:35:17.0299 1196 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:35:17.0299 1196 MSDTC - ok
12:35:17.0315 1196 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:35:17.0330 1196 Msfs - ok
12:35:17.0330 1196 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:35:17.0361 1196 mshidkmdf - ok
12:35:17.0361 1196 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:35:17.0361 1196 msisadrv - ok
12:35:17.0377 1196 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:35:17.0393 1196 MSiSCSI - ok
12:35:17.0393 1196 msiserver - ok
12:35:17.0393 1196 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:35:17.0424 1196 MSKSSRV - ok
12:35:17.0424 1196 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:35:17.0439 1196 MSPCLOCK - ok
12:35:17.0439 1196 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:35:17.0471 1196 MSPQM - ok
12:35:17.0486 1196 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:35:17.0486 1196 MsRPC - ok
12:35:17.0486 1196 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:35:17.0502 1196 mssmbios - ok
12:35:17.0502 1196 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:35:17.0517 1196 MSTEE - ok
12:35:17.0517 1196 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:35:17.0533 1196 MTConfig - ok
12:35:17.0533 1196 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:35:17.0549 1196 Mup - ok
12:35:17.0564 1196 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:35:17.0580 1196 napagent - ok
12:35:17.0595 1196 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:35:17.0611 1196 NativeWifiP - ok
12:35:17.0642 1196 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:35:17.0658 1196 NDIS - ok
12:35:17.0658 1196 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:35:17.0689 1196 NdisCap - ok
12:35:17.0689 1196 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:35:17.0705 1196 NdisTapi - ok
12:35:17.0705 1196 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:35:17.0736 1196 Ndisuio - ok
12:35:17.0736 1196 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:35:17.0751 1196 NdisWan - ok
12:35:17.0767 1196 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:35:17.0783 1196 NDProxy - ok
12:35:17.0783 1196 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:35:17.0814 1196 NetBIOS - ok
12:35:17.0814 1196 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:35:17.0845 1196 NetBT - ok
12:35:17.0845 1196 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:17.0845 1196 Netlogon - ok
12:35:17.0861 1196 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:35:17.0892 1196 Netman - ok
12:35:17.0892 1196 NetMsmqActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:17.0907 1196 NetMsmqActivator - ok
12:35:17.0907 1196 NetPipeActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:17.0907 1196 NetPipeActivator - ok
12:35:17.0923 1196 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:35:17.0954 1196 netprofm - ok
12:35:17.0954 1196 NetTcpActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:17.0954 1196 NetTcpActivator - ok
12:35:17.0954 1196 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:17.0970 1196 NetTcpPortSharing - ok
12:35:17.0970 1196 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:35:17.0970 1196 nfrd960 - ok
12:35:17.0985 1196 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:35:18.0017 1196 NlaSvc - ok
12:35:18.0017 1196 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:35:18.0032 1196 Npfs - ok
12:35:18.0032 1196 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:35:18.0063 1196 nsi - ok
12:35:18.0063 1196 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:35:18.0079 1196 nsiproxy - ok
12:35:18.0157 1196 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:35:18.0204 1196 Ntfs - ok
12:35:18.0235 1196 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:35:18.0251 1196 Null - ok
12:35:18.0251 1196 nusb3hub (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys
12:35:18.0266 1196 nusb3hub - ok
12:35:18.0266 1196 nusb3xhc (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:35:18.0282 1196 nusb3xhc - ok
12:35:18.0282 1196 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
12:35:18.0282 1196 NVHDA - ok
12:35:18.0812 1196 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:35:18.0953 1196 nvlddmkm - ok
12:35:18.0984 1196 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:35:18.0984 1196 nvraid - ok
12:35:18.0999 1196 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:35:18.0999 1196 nvstor - ok
12:35:19.0031 1196 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
12:35:19.0046 1196 nvsvc - ok
12:35:19.0140 1196 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:35:19.0171 1196 nvUpdatusService - ok
12:35:19.0202 1196 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:35:19.0202 1196 nv_agp - ok
12:35:19.0202 1196 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:35:19.0218 1196 ohci1394 - ok
12:35:19.0218 1196 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:35:19.0233 1196 ose - ok
12:35:19.0233 1196 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:35:19.0249 1196 p2pimsvc - ok
12:35:19.0265 1196 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:35:19.0280 1196 p2psvc - ok
12:35:19.0280 1196 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:35:19.0280 1196 Parport - ok
12:35:19.0296 1196 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:35:19.0296 1196 partmgr - ok
12:35:19.0311 1196 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:35:19.0311 1196 PcaSvc - ok
12:35:19.0327 1196 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:35:19.0327 1196 pci - ok
12:35:19.0327 1196 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:35:19.0343 1196 pciide - ok
12:35:19.0343 1196 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:35:19.0358 1196 pcmcia - ok
12:35:19.0358 1196 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:35:19.0358 1196 pcw - ok
12:35:19.0374 1196 PdiPorts (25fd4d8109114266a610fd1088bfd522) C:\Windows\system32\DRIVERS\PdiPorts.sys
12:35:19.0374 1196 PdiPorts - ok
12:35:19.0374 1196 PdiService (fed28c565de5f73b7c5b32841229e496) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
12:35:19.0389 1196 PdiService - ok
12:35:19.0405 1196 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:35:19.0436 1196 PEAUTH - ok
12:35:19.0499 1196 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
12:35:19.0530 1196 PeerDistSvc - ok
12:35:19.0545 1196 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:35:19.0545 1196 PerfHost - ok
12:35:19.0639 1196 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:35:19.0686 1196 pla - ok
12:35:19.0701 1196 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:35:19.0701 1196 PlugPlay - ok
12:35:19.0717 1196 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:35:19.0717 1196 PNRPAutoReg - ok
12:35:19.0733 1196 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:35:19.0733 1196 PNRPsvc - ok
12:35:19.0748 1196 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:35:19.0779 1196 PolicyAgent - ok
12:35:19.0795 1196 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:35:19.0811 1196 Power - ok
12:35:19.0826 1196 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:35:19.0842 1196 PptpMiniport - ok
12:35:19.0842 1196 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:35:19.0857 1196 Processor - ok
12:35:19.0857 1196 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
12:35:19.0873 1196 ProfSvc - ok
12:35:19.0873 1196 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:19.0873 1196 ProtectedStorage - ok
12:35:19.0889 1196 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:35:19.0904 1196 Psched - ok
12:35:19.0967 1196 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:35:19.0998 1196 ql2300 - ok
12:35:20.0029 1196 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:35:20.0029 1196 ql40xx - ok
12:35:20.0045 1196 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:35:20.0060 1196 QWAVE - ok
12:35:20.0060 1196 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:35:20.0076 1196 QWAVEdrv - ok
12:35:20.0076 1196 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:35:20.0091 1196 RasAcd - ok
12:35:20.0091 1196 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:35:20.0123 1196 RasAgileVpn - ok
12:35:20.0123 1196 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:35:20.0154 1196 RasAuto - ok
12:35:20.0154 1196 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:35:20.0169 1196 Rasl2tp - ok
12:35:20.0185 1196 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:35:20.0216 1196 RasMan - ok
12:35:20.0216 1196 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:35:20.0232 1196 RasPppoe - ok
12:35:20.0247 1196 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:35:20.0263 1196 RasSstp - ok
12:35:20.0279 1196 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:35:20.0294 1196 rdbss - ok
12:35:20.0294 1196 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:35:20.0310 1196 rdpbus - ok
12:35:20.0310 1196 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:35:20.0325 1196 RDPCDD - ok
12:35:20.0341 1196 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
12:35:20.0357 1196 RDPDR - ok
12:35:20.0357 1196 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:35:20.0372 1196 RDPENCDD - ok
12:35:20.0372 1196 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:35:20.0403 1196 RDPREFMP - ok
12:35:20.0403 1196 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
12:35:20.0419 1196 RDPWD - ok
12:35:20.0419 1196 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:35:20.0435 1196 rdyboost - ok
12:35:20.0435 1196 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:35:20.0450 1196 RemoteAccess - ok
12:35:20.0466 1196 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:35:20.0481 1196 RemoteRegistry - ok
12:35:20.0497 1196 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:35:20.0513 1196 RpcEptMapper - ok
12:35:20.0513 1196 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:35:20.0528 1196 RpcLocator - ok
12:35:20.0544 1196 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:35:20.0559 1196 RpcSs - ok
12:35:20.0575 1196 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:35:20.0591 1196 rspndr - ok
12:35:20.0591 1196 rtkio (5dc26837e5af8244233f78cb9c3ac988) C:\Program Files (x86)\Realtek\Smart Dual Lan\rtkio.sys
12:35:20.0591 1196 rtkio - ok
12:35:20.0606 1196 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:35:20.0622 1196 RTL8167 - ok
12:35:20.0622 1196 RtNdPt60 (2b38c905492f36fe42b59da52d6b4eb7) C:\Windows\system32\DRIVERS\RtNdPt60.sys
12:35:20.0622 1196 RtNdPt60 - ok
12:35:20.0637 1196 RTTEAMPT (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
12:35:20.0637 1196 RTTEAMPT - ok
12:35:20.0637 1196 RTVLANPT (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVlan60.sys
12:35:20.0637 1196 RTVLANPT - ok
12:35:20.0653 1196 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
12:35:20.0653 1196 s3cap - ok
12:35:20.0653 1196 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:20.0653 1196 SamSs - ok
12:35:20.0669 1196 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:35:20.0669 1196 sbp2port - ok
12:35:20.0684 1196 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:35:20.0700 1196 SCardSvr - ok
12:35:20.0700 1196 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:35:20.0731 1196 scfilter - ok
12:35:20.0762 1196 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:35:20.0793 1196 Schedule - ok
12:35:20.0793 1196 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:35:20.0825 1196 SCPolicySvc - ok
12:35:20.0825 1196 SDLService (b0e6ca5d36dc5f0019a73b8aab35c5dc) C:\Program Files (x86)\Realtek\Smart Dual Lan\SDLService.exe
12:35:20.0825 1196 SDLService ( UnsignedFile.Multi.Generic ) - warning
12:35:20.0825 1196 SDLService - detected UnsignedFile.Multi.Generic (1)
12:35:20.0840 1196 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:35:20.0840 1196 SDRSVC - ok
12:35:20.0840 1196 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:35:20.0871 1196 secdrv - ok
12:35:20.0871 1196 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:35:20.0887 1196 seclogon - ok
12:35:20.0903 1196 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:35:20.0918 1196 SENS - ok
12:35:20.0918 1196 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:35:20.0934 1196 SensrSvc - ok
12:35:20.0934 1196 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:35:20.0934 1196 Serenum - ok
12:35:20.0949 1196 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:35:20.0949 1196 Serial - ok
12:35:20.0949 1196 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:35:20.0965 1196 sermouse - ok
12:35:20.0965 1196 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:35:20.0996 1196 SessionEnv - ok
12:35:20.0996 1196 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:35:20.0996 1196 sffdisk - ok
12:35:20.0996 1196 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:35:21.0012 1196 sffp_mmc - ok
12:35:21.0012 1196 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:35:21.0012 1196 sffp_sd - ok
12:35:21.0012 1196 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:35:21.0027 1196 sfloppy - ok
12:35:21.0043 1196 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:35:21.0059 1196 SharedAccess - ok
12:35:21.0074 1196 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:35:21.0105 1196 ShellHWDetection - ok
12:35:21.0105 1196 Si3124r5 (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\DRIVERS\Si3124r5.sys
12:35:21.0121 1196 Si3124r5 - ok
12:35:21.0121 1196 SiFilter (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\DRIVERS\SiWinAcc.sys
12:35:21.0121 1196 SiFilter - ok
12:35:21.0137 1196 SiRemFil (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\DRIVERS\SiRemFil.sys
12:35:21.0137 1196 SiRemFil - ok
12:35:21.0137 1196 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:35:21.0152 1196 SiSRaid2 - ok
12:35:21.0152 1196 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:35:21.0152 1196 SiSRaid4 - ok
12:35:21.0168 1196 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:35:21.0183 1196 Smb - ok
12:35:21.0183 1196 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:35:21.0199 1196 SNMPTRAP - ok
12:35:21.0199 1196 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:35:21.0199 1196 spldr - ok
12:35:21.0230 1196 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:35:21.0246 1196 Spooler - ok
12:35:21.0402 1196 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:35:21.0464 1196 sppsvc - ok
12:35:21.0480 1196 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:35:21.0511 1196 sppuinotify - ok
12:35:21.0527 1196 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:35:21.0542 1196 srv - ok
12:35:21.0558 1196 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:35:21.0558 1196 srv2 - ok
12:35:21.0573 1196 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:35:21.0573 1196 srvnet - ok
12:35:21.0589 1196 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:35:21.0605 1196 SSDPSRV - ok
12:35:21.0605 1196 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:35:21.0636 1196 SstpSvc - ok
12:35:21.0651 1196 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:35:21.0651 1196 Stereo Service - ok
12:35:21.0667 1196 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:35:21.0667 1196 stexstor - ok
12:35:21.0683 1196 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:35:21.0698 1196 stisvc - ok
12:35:21.0698 1196 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
12:35:21.0714 1196 storflt - ok
12:35:21.0714 1196 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
12:35:21.0714 1196 StorSvc - ok
12:35:21.0729 1196 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
12:35:21.0729 1196 storvsc - ok
12:35:21.0729 1196 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:35:21.0745 1196 swenum - ok
12:35:21.0761 1196 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:35:21.0761 1196 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
12:35:21.0761 1196 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
12:35:21.0776 1196 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:35:21.0807 1196 swprv - ok
12:35:21.0885 1196 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:35:21.0932 1196 SysMain - ok
12:35:21.0948 1196 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:35:21.0963 1196 TabletInputService - ok
12:35:21.0963 1196 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:35:21.0995 1196 TapiSrv - ok
12:35:21.0995 1196 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:35:22.0026 1196 TBS - ok
12:35:22.0088 1196 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:35:22.0104 1196 Tcpip - ok
12:35:22.0213 1196 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:35:22.0244 1196 TCPIP6 - ok
12:35:22.0260 1196 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:35:22.0291 1196 tcpipreg - ok
12:35:22.0291 1196 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:35:22.0291 1196 TDPIPE - ok
12:35:22.0307 1196 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:35:22.0307 1196 TDTCP - ok
12:35:22.0307 1196 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:35:22.0338 1196 tdx - ok
12:35:22.0338 1196 TEAM (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
12:35:22.0338 1196 TEAM - ok
12:35:22.0338 1196 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:35:22.0353 1196 TermDD - ok
12:35:22.0369 1196 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:35:22.0400 1196 TermService - ok
12:35:22.0400 1196 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:35:22.0416 1196 Themes - ok
12:35:22.0416 1196 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:35:22.0447 1196 THREADORDER - ok
12:35:22.0447 1196 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:35:22.0463 1196 TrkWks - ok
12:35:22.0478 1196 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:35:22.0494 1196 TrustedInstaller - ok
12:35:22.0509 1196 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:35:22.0525 1196 tssecsrv - ok
12:35:22.0525 1196 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:35:22.0541 1196 TsUsbFlt - ok
12:35:22.0541 1196 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:35:22.0556 1196 tunnel - ok
12:35:22.0572 1196 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:35:22.0572 1196 uagp35 - ok
12:35:22.0587 1196 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:35:22.0603 1196 udfs - ok
12:35:22.0619 1196 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:35:22.0619 1196 UI0Detect - ok
12:35:22.0619 1196 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:35:22.0634 1196 uliagpkx - ok
12:35:22.0634 1196 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:35:22.0650 1196 umbus - ok
12:35:22.0650 1196 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:35:22.0650 1196 UmPass - ok
12:35:22.0665 1196 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
12:35:22.0665 1196 UmRdpService - ok
12:35:22.0681 1196 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:35:22.0712 1196 upnphost - ok
12:35:22.0712 1196 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
12:35:22.0712 1196 USBAAPL64 - ok
12:35:22.0728 1196 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:35:22.0728 1196 usbccgp - ok
12:35:22.0728 1196 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:35:22.0743 1196 usbcir - ok
12:35:22.0743 1196 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:35:22.0759 1196 usbehci - ok
12:35:22.0759 1196 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:35:22.0775 1196 usbhub - ok
12:35:22.0775 1196 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
12:35:22.0790 1196 usbohci - ok
12:35:22.0790 1196 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:35:22.0790 1196 usbprint - ok
12:35:22.0806 1196 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:35:22.0806 1196 USBSTOR - ok
12:35:22.0806 1196 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
12:35:22.0821 1196 usbuhci - ok
12:35:22.0821 1196 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:35:22.0837 1196 UxSms - ok
12:35:22.0837 1196 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:22.0853 1196 VaultSvc - ok
12:35:22.0853 1196 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:35:22.0853 1196 vdrvroot - ok
12:35:22.0884 1196 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:35:22.0899 1196 vds - ok
12:35:22.0915 1196 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:35:22.0915 1196 vga - ok
12:35:22.0915 1196 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:35:22.0946 1196 VgaSave - ok
12:35:22.0946 1196 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:35:22.0962 1196 vhdmp - ok
12:35:22.0962 1196 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:35:22.0962 1196 viaide - ok
12:35:22.0962 1196 VLAN (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVLAN60.sys
12:35:22.0977 1196 VLAN - ok
12:35:22.0977 1196 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
12:35:22.0993 1196 vmbus - ok
12:35:22.0993 1196 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
12:35:22.0993 1196 VMBusHID - ok
12:35:23.0009 1196 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:35:23.0009 1196 volmgr - ok
12:35:23.0024 1196 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:35:23.0024 1196 volmgrx - ok
12:35:23.0040 1196 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:35:23.0055 1196 volsnap - ok
12:35:23.0055 1196 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:35:23.0071 1196 vsmraid - ok
12:35:23.0118 1196 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:35:23.0149 1196 VSS - ok
12:35:23.0180 1196 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
12:35:23.0180 1196 vwifibus - ok
12:35:23.0196 1196 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:35:23.0227 1196 W32Time - ok
12:35:23.0227 1196 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:35:23.0227 1196 WacomPen - ok
12:35:23.0243 1196 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:35:23.0258 1196 WANARP - ok
12:35:23.0258 1196 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:35:23.0274 1196 Wanarpv6 - ok
12:35:23.0336 1196 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:35:23.0367 1196 WatAdminSvc - ok
12:35:23.0430 1196 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:35:23.0461 1196 wbengine - ok
12:35:23.0477 1196 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:35:23.0492 1196 WbioSrvc - ok
12:35:23.0508 1196 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:35:23.0523 1196 wcncsvc - ok
12:35:23.0523 1196 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:35:23.0523 1196 WcsPlugInService - ok
12:35:23.0539 1196 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:35:23.0539 1196 Wd - ok
12:35:23.0570 1196 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:35:23.0570 1196 Wdf01000 - ok
12:35:23.0586 1196 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:35:23.0601 1196 WdiServiceHost - ok
12:35:23.0601 1196 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:35:23.0617 1196 WdiSystemHost - ok
12:35:23.0633 1196 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:35:23.0633 1196 WebClient - ok
12:35:23.0648 1196 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:35:23.0664 1196 Wecsvc - ok
12:35:23.0679 1196 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:35:23.0695 1196 wercplsupport - ok
12:35:23.0695 1196 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:35:23.0726 1196 WerSvc - ok
12:35:23.0726 1196 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:35:23.0757 1196 WfpLwf - ok
12:35:23.0757 1196 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:35:23.0757 1196 WIMMount - ok
12:35:23.0757 1196 WinDefend - ok
12:35:23.0773 1196 WinHttpAutoProxySvc - ok
12:35:23.0773 1196 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:35:23.0804 1196 Winmgmt - ok
12:35:23.0882 1196 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:35:23.0929 1196 WinRM - ok
12:35:23.0945 1196 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:35:23.0960 1196 WinUsb - ok
12:35:23.0991 1196 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:35:24.0007 1196 Wlansvc - ok
12:35:24.0007 1196 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:35:24.0007 1196 WmiAcpi - ok
12:35:24.0023 1196 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:35:24.0038 1196 wmiApSrv - ok
12:35:24.0038 1196 WMPNetworkSvc - ok
12:35:24.0038 1196 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:35:24.0054 1196 WPCSvc - ok
12:35:24.0054 1196 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:35:24.0054 1196 WPDBusEnum - ok
12:35:24.0069 1196 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:35:24.0085 1196 ws2ifsl - ok
12:35:24.0085 1196 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
12:35:24.0101 1196 wscsvc - ok
12:35:24.0101 1196 WSearch - ok
12:35:24.0210 1196 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
12:35:24.0257 1196 wuauserv - ok
12:35:24.0272 1196 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:35:24.0303 1196 WudfPf - ok
12:35:24.0303 1196 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:35:24.0335 1196 WUDFRd - ok
12:35:24.0335 1196 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:35:24.0350 1196 wudfsvc - ok
12:35:24.0366 1196 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:35:24.0381 1196 WwanSvc - ok
12:35:24.0381 1196 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
12:35:24.0522 1196 \Device\Harddisk2\DR2 - ok
12:35:24.0990 1196 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:35:25.0083 1196 \Device\Harddisk0\DR0 - ok
12:35:25.0083 1196 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk1\DR1
12:35:25.0115 1196 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
12:35:25.0115 1196 \Device\Harddisk1\DR1 - detected TDSS File System (1)
12:35:25.0115 1196 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
12:35:25.0193 1196 \Device\Harddisk3\DR3 - ok
12:35:25.0208 1196 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR4
12:35:25.0349 1196 \Device\Harddisk4\DR4 - ok
12:35:25.0364 1196 Boot (0x1200) (0d73b2af4ecc292ce8e6c047e8b15d90) \Device\Harddisk2\DR2\Partition0
12:35:25.0364 1196 \Device\Harddisk2\DR2\Partition0 - ok
12:35:25.0364 1196 Boot (0x1200) (d24332b2d8897728f512deb0076e707c) \Device\Harddisk2\DR2\Partition1
12:35:25.0380 1196 \Device\Harddisk2\DR2\Partition1 - ok
12:35:25.0380 1196 Boot (0x1200) (c5c35e74f15558173a239b3b66521b3b) \Device\Harddisk2\DR2\Partition2
12:35:25.0380 1196 \Device\Harddisk2\DR2\Partition2 - ok
12:35:25.0380 1196 Boot (0x1200) (9a612828ccaff8f4176a0ee72f68167d) \Device\Harddisk0\DR0\Partition0
12:35:25.0380 1196 \Device\Harddisk0\DR0\Partition0 - ok
12:35:25.0380 1196 Boot (0x1200) (9a23352c3f96ac06b162c402a277d079) \Device\Harddisk1\DR1\Partition0
12:35:25.0380 1196 \Device\Harddisk1\DR1\Partition0 - ok
12:35:25.0380 1196 Boot (0x1200) (6437db7024f5cdba5c5f8d5140089dab) \Device\Harddisk3\DR3\Partition0
12:35:25.0395 1196 \Device\Harddisk3\DR3\Partition0 - ok
12:35:25.0395 1196 Boot (0x1200) (a586c8f341b52f2fea6645cc991749f6) \Device\Harddisk4\DR4\Partition0
12:35:25.0395 1196 \Device\Harddisk4\DR4\Partition0 - ok
12:35:25.0395 1196 ============================================================
12:35:25.0395 1196 Scan finished
12:35:25.0395 1196 ============================================================
12:35:25.0395 4844 Detected object count: 4
12:35:25.0395 4844 Actual detected object count: 4
12:36:06.0486 4844 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:06.0486 4844 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:06.0486 4844 SDLService ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:06.0486 4844 SDLService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:06.0501 4844 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:06.0501 4844 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:06.0501 4844 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
12:36:06.0501 4844 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
Gruß Stefan Nachtrag, zu allem Überfluss verlangt MS, dass ich einen neuen Produktschlüssel kaufe, da meine Hardware geändert wurde (ist natürlich quatsch). Ich verstehe jetzt gar nicht mehr. Das mit der Windows-Aktivierung hat sich erledigt. Die neue Systemplatte ist angekommen. Was soll ich vor dem installieren von Win7 noch tun? |
|
23.07.2012, 20:15
| #27 |
| | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien Hallo Markus, wann können wir weiter machen. Ich möchte wie gesagt das System neu aufsetzen und sicher gehen, dass ich nichts Bösartiges mitnehme. Bitte frag mich nicht mehr nach dem TDSS-Log, das ist immer noch das alte, obwohl ich die Platte formatiert und mit Nullen beschrieben habe! Ich muss aber mal langsam zu Potte kommen, weil ich mit dem PC vernünftig arbeiten können muss. Seit drei Tagen liegt die Platte hier rum und brennt darauf eingebaut zu werden. Ich bin sicher, dass wir das schaffen, wenn du dir kurz Zeit nimmst. Gruß Stefan |
|
24.07.2012, 18:21
| #28 |
| /// Malware-holic | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien hi, 1. was willst du mit der betroffenen platte machen, formatieren oder nicht mehr behalten? 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
24.07.2012, 18:44
| #29 |
| | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien Hallo Markus, die betroffene Platte, welche zur Sicherung gedacht war, hat 160 GB und ist bis auf das TDSS o.k., siehe Killer-Log Harddisk1. Leider bekomme ich das nicht weg. Ich habe die Platte mehrfach formatiert (unter Win) und mit HD-Tune Pro mit Nullen beschrieben. Der TDSS-Killer zeigt aber das TDSS immer noch an. Deshalb habe ich die Platte nun abgeklemmt. Wenn du mir aber sagen kannst, wie ich sie wieder zum laufen bringe, wäre ich dankbar. Die wichtigsten Daten habe ich extern gesichert. Ich habe vor mit dem Windows ISO X17-59885 neu aufzusetzen. Hierzu habe ich eine neue Platte. Die alte Systemplatte (nicht die mit dem TDSS) soll für Programme und vielbenutzte Daten herhalten. Wie säubere ich die am besten? Auch wieder Nullen? Wie prüfe ich die Daten, die jetzt extern liegen auf Sicherheit? Gruß Stefan |
|
25.07.2012, 17:02
| #30 |
| /// Malware-holic | Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien hi über die win7 cd mal fixmbr und fixbot nutzen: Tipparchiv - MBR unter Vista oder Windows 7 reparieren - WinTotal.de alle partitionen bei der formatierung löschen und neu erstellen. wie siehts dann aus?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien |
| 7-zip, adobe, autorun, bho, bonjour, browser, bundespolizei trojaner entfernen, computer, computer gesperrt, cpu-z, error, explorer, firefox, flash player, format, gesperrt, google earth, heuristiks/extra, heuristiks/shuriken, install.exe, langs, logfile, microsoft office word, nvidia update, photoshop, plug-in, realtek, registry, rundll, searchscopes, server, software, strafe zahlen, svchost.exe, system, trojan.agent.ge, trojaner, udp, updates, usb, usb 3.0 |
Linear-Darstellung
