| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner TR/ATRAPS.Gen2Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.10.2012, 11:25
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Trojaner TR/ATRAPS.Gen2 Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.10.2012, 12:22
| #17 |
 | Trojaner TR/ATRAPS.Gen2 und das nächste log-file ..
__________________Code:
ATTFilter 13:13:02.0989 5032 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
13:13:03.0145 5032 ============================================================
13:13:03.0145 5032 Current date / time: 2012/10/08 13:13:03.0145
13:13:03.0145 5032 SystemInfo:
13:13:03.0145 5032
13:13:03.0145 5032 OS Version: 6.0.6002 ServicePack: 2.0
13:13:03.0145 5032 Product type: Workstation
13:13:03.0145 5032 ComputerName: ANDREAS-PC
13:13:03.0145 5032 UserName: Andreas
13:13:03.0145 5032 Windows directory: C:\Windows
13:13:03.0145 5032 System windows directory: C:\Windows
13:13:03.0145 5032 Running under WOW64
13:13:03.0145 5032 Processor architecture: Intel x64
13:13:03.0145 5032 Number of processors: 2
13:13:03.0145 5032 Page size: 0x1000
13:13:03.0145 5032 Boot type: Normal boot
13:13:03.0145 5032 ============================================================
13:13:04.0939 5032 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:13:04.0954 5032 ============================================================
13:13:04.0954 5032 \Device\Harddisk0\DR0:
13:13:04.0954 5032 MBR partitions:
13:13:04.0954 5032 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38B7A000
13:13:04.0954 5032 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38B7A800, BlocksNum 0x180A000
13:13:04.0954 5032 ============================================================
13:13:04.0986 5032 C: <-> \Device\Harddisk0\DR0\Partition1
13:13:05.0095 5032 D: <-> \Device\Harddisk0\DR0\Partition2
13:13:05.0095 5032 ============================================================
13:13:05.0095 5032 Initialize success
13:13:05.0095 5032 ============================================================
13:13:33.0393 3324 ============================================================
13:13:33.0393 3324 Scan started
13:13:33.0393 3324 Mode: Manual; SigCheck; TDLFS;
13:13:33.0393 3324 ============================================================
13:13:35.0952 3324 ================ Scan system memory ========================
13:13:35.0952 3324 System memory - ok
13:13:35.0952 3324 ================ Scan services =============================
13:13:36.0264 3324 [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files (x86)\AAVUpdateManager\aavus.exe
13:13:36.0388 3324 AAV UpdateService - ok
13:13:36.0669 3324 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
13:13:37.0137 3324 Accelerometer - ok
13:13:37.0246 3324 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:13:37.0278 3324 ACPI - ok
13:13:37.0387 3324 [ F84C9DEE4698DF3C1D76801B7B1B55D7 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
13:13:37.0512 3324 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
13:13:37.0512 3324 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
13:13:37.0730 3324 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:13:37.0761 3324 AdobeARMservice - ok
13:13:38.0042 3324 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:13:38.0182 3324 adp94xx - ok
13:13:38.0245 3324 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:13:38.0307 3324 adpahci - ok
13:13:38.0338 3324 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:13:38.0385 3324 adpu160m - ok
13:13:38.0416 3324 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:13:38.0448 3324 adpu320 - ok
13:13:38.0510 3324 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:13:38.0666 3324 AeLookupSvc - ok
13:13:39.0150 3324 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
13:13:39.0259 3324 AESTFilters - ok
13:13:39.0337 3324 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
13:13:39.0430 3324 AFD - ok
13:13:39.0493 3324 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:13:39.0540 3324 agp440 - ok
13:13:39.0586 3324 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:13:39.0633 3324 aic78xx - ok
13:13:39.0649 3324 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
13:13:40.0148 3324 ALG - ok
13:13:40.0226 3324 [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide C:\Windows\system32\drivers\aliide.sys
13:13:40.0242 3324 aliide - ok
13:13:40.0242 3324 [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide C:\Windows\system32\drivers\amdide.sys
13:13:40.0257 3324 amdide - ok
13:13:40.0304 3324 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:13:40.0366 3324 AmdK8 - ok
13:13:40.0710 3324 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:13:40.0834 3324 AntiVirSchedulerService - ok
13:13:41.0006 3324 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:13:41.0037 3324 AntiVirService - ok
13:13:41.0100 3324 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:13:41.0178 3324 AntiVirWebService - ok
13:13:41.0240 3324 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
13:13:41.0318 3324 Appinfo - ok
13:13:41.0614 3324 [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:13:41.0646 3324 Apple Mobile Device - ok
13:13:41.0724 3324 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
13:13:41.0770 3324 arc - ok
13:13:41.0802 3324 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:13:41.0817 3324 arcsas - ok
13:13:42.0394 3324 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:13:42.0457 3324 aspnet_state - ok
13:13:42.0519 3324 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:13:42.0613 3324 AsyncMac - ok
13:13:42.0660 3324 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
13:13:42.0675 3324 atapi - ok
13:13:42.0769 3324 [ 54CA8AAC988B441A692311E3B584D944 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:13:42.0878 3324 Ati External Event Utility - ok
13:13:43.0252 3324 [ 4B42547AE95A31D0E1E200B68A6C7647 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:13:43.0627 3324 atikmdag - ok
13:13:43.0705 3324 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:13:43.0798 3324 AudioEndpointBuilder - ok
13:13:43.0798 3324 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:13:43.0845 3324 AudioSrv - ok
13:13:43.0986 3324 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:13:44.0001 3324 avgntflt - ok
13:13:44.0095 3324 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:13:44.0110 3324 avipbb - ok
13:13:44.0142 3324 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:13:44.0157 3324 avkmgr - ok
13:13:44.0204 3324 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:13:44.0266 3324 blbdrive - ok
13:13:44.0422 3324 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
13:13:44.0485 3324 Bonjour Service - ok
13:13:44.0532 3324 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:13:44.0625 3324 bowser - ok
13:13:44.0688 3324 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:13:44.0766 3324 BrFiltLo - ok
13:13:44.0797 3324 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:13:44.0859 3324 BrFiltUp - ok
13:13:44.0906 3324 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
13:13:44.0984 3324 Browser - ok
13:13:45.0062 3324 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
13:13:45.0405 3324 Brserid - ok
13:13:45.0452 3324 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:13:45.0577 3324 BrSerWdm - ok
13:13:45.0624 3324 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:13:45.0717 3324 BrUsbMdm - ok
13:13:45.0764 3324 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:13:45.0858 3324 BrUsbSer - ok
13:13:45.0936 3324 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:13:46.0029 3324 BTHMODEM - ok
13:13:46.0154 3324 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:13:46.0310 3324 cdfs - ok
13:13:46.0497 3324 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:13:46.0591 3324 cdrom - ok
13:13:46.0638 3324 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
13:13:46.0716 3324 CertPropSvc - ok
13:13:46.0794 3324 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:13:46.0918 3324 circlass - ok
13:13:47.0043 3324 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
13:13:47.0152 3324 CLFS - ok
13:13:47.0324 3324 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:13:47.0386 3324 clr_optimization_v2.0.50727_32 - ok
13:13:47.0433 3324 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:13:47.0464 3324 clr_optimization_v2.0.50727_64 - ok
13:13:47.0901 3324 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:13:47.0995 3324 clr_optimization_v4.0.30319_32 - ok
13:13:48.0026 3324 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:13:48.0104 3324 clr_optimization_v4.0.30319_64 - ok
13:13:48.0151 3324 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:13:48.0260 3324 CmBatt - ok
13:13:48.0322 3324 [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:13:48.0369 3324 cmdide - ok
13:13:48.0447 3324 [ 12E94E225BD7B05A2BCCD5C0B841E921 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
13:13:48.0494 3324 Com4QLBEx - ok
13:13:48.0572 3324 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:13:48.0603 3324 Compbatt - ok
13:13:48.0634 3324 COMSysApp - ok
13:13:49.0102 3324 cpuz134 - ok
13:13:49.0134 3324 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:13:49.0180 3324 crcdisk - ok
13:13:49.0274 3324 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:13:49.0399 3324 CryptSvc - ok
13:13:49.0492 3324 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
13:13:49.0539 3324 ctxusbm - ok
13:13:49.0633 3324 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
13:13:49.0789 3324 DcomLaunch - ok
13:13:49.0882 3324 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:13:50.0007 3324 DfsC - ok
13:13:50.0397 3324 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
13:13:50.0678 3324 DFSR - ok
13:13:50.0756 3324 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:13:50.0803 3324 Dhcp - ok
13:13:50.0850 3324 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
13:13:50.0881 3324 disk - ok
13:13:50.0928 3324 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:13:50.0990 3324 Dnscache - ok
13:13:51.0068 3324 [ 57AE249F2C6A90476E8E400F0EEC3C56 ] Dokan C:\Windows\system32\drivers\dokan.sys
13:13:51.0099 3324 Dokan - ok
13:13:51.0146 3324 [ F4FEAE56DA1B5B7DC78D5F9214CDEF5E ] DokanMounter C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
13:13:51.0177 3324 DokanMounter ( UnsignedFile.Multi.Generic ) - warning
13:13:51.0177 3324 DokanMounter - detected UnsignedFile.Multi.Generic (1)
13:13:51.0255 3324 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
13:13:51.0302 3324 dot3svc - ok
13:13:51.0349 3324 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
13:13:51.0411 3324 DPS - ok
13:13:51.0567 3324 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:13:51.0708 3324 drmkaud - ok
13:13:51.0801 3324 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:13:51.0910 3324 DXGKrnl - ok
13:13:51.0973 3324 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
13:13:52.0051 3324 E1G60 - ok
13:13:52.0129 3324 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
13:13:52.0191 3324 EapHost - ok
13:13:52.0269 3324 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
13:13:52.0300 3324 Ecache - ok
13:13:52.0378 3324 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:13:52.0456 3324 ehRecvr - ok
13:13:52.0488 3324 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
13:13:52.0534 3324 ehSched - ok
13:13:52.0581 3324 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
13:13:52.0644 3324 ehstart - ok
13:13:52.0690 3324 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:13:52.0722 3324 elxstor - ok
13:13:52.0784 3324 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:13:52.0924 3324 EMDMgmt - ok
13:13:52.0987 3324 [ F218A3A27ED6592C0E22EC3595554447 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
13:13:53.0080 3324 enecir - ok
13:13:53.0112 3324 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:13:53.0236 3324 ErrDev - ok
13:13:53.0361 3324 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
13:13:53.0470 3324 EventSystem - ok
13:13:53.0502 3324 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
13:13:53.0611 3324 exfat - ok
13:13:53.0611 3324 ezSharedSvc - ok
13:13:53.0673 3324 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:13:53.0736 3324 fastfat - ok
13:13:53.0782 3324 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:13:53.0845 3324 fdc - ok
13:13:53.0907 3324 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
13:13:53.0970 3324 fdPHost - ok
13:13:54.0016 3324 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
13:13:54.0110 3324 FDResPub - ok
13:13:54.0157 3324 Fildro - ok
13:13:54.0204 3324 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:13:54.0235 3324 FileInfo - ok
13:13:54.0235 3324 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:13:54.0313 3324 Filetrace - ok
13:13:54.0360 3324 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:13:54.0453 3324 flpydisk - ok
13:13:54.0547 3324 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:13:54.0578 3324 FltMgr - ok
13:13:54.0781 3324 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
13:13:54.0906 3324 FontCache - ok
13:13:55.0077 3324 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:13:55.0140 3324 FontCache3.0.0.0 - ok
13:13:55.0171 3324 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:13:55.0233 3324 Fs_Rec - ok
13:13:55.0280 3324 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:13:55.0296 3324 gagp30kx - ok
13:13:55.0405 3324 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:13:55.0420 3324 GEARAspiWDM - ok
13:13:55.0576 3324 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
13:13:55.0654 3324 gpsvc - ok
13:13:55.0732 3324 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:13:55.0842 3324 HdAudAddService - ok
13:13:55.0935 3324 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:13:56.0044 3324 HDAudBus - ok
13:13:56.0107 3324 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:13:56.0200 3324 HidBth - ok
13:13:56.0247 3324 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:13:56.0341 3324 HidIr - ok
13:13:56.0403 3324 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
13:13:56.0481 3324 hidserv - ok
13:13:56.0606 3324 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:13:56.0684 3324 HidUsb - ok
13:13:56.0778 3324 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
13:13:56.0840 3324 hkmsvc - ok
13:13:56.0949 3324 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:13:56.0965 3324 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
13:13:56.0965 3324 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
13:13:57.0058 3324 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:13:57.0074 3324 HpCISSs - ok
13:13:57.0136 3324 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
13:13:57.0168 3324 hpdskflt - ok
13:13:57.0230 3324 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
13:13:57.0308 3324 HpqKbFiltr - ok
13:13:57.0417 3324 [ 188FF0ADF66768D53AD94F43972E1E9A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
13:13:57.0464 3324 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
13:13:57.0464 3324 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
13:13:57.0526 3324 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
13:13:57.0558 3324 hpsrv - ok
13:13:57.0651 3324 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:13:57.0870 3324 HTTP - ok
13:13:57.0979 3324 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:13:58.0026 3324 i2omp - ok
13:13:58.0104 3324 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:13:58.0166 3324 i8042prt - ok
13:13:58.0197 3324 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:13:58.0213 3324 iaStorV - ok
13:13:58.0322 3324 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:13:58.0369 3324 idsvc - ok
13:13:58.0431 3324 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:13:58.0447 3324 iirsp - ok
13:13:58.0572 3324 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
13:13:58.0665 3324 IKEEXT - ok
13:13:58.0743 3324 [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide C:\Windows\system32\drivers\intelide.sys
13:13:58.0759 3324 intelide - ok
13:13:58.0790 3324 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:13:58.0837 3324 intelppm - ok
13:13:58.0899 3324 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:13:58.0962 3324 IPBusEnum - ok
13:13:59.0024 3324 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:13:59.0118 3324 IpFilterDriver - ok
13:13:59.0118 3324 IpInIp - ok
13:13:59.0180 3324 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:13:59.0258 3324 IPMIDRV - ok
13:13:59.0289 3324 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:13:59.0352 3324 IPNAT - ok
13:13:59.0476 3324 [ 24595EC9236D7E421661A2D4FFBD901A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:13:59.0523 3324 iPod Service - ok
13:13:59.0617 3324 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:13:59.0695 3324 IRENUM - ok
13:13:59.0757 3324 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:13:59.0773 3324 isapnp - ok
13:13:59.0851 3324 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:13:59.0866 3324 iScsiPrt - ok
13:13:59.0898 3324 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:13:59.0913 3324 iteatapi - ok
13:13:59.0960 3324 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:14:00.0022 3324 iteraid - ok
13:14:00.0054 3324 [ BB86B1C3489463BBA1FD04C876DBE414 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
13:14:00.0147 3324 JMCR - ok
13:14:00.0178 3324 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:14:00.0194 3324 kbdclass - ok
13:14:00.0210 3324 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:14:00.0288 3324 kbdhid - ok
13:14:00.0319 3324 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
13:14:00.0381 3324 KeyIso - ok
13:14:00.0444 3324 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:14:00.0506 3324 KSecDD - ok
13:14:00.0600 3324 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:14:00.0693 3324 ksthunk - ok
13:14:00.0756 3324 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
13:14:00.0865 3324 KtmRm - ok
13:14:00.0943 3324 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:14:01.0052 3324 LanmanServer - ok
13:14:01.0083 3324 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:14:01.0161 3324 LanmanWorkstation - ok
13:14:01.0270 3324 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:14:01.0302 3324 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
13:14:01.0302 3324 LightScribeService - detected UnsignedFile.Multi.Generic (1)
13:14:01.0333 3324 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:14:01.0380 3324 lltdio - ok
13:14:01.0520 3324 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:14:01.0598 3324 lltdsvc - ok
13:14:01.0660 3324 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:14:01.0738 3324 lmhosts - ok
13:14:01.0801 3324 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:14:01.0816 3324 LSI_FC - ok
13:14:01.0848 3324 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:14:01.0863 3324 LSI_SAS - ok
13:14:01.0894 3324 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:14:01.0910 3324 LSI_SCSI - ok
13:14:02.0019 3324 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
13:14:02.0097 3324 luafv - ok
13:14:02.0331 3324 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
13:14:02.0425 3324 McComponentHostService - ok
13:14:02.0503 3324 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:14:02.0534 3324 Mcx2Svc - ok
13:14:02.0596 3324 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
13:14:02.0643 3324 megasas - ok
13:14:02.0721 3324 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
13:14:02.0815 3324 MegaSR - ok
13:14:02.0862 3324 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
13:14:02.0908 3324 MMCSS - ok
13:14:02.0955 3324 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
13:14:03.0033 3324 Modem - ok
13:14:03.0080 3324 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:14:03.0158 3324 monitor - ok
13:14:03.0174 3324 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:14:03.0189 3324 mouclass - ok
13:14:03.0252 3324 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:14:03.0345 3324 mouhid - ok
13:14:03.0361 3324 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:14:03.0392 3324 MountMgr - ok
13:14:03.0486 3324 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:14:03.0501 3324 MozillaMaintenance - ok
13:14:03.0532 3324 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
13:14:03.0548 3324 mpio - ok
13:14:03.0579 3324 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:14:03.0642 3324 mpsdrv - ok
13:14:03.0657 3324 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:14:03.0673 3324 Mraid35x - ok
13:14:03.0720 3324 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:14:03.0751 3324 MRxDAV - ok
13:14:03.0813 3324 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:14:03.0876 3324 mrxsmb - ok
13:14:03.0922 3324 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:14:03.0969 3324 mrxsmb10 - ok
13:14:04.0000 3324 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:14:04.0032 3324 mrxsmb20 - ok
13:14:04.0094 3324 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
13:14:04.0110 3324 msahci - ok
13:14:04.0156 3324 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:14:04.0188 3324 msdsm - ok
13:14:04.0219 3324 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
13:14:04.0281 3324 MSDTC - ok
13:14:04.0344 3324 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:14:04.0422 3324 Msfs - ok
13:14:04.0500 3324 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:14:04.0531 3324 msisadrv - ok
13:14:04.0562 3324 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:14:04.0656 3324 MSiSCSI - ok
13:14:04.0656 3324 msiserver - ok
13:14:04.0687 3324 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:14:04.0734 3324 MSKSSRV - ok
13:14:04.0780 3324 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:14:04.0858 3324 MSPCLOCK - ok
13:14:04.0905 3324 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:14:04.0952 3324 MSPQM - ok
13:14:04.0999 3324 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:14:05.0030 3324 MsRPC - ok
13:14:05.0077 3324 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:14:05.0092 3324 mssmbios - ok
13:14:05.0155 3324 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:14:05.0217 3324 MSTEE - ok
13:14:05.0295 3324 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
13:14:05.0311 3324 Mup - ok
13:14:05.0373 3324 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
13:14:05.0514 3324 napagent - ok
13:14:05.0592 3324 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:14:05.0638 3324 NativeWifiP - ok
13:14:05.0763 3324 NAVENG - ok
13:14:05.0763 3324 NAVEX15 - ok
13:14:05.0919 3324 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:14:06.0013 3324 NDIS - ok
13:14:06.0060 3324 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:14:06.0153 3324 NdisTapi - ok
13:14:06.0200 3324 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:14:06.0278 3324 Ndisuio - ok
13:14:06.0340 3324 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:14:06.0387 3324 NdisWan - ok
13:14:06.0434 3324 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:14:06.0496 3324 NDProxy - ok
13:14:06.0574 3324 [ 89FD76A90CBE63F03A70C2D1B85E802C ] NEOFLTR_710_19243 C:\Windows\system32\Drivers\NEOFLTR_710_19243.SYS
13:14:06.0590 3324 NEOFLTR_710_19243 - ok
13:14:06.0652 3324 Nero BackItUp Scheduler 4.0 - ok
13:14:06.0668 3324 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:14:06.0762 3324 NetBIOS - ok
13:14:06.0840 3324 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:14:06.0933 3324 netbt - ok
13:14:06.0964 3324 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
13:14:06.0980 3324 Netlogon - ok
13:14:07.0011 3324 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
13:14:07.0167 3324 Netman - ok
13:14:07.0230 3324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:07.0308 3324 NetMsmqActivator - ok
13:14:07.0323 3324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:07.0339 3324 NetPipeActivator - ok
13:14:07.0432 3324 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
13:14:07.0510 3324 netprofm - ok
13:14:07.0542 3324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:07.0557 3324 NetTcpActivator - ok
13:14:07.0573 3324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:07.0588 3324 NetTcpPortSharing - ok
13:14:07.0791 3324 [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64 C:\Windows\system32\DRIVERS\NETw3v64.sys
13:14:08.0056 3324 NETw3v64 - ok
13:14:08.0649 3324 [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
13:14:09.0195 3324 NETw5v64 - ok
13:14:09.0226 3324 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:14:09.0258 3324 nfrd960 - ok
13:14:09.0320 3324 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
13:14:09.0382 3324 NlaSvc - ok
13:14:09.0445 3324 [ 02C1198276C0D4F39E54EB5148AF1E2A ] nmwcdcx64 C:\Windows\system32\drivers\ccdcmbox64.sys
13:14:09.0554 3324 nmwcdcx64 - ok
13:14:09.0616 3324 [ 76292103C5149EB140419F36DCF26C1B ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
13:14:09.0694 3324 nmwcdnsucx64 - ok
13:14:09.0741 3324 [ 2974296DA6296B4FEA3E313BF98C693D ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
13:14:09.0804 3324 nmwcdnsux64 - ok
13:14:09.0850 3324 [ D8F00FCC82451BDAA3DB93BB62AE6AC3 ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys
13:14:09.0913 3324 nmwcdx64 - ok
13:14:09.0928 3324 Norton Internet Security - ok
13:14:09.0975 3324 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:14:10.0006 3324 Npfs - ok
13:14:10.0053 3324 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
13:14:10.0131 3324 nsi - ok
13:14:10.0225 3324 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:14:10.0318 3324 nsiproxy - ok
13:14:10.0490 3324 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:14:10.0646 3324 Ntfs - ok
13:14:10.0708 3324 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
13:14:10.0786 3324 Null - ok
13:14:10.0818 3324 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:14:10.0833 3324 nvraid - ok
13:14:10.0864 3324 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:14:10.0880 3324 nvstor - ok
13:14:10.0927 3324 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:14:10.0942 3324 nv_agp - ok
13:14:10.0958 3324 NwlnkFlt - ok
13:14:10.0958 3324 NwlnkFwd - ok
13:14:11.0020 3324 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:14:11.0067 3324 ohci1394 - ok
13:14:11.0130 3324 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:14:11.0192 3324 ose - ok
13:14:11.0301 3324 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:14:11.0442 3324 p2pimsvc - ok
13:14:11.0488 3324 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
13:14:11.0566 3324 p2psvc - ok
13:14:11.0613 3324 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
13:14:11.0691 3324 Parport - ok
13:14:11.0785 3324 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:14:11.0800 3324 partmgr - ok
13:14:11.0847 3324 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
13:14:11.0910 3324 PcaSvc - ok
13:14:11.0988 3324 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
13:14:12.0050 3324 pccsmcfd - ok
13:14:12.0097 3324 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
13:14:12.0112 3324 pci - ok
13:14:12.0159 3324 [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide C:\Windows\system32\drivers\pciide.sys
13:14:12.0175 3324 pciide - ok
13:14:12.0206 3324 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:14:12.0237 3324 pcmcia - ok
13:14:12.0253 3324 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:14:12.0393 3324 PEAUTH - ok
13:14:12.0487 3324 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:14:12.0565 3324 PerfHost - ok
13:14:12.0658 3324 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
13:14:12.0721 3324 pla - ok
13:14:12.0861 3324 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:14:12.0892 3324 PlugPlay - ok
13:14:12.0924 3324 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:14:12.0955 3324 PNRPAutoReg - ok
13:14:12.0955 3324 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:14:13.0002 3324 PNRPsvc - ok
13:14:13.0126 3324 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:14:13.0158 3324 PolicyAgent - ok
13:14:13.0251 3324 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:14:13.0314 3324 PptpMiniport - ok
13:14:13.0360 3324 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
13:14:13.0423 3324 Processor - ok
13:14:13.0516 3324 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
13:14:13.0548 3324 ProfSvc - ok
13:14:13.0563 3324 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
13:14:13.0594 3324 ProtectedStorage - ok
13:14:13.0657 3324 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:14:13.0688 3324 PSched - ok
13:14:13.0813 3324 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:14:13.0922 3324 ql2300 - ok
13:14:14.0000 3324 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:14:14.0047 3324 ql40xx - ok
13:14:14.0125 3324 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
13:14:14.0187 3324 QWAVE - ok
13:14:14.0218 3324 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:14:14.0281 3324 QWAVEdrv - ok
13:14:14.0328 3324 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:14:14.0374 3324 RasAcd - ok
13:14:14.0421 3324 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
13:14:14.0499 3324 RasAuto - ok
13:14:14.0546 3324 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:14:14.0593 3324 Rasl2tp - ok
13:14:14.0640 3324 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
13:14:14.0671 3324 RasMan - ok
13:14:14.0702 3324 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:14:14.0796 3324 RasPppoe - ok
13:14:14.0811 3324 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:14:14.0827 3324 RasSstp - ok
13:14:14.0874 3324 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:14:14.0967 3324 rdbss - ok
13:14:14.0998 3324 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:14:15.0030 3324 RDPCDD - ok
13:14:15.0045 3324 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:14:15.0092 3324 rdpdr - ok
13:14:15.0108 3324 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:14:15.0170 3324 RDPENCDD - ok
13:14:15.0217 3324 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:14:15.0310 3324 RDPWD - ok
13:14:15.0404 3324 [ BC0A4D47472B042537F4E57B950415FA ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
13:14:15.0420 3324 Recovery Service for Windows - ok
13:14:15.0482 3324 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:14:15.0544 3324 RemoteAccess - ok
13:14:15.0607 3324 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:14:15.0638 3324 RemoteRegistry - ok
13:14:15.0810 3324 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
13:14:15.0856 3324 RichVideo ( UnsignedFile.Multi.Generic ) - warning
13:14:15.0856 3324 RichVideo - detected UnsignedFile.Multi.Generic (1)
13:14:15.0903 3324 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
13:14:15.0981 3324 RpcLocator - ok
13:14:16.0200 3324 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
13:14:16.0309 3324 RpcSs - ok
13:14:16.0371 3324 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:14:16.0449 3324 rspndr - ok
13:14:16.0512 3324 [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
13:14:16.0605 3324 RTL8169 - ok
13:14:16.0621 3324 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
13:14:16.0636 3324 SamSs - ok
13:14:16.0683 3324 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:14:16.0699 3324 sbp2port - ok
13:14:16.0792 3324 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:14:16.0870 3324 SCardSvr - ok
13:14:17.0042 3324 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
13:14:17.0198 3324 Schedule - ok
13:14:17.0229 3324 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:14:17.0260 3324 SCPolicySvc - ok
13:14:17.0354 3324 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
13:14:17.0432 3324 sdbus - ok
13:14:17.0510 3324 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:14:17.0572 3324 SDRSVC - ok
13:14:17.0947 3324 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\Andreas\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
13:14:17.0962 3324 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
13:14:17.0962 3324 SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
13:14:18.0009 3324 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:14:18.0150 3324 secdrv - ok
13:14:18.0181 3324 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
13:14:18.0243 3324 seclogon - ok
13:14:18.0259 3324 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
13:14:18.0321 3324 SENS - ok
13:14:18.0352 3324 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:14:18.0399 3324 Serenum - ok
13:14:18.0415 3324 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
13:14:18.0462 3324 Serial - ok
13:14:18.0477 3324 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:14:18.0540 3324 sermouse - ok
13:14:18.0711 3324 [ 58D5BFDF3ADF49FE9CABD78CC61D92F6 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
13:14:18.0836 3324 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
13:14:18.0836 3324 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
13:14:18.0883 3324 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
13:14:18.0976 3324 SessionEnv - ok
13:14:19.0054 3324 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:14:19.0101 3324 sffdisk - ok
13:14:19.0132 3324 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:14:19.0242 3324 sffp_mmc - ok
13:14:19.0288 3324 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:14:19.0366 3324 sffp_sd - ok
13:14:19.0398 3324 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:14:19.0476 3324 sfloppy - ok
13:14:19.0538 3324 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:14:19.0647 3324 ShellHWDetection - ok
13:14:19.0694 3324 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:14:19.0741 3324 SiSRaid2 - ok
13:14:19.0756 3324 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:14:19.0788 3324 SiSRaid4 - ok
13:14:19.0881 3324 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:14:19.0897 3324 SkypeUpdate - ok
13:14:20.0178 3324 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
13:14:20.0349 3324 slsvc - ok
13:14:20.0505 3324 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:14:20.0568 3324 SLUINotify - ok
13:14:20.0646 3324 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:14:20.0708 3324 Smb - ok
13:14:20.0770 3324 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:14:20.0817 3324 SNMPTRAP - ok
13:14:20.0880 3324 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
13:14:20.0911 3324 spldr - ok
13:14:20.0942 3324 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
13:14:20.0973 3324 Spooler - ok
13:14:20.0989 3324 SRTSP - ok
13:14:20.0989 3324 SRTSPX - ok
13:14:21.0067 3324 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
13:14:21.0176 3324 srv - ok
13:14:21.0223 3324 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:14:21.0316 3324 srv2 - ok
13:14:21.0332 3324 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:14:21.0441 3324 srvnet - ok
13:14:21.0472 3324 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:14:21.0582 3324 SSDPSRV - ok
13:14:21.0722 3324 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:14:21.0816 3324 SstpSvc - ok
13:14:22.0034 3324 [ 72EB6157E892A674E47E08732BB5CCE3 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
13:14:22.0081 3324 STacSV - ok
13:14:22.0174 3324 [ 0C7BDA7E9A329A071C080EB5210FE019 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
13:14:22.0252 3324 STHDA - ok
13:14:22.0315 3324 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
13:14:22.0408 3324 stisvc - ok
13:14:22.0455 3324 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:14:22.0471 3324 swenum - ok
13:14:22.0611 3324 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
13:14:22.0642 3324 swprv - ok
13:14:22.0674 3324 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:14:22.0689 3324 Symc8xx - ok
13:14:22.0736 3324 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:14:22.0767 3324 Sym_hi - ok
13:14:22.0767 3324 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:14:22.0783 3324 Sym_u3 - ok
13:14:22.0876 3324 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:14:22.0908 3324 SynTP - ok
13:14:22.0970 3324 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
13:14:23.0079 3324 SysMain - ok
13:14:23.0204 3324 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:14:23.0266 3324 TabletInputService - ok
13:14:23.0313 3324 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:14:23.0407 3324 TapiSrv - ok
13:14:23.0469 3324 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
13:14:23.0594 3324 TBS - ok
13:14:23.0828 3324 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:14:23.0984 3324 Tcpip - ok
13:14:24.0000 3324 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:14:24.0093 3324 Tcpip6 - ok
13:14:24.0202 3324 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:14:24.0296 3324 tcpipreg - ok
13:14:24.0343 3324 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:14:24.0436 3324 TDPIPE - ok
13:14:24.0468 3324 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:14:24.0561 3324 TDTCP - ok
13:14:24.0608 3324 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:14:24.0655 3324 tdx - ok
13:14:24.0702 3324 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:14:24.0733 3324 TermDD - ok
13:14:24.0795 3324 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
13:14:24.0920 3324 TermService - ok
13:14:24.0982 3324 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
13:14:25.0014 3324 Themes - ok
13:14:25.0092 3324 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
13:14:25.0138 3324 THREADORDER - ok
13:14:25.0232 3324 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
13:14:25.0248 3324 TomTomHOMEService - ok
13:14:25.0310 3324 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
13:14:25.0388 3324 TrkWks - ok
13:14:25.0560 3324 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:14:25.0638 3324 TrustedInstaller - ok
13:14:25.0684 3324 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:14:25.0794 3324 tssecsrv - ok
13:14:25.0887 3324 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:14:25.0965 3324 tunmp - ok
13:14:26.0012 3324 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:14:26.0074 3324 tunnel - ok
13:14:26.0308 3324 [ 1C31169DDDC70C1605F703DA701EAEEA ] TVCapSvc C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
13:14:26.0308 3324 TVCapSvc - ok
13:14:26.0324 3324 [ 290B8C381DBC15D3DBCBD2BDB6B0BA12 ] TVSched C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
13:14:26.0324 3324 TVSched - ok
13:14:26.0371 3324 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:14:26.0386 3324 uagp35 - ok
13:14:26.0464 3324 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:14:26.0527 3324 udfs - ok
13:14:26.0574 3324 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:14:26.0620 3324 UI0Detect - ok
13:14:26.0698 3324 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:14:26.0792 3324 uliagpkx - ok
13:14:26.0823 3324 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:14:26.0886 3324 uliahci - ok
13:14:26.0901 3324 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:14:26.0948 3324 UlSata - ok
13:14:26.0995 3324 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:14:27.0010 3324 ulsata2 - ok
13:14:27.0042 3324 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:14:27.0088 3324 umbus - ok
13:14:27.0135 3324 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
13:14:27.0198 3324 upnphost - ok
13:14:27.0244 3324 [ 9856C38AB8FAACCA4DD99DAC7B42F838 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
13:14:27.0307 3324 upperdev - ok
13:14:27.0385 3324 [ CD03479F2DA26500B203ED075C146A7A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:14:27.0447 3324 USBAAPL64 - ok
13:14:27.0525 3324 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:14:27.0588 3324 usbaudio - ok
13:14:27.0619 3324 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:14:27.0666 3324 usbccgp - ok
13:14:27.0697 3324 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:14:27.0744 3324 usbcir - ok
13:14:27.0806 3324 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:14:27.0837 3324 usbehci - ok
13:14:27.0900 3324 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:14:27.0978 3324 usbhub - ok
13:14:28.0009 3324 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:14:28.0087 3324 usbohci - ok
13:14:28.0134 3324 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:14:28.0227 3324 usbprint - ok
13:14:28.0321 3324 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:14:28.0368 3324 usbscan - ok
13:14:28.0414 3324 [ F7386007FB19E7685FC7B298560AA81F ] usbser C:\Windows\system32\drivers\usbser.sys
13:14:28.0477 3324 usbser - ok
13:14:28.0524 3324 [ 89123DC822AC7A708BD4C9E196A37610 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
13:14:28.0602 3324 UsbserFilt - ok
13:14:28.0680 3324 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:14:28.0742 3324 USBSTOR - ok
13:14:28.0773 3324 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:14:28.0820 3324 usbuhci - ok
13:14:28.0867 3324 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:14:28.0914 3324 usbvideo - ok
13:14:28.0992 3324 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
13:14:29.0054 3324 UxSms - ok
13:14:29.0085 3324 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
13:14:29.0194 3324 vds - ok
13:14:29.0272 3324 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:14:29.0397 3324 vga - ok
13:14:29.0413 3324 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:14:29.0460 3324 VgaSave - ok
13:14:29.0506 3324 [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide C:\Windows\system32\drivers\viaide.sys
13:14:29.0522 3324 viaide - ok
13:14:29.0569 3324 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:14:29.0584 3324 volmgr - ok
13:14:29.0647 3324 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:14:29.0709 3324 volmgrx - ok
13:14:29.0772 3324 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:14:29.0803 3324 volsnap - ok
13:14:29.0850 3324 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:14:29.0896 3324 vsmraid - ok
13:14:30.0037 3324 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
13:14:30.0318 3324 VSS - ok
13:14:30.0427 3324 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
13:14:30.0520 3324 W32Time - ok
13:14:30.0567 3324 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:14:30.0661 3324 WacomPen - ok
13:14:30.0770 3324 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:14:30.0817 3324 Wanarp - ok
13:14:30.0817 3324 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:14:30.0848 3324 Wanarpv6 - ok
13:14:30.0973 3324 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:14:31.0066 3324 wcncsvc - ok
13:14:31.0113 3324 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:14:31.0160 3324 WcsPlugInService - ok
13:14:31.0191 3324 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
13:14:31.0363 3324 Wd - ok
13:14:31.0441 3324 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:14:31.0566 3324 Wdf01000 - ok
13:14:31.0597 3324 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:14:31.0675 3324 WdiServiceHost - ok
13:14:31.0690 3324 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:14:31.0753 3324 WdiSystemHost - ok
13:14:31.0784 3324 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
13:14:31.0831 3324 WebClient - ok
13:14:31.0893 3324 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:14:31.0956 3324 Wecsvc - ok
13:14:31.0987 3324 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:14:32.0065 3324 wercplsupport - ok
13:14:32.0112 3324 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
13:14:32.0190 3324 WerSvc - ok
13:14:32.0205 3324 WinHttpAutoProxySvc - ok
13:14:32.0330 3324 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:14:32.0392 3324 Winmgmt - ok
13:14:32.0689 3324 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
13:14:33.0126 3324 WinRM - ok
13:14:33.0313 3324 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:14:33.0469 3324 Wlansvc - ok
13:14:33.0937 3324 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:14:34.0186 3324 wlidsvc - ok
13:14:34.0249 3324 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:14:34.0311 3324 WmiAcpi - ok
13:14:34.0374 3324 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:14:34.0436 3324 wmiApSrv - ok
13:14:34.0530 3324 WMPNetworkSvc - ok
13:14:34.0639 3324 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:14:34.0748 3324 WPCSvc - ok
13:14:34.0826 3324 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:14:34.0935 3324 WPDBusEnum - ok
13:14:34.0982 3324 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:14:35.0060 3324 WpdUsb - ok
13:14:35.0856 3324 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:14:36.0074 3324 WPFFontCache_v0400 - ok
13:14:36.0136 3324 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:14:36.0246 3324 ws2ifsl - ok
13:14:36.0308 3324 WSearch - ok
13:14:36.0339 3324 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:14:36.0370 3324 WUDFRd - ok
13:14:36.0402 3324 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:14:36.0464 3324 wudfsvc - ok
13:14:36.0573 3324 [ 07F7285220307AAFB755D890295F0F9A ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
13:14:36.0682 3324 yukonx64 - ok
13:14:36.0745 3324 [ 1CACFEF9E5DD866C5B79A135EE729E18 ] {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
13:14:36.0760 3324 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
13:14:36.0760 3324 ================ Scan global ===============================
13:14:36.0807 3324 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
13:14:36.0901 3324 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
13:14:36.0901 3324 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
13:14:36.0963 3324 [ B8844F93D2C5F1DCDB179AAA9AF134B7 ] C:\Windows\system32\services.exe
13:14:36.0979 3324 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
13:14:36.0979 3324 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
13:14:36.0979 3324 ================ Scan MBR ==================================
13:14:36.0994 3324 [ 5C86ADEC17B739C437E145E3B3FC2E6D ] \Device\Harddisk0\DR0
13:14:38.0664 3324 \Device\Harddisk0\DR0 - ok
13:14:38.0664 3324 ================ Scan VBR ==================================
13:14:38.0695 3324 [ 4F671ACB12D2B23C2A215D3B242A1E8F ] \Device\Harddisk0\DR0\Partition1
13:14:38.0695 3324 \Device\Harddisk0\DR0\Partition1 - ok
13:14:38.0742 3324 [ 7B194D67144E38317068B1DBCA999781 ] \Device\Harddisk0\DR0\Partition2
13:14:38.0742 3324 \Device\Harddisk0\DR0\Partition2 - ok
13:14:38.0742 3324 ============================================================
13:14:38.0742 3324 Scan finished
13:14:38.0742 3324 ============================================================
13:14:38.0757 4868 Detected object count: 9
13:14:38.0757 4868 Actual detected object count: 9
13:21:38.0710 4868 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:38.0710 4868 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:38.0710 4868 DokanMounter ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:38.0710 4868 DokanMounter ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:38.0710 4868 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:38.0710 4868 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:38.0710 4868 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:38.0710 4868 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:38.0710 4868 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:38.0710 4868 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:38.0710 4868 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:38.0710 4868 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:38.0710 4868 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:38.0710 4868 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:38.0710 4868 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:38.0710 4868 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:38.0710 4868 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
13:21:38.0710 4868 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip
|
|
08.10.2012, 13:14
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.Gen2Code:
ATTFilter C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
Um das zu tun musst du den TDSS-Killer neu starten und einen neuen Scan machen. Wenn du danach die Ergebnisse siehst, stellst du bitte diesen Eintrag auf CURE bzw. DELETE (je nachdem was dir angeboten wird, alle anderen bitte auf SKIP lassen! ) und klickst dann unten rechts auf continue Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ |
|
08.10.2012, 15:26
| #19 |
| | Trojaner TR/ATRAPS.Gen2 alles gemacht wie beschrieben .. Code:
ATTFilter 16:23:28.0290 2292 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:23:28.0306 2292 ============================================================
16:23:28.0306 2292 Current date / time: 2012/10/08 16:23:28.0306
16:23:28.0306 2292 SystemInfo:
16:23:28.0306 2292
16:23:28.0306 2292 OS Version: 6.0.6002 ServicePack: 2.0
16:23:28.0306 2292 Product type: Workstation
16:23:28.0306 2292 ComputerName: ANDREAS-PC
16:23:28.0306 2292 UserName: Andreas
16:23:28.0306 2292 Windows directory: C:\Windows
16:23:28.0306 2292 System windows directory: C:\Windows
16:23:28.0306 2292 Running under WOW64
16:23:28.0306 2292 Processor architecture: Intel x64
16:23:28.0306 2292 Number of processors: 2
16:23:28.0306 2292 Page size: 0x1000
16:23:28.0306 2292 Boot type: Normal boot
16:23:28.0306 2292 ============================================================
16:23:29.0804 2292 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:23:29.0804 2292 ============================================================
16:23:29.0804 2292 \Device\Harddisk0\DR0:
16:23:29.0804 2292 MBR partitions:
16:23:29.0804 2292 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38B7A000
16:23:29.0804 2292 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38B7A800, BlocksNum 0x180A000
16:23:29.0804 2292 ============================================================
16:23:29.0835 2292 C: <-> \Device\Harddisk0\DR0\Partition1
16:23:29.0944 2292 D: <-> \Device\Harddisk0\DR0\Partition2
16:23:29.0944 2292 ============================================================
16:23:29.0944 2292 Initialize success
16:23:29.0944 2292 ============================================================
16:23:35.0295 3268 ============================================================
16:23:35.0310 3268 Scan started
16:23:35.0310 3268 Mode: Manual; SigCheck; TDLFS;
16:23:35.0310 3268 ============================================================
16:23:36.0418 3268 ================ Scan system memory ========================
16:23:36.0418 3268 System memory - ok
16:23:36.0418 3268 ================ Scan services =============================
16:23:36.0746 3268 [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files (x86)\AAVUpdateManager\aavus.exe
16:23:36.0902 3268 AAV UpdateService - ok
16:23:37.0214 3268 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:23:37.0260 3268 Accelerometer - ok
16:23:37.0338 3268 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
16:23:37.0354 3268 ACPI - ok
16:23:37.0572 3268 [ F84C9DEE4698DF3C1D76801B7B1B55D7 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:23:37.0650 3268 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
16:23:37.0650 3268 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
16:23:37.0806 3268 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:23:37.0822 3268 AdobeARMservice - ok
16:23:37.0900 3268 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:23:37.0931 3268 adp94xx - ok
16:23:37.0962 3268 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:23:38.0009 3268 adpahci - ok
16:23:38.0056 3268 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:23:38.0087 3268 adpu160m - ok
16:23:38.0118 3268 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:23:38.0150 3268 adpu320 - ok
16:23:38.0259 3268 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:23:38.0321 3268 AeLookupSvc - ok
16:23:38.0618 3268 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
16:23:38.0649 3268 AESTFilters - ok
16:23:38.0742 3268 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
16:23:38.0852 3268 AFD - ok
16:23:38.0914 3268 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:23:38.0945 3268 agp440 - ok
16:23:38.0992 3268 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:23:39.0023 3268 aic78xx - ok
16:23:39.0054 3268 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
16:23:39.0210 3268 ALG - ok
16:23:39.0273 3268 [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide C:\Windows\system32\drivers\aliide.sys
16:23:39.0304 3268 aliide - ok
16:23:39.0304 3268 [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide C:\Windows\system32\drivers\amdide.sys
16:23:39.0335 3268 amdide - ok
16:23:39.0398 3268 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:23:39.0476 3268 AmdK8 - ok
16:23:39.0819 3268 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:23:39.0850 3268 AntiVirSchedulerService - ok
16:23:39.0944 3268 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:23:39.0959 3268 AntiVirService - ok
16:23:40.0068 3268 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
16:23:40.0115 3268 AntiVirWebService - ok
16:23:40.0178 3268 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
16:23:40.0240 3268 Appinfo - ok
16:23:40.0599 3268 [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:23:40.0677 3268 Apple Mobile Device - ok
16:23:40.0724 3268 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
16:23:40.0755 3268 arc - ok
16:23:40.0786 3268 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:23:40.0833 3268 arcsas - ok
16:23:41.0379 3268 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:23:41.0441 3268 aspnet_state - ok
16:23:41.0488 3268 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:23:41.0597 3268 AsyncMac - ok
16:23:41.0628 3268 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
16:23:41.0660 3268 atapi - ok
16:23:41.0753 3268 [ 54CA8AAC988B441A692311E3B584D944 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
16:23:41.0800 3268 Ati External Event Utility - ok
16:23:42.0018 3268 [ 4B42547AE95A31D0E1E200B68A6C7647 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:23:42.0206 3268 atikmdag - ok
16:23:42.0377 3268 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:23:42.0424 3268 AudioEndpointBuilder - ok
16:23:42.0440 3268 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:23:42.0471 3268 AudioSrv - ok
16:23:42.0564 3268 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:23:42.0580 3268 avgntflt - ok
16:23:42.0658 3268 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:23:42.0689 3268 avipbb - ok
16:23:42.0767 3268 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:23:42.0783 3268 avkmgr - ok
16:23:42.0861 3268 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:23:42.0908 3268 blbdrive - ok
16:23:43.0095 3268 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
16:23:43.0110 3268 Bonjour Service - ok
16:23:43.0188 3268 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:23:43.0235 3268 bowser - ok
16:23:43.0313 3268 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:23:43.0376 3268 BrFiltLo - ok
16:23:43.0407 3268 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:23:43.0500 3268 BrFiltUp - ok
16:23:43.0532 3268 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
16:23:43.0625 3268 Browser - ok
16:23:43.0688 3268 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
16:23:43.0875 3268 Brserid - ok
16:23:43.0922 3268 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:23:44.0031 3268 BrSerWdm - ok
16:23:44.0093 3268 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:23:44.0202 3268 BrUsbMdm - ok
16:23:44.0249 3268 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:23:44.0312 3268 BrUsbSer - ok
16:23:44.0358 3268 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:23:44.0436 3268 BTHMODEM - ok
16:23:44.0452 3268 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:23:44.0499 3268 cdfs - ok
16:23:44.0561 3268 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:23:44.0592 3268 cdrom - ok
16:23:44.0655 3268 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
16:23:44.0686 3268 CertPropSvc - ok
16:23:44.0748 3268 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:23:44.0826 3268 circlass - ok
16:23:44.0889 3268 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
16:23:44.0920 3268 CLFS - ok
16:23:45.0014 3268 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:23:45.0029 3268 clr_optimization_v2.0.50727_32 - ok
16:23:45.0060 3268 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:23:45.0076 3268 clr_optimization_v2.0.50727_64 - ok
16:23:45.0606 3268 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:23:45.0918 3268 clr_optimization_v4.0.30319_32 - ok
16:23:45.0950 3268 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:23:46.0028 3268 clr_optimization_v4.0.30319_64 - ok
16:23:46.0074 3268 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:23:46.0152 3268 CmBatt - ok
16:23:46.0168 3268 [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:23:46.0184 3268 cmdide - ok
16:23:46.0277 3268 [ 12E94E225BD7B05A2BCCD5C0B841E921 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
16:23:46.0293 3268 Com4QLBEx - ok
16:23:46.0371 3268 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:23:46.0386 3268 Compbatt - ok
16:23:46.0418 3268 COMSysApp - ok
16:23:46.0901 3268 cpuz134 - ok
16:23:46.0964 3268 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:23:46.0995 3268 crcdisk - ok
16:23:47.0088 3268 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:23:47.0166 3268 CryptSvc - ok
16:23:47.0260 3268 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
16:23:47.0291 3268 ctxusbm - ok
16:23:47.0478 3268 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:23:47.0572 3268 DcomLaunch - ok
16:23:47.0650 3268 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:23:47.0728 3268 DfsC - ok
16:23:48.0508 3268 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
16:23:48.0758 3268 DFSR - ok
16:23:48.0820 3268 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:23:48.0914 3268 Dhcp - ok
16:23:48.0976 3268 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
16:23:49.0023 3268 disk - ok
16:23:49.0085 3268 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:23:49.0132 3268 Dnscache - ok
16:23:49.0350 3268 [ 57AE249F2C6A90476E8E400F0EEC3C56 ] Dokan C:\Windows\system32\drivers\dokan.sys
16:23:49.0397 3268 Dokan - ok
16:23:49.0491 3268 [ F4FEAE56DA1B5B7DC78D5F9214CDEF5E ] DokanMounter C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
16:23:49.0506 3268 DokanMounter ( UnsignedFile.Multi.Generic ) - warning
16:23:49.0506 3268 DokanMounter - detected UnsignedFile.Multi.Generic (1)
16:23:49.0631 3268 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
16:23:49.0694 3268 dot3svc - ok
16:23:49.0740 3268 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
16:23:49.0787 3268 DPS - ok
16:23:49.0865 3268 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:23:49.0896 3268 drmkaud - ok
16:23:49.0959 3268 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:23:49.0990 3268 DXGKrnl - ok
16:23:50.0099 3268 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
16:23:50.0146 3268 E1G60 - ok
16:23:50.0224 3268 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
16:23:50.0255 3268 EapHost - ok
16:23:50.0349 3268 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
16:23:50.0364 3268 Ecache - ok
16:23:50.0458 3268 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:23:50.0489 3268 ehRecvr - ok
16:23:50.0536 3268 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
16:23:50.0552 3268 ehSched - ok
16:23:50.0583 3268 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
16:23:50.0598 3268 ehstart - ok
16:23:50.0708 3268 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:23:50.0723 3268 elxstor - ok
16:23:50.0832 3268 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:23:50.0910 3268 EMDMgmt - ok
16:23:50.0973 3268 [ F218A3A27ED6592C0E22EC3595554447 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
16:23:51.0020 3268 enecir - ok
16:23:51.0066 3268 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:23:51.0144 3268 ErrDev - ok
16:23:51.0285 3268 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
16:23:51.0316 3268 EventSystem - ok
16:23:51.0363 3268 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
16:23:51.0425 3268 exfat - ok
16:23:51.0425 3268 ezSharedSvc - ok
16:23:51.0456 3268 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:23:51.0488 3268 fastfat - ok
16:23:51.0519 3268 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:23:51.0534 3268 fdc - ok
16:23:51.0581 3268 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
16:23:51.0612 3268 fdPHost - ok
16:23:51.0612 3268 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
16:23:51.0659 3268 FDResPub - ok
16:23:51.0675 3268 Fildro - ok
16:23:51.0722 3268 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:23:51.0737 3268 FileInfo - ok
16:23:51.0737 3268 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:23:51.0768 3268 Filetrace - ok
16:23:51.0784 3268 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:23:51.0815 3268 flpydisk - ok
16:23:51.0878 3268 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:23:51.0893 3268 FltMgr - ok
16:23:52.0002 3268 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
16:23:52.0080 3268 FontCache - ok
16:23:52.0205 3268 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:23:52.0268 3268 FontCache3.0.0.0 - ok
16:23:52.0299 3268 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:23:52.0346 3268 Fs_Rec - ok
16:23:52.0392 3268 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:23:52.0408 3268 gagp30kx - ok
16:23:52.0502 3268 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:23:52.0517 3268 GEARAspiWDM - ok
16:23:52.0673 3268 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
16:23:52.0704 3268 gpsvc - ok
16:23:52.0798 3268 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:23:52.0876 3268 HdAudAddService - ok
16:23:53.0063 3268 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:23:53.0172 3268 HDAudBus - ok
16:23:53.0219 3268 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:23:53.0282 3268 HidBth - ok
16:23:53.0344 3268 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:23:53.0375 3268 HidIr - ok
16:23:53.0406 3268 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
16:23:53.0438 3268 hidserv - ok
16:23:53.0516 3268 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:23:53.0547 3268 HidUsb - ok
16:23:53.0562 3268 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
16:23:53.0609 3268 hkmsvc - ok
16:23:53.0765 3268 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
16:23:53.0765 3268 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
16:23:53.0765 3268 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
16:23:53.0874 3268 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:23:53.0890 3268 HpCISSs - ok
16:23:53.0937 3268 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:23:53.0968 3268 hpdskflt - ok
16:23:54.0093 3268 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:23:54.0155 3268 HpqKbFiltr - ok
16:23:54.0249 3268 [ 188FF0ADF66768D53AD94F43972E1E9A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:23:54.0264 3268 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
16:23:54.0264 3268 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
16:23:54.0358 3268 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
16:23:54.0389 3268 hpsrv - ok
16:23:54.0498 3268 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:23:54.0608 3268 HTTP - ok
16:23:54.0639 3268 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:23:54.0670 3268 i2omp - ok
16:23:54.0732 3268 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:23:54.0779 3268 i8042prt - ok
16:23:54.0810 3268 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:23:54.0826 3268 iaStorV - ok
16:23:55.0169 3268 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:23:55.0388 3268 idsvc - ok
16:23:55.0512 3268 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:23:55.0528 3268 iirsp - ok
16:23:55.0606 3268 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
16:23:55.0653 3268 IKEEXT - ok
16:23:55.0700 3268 [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide C:\Windows\system32\drivers\intelide.sys
16:23:55.0715 3268 intelide - ok
16:23:55.0762 3268 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:23:55.0809 3268 intelppm - ok
16:23:55.0824 3268 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:23:55.0871 3268 IPBusEnum - ok
16:23:55.0934 3268 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:23:55.0965 3268 IpFilterDriver - ok
16:23:55.0965 3268 IpInIp - ok
16:23:55.0996 3268 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:23:56.0043 3268 IPMIDRV - ok
16:23:56.0090 3268 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:23:56.0136 3268 IPNAT - ok
16:23:56.0277 3268 [ 24595EC9236D7E421661A2D4FFBD901A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:23:56.0308 3268 iPod Service - ok
16:23:56.0339 3268 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:23:56.0417 3268 IRENUM - ok
16:23:56.0464 3268 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:23:56.0480 3268 isapnp - ok
16:23:56.0542 3268 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:23:56.0558 3268 iScsiPrt - ok
16:23:56.0589 3268 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:23:56.0604 3268 iteatapi - ok
16:23:56.0667 3268 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:23:56.0682 3268 iteraid - ok
16:23:56.0714 3268 [ BB86B1C3489463BBA1FD04C876DBE414 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:23:56.0760 3268 JMCR - ok
16:23:56.0792 3268 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:23:56.0792 3268 kbdclass - ok
16:23:56.0854 3268 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:23:56.0870 3268 kbdhid - ok
16:23:56.0916 3268 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
16:23:56.0948 3268 KeyIso - ok
16:23:57.0010 3268 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:23:57.0041 3268 KSecDD - ok
16:23:57.0088 3268 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:23:57.0119 3268 ksthunk - ok
16:23:57.0166 3268 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
16:23:57.0228 3268 KtmRm - ok
16:23:57.0306 3268 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:23:57.0353 3268 LanmanServer - ok
16:23:57.0384 3268 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:23:57.0416 3268 LanmanWorkstation - ok
16:23:57.0540 3268 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:23:57.0540 3268 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0540 3268 LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:23:57.0603 3268 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:23:57.0681 3268 lltdio - ok
16:23:57.0806 3268 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:23:57.0852 3268 lltdsvc - ok
16:23:57.0868 3268 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:23:57.0915 3268 lmhosts - ok
16:23:57.0946 3268 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:23:57.0977 3268 LSI_FC - ok
16:23:57.0977 3268 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:23:58.0008 3268 LSI_SAS - ok
16:23:58.0008 3268 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:23:58.0040 3268 LSI_SCSI - ok
16:23:58.0086 3268 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
16:23:58.0133 3268 luafv - ok
16:23:58.0289 3268 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
16:23:58.0320 3268 McComponentHostService - ok
16:23:58.0352 3268 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:23:58.0367 3268 Mcx2Svc - ok
16:23:58.0414 3268 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
16:23:58.0430 3268 megasas - ok
16:23:58.0461 3268 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
16:23:58.0476 3268 MegaSR - ok
16:23:58.0554 3268 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
16:23:58.0601 3268 MMCSS - ok
16:23:58.0664 3268 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
16:23:58.0710 3268 Modem - ok
16:23:58.0726 3268 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:23:58.0773 3268 monitor - ok
16:23:58.0804 3268 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:23:58.0820 3268 mouclass - ok
16:23:58.0851 3268 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:23:58.0898 3268 mouhid - ok
16:23:58.0929 3268 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:23:58.0944 3268 MountMgr - ok
16:23:59.0038 3268 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:23:59.0054 3268 MozillaMaintenance - ok
16:23:59.0069 3268 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
16:23:59.0085 3268 mpio - ok
16:23:59.0147 3268 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:23:59.0178 3268 mpsdrv - ok
16:23:59.0210 3268 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:23:59.0225 3268 Mraid35x - ok
16:23:59.0272 3268 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:23:59.0288 3268 MRxDAV - ok
16:23:59.0350 3268 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:23:59.0381 3268 mrxsmb - ok
16:23:59.0444 3268 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:23:59.0459 3268 mrxsmb10 - ok
16:23:59.0490 3268 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:23:59.0506 3268 mrxsmb20 - ok
16:23:59.0568 3268 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
16:23:59.0584 3268 msahci - ok
16:23:59.0631 3268 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:23:59.0646 3268 msdsm - ok
16:23:59.0678 3268 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
16:23:59.0724 3268 MSDTC - ok
16:23:59.0787 3268 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:23:59.0834 3268 Msfs - ok
16:23:59.0880 3268 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:23:59.0896 3268 msisadrv - ok
16:23:59.0927 3268 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:23:59.0974 3268 MSiSCSI - ok
16:23:59.0990 3268 msiserver - ok
16:24:00.0036 3268 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:24:00.0083 3268 MSKSSRV - ok
16:24:00.0083 3268 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:24:00.0130 3268 MSPCLOCK - ok
16:24:00.0177 3268 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:24:00.0224 3268 MSPQM - ok
16:24:00.0286 3268 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:24:00.0302 3268 MsRPC - ok
16:24:00.0333 3268 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:24:00.0348 3268 mssmbios - ok
16:24:00.0411 3268 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:24:00.0442 3268 MSTEE - ok
16:24:00.0520 3268 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
16:24:00.0551 3268 Mup - ok
16:24:00.0598 3268 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
16:24:00.0629 3268 napagent - ok
16:24:00.0692 3268 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:24:00.0723 3268 NativeWifiP - ok
16:24:00.0863 3268 NAVENG - ok
16:24:00.0879 3268 NAVEX15 - ok
16:24:01.0004 3268 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:24:01.0066 3268 NDIS - ok
16:24:01.0128 3268 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:24:01.0191 3268 NdisTapi - ok
16:24:01.0253 3268 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:24:01.0331 3268 Ndisuio - ok
16:24:01.0378 3268 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:24:01.0409 3268 NdisWan - ok
16:24:01.0440 3268 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:24:01.0472 3268 NDProxy - ok
16:24:01.0550 3268 [ 89FD76A90CBE63F03A70C2D1B85E802C ] NEOFLTR_710_19243 C:\Windows\system32\Drivers\NEOFLTR_710_19243.SYS
16:24:01.0565 3268 NEOFLTR_710_19243 - ok
16:24:01.0612 3268 Nero BackItUp Scheduler 4.0 - ok
16:24:01.0643 3268 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:24:01.0674 3268 NetBIOS - ok
16:24:01.0737 3268 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:24:01.0768 3268 netbt - ok
16:24:01.0830 3268 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
16:24:01.0846 3268 Netlogon - ok
16:24:01.0924 3268 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
16:24:01.0971 3268 Netman - ok
16:24:02.0033 3268 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:02.0080 3268 NetMsmqActivator - ok
16:24:02.0080 3268 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:02.0096 3268 NetPipeActivator - ok
16:24:02.0158 3268 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
16:24:02.0205 3268 netprofm - ok
16:24:02.0236 3268 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:02.0252 3268 NetTcpActivator - ok
16:24:02.0252 3268 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:02.0267 3268 NetTcpPortSharing - ok
16:24:02.0564 3268 [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64 C:\Windows\system32\DRIVERS\NETw3v64.sys
16:24:02.0735 3268 NETw3v64 - ok
16:24:03.0484 3268 [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
16:24:03.0796 3268 NETw5v64 - ok
16:24:03.0827 3268 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:24:03.0858 3268 nfrd960 - ok
16:24:03.0905 3268 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
16:24:03.0999 3268 NlaSvc - ok
16:24:04.0077 3268 [ 02C1198276C0D4F39E54EB5148AF1E2A ] nmwcdcx64 C:\Windows\system32\drivers\ccdcmbox64.sys
16:24:04.0155 3268 nmwcdcx64 - ok
16:24:04.0202 3268 [ 76292103C5149EB140419F36DCF26C1B ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
16:24:04.0264 3268 nmwcdnsucx64 - ok
16:24:04.0326 3268 [ 2974296DA6296B4FEA3E313BF98C693D ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
16:24:04.0389 3268 nmwcdnsux64 - ok
16:24:04.0436 3268 [ D8F00FCC82451BDAA3DB93BB62AE6AC3 ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys
16:24:04.0498 3268 nmwcdx64 - ok
16:24:04.0498 3268 Norton Internet Security - ok
16:24:04.0545 3268 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:24:04.0607 3268 Npfs - ok
16:24:04.0638 3268 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
16:24:04.0685 3268 nsi - ok
16:24:04.0748 3268 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:24:04.0779 3268 nsiproxy - ok
16:24:04.0950 3268 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:24:05.0013 3268 Ntfs - ok
16:24:05.0075 3268 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
16:24:05.0122 3268 Null - ok
16:24:05.0169 3268 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:24:05.0184 3268 nvraid - ok
16:24:05.0231 3268 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:24:05.0247 3268 nvstor - ok
16:24:05.0262 3268 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:24:05.0278 3268 nv_agp - ok
16:24:05.0294 3268 NwlnkFlt - ok
16:24:05.0294 3268 NwlnkFwd - ok
16:24:05.0372 3268 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:24:05.0403 3268 ohci1394 - ok
16:24:05.0481 3268 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:24:05.0496 3268 ose - ok
16:24:05.0637 3268 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:24:05.0699 3268 p2pimsvc - ok
16:24:05.0715 3268 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
16:24:05.0746 3268 p2psvc - ok
16:24:05.0855 3268 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
16:24:05.0918 3268 Parport - ok
16:24:05.0996 3268 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:24:06.0011 3268 partmgr - ok
16:24:06.0058 3268 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
16:24:06.0074 3268 PcaSvc - ok
16:24:06.0152 3268 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
16:24:06.0214 3268 pccsmcfd - ok
16:24:06.0276 3268 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
16:24:06.0292 3268 pci - ok
16:24:06.0323 3268 [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide C:\Windows\system32\drivers\pciide.sys
16:24:06.0339 3268 pciide - ok
16:24:06.0354 3268 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:24:06.0386 3268 pcmcia - ok
16:24:06.0401 3268 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:24:06.0479 3268 PEAUTH - ok
16:24:06.0635 3268 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:24:06.0666 3268 PerfHost - ok
16:24:06.0822 3268 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
16:24:06.0932 3268 pla - ok
16:24:07.0025 3268 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:24:07.0072 3268 PlugPlay - ok
16:24:07.0119 3268 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:24:07.0150 3268 PNRPAutoReg - ok
16:24:07.0166 3268 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:24:07.0197 3268 PNRPsvc - ok
16:24:07.0259 3268 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:24:07.0306 3268 PolicyAgent - ok
16:24:07.0400 3268 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:24:07.0431 3268 PptpMiniport - ok
16:24:07.0462 3268 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
16:24:07.0509 3268 Processor - ok
16:24:07.0571 3268 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
16:24:07.0602 3268 ProfSvc - ok
16:24:07.0649 3268 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:24:07.0665 3268 ProtectedStorage - ok
16:24:07.0743 3268 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:24:07.0774 3268 PSched - ok
16:24:07.0961 3268 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:24:08.0055 3268 ql2300 - ok
16:24:08.0086 3268 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:24:08.0102 3268 ql40xx - ok
16:24:08.0133 3268 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
16:24:08.0148 3268 QWAVE - ok
16:24:08.0164 3268 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:24:08.0195 3268 QWAVEdrv - ok
16:24:08.0242 3268 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:24:08.0273 3268 RasAcd - ok
16:24:08.0304 3268 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
16:24:08.0351 3268 RasAuto - ok
16:24:08.0398 3268 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:24:08.0429 3268 Rasl2tp - ok
16:24:08.0476 3268 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
16:24:08.0507 3268 RasMan - ok
16:24:08.0523 3268 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:24:08.0554 3268 RasPppoe - ok
16:24:08.0648 3268 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:24:08.0663 3268 RasSstp - ok
16:24:08.0694 3268 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:24:08.0741 3268 rdbss - ok
16:24:08.0788 3268 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:24:08.0835 3268 RDPCDD - ok
16:24:08.0882 3268 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:24:08.0928 3268 rdpdr - ok
16:24:08.0975 3268 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:24:09.0006 3268 RDPENCDD - ok
16:24:09.0069 3268 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:24:09.0131 3268 RDPWD - ok
16:24:09.0194 3268 [ BC0A4D47472B042537F4E57B950415FA ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
16:24:09.0225 3268 Recovery Service for Windows - ok
16:24:09.0287 3268 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:24:09.0334 3268 RemoteAccess - ok
16:24:09.0381 3268 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:24:09.0412 3268 RemoteRegistry - ok
16:24:09.0537 3268 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:24:09.0537 3268 RichVideo ( UnsignedFile.Multi.Generic ) - warning
16:24:09.0537 3268 RichVideo - detected UnsignedFile.Multi.Generic (1)
16:24:09.0615 3268 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
16:24:09.0662 3268 RpcLocator - ok
16:24:09.0708 3268 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
16:24:09.0755 3268 RpcSs - ok
16:24:09.0818 3268 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:24:09.0864 3268 rspndr - ok
16:24:09.0927 3268 [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
16:24:09.0974 3268 RTL8169 - ok
16:24:09.0989 3268 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
16:24:10.0005 3268 SamSs - ok
16:24:10.0052 3268 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:24:10.0067 3268 sbp2port - ok
16:24:10.0098 3268 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:24:10.0145 3268 SCardSvr - ok
16:24:10.0301 3268 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
16:24:10.0364 3268 Schedule - ok
16:24:10.0457 3268 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:24:10.0520 3268 SCPolicySvc - ok
16:24:10.0613 3268 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:24:10.0691 3268 sdbus - ok
16:24:10.0769 3268 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:24:10.0816 3268 SDRSVC - ok
16:24:11.0128 3268 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\Andreas\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
16:24:11.0128 3268 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
16:24:11.0128 3268 SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
16:24:11.0159 3268 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:24:11.0268 3268 secdrv - ok
16:24:11.0331 3268 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
16:24:11.0362 3268 seclogon - ok
16:24:11.0393 3268 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
16:24:11.0424 3268 SENS - ok
16:24:11.0456 3268 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:24:11.0487 3268 Serenum - ok
16:24:11.0518 3268 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
16:24:11.0549 3268 Serial - ok
16:24:11.0580 3268 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:24:11.0612 3268 sermouse - ok
16:24:11.0690 3268 [ 58D5BFDF3ADF49FE9CABD78CC61D92F6 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
16:24:11.0752 3268 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
16:24:11.0752 3268 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
16:24:11.0892 3268 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
16:24:11.0924 3268 SessionEnv - ok
16:24:11.0970 3268 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:24:12.0002 3268 sffdisk - ok
16:24:12.0033 3268 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:24:12.0064 3268 sffp_mmc - ok
16:24:12.0095 3268 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:24:12.0142 3268 sffp_sd - ok
16:24:12.0142 3268 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:24:12.0220 3268 sfloppy - ok
16:24:12.0360 3268 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:24:12.0407 3268 ShellHWDetection - ok
16:24:12.0470 3268 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:24:12.0485 3268 SiSRaid2 - ok
16:24:12.0501 3268 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:24:12.0516 3268 SiSRaid4 - ok
16:24:12.0594 3268 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:24:12.0610 3268 SkypeUpdate - ok
16:24:12.0969 3268 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
16:24:13.0172 3268 slsvc - ok
16:24:13.0281 3268 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:24:13.0343 3268 SLUINotify - ok
16:24:13.0359 3268 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:24:13.0390 3268 Smb - ok
16:24:13.0437 3268 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:24:13.0452 3268 SNMPTRAP - ok
16:24:13.0484 3268 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
16:24:13.0499 3268 spldr - ok
16:24:13.0593 3268 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
16:24:13.0624 3268 Spooler - ok
16:24:13.0624 3268 SRTSP - ok
16:24:13.0624 3268 SRTSPX - ok
16:24:13.0733 3268 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
16:24:13.0780 3268 srv - ok
16:24:13.0889 3268 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:24:13.0936 3268 srv2 - ok
16:24:13.0998 3268 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:24:14.0014 3268 srvnet - ok
16:24:14.0061 3268 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:24:14.0092 3268 SSDPSRV - ok
16:24:14.0170 3268 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:24:14.0186 3268 SstpSvc - ok
16:24:14.0435 3268 [ 72EB6157E892A674E47E08732BB5CCE3 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
16:24:14.0451 3268 STacSV - ok
16:24:14.0529 3268 [ 0C7BDA7E9A329A071C080EB5210FE019 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:24:14.0560 3268 STHDA - ok
16:24:14.0716 3268 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
16:24:14.0747 3268 stisvc - ok
16:24:14.0778 3268 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:24:14.0794 3268 swenum - ok
16:24:14.0903 3268 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
16:24:14.0950 3268 swprv - ok
16:24:15.0028 3268 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:24:15.0044 3268 Symc8xx - ok
16:24:15.0075 3268 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:24:15.0090 3268 Sym_hi - ok
16:24:15.0106 3268 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:24:15.0122 3268 Sym_u3 - ok
16:24:15.0215 3268 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:24:15.0231 3268 SynTP - ok
16:24:15.0543 3268 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
16:24:15.0636 3268 SysMain - ok
16:24:15.0683 3268 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:24:15.0730 3268 TabletInputService - ok
16:24:15.0777 3268 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:24:15.0824 3268 TapiSrv - ok
16:24:15.0839 3268 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
16:24:15.0886 3268 TBS - ok
16:24:16.0338 3268 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:24:16.0463 3268 Tcpip - ok
16:24:16.0541 3268 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:24:16.0588 3268 Tcpip6 - ok
16:24:16.0635 3268 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:24:16.0666 3268 tcpipreg - ok
16:24:16.0713 3268 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:24:16.0744 3268 TDPIPE - ok
16:24:16.0744 3268 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:24:16.0775 3268 TDTCP - ok
16:24:16.0806 3268 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:24:16.0838 3268 tdx - ok
16:24:16.0884 3268 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:24:16.0900 3268 TermDD - ok
16:24:17.0040 3268 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
16:24:17.0072 3268 TermService - ok
16:24:17.0118 3268 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
16:24:17.0134 3268 Themes - ok
16:24:17.0196 3268 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
16:24:17.0228 3268 THREADORDER - ok
16:24:17.0337 3268 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
16:24:17.0337 3268 TomTomHOMEService - ok
16:24:17.0384 3268 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
16:24:17.0430 3268 TrkWks - ok
16:24:17.0508 3268 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:24:17.0540 3268 TrustedInstaller - ok
16:24:17.0571 3268 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:24:17.0618 3268 tssecsrv - ok
16:24:17.0664 3268 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:24:17.0727 3268 tunmp - ok
16:24:17.0789 3268 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:24:17.0805 3268 tunnel - ok
16:24:18.0086 3268 [ 1C31169DDDC70C1605F703DA701EAEEA ] TVCapSvc C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
16:24:18.0117 3268 TVCapSvc - ok
16:24:18.0164 3268 [ 290B8C381DBC15D3DBCBD2BDB6B0BA12 ] TVSched C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
16:24:18.0195 3268 TVSched - ok
16:24:18.0242 3268 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:24:18.0273 3268 uagp35 - ok
16:24:18.0351 3268 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:24:18.0429 3268 udfs - ok
16:24:18.0538 3268 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:24:18.0616 3268 UI0Detect - ok
16:24:18.0663 3268 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:24:18.0694 3268 uliagpkx - ok
16:24:18.0725 3268 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:24:18.0756 3268 uliahci - ok
16:24:18.0788 3268 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:24:18.0803 3268 UlSata - ok
16:24:18.0850 3268 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:24:18.0866 3268 ulsata2 - ok
16:24:18.0881 3268 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:24:18.0912 3268 umbus - ok
16:24:18.0975 3268 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
16:24:19.0006 3268 upnphost - ok
16:24:19.0053 3268 [ 9856C38AB8FAACCA4DD99DAC7B42F838 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
16:24:19.0084 3268 upperdev - ok
16:24:19.0162 3268 [ CD03479F2DA26500B203ED075C146A7A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:24:19.0193 3268 USBAAPL64 - ok
16:24:19.0256 3268 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:24:19.0287 3268 usbaudio - ok
16:24:19.0318 3268 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:24:19.0349 3268 usbccgp - ok
16:24:19.0380 3268 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:24:19.0427 3268 usbcir - ok
16:24:19.0458 3268 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:24:19.0490 3268 usbehci - ok
16:24:19.0552 3268 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:24:19.0583 3268 usbhub - ok
16:24:19.0614 3268 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:24:19.0677 3268 usbohci - ok
16:24:19.0692 3268 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:24:19.0755 3268 usbprint - ok
16:24:19.0817 3268 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:24:19.0848 3268 usbscan - ok
16:24:19.0880 3268 [ F7386007FB19E7685FC7B298560AA81F ] usbser C:\Windows\system32\drivers\usbser.sys
16:24:19.0911 3268 usbser - ok
16:24:19.0942 3268 [ 89123DC822AC7A708BD4C9E196A37610 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
16:24:19.0973 3268 UsbserFilt - ok
16:24:20.0020 3268 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:24:20.0051 3268 USBSTOR - ok
16:24:20.0098 3268 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:24:20.0129 3268 usbuhci - ok
16:24:20.0176 3268 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:24:20.0223 3268 usbvideo - ok
16:24:20.0254 3268 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
16:24:20.0285 3268 UxSms - ok
16:24:20.0410 3268 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
16:24:20.0457 3268 vds - ok
16:24:20.0535 3268 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:24:20.0582 3268 vga - ok
16:24:20.0613 3268 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:24:20.0644 3268 VgaSave - ok
16:24:20.0722 3268 [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide C:\Windows\system32\drivers\viaide.sys
16:24:20.0738 3268 viaide - ok
16:24:20.0784 3268 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:24:20.0816 3268 volmgr - ok
16:24:20.0878 3268 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:24:20.0909 3268 volmgrx - ok
16:24:21.0018 3268 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:24:21.0050 3268 volsnap - ok
16:24:21.0096 3268 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:24:21.0112 3268 vsmraid - ok
16:24:21.0284 3268 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
16:24:21.0393 3268 VSS - ok
16:24:21.0471 3268 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
16:24:21.0502 3268 W32Time - ok
16:24:21.0533 3268 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:24:21.0642 3268 WacomPen - ok
16:24:21.0720 3268 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:24:21.0752 3268 Wanarp - ok
16:24:21.0752 3268 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:24:21.0798 3268 Wanarpv6 - ok
16:24:21.0954 3268 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:24:21.0986 3268 wcncsvc - ok
16:24:22.0048 3268 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:24:22.0079 3268 WcsPlugInService - ok
16:24:22.0110 3268 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
16:24:22.0126 3268 Wd - ok
16:24:22.0235 3268 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:24:22.0329 3268 Wdf01000 - ok
16:24:22.0344 3268 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:24:22.0391 3268 WdiServiceHost - ok
16:24:22.0391 3268 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:24:22.0438 3268 WdiSystemHost - ok
16:24:22.0563 3268 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
16:24:22.0594 3268 WebClient - ok
16:24:22.0641 3268 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:24:22.0703 3268 Wecsvc - ok
16:24:22.0734 3268 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:24:22.0766 3268 wercplsupport - ok
16:24:22.0812 3268 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
16:24:22.0844 3268 WerSvc - ok
16:24:22.0844 3268 WinHttpAutoProxySvc - ok
16:24:23.0015 3268 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:24:23.0046 3268 Winmgmt - ok
16:24:23.0327 3268 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
16:24:23.0483 3268 WinRM - ok
16:24:23.0530 3268 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:24:23.0592 3268 Wlansvc - ok
16:24:24.0154 3268 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:24:24.0341 3268 wlidsvc - ok
16:24:24.0450 3268 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:24:24.0466 3268 WmiAcpi - ok
16:24:24.0513 3268 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:24:24.0544 3268 wmiApSrv - ok
16:24:24.0591 3268 WMPNetworkSvc - ok
16:24:24.0638 3268 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:24:24.0700 3268 WPCSvc - ok
16:24:24.0762 3268 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:24:24.0794 3268 WPDBusEnum - ok
16:24:24.0825 3268 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:24:24.0840 3268 WpdUsb - ok
16:24:25.0605 3268 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:24:25.0683 3268 WPFFontCache_v0400 - ok
16:24:25.0745 3268 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:24:25.0839 3268 ws2ifsl - ok
16:24:25.0901 3268 WSearch - ok
16:24:25.0948 3268 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:24:26.0057 3268 WUDFRd - ok
16:24:26.0088 3268 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:24:26.0135 3268 wudfsvc - ok
16:24:26.0198 3268 [ 07F7285220307AAFB755D890295F0F9A ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
16:24:26.0244 3268 yukonx64 - ok
16:24:26.0354 3268 [ 1CACFEF9E5DD866C5B79A135EE729E18 ] {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
16:24:26.0354 3268 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
16:24:26.0354 3268 ================ Scan global ===============================
16:24:26.0447 3268 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
16:24:26.0603 3268 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
16:24:26.0634 3268 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
16:24:26.0712 3268 [ B8844F93D2C5F1DCDB179AAA9AF134B7 ] C:\Windows\system32\services.exe
16:24:26.0712 3268 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
16:24:26.0712 3268 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
16:24:26.0712 3268 ================ Scan MBR ==================================
16:24:26.0744 3268 [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
16:24:27.0461 3268 \Device\Harddisk0\DR0 - ok
16:24:27.0461 3268 ================ Scan VBR ==================================
16:24:27.0508 3268 [ 4F671ACB12D2B23C2A215D3B242A1E8F ] \Device\Harddisk0\DR0\Partition1
16:24:27.0508 3268 \Device\Harddisk0\DR0\Partition1 - ok
16:24:27.0555 3268 [ 7B194D67144E38317068B1DBCA999781 ] \Device\Harddisk0\DR0\Partition2
16:24:27.0555 3268 \Device\Harddisk0\DR0\Partition2 - ok
16:24:27.0555 3268 ============================================================
16:24:27.0555 3268 Scan finished
16:24:27.0555 3268 ============================================================
16:24:27.0570 0908 Detected object count: 9
16:24:27.0570 0908 Actual detected object count: 9
16:24:39.0816 0908 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:39.0816 0908 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:39.0816 0908 DokanMounter ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:39.0816 0908 DokanMounter ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:39.0816 0908 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:39.0816 0908 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:39.0832 0908 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:39.0832 0908 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:39.0832 0908 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:39.0832 0908 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:39.0832 0908 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:39.0832 0908 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:39.0832 0908 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:39.0832 0908 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:39.0832 0908 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:39.0832 0908 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:39.0848 0908 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
16:24:39.0848 0908 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip
|
|
08.10.2012, 16:29
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.Gen2Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.10.2012, 16:50
| #21 |
| | Trojaner TR/ATRAPS.Gen2 ich hab den scan gemacht, dann cure. dann neu gebootet, dann neuer scan - und das ist der log davon gewesen. ich hab das ganze jetzt nochmal gemacht .. hier der log NACH dem scan und VOR dem neu booten Code:
ATTFilter 17:38:34.0195 1368 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:38:34.0366 1368 ============================================================
17:38:34.0366 1368 Current date / time: 2012/10/08 17:38:34.0366
17:38:34.0366 1368 SystemInfo:
17:38:34.0366 1368
17:38:34.0366 1368 OS Version: 6.0.6002 ServicePack: 2.0
17:38:34.0366 1368 Product type: Workstation
17:38:34.0366 1368 ComputerName: ANDREAS-PC
17:38:34.0366 1368 UserName: Andreas
17:38:34.0366 1368 Windows directory: C:\Windows
17:38:34.0366 1368 System windows directory: C:\Windows
17:38:34.0366 1368 Running under WOW64
17:38:34.0366 1368 Processor architecture: Intel x64
17:38:34.0366 1368 Number of processors: 2
17:38:34.0366 1368 Page size: 0x1000
17:38:34.0366 1368 Boot type: Normal boot
17:38:34.0366 1368 ============================================================
17:38:35.0895 1368 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:38:35.0895 1368 ============================================================
17:38:35.0895 1368 \Device\Harddisk0\DR0:
17:38:35.0895 1368 MBR partitions:
17:38:35.0895 1368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38B7A000
17:38:35.0895 1368 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38B7A800, BlocksNum 0x180A000
17:38:35.0895 1368 ============================================================
17:38:35.0942 1368 C: <-> \Device\Harddisk0\DR0\Partition1
17:38:36.0145 1368 D: <-> \Device\Harddisk0\DR0\Partition2
17:38:36.0145 1368 ============================================================
17:38:36.0145 1368 Initialize success
17:38:36.0145 1368 ============================================================
17:38:42.0166 4880 ============================================================
17:38:42.0166 4880 Scan started
17:38:42.0166 4880 Mode: Manual; SigCheck; TDLFS;
17:38:42.0166 4880 ============================================================
17:38:43.0227 4880 ================ Scan system memory ========================
17:38:43.0227 4880 System memory - ok
17:38:43.0227 4880 ================ Scan services =============================
17:38:43.0414 4880 [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files (x86)\AAVUpdateManager\aavus.exe
17:38:43.0477 4880 AAV UpdateService - ok
17:38:43.0711 4880 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:38:43.0726 4880 Accelerometer - ok
17:38:43.0929 4880 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:38:43.0945 4880 ACPI - ok
17:38:44.0210 4880 [ F84C9DEE4698DF3C1D76801B7B1B55D7 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:38:44.0226 4880 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
17:38:44.0226 4880 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
17:38:44.0413 4880 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:38:44.0428 4880 AdobeARMservice - ok
17:38:44.0538 4880 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:38:44.0569 4880 adp94xx - ok
17:38:44.0631 4880 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:38:44.0647 4880 adpahci - ok
17:38:44.0694 4880 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:38:44.0709 4880 adpu160m - ok
17:38:44.0772 4880 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:38:44.0787 4880 adpu320 - ok
17:38:44.0850 4880 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:38:44.0896 4880 AeLookupSvc - ok
17:38:45.0224 4880 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
17:38:45.0255 4880 AESTFilters - ok
17:38:45.0349 4880 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
17:38:45.0396 4880 AFD - ok
17:38:45.0474 4880 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:38:45.0505 4880 agp440 - ok
17:38:45.0598 4880 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:38:45.0630 4880 aic78xx - ok
17:38:45.0661 4880 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
17:38:45.0739 4880 ALG - ok
17:38:45.0801 4880 [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide C:\Windows\system32\drivers\aliide.sys
17:38:45.0817 4880 aliide - ok
17:38:45.0817 4880 [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide C:\Windows\system32\drivers\amdide.sys
17:38:45.0832 4880 amdide - ok
17:38:45.0879 4880 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:38:45.0910 4880 AmdK8 - ok
17:38:46.0378 4880 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:38:46.0394 4880 AntiVirSchedulerService - ok
17:38:46.0503 4880 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:38:46.0519 4880 AntiVirService - ok
17:38:46.0566 4880 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
17:38:46.0581 4880 AntiVirWebService - ok
17:38:46.0659 4880 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
17:38:46.0675 4880 Appinfo - ok
17:38:46.0987 4880 [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:38:47.0018 4880 Apple Mobile Device - ok
17:38:47.0065 4880 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
17:38:47.0096 4880 arc - ok
17:38:47.0158 4880 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:38:47.0190 4880 arcsas - ok
17:38:47.0736 4880 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:38:47.0767 4880 aspnet_state - ok
17:38:47.0829 4880 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:38:47.0907 4880 AsyncMac - ok
17:38:48.0048 4880 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
17:38:48.0063 4880 atapi - ok
17:38:48.0157 4880 [ 54CA8AAC988B441A692311E3B584D944 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
17:38:48.0204 4880 Ati External Event Utility - ok
17:38:48.0796 4880 [ 4B42547AE95A31D0E1E200B68A6C7647 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:38:48.0952 4880 atikmdag - ok
17:38:49.0062 4880 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:38:49.0108 4880 AudioEndpointBuilder - ok
17:38:49.0108 4880 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:38:49.0155 4880 AudioSrv - ok
17:38:49.0436 4880 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:38:49.0452 4880 avgntflt - ok
17:38:49.0545 4880 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:38:49.0576 4880 avipbb - ok
17:38:49.0623 4880 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:38:49.0654 4880 avkmgr - ok
17:38:49.0764 4880 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:38:49.0842 4880 blbdrive - ok
17:38:50.0013 4880 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:38:50.0060 4880 Bonjour Service - ok
17:38:50.0107 4880 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:38:50.0138 4880 bowser - ok
17:38:50.0232 4880 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:38:50.0294 4880 BrFiltLo - ok
17:38:50.0466 4880 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:38:50.0528 4880 BrFiltUp - ok
17:38:50.0590 4880 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
17:38:50.0684 4880 Browser - ok
17:38:50.0746 4880 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
17:38:50.0856 4880 Brserid - ok
17:38:50.0965 4880 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:38:51.0012 4880 BrSerWdm - ok
17:38:51.0043 4880 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:38:51.0074 4880 BrUsbMdm - ok
17:38:51.0090 4880 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:38:51.0136 4880 BrUsbSer - ok
17:38:51.0183 4880 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:38:51.0230 4880 BTHMODEM - ok
17:38:51.0261 4880 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:38:51.0277 4880 cdfs - ok
17:38:51.0339 4880 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:38:51.0355 4880 cdrom - ok
17:38:51.0417 4880 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
17:38:51.0433 4880 CertPropSvc - ok
17:38:51.0480 4880 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:38:51.0511 4880 circlass - ok
17:38:51.0542 4880 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
17:38:51.0558 4880 CLFS - ok
17:38:51.0729 4880 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:51.0729 4880 clr_optimization_v2.0.50727_32 - ok
17:38:51.0823 4880 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:38:51.0838 4880 clr_optimization_v2.0.50727_64 - ok
17:38:52.0384 4880 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:38:52.0416 4880 clr_optimization_v4.0.30319_32 - ok
17:38:52.0462 4880 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:38:52.0494 4880 clr_optimization_v4.0.30319_64 - ok
17:38:52.0556 4880 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:38:52.0634 4880 CmBatt - ok
17:38:52.0665 4880 [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:38:52.0696 4880 cmdide - ok
17:38:52.0806 4880 [ 12E94E225BD7B05A2BCCD5C0B841E921 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
17:38:52.0821 4880 Com4QLBEx - ok
17:38:52.0946 4880 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:38:52.0962 4880 Compbatt - ok
17:38:52.0993 4880 COMSysApp - ok
17:38:53.0398 4880 cpuz134 - ok
17:38:53.0508 4880 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:38:53.0539 4880 crcdisk - ok
17:38:53.0726 4880 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:38:53.0773 4880 CryptSvc - ok
17:38:53.0913 4880 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
17:38:53.0929 4880 ctxusbm - ok
17:38:54.0038 4880 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:38:54.0132 4880 DcomLaunch - ok
17:38:54.0178 4880 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:38:54.0194 4880 DfsC - ok
17:38:54.0724 4880 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
17:38:54.0818 4880 DFSR - ok
17:38:54.0943 4880 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:38:54.0958 4880 Dhcp - ok
17:38:55.0021 4880 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
17:38:55.0036 4880 disk - ok
17:38:55.0083 4880 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:38:55.0099 4880 Dnscache - ok
17:38:55.0161 4880 [ 57AE249F2C6A90476E8E400F0EEC3C56 ] Dokan C:\Windows\system32\drivers\dokan.sys
17:38:55.0177 4880 Dokan - ok
17:38:55.0317 4880 [ F4FEAE56DA1B5B7DC78D5F9214CDEF5E ] DokanMounter C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
17:38:55.0317 4880 DokanMounter ( UnsignedFile.Multi.Generic ) - warning
17:38:55.0333 4880 DokanMounter - detected UnsignedFile.Multi.Generic (1)
17:38:55.0426 4880 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
17:38:55.0442 4880 dot3svc - ok
17:38:55.0504 4880 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
17:38:55.0536 4880 DPS - ok
17:38:55.0598 4880 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:38:55.0629 4880 drmkaud - ok
17:38:55.0863 4880 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:38:55.0926 4880 DXGKrnl - ok
17:38:56.0050 4880 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
17:38:56.0128 4880 E1G60 - ok
17:38:56.0206 4880 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
17:38:56.0284 4880 EapHost - ok
17:38:56.0409 4880 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
17:38:56.0440 4880 Ecache - ok
17:38:56.0550 4880 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:38:56.0596 4880 ehRecvr - ok
17:38:56.0628 4880 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
17:38:56.0659 4880 ehSched - ok
17:38:56.0721 4880 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
17:38:56.0752 4880 ehstart - ok
17:38:56.0815 4880 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:38:56.0846 4880 elxstor - ok
17:38:57.0033 4880 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:38:57.0080 4880 EMDMgmt - ok
17:38:57.0142 4880 [ F218A3A27ED6592C0E22EC3595554447 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
17:38:57.0158 4880 enecir - ok
17:38:57.0267 4880 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:38:57.0345 4880 ErrDev - ok
17:38:57.0486 4880 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
17:38:57.0564 4880 EventSystem - ok
17:38:57.0626 4880 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
17:38:57.0673 4880 exfat - ok
17:38:57.0673 4880 ezSharedSvc - ok
17:38:57.0766 4880 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:38:57.0829 4880 fastfat - ok
17:38:58.0016 4880 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:38:58.0063 4880 fdc - ok
17:38:58.0297 4880 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
17:38:58.0390 4880 fdPHost - ok
17:38:58.0468 4880 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
17:38:58.0546 4880 FDResPub - ok
17:38:58.0578 4880 Fildro - ok
17:38:58.0624 4880 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:38:58.0640 4880 FileInfo - ok
17:38:58.0734 4880 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:38:58.0780 4880 Filetrace - ok
17:38:58.0827 4880 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:38:58.0874 4880 flpydisk - ok
17:38:58.0952 4880 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:38:58.0968 4880 FltMgr - ok
17:38:59.0092 4880 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
17:38:59.0139 4880 FontCache - ok
17:38:59.0264 4880 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:38:59.0280 4880 FontCache3.0.0.0 - ok
17:38:59.0342 4880 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:38:59.0358 4880 Fs_Rec - ok
17:38:59.0436 4880 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:38:59.0482 4880 gagp30kx - ok
17:38:59.0592 4880 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:38:59.0623 4880 GEARAspiWDM - ok
17:38:59.0763 4880 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
17:38:59.0826 4880 gpsvc - ok
17:38:59.0888 4880 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:38:59.0919 4880 HdAudAddService - ok
17:39:00.0044 4880 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:39:00.0091 4880 HDAudBus - ok
17:39:00.0122 4880 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:39:00.0200 4880 HidBth - ok
17:39:00.0247 4880 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:39:00.0278 4880 HidIr - ok
17:39:00.0356 4880 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
17:39:00.0387 4880 hidserv - ok
17:39:00.0512 4880 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:39:00.0543 4880 HidUsb - ok
17:39:00.0621 4880 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
17:39:00.0652 4880 hkmsvc - ok
17:39:00.0918 4880 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:39:00.0918 4880 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
17:39:00.0918 4880 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
17:39:01.0011 4880 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:39:01.0042 4880 HpCISSs - ok
17:39:01.0089 4880 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:39:01.0105 4880 hpdskflt - ok
17:39:01.0152 4880 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:39:01.0167 4880 HpqKbFiltr - ok
17:39:01.0245 4880 [ 188FF0ADF66768D53AD94F43972E1E9A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:39:01.0245 4880 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
17:39:01.0245 4880 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
17:39:01.0308 4880 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
17:39:01.0323 4880 hpsrv - ok
17:39:01.0386 4880 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:39:01.0417 4880 HTTP - ok
17:39:01.0464 4880 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:39:01.0479 4880 i2omp - ok
17:39:01.0526 4880 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:39:01.0573 4880 i8042prt - ok
17:39:01.0604 4880 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:39:01.0651 4880 iaStorV - ok
17:39:01.0713 4880 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:39:01.0744 4880 idsvc - ok
17:39:01.0807 4880 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:39:01.0822 4880 iirsp - ok
17:39:01.0885 4880 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
17:39:01.0916 4880 IKEEXT - ok
17:39:01.0963 4880 [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide C:\Windows\system32\drivers\intelide.sys
17:39:01.0978 4880 intelide - ok
17:39:02.0010 4880 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:39:02.0041 4880 intelppm - ok
17:39:02.0072 4880 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:39:02.0103 4880 IPBusEnum - ok
17:39:02.0134 4880 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:39:02.0150 4880 IpFilterDriver - ok
17:39:02.0150 4880 IpInIp - ok
17:39:02.0212 4880 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:39:02.0228 4880 IPMIDRV - ok
17:39:02.0244 4880 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:39:02.0275 4880 IPNAT - ok
17:39:02.0415 4880 [ 24595EC9236D7E421661A2D4FFBD901A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:39:02.0431 4880 iPod Service - ok
17:39:02.0478 4880 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:39:02.0509 4880 IRENUM - ok
17:39:02.0556 4880 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:39:02.0571 4880 isapnp - ok
17:39:02.0649 4880 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:39:02.0680 4880 iScsiPrt - ok
17:39:02.0696 4880 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:39:02.0712 4880 iteatapi - ok
17:39:02.0774 4880 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:39:02.0790 4880 iteraid - ok
17:39:02.0821 4880 [ BB86B1C3489463BBA1FD04C876DBE414 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
17:39:02.0836 4880 JMCR - ok
17:39:02.0868 4880 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:39:02.0883 4880 kbdclass - ok
17:39:02.0914 4880 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:39:02.0946 4880 kbdhid - ok
17:39:02.0992 4880 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
17:39:03.0008 4880 KeyIso - ok
17:39:03.0055 4880 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:39:03.0086 4880 KSecDD - ok
17:39:03.0164 4880 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:39:03.0211 4880 ksthunk - ok
17:39:03.0273 4880 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
17:39:03.0320 4880 KtmRm - ok
17:39:03.0414 4880 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:39:03.0429 4880 LanmanServer - ok
17:39:03.0476 4880 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:39:03.0492 4880 LanmanWorkstation - ok
17:39:03.0601 4880 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:39:03.0601 4880 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
17:39:03.0601 4880 LightScribeService - detected UnsignedFile.Multi.Generic (1)
17:39:03.0632 4880 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:39:03.0663 4880 lltdio - ok
17:39:03.0710 4880 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:39:03.0757 4880 lltdsvc - ok
17:39:03.0772 4880 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:39:03.0819 4880 lmhosts - ok
17:39:03.0850 4880 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:39:03.0866 4880 LSI_FC - ok
17:39:03.0882 4880 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:39:03.0897 4880 LSI_SAS - ok
17:39:03.0913 4880 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:39:03.0928 4880 LSI_SCSI - ok
17:39:03.0975 4880 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
17:39:04.0022 4880 luafv - ok
17:39:04.0178 4880 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
17:39:04.0194 4880 McComponentHostService - ok
17:39:04.0240 4880 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:39:04.0256 4880 Mcx2Svc - ok
17:39:04.0318 4880 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
17:39:04.0334 4880 megasas - ok
17:39:04.0396 4880 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:39:04.0412 4880 MegaSR - ok
17:39:04.0459 4880 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
17:39:04.0506 4880 MMCSS - ok
17:39:04.0537 4880 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
17:39:04.0584 4880 Modem - ok
17:39:04.0584 4880 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:39:04.0630 4880 monitor - ok
17:39:04.0646 4880 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:39:04.0662 4880 mouclass - ok
17:39:04.0724 4880 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:39:04.0771 4880 mouhid - ok
17:39:04.0786 4880 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:39:04.0802 4880 MountMgr - ok
17:39:04.0911 4880 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:39:04.0927 4880 MozillaMaintenance - ok
17:39:04.0942 4880 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
17:39:04.0958 4880 mpio - ok
17:39:05.0005 4880 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:39:05.0036 4880 mpsdrv - ok
17:39:05.0052 4880 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:39:05.0067 4880 Mraid35x - ok
17:39:05.0114 4880 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:39:05.0130 4880 MRxDAV - ok
17:39:05.0176 4880 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:39:05.0208 4880 mrxsmb - ok
17:39:05.0254 4880 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:39:05.0270 4880 mrxsmb10 - ok
17:39:05.0317 4880 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:39:05.0332 4880 mrxsmb20 - ok
17:39:05.0379 4880 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
17:39:05.0410 4880 msahci - ok
17:39:05.0442 4880 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:39:05.0457 4880 msdsm - ok
17:39:05.0504 4880 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
17:39:05.0551 4880 MSDTC - ok
17:39:05.0613 4880 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:39:05.0660 4880 Msfs - ok
17:39:05.0707 4880 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:39:05.0722 4880 msisadrv - ok
17:39:05.0754 4880 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:39:05.0785 4880 MSiSCSI - ok
17:39:05.0800 4880 msiserver - ok
17:39:05.0847 4880 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:39:05.0894 4880 MSKSSRV - ok
17:39:05.0910 4880 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:39:05.0941 4880 MSPCLOCK - ok
17:39:05.0956 4880 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:39:05.0988 4880 MSPQM - ok
17:39:06.0034 4880 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:39:06.0050 4880 MsRPC - ok
17:39:06.0097 4880 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:39:06.0112 4880 mssmbios - ok
17:39:06.0159 4880 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:39:06.0175 4880 MSTEE - ok
17:39:06.0237 4880 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
17:39:06.0237 4880 Mup - ok
17:39:06.0424 4880 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
17:39:06.0502 4880 napagent - ok
17:39:06.0596 4880 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:39:06.0612 4880 NativeWifiP - ok
17:39:06.0705 4880 NAVENG - ok
17:39:06.0705 4880 NAVEX15 - ok
17:39:06.0768 4880 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:39:06.0799 4880 NDIS - ok
17:39:06.0846 4880 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:39:06.0877 4880 NdisTapi - ok
17:39:06.0924 4880 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:39:06.0970 4880 Ndisuio - ok
17:39:07.0017 4880 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:39:07.0048 4880 NdisWan - ok
17:39:07.0095 4880 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:39:07.0126 4880 NDProxy - ok
17:39:07.0204 4880 [ 89FD76A90CBE63F03A70C2D1B85E802C ] NEOFLTR_710_19243 C:\Windows\system32\Drivers\NEOFLTR_710_19243.SYS
17:39:07.0220 4880 NEOFLTR_710_19243 - ok
17:39:07.0267 4880 Nero BackItUp Scheduler 4.0 - ok
17:39:07.0282 4880 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:39:07.0314 4880 NetBIOS - ok
17:39:07.0360 4880 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:39:07.0392 4880 netbt - ok
17:39:07.0407 4880 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
17:39:07.0423 4880 Netlogon - ok
17:39:07.0470 4880 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
17:39:07.0501 4880 Netman - ok
17:39:07.0548 4880 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:07.0563 4880 NetMsmqActivator - ok
17:39:07.0563 4880 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:07.0579 4880 NetPipeActivator - ok
17:39:07.0594 4880 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
17:39:07.0626 4880 netprofm - ok
17:39:07.0641 4880 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:07.0641 4880 NetTcpActivator - ok
17:39:07.0657 4880 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:07.0657 4880 NetTcpPortSharing - ok
17:39:07.0782 4880 [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64 C:\Windows\system32\DRIVERS\NETw3v64.sys
17:39:07.0875 4880 NETw3v64 - ok
17:39:08.0031 4880 [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
17:39:08.0125 4880 NETw5v64 - ok
17:39:08.0172 4880 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:39:08.0187 4880 nfrd960 - ok
17:39:08.0218 4880 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
17:39:08.0265 4880 NlaSvc - ok
17:39:08.0343 4880 [ 02C1198276C0D4F39E54EB5148AF1E2A ] nmwcdcx64 C:\Windows\system32\drivers\ccdcmbox64.sys
17:39:08.0374 4880 nmwcdcx64 - ok
17:39:08.0390 4880 [ 76292103C5149EB140419F36DCF26C1B ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
17:39:08.0421 4880 nmwcdnsucx64 - ok
17:39:08.0484 4880 [ 2974296DA6296B4FEA3E313BF98C693D ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
17:39:08.0515 4880 nmwcdnsux64 - ok
17:39:08.0562 4880 [ D8F00FCC82451BDAA3DB93BB62AE6AC3 ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys
17:39:08.0593 4880 nmwcdx64 - ok
17:39:08.0593 4880 Norton Internet Security - ok
17:39:08.0640 4880 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:39:08.0671 4880 Npfs - ok
17:39:08.0718 4880 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
17:39:08.0764 4880 nsi - ok
17:39:08.0796 4880 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:39:08.0842 4880 nsiproxy - ok
17:39:08.0920 4880 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:39:08.0983 4880 Ntfs - ok
17:39:09.0014 4880 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
17:39:09.0061 4880 Null - ok
17:39:09.0076 4880 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:39:09.0092 4880 nvraid - ok
17:39:09.0108 4880 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:39:09.0123 4880 nvstor - ok
17:39:09.0139 4880 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:39:09.0154 4880 nv_agp - ok
17:39:09.0154 4880 NwlnkFlt - ok
17:39:09.0170 4880 NwlnkFwd - ok
17:39:09.0232 4880 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:39:09.0264 4880 ohci1394 - ok
17:39:09.0342 4880 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:39:09.0357 4880 ose - ok
17:39:09.0451 4880 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:39:09.0482 4880 p2pimsvc - ok
17:39:09.0498 4880 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
17:39:09.0529 4880 p2psvc - ok
17:39:09.0591 4880 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
17:39:09.0654 4880 Parport - ok
17:39:09.0716 4880 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:39:09.0732 4880 partmgr - ok
17:39:09.0778 4880 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
17:39:09.0794 4880 PcaSvc - ok
17:39:09.0872 4880 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:39:09.0888 4880 pccsmcfd - ok
17:39:09.0950 4880 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
17:39:09.0966 4880 pci - ok
17:39:10.0012 4880 [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide C:\Windows\system32\drivers\pciide.sys
17:39:10.0028 4880 pciide - ok
17:39:10.0059 4880 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:39:10.0075 4880 pcmcia - ok
17:39:10.0090 4880 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:39:10.0168 4880 PEAUTH - ok
17:39:10.0293 4880 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:39:10.0340 4880 PerfHost - ok
17:39:10.0418 4880 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
17:39:10.0465 4880 pla - ok
17:39:10.0527 4880 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:39:10.0574 4880 PlugPlay - ok
17:39:10.0605 4880 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:39:10.0636 4880 PNRPAutoReg - ok
17:39:10.0652 4880 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:39:10.0683 4880 PNRPsvc - ok
17:39:10.0761 4880 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:39:10.0792 4880 PolicyAgent - ok
17:39:10.0870 4880 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:39:10.0902 4880 PptpMiniport - ok
17:39:10.0948 4880 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
17:39:10.0995 4880 Processor - ok
17:39:11.0026 4880 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
17:39:11.0058 4880 ProfSvc - ok
17:39:11.0089 4880 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
17:39:11.0104 4880 ProtectedStorage - ok
17:39:11.0151 4880 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:39:11.0182 4880 PSched - ok
17:39:11.0245 4880 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:39:11.0323 4880 ql2300 - ok
17:39:11.0354 4880 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:39:11.0370 4880 ql40xx - ok
17:39:11.0416 4880 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
17:39:11.0432 4880 QWAVE - ok
17:39:11.0463 4880 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:39:11.0479 4880 QWAVEdrv - ok
17:39:11.0526 4880 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:39:11.0572 4880 RasAcd - ok
17:39:11.0588 4880 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
17:39:11.0635 4880 RasAuto - ok
17:39:11.0682 4880 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:39:11.0728 4880 Rasl2tp - ok
17:39:11.0760 4880 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
17:39:11.0791 4880 RasMan - ok
17:39:11.0822 4880 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:39:11.0853 4880 RasPppoe - ok
17:39:11.0900 4880 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:39:11.0931 4880 RasSstp - ok
17:39:11.0947 4880 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:39:11.0978 4880 rdbss - ok
17:39:12.0025 4880 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:39:12.0072 4880 RDPCDD - ok
17:39:12.0087 4880 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:39:12.0134 4880 rdpdr - ok
17:39:12.0150 4880 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:39:12.0196 4880 RDPENCDD - ok
17:39:12.0243 4880 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:39:12.0259 4880 RDPWD - ok
17:39:12.0306 4880 [ BC0A4D47472B042537F4E57B950415FA ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
17:39:12.0337 4880 Recovery Service for Windows - ok
17:39:12.0384 4880 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:39:12.0430 4880 RemoteAccess - ok
17:39:12.0493 4880 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:39:12.0524 4880 RemoteRegistry - ok
17:39:12.0633 4880 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:39:12.0649 4880 RichVideo ( UnsignedFile.Multi.Generic ) - warning
17:39:12.0649 4880 RichVideo - detected UnsignedFile.Multi.Generic (1)
17:39:12.0696 4880 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
17:39:12.0711 4880 RpcLocator - ok
17:39:12.0758 4880 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
17:39:12.0852 4880 RpcSs - ok
17:39:12.0914 4880 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:39:12.0961 4880 rspndr - ok
17:39:13.0023 4880 [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
17:39:13.0054 4880 RTL8169 - ok
17:39:13.0070 4880 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
17:39:13.0086 4880 SamSs - ok
17:39:13.0132 4880 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:39:13.0148 4880 sbp2port - ok
17:39:13.0179 4880 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:39:13.0226 4880 SCardSvr - ok
17:39:13.0304 4880 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
17:39:13.0335 4880 Schedule - ok
17:39:13.0382 4880 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:39:13.0413 4880 SCPolicySvc - ok
17:39:13.0460 4880 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:39:13.0507 4880 sdbus - ok
17:39:13.0554 4880 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:39:13.0569 4880 SDRSVC - ok
17:39:13.0756 4880 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\Andreas\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
17:39:13.0772 4880 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
17:39:13.0772 4880 SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
17:39:13.0788 4880 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:39:13.0897 4880 secdrv - ok
17:39:13.0928 4880 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
17:39:13.0944 4880 seclogon - ok
17:39:13.0975 4880 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
17:39:14.0006 4880 SENS - ok
17:39:14.0022 4880 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:39:14.0068 4880 Serenum - ok
17:39:14.0084 4880 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
17:39:14.0131 4880 Serial - ok
17:39:14.0131 4880 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:39:14.0162 4880 sermouse - ok
17:39:14.0240 4880 [ 58D5BFDF3ADF49FE9CABD78CC61D92F6 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
17:39:14.0256 4880 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
17:39:14.0256 4880 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
17:39:14.0334 4880 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
17:39:14.0365 4880 SessionEnv - ok
17:39:14.0396 4880 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:39:14.0427 4880 sffdisk - ok
17:39:14.0443 4880 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:39:14.0474 4880 sffp_mmc - ok
17:39:14.0490 4880 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:39:14.0521 4880 sffp_sd - ok
17:39:14.0536 4880 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:39:14.0568 4880 sfloppy - ok
17:39:14.0630 4880 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:39:14.0630 4880 ShellHWDetection - ok
17:39:14.0692 4880 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:39:14.0692 4880 SiSRaid2 - ok
17:39:14.0724 4880 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:39:14.0724 4880 SiSRaid4 - ok
17:39:14.0817 4880 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:39:14.0817 4880 SkypeUpdate - ok
17:39:14.0942 4880 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
17:39:15.0004 4880 slsvc - ok
17:39:15.0067 4880 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:39:15.0098 4880 SLUINotify - ok
17:39:15.0145 4880 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:39:15.0176 4880 Smb - ok
17:39:15.0238 4880 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:39:15.0254 4880 SNMPTRAP - ok
17:39:15.0285 4880 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
17:39:15.0301 4880 spldr - ok
17:39:15.0332 4880 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
17:39:15.0348 4880 Spooler - ok
17:39:15.0363 4880 SRTSP - ok
17:39:15.0363 4880 SRTSPX - ok
17:39:15.0410 4880 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
17:39:15.0426 4880 srv - ok
17:39:15.0488 4880 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:39:15.0504 4880 srv2 - ok
17:39:15.0535 4880 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:39:15.0550 4880 srvnet - ok
17:39:15.0597 4880 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:39:15.0644 4880 SSDPSRV - ok
17:39:15.0722 4880 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:39:15.0753 4880 SstpSvc - ok
17:39:15.0894 4880 [ 72EB6157E892A674E47E08732BB5CCE3 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
17:39:15.0909 4880 STacSV - ok
17:39:15.0987 4880 [ 0C7BDA7E9A329A071C080EB5210FE019 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:39:16.0003 4880 STHDA - ok
17:39:16.0065 4880 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
17:39:16.0096 4880 stisvc - ok
17:39:16.0128 4880 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:39:16.0143 4880 swenum - ok
17:39:16.0206 4880 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
17:39:16.0237 4880 swprv - ok
17:39:16.0268 4880 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:39:16.0284 4880 Symc8xx - ok
17:39:16.0330 4880 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:39:16.0346 4880 Sym_hi - ok
17:39:16.0346 4880 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:39:16.0362 4880 Sym_u3 - ok
17:39:16.0440 4880 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:39:16.0455 4880 SynTP - ok
17:39:16.0533 4880 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
17:39:16.0580 4880 SysMain - ok
17:39:16.0627 4880 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:39:16.0642 4880 TabletInputService - ok
17:39:16.0689 4880 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:39:16.0720 4880 TapiSrv - ok
17:39:16.0736 4880 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
17:39:16.0783 4880 TBS - ok
17:39:16.0861 4880 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:39:16.0908 4880 Tcpip - ok
17:39:16.0923 4880 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:39:16.0986 4880 Tcpip6 - ok
17:39:17.0017 4880 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:39:17.0032 4880 tcpipreg - ok
17:39:17.0079 4880 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:39:17.0110 4880 TDPIPE - ok
17:39:17.0126 4880 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:39:17.0173 4880 TDTCP - ok
17:39:17.0220 4880 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:39:17.0251 4880 tdx - ok
17:39:17.0298 4880 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:39:17.0313 4880 TermDD - ok
17:39:17.0344 4880 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
17:39:17.0391 4880 TermService - ok
17:39:17.0407 4880 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
17:39:17.0438 4880 Themes - ok
17:39:17.0469 4880 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
17:39:17.0516 4880 THREADORDER - ok
17:39:17.0594 4880 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
17:39:17.0610 4880 TomTomHOMEService - ok
17:39:17.0656 4880 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
17:39:17.0703 4880 TrkWks - ok
17:39:17.0766 4880 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:39:17.0797 4880 TrustedInstaller - ok
17:39:17.0828 4880 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:39:17.0875 4880 tssecsrv - ok
17:39:17.0906 4880 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:39:17.0922 4880 tunmp - ok
17:39:17.0953 4880 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:39:17.0968 4880 tunnel - ok
17:39:18.0156 4880 [ 1C31169DDDC70C1605F703DA701EAEEA ] TVCapSvc C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
17:39:18.0187 4880 TVCapSvc - ok
17:39:18.0187 4880 [ 290B8C381DBC15D3DBCBD2BDB6B0BA12 ] TVSched C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
17:39:18.0202 4880 TVSched - ok
17:39:18.0234 4880 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:39:18.0249 4880 uagp35 - ok
17:39:18.0312 4880 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:39:18.0343 4880 udfs - ok
17:39:18.0390 4880 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:39:18.0436 4880 UI0Detect - ok
17:39:18.0452 4880 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:39:18.0468 4880 uliagpkx - ok
17:39:18.0499 4880 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:39:18.0514 4880 uliahci - ok
17:39:18.0546 4880 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:39:18.0561 4880 UlSata - ok
17:39:18.0592 4880 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:39:18.0608 4880 ulsata2 - ok
17:39:18.0624 4880 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:39:18.0670 4880 umbus - ok
17:39:18.0717 4880 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
17:39:18.0780 4880 upnphost - ok
17:39:18.0811 4880 [ 9856C38AB8FAACCA4DD99DAC7B42F838 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
17:39:18.0842 4880 upperdev - ok
17:39:18.0920 4880 [ CD03479F2DA26500B203ED075C146A7A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:39:18.0936 4880 USBAAPL64 - ok
17:39:19.0029 4880 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:39:19.0060 4880 usbaudio - ok
17:39:19.0123 4880 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:39:19.0154 4880 usbccgp - ok
17:39:19.0185 4880 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:39:19.0248 4880 usbcir - ok
17:39:19.0263 4880 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:39:19.0294 4880 usbehci - ok
17:39:19.0341 4880 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:39:19.0372 4880 usbhub - ok
17:39:19.0419 4880 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:39:19.0482 4880 usbohci - ok
17:39:19.0482 4880 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:39:19.0560 4880 usbprint - ok
17:39:19.0591 4880 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:39:19.0622 4880 usbscan - ok
17:39:19.0669 4880 [ F7386007FB19E7685FC7B298560AA81F ] usbser C:\Windows\system32\drivers\usbser.sys
17:39:19.0684 4880 usbser - ok
17:39:19.0716 4880 [ 89123DC822AC7A708BD4C9E196A37610 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
17:39:19.0731 4880 UsbserFilt - ok
17:39:19.0794 4880 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:39:19.0809 4880 USBSTOR - ok
17:39:19.0840 4880 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:39:19.0872 4880 usbuhci - ok
17:39:19.0918 4880 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:39:19.0950 4880 usbvideo - ok
17:39:19.0981 4880 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
17:39:20.0012 4880 UxSms - ok
17:39:20.0043 4880 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
17:39:20.0074 4880 vds - ok
17:39:20.0137 4880 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:39:20.0168 4880 vga - ok
17:39:20.0184 4880 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:39:20.0215 4880 VgaSave - ok
17:39:20.0230 4880 [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide C:\Windows\system32\drivers\viaide.sys
17:39:20.0230 4880 viaide - ok
17:39:20.0262 4880 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:39:20.0277 4880 volmgr - ok
17:39:20.0340 4880 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:39:20.0355 4880 volmgrx - ok
17:39:20.0418 4880 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:39:20.0433 4880 volsnap - ok
17:39:20.0464 4880 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:39:20.0480 4880 vsmraid - ok
17:39:20.0558 4880 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
17:39:20.0605 4880 VSS - ok
17:39:20.0652 4880 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
17:39:20.0683 4880 W32Time - ok
17:39:20.0730 4880 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:39:20.0792 4880 WacomPen - ok
17:39:20.0870 4880 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:39:20.0886 4880 Wanarp - ok
17:39:20.0886 4880 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:39:20.0917 4880 Wanarpv6 - ok
17:39:20.0979 4880 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:39:20.0995 4880 wcncsvc - ok
17:39:21.0042 4880 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:39:21.0073 4880 WcsPlugInService - ok
17:39:21.0104 4880 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
17:39:21.0104 4880 Wd - ok
17:39:21.0166 4880 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:39:21.0182 4880 Wdf01000 - ok
17:39:21.0213 4880 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:39:21.0244 4880 WdiServiceHost - ok
17:39:21.0260 4880 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:39:21.0291 4880 WdiSystemHost - ok
17:39:21.0322 4880 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
17:39:21.0338 4880 WebClient - ok
17:39:21.0400 4880 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:39:21.0416 4880 Wecsvc - ok
17:39:21.0447 4880 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:39:21.0478 4880 wercplsupport - ok
17:39:21.0494 4880 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
17:39:21.0525 4880 WerSvc - ok
17:39:21.0541 4880 WinHttpAutoProxySvc - ok
17:39:21.0588 4880 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:39:21.0619 4880 Winmgmt - ok
17:39:21.0712 4880 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
17:39:21.0744 4880 WinRM - ok
17:39:21.0822 4880 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:39:21.0868 4880 Wlansvc - ok
17:39:22.0071 4880 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:39:22.0134 4880 wlidsvc - ok
17:39:22.0180 4880 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:39:22.0212 4880 WmiAcpi - ok
17:39:22.0243 4880 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:39:22.0290 4880 wmiApSrv - ok
17:39:22.0336 4880 WMPNetworkSvc - ok
17:39:22.0383 4880 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:39:22.0399 4880 WPCSvc - ok
17:39:22.0461 4880 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:39:22.0508 4880 WPDBusEnum - ok
17:39:22.0555 4880 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:39:22.0586 4880 WpdUsb - ok
17:39:23.0038 4880 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:39:23.0101 4880 WPFFontCache_v0400 - ok
17:39:23.0148 4880 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:39:23.0226 4880 ws2ifsl - ok
17:39:23.0272 4880 WSearch - ok
17:39:23.0319 4880 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:39:23.0397 4880 WUDFRd - ok
17:39:23.0428 4880 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:39:23.0475 4880 wudfsvc - ok
17:39:23.0538 4880 [ 07F7285220307AAFB755D890295F0F9A ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
17:39:23.0600 4880 yukonx64 - ok
17:39:23.0678 4880 [ 1CACFEF9E5DD866C5B79A135EE729E18 ] {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
17:39:23.0694 4880 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
17:39:23.0694 4880 ================ Scan global ===============================
17:39:23.0756 4880 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
17:39:23.0818 4880 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:39:23.0834 4880 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:39:23.0912 4880 [ B8844F93D2C5F1DCDB179AAA9AF134B7 ] C:\Windows\system32\services.exe
17:39:23.0912 4880 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
17:39:23.0912 4880 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
17:39:23.0912 4880 ================ Scan MBR ==================================
17:39:23.0928 4880 [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
17:39:25.0144 4880 \Device\Harddisk0\DR0 - ok
17:39:25.0144 4880 ================ Scan VBR ==================================
17:39:25.0176 4880 [ 4F671ACB12D2B23C2A215D3B242A1E8F ] \Device\Harddisk0\DR0\Partition1
17:39:25.0191 4880 \Device\Harddisk0\DR0\Partition1 - ok
17:39:25.0222 4880 [ 7B194D67144E38317068B1DBCA999781 ] \Device\Harddisk0\DR0\Partition2
17:39:25.0222 4880 \Device\Harddisk0\DR0\Partition2 - ok
17:39:25.0222 4880 ============================================================
17:39:25.0222 4880 Scan finished
17:39:25.0222 4880 ============================================================
17:39:25.0254 2116 Detected object count: 9
17:39:25.0254 2116 Actual detected object count: 9
17:40:12.0007 2116 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:12.0007 2116 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:12.0007 2116 DokanMounter ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:12.0007 2116 DokanMounter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:12.0007 2116 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:12.0007 2116 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:12.0007 2116 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:12.0007 2116 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:12.0022 2116 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:12.0022 2116 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:12.0022 2116 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:12.0022 2116 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:12.0022 2116 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:12.0022 2116 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:12.0022 2116 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:12.0022 2116 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:12.0475 2116 C:\Windows\system32\services.exe - copied to quarantine
17:40:13.0114 2116 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
17:40:13.0114 2116 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
17:40:54.0813 2116 Backup copy not found, trying to cure infected file..
17:40:54.0813 2116 C:\Windows\system32\services.exe - Cure failed (FFFFFFFF)
17:40:54.0813 2116 C:\Windows\system32\services.exe - processing error
17:40:54.0813 2116 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure
|
|
08.10.2012, 16:51
| #22 |
| | Trojaner TR/ATRAPS.Gen2 und das ist der log nach dem rebooten Hinweis: ich hatte Avira in allen fällen deaktiviert, dh de echtzeit-scanner deaktiviert. das (inaktive) programm läuft aber im hintergrund .. Code:
ATTFilter 17:46:51.0202 1180 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:46:51.0217 1180 ============================================================
17:46:51.0217 1180 Current date / time: 2012/10/08 17:46:51.0217
17:46:51.0217 1180 SystemInfo:
17:46:51.0217 1180
17:46:51.0217 1180 OS Version: 6.0.6002 ServicePack: 2.0
17:46:51.0217 1180 Product type: Workstation
17:46:51.0217 1180 ComputerName: ANDREAS-PC
17:46:51.0217 1180 UserName: Andreas
17:46:51.0217 1180 Windows directory: C:\Windows
17:46:51.0217 1180 System windows directory: C:\Windows
17:46:51.0217 1180 Running under WOW64
17:46:51.0217 1180 Processor architecture: Intel x64
17:46:51.0217 1180 Number of processors: 2
17:46:51.0217 1180 Page size: 0x1000
17:46:51.0217 1180 Boot type: Normal boot
17:46:51.0217 1180 ============================================================
17:46:53.0058 1180 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:46:53.0074 1180 ============================================================
17:46:53.0074 1180 \Device\Harddisk0\DR0:
17:46:53.0074 1180 MBR partitions:
17:46:53.0074 1180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38B7A000
17:46:53.0074 1180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38B7A800, BlocksNum 0x180A000
17:46:53.0074 1180 ============================================================
17:46:53.0323 1180 C: <-> \Device\Harddisk0\DR0\Partition1
17:46:53.0745 1180 D: <-> \Device\Harddisk0\DR0\Partition2
17:46:53.0745 1180 ============================================================
17:46:53.0745 1180 Initialize success
17:46:53.0745 1180 ============================================================
17:46:58.0487 2652 ============================================================
17:46:58.0487 2652 Scan started
17:46:58.0487 2652 Mode: Manual; SigCheck; TDLFS;
17:46:58.0487 2652 ============================================================
17:47:00.0172 2652 ================ Scan system memory ========================
17:47:00.0172 2652 System memory - ok
17:47:00.0172 2652 ================ Scan services =============================
17:47:00.0406 2652 [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files (x86)\AAVUpdateManager\aavus.exe
17:47:00.0531 2652 AAV UpdateService - ok
17:47:01.0233 2652 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:47:01.0326 2652 Accelerometer - ok
17:47:01.0498 2652 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:47:01.0513 2652 ACPI - ok
17:47:02.0137 2652 [ F84C9DEE4698DF3C1D76801B7B1B55D7 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:47:02.0465 2652 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
17:47:02.0465 2652 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
17:47:02.0902 2652 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:47:02.0917 2652 AdobeARMservice - ok
17:47:03.0105 2652 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:47:03.0198 2652 adp94xx - ok
17:47:03.0307 2652 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:47:03.0323 2652 adpahci - ok
17:47:03.0354 2652 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:47:03.0354 2652 adpu160m - ok
17:47:03.0417 2652 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:47:03.0432 2652 adpu320 - ok
17:47:03.0526 2652 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:47:03.0775 2652 AeLookupSvc - ok
17:47:04.0119 2652 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
17:47:04.0197 2652 AESTFilters - ok
17:47:04.0259 2652 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
17:47:04.0353 2652 AFD - ok
17:47:04.0431 2652 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:47:04.0446 2652 agp440 - ok
17:47:04.0477 2652 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:47:04.0493 2652 aic78xx - ok
17:47:04.0509 2652 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
17:47:04.0696 2652 ALG - ok
17:47:04.0774 2652 [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide C:\Windows\system32\drivers\aliide.sys
17:47:04.0774 2652 aliide - ok
17:47:04.0789 2652 [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide C:\Windows\system32\drivers\amdide.sys
17:47:04.0789 2652 amdide - ok
17:47:04.0852 2652 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:47:04.0899 2652 AmdK8 - ok
17:47:05.0195 2652 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:47:05.0211 2652 AntiVirSchedulerService - ok
17:47:05.0304 2652 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:47:05.0304 2652 AntiVirService - ok
17:47:05.0351 2652 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
17:47:05.0367 2652 AntiVirWebService - ok
17:47:05.0445 2652 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
17:47:05.0523 2652 Appinfo - ok
17:47:05.0897 2652 [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:47:05.0975 2652 Apple Mobile Device - ok
17:47:06.0022 2652 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
17:47:06.0037 2652 arc - ok
17:47:06.0084 2652 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:47:06.0100 2652 arcsas - ok
17:47:06.0786 2652 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:47:06.0849 2652 aspnet_state - ok
17:47:06.0880 2652 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:47:06.0958 2652 AsyncMac - ok
17:47:07.0005 2652 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
17:47:07.0005 2652 atapi - ok
17:47:07.0114 2652 [ 54CA8AAC988B441A692311E3B584D944 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
17:47:07.0192 2652 Ati External Event Utility - ok
17:47:08.0065 2652 [ 4B42547AE95A31D0E1E200B68A6C7647 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:47:08.0299 2652 atikmdag - ok
17:47:08.0424 2652 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:47:08.0471 2652 AudioEndpointBuilder - ok
17:47:08.0487 2652 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:47:08.0518 2652 AudioSrv - ok
17:47:08.0611 2652 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:47:08.0627 2652 avgntflt - ok
17:47:08.0705 2652 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:47:08.0721 2652 avipbb - ok
17:47:08.0767 2652 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:47:08.0783 2652 avkmgr - ok
17:47:08.0845 2652 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:47:08.0892 2652 blbdrive - ok
17:47:09.0048 2652 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:47:09.0064 2652 Bonjour Service - ok
17:47:09.0142 2652 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:47:09.0204 2652 bowser - ok
17:47:09.0282 2652 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:47:09.0360 2652 BrFiltLo - ok
17:47:09.0376 2652 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:47:09.0438 2652 BrFiltUp - ok
17:47:09.0485 2652 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
17:47:09.0532 2652 Browser - ok
17:47:09.0594 2652 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
17:47:09.0781 2652 Brserid - ok
17:47:09.0844 2652 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:47:09.0969 2652 BrSerWdm - ok
17:47:09.0984 2652 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:47:10.0078 2652 BrUsbMdm - ok
17:47:10.0093 2652 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:47:10.0171 2652 BrUsbSer - ok
17:47:10.0234 2652 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:47:10.0296 2652 BTHMODEM - ok
17:47:10.0327 2652 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:47:10.0390 2652 cdfs - ok
17:47:10.0437 2652 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:47:10.0499 2652 cdrom - ok
17:47:10.0561 2652 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
17:47:10.0593 2652 CertPropSvc - ok
17:47:10.0639 2652 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:47:10.0702 2652 circlass - ok
17:47:10.0780 2652 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
17:47:10.0811 2652 CLFS - ok
17:47:10.0983 2652 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:47:10.0998 2652 clr_optimization_v2.0.50727_32 - ok
17:47:11.0045 2652 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:47:11.0061 2652 clr_optimization_v2.0.50727_64 - ok
17:47:11.0451 2652 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:47:11.0778 2652 clr_optimization_v4.0.30319_32 - ok
17:47:11.0825 2652 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:47:11.0887 2652 clr_optimization_v4.0.30319_64 - ok
17:47:11.0950 2652 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:47:12.0012 2652 CmBatt - ok
17:47:12.0043 2652 [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:47:12.0059 2652 cmdide - ok
17:47:12.0215 2652 [ 12E94E225BD7B05A2BCCD5C0B841E921 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
17:47:12.0231 2652 Com4QLBEx - ok
17:47:12.0293 2652 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:47:12.0309 2652 Compbatt - ok
17:47:12.0340 2652 COMSysApp - ok
17:47:12.0948 2652 cpuz134 - ok
17:47:12.0995 2652 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:47:13.0011 2652 crcdisk - ok
17:47:13.0120 2652 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:47:13.0510 2652 CryptSvc - ok
17:47:13.0603 2652 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
17:47:13.0619 2652 ctxusbm - ok
17:47:13.0697 2652 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:47:13.0759 2652 DcomLaunch - ok
17:47:13.0837 2652 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:47:13.0900 2652 DfsC - ok
17:47:14.0508 2652 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
17:47:14.0742 2652 DFSR - ok
17:47:14.0820 2652 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:47:14.0883 2652 Dhcp - ok
17:47:14.0929 2652 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
17:47:14.0945 2652 disk - ok
17:47:15.0007 2652 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:47:15.0085 2652 Dnscache - ok
17:47:15.0148 2652 [ 57AE249F2C6A90476E8E400F0EEC3C56 ] Dokan C:\Windows\system32\drivers\dokan.sys
17:47:15.0163 2652 Dokan - ok
17:47:15.0319 2652 [ F4FEAE56DA1B5B7DC78D5F9214CDEF5E ] DokanMounter C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
17:47:15.0335 2652 DokanMounter ( UnsignedFile.Multi.Generic ) - warning
17:47:15.0335 2652 DokanMounter - detected UnsignedFile.Multi.Generic (1)
17:47:15.0444 2652 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
17:47:15.0491 2652 dot3svc - ok
17:47:15.0522 2652 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
17:47:15.0600 2652 DPS - ok
17:47:15.0647 2652 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:47:15.0709 2652 drmkaud - ok
17:47:15.0834 2652 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:47:15.0865 2652 DXGKrnl - ok
17:47:15.0912 2652 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
17:47:15.0959 2652 E1G60 - ok
17:47:16.0021 2652 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
17:47:16.0068 2652 EapHost - ok
17:47:16.0146 2652 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
17:47:16.0162 2652 Ecache - ok
17:47:16.0255 2652 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:47:16.0333 2652 ehRecvr - ok
17:47:16.0365 2652 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
17:47:16.0396 2652 ehSched - ok
17:47:16.0443 2652 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
17:47:16.0505 2652 ehstart - ok
17:47:16.0552 2652 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:47:16.0583 2652 elxstor - ok
17:47:16.0630 2652 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:47:16.0708 2652 EMDMgmt - ok
17:47:16.0770 2652 [ F218A3A27ED6592C0E22EC3595554447 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
17:47:16.0817 2652 enecir - ok
17:47:16.0911 2652 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:47:16.0957 2652 ErrDev - ok
17:47:17.0035 2652 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
17:47:17.0098 2652 EventSystem - ok
17:47:17.0129 2652 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
17:47:17.0207 2652 exfat - ok
17:47:17.0207 2652 ezSharedSvc - ok
17:47:17.0223 2652 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:47:17.0285 2652 fastfat - ok
17:47:17.0316 2652 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:47:17.0394 2652 fdc - ok
17:47:17.0441 2652 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
17:47:17.0503 2652 fdPHost - ok
17:47:17.0519 2652 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
17:47:17.0581 2652 FDResPub - ok
17:47:17.0597 2652 Fildro - ok
17:47:17.0628 2652 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:47:17.0644 2652 FileInfo - ok
17:47:17.0659 2652 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:47:17.0722 2652 Filetrace - ok
17:47:17.0737 2652 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:47:17.0800 2652 flpydisk - ok
17:47:17.0893 2652 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:47:17.0909 2652 FltMgr - ok
17:47:18.0112 2652 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
17:47:18.0252 2652 FontCache - ok
17:47:18.0330 2652 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:47:18.0346 2652 FontCache3.0.0.0 - ok
17:47:18.0393 2652 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:47:18.0455 2652 Fs_Rec - ok
17:47:18.0533 2652 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:47:18.0533 2652 gagp30kx - ok
17:47:18.0642 2652 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:47:18.0658 2652 GEARAspiWDM - ok
17:47:18.0861 2652 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
17:47:18.0892 2652 gpsvc - ok
17:47:19.0017 2652 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:47:19.0063 2652 HdAudAddService - ok
17:47:19.0141 2652 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:47:19.0219 2652 HDAudBus - ok
17:47:19.0297 2652 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:47:19.0391 2652 HidBth - ok
17:47:19.0500 2652 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:47:19.0594 2652 HidIr - ok
17:47:19.0641 2652 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
17:47:19.0672 2652 hidserv - ok
17:47:19.0703 2652 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:47:19.0750 2652 HidUsb - ok
17:47:19.0781 2652 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
17:47:19.0859 2652 hkmsvc - ok
17:47:19.0968 2652 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:47:19.0984 2652 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
17:47:19.0984 2652 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
17:47:20.0077 2652 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:47:20.0093 2652 HpCISSs - ok
17:47:20.0124 2652 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:47:20.0140 2652 hpdskflt - ok
17:47:20.0233 2652 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:47:20.0296 2652 HpqKbFiltr - ok
17:47:20.0389 2652 [ 188FF0ADF66768D53AD94F43972E1E9A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:47:20.0421 2652 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
17:47:20.0421 2652 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
17:47:20.0467 2652 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
17:47:20.0483 2652 hpsrv - ok
17:47:20.0592 2652 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:47:20.0655 2652 HTTP - ok
17:47:20.0701 2652 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:47:20.0717 2652 i2omp - ok
17:47:20.0764 2652 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:47:20.0811 2652 i8042prt - ok
17:47:20.0889 2652 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:47:20.0904 2652 iaStorV - ok
17:47:21.0045 2652 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:47:21.0107 2652 idsvc - ok
17:47:21.0169 2652 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:47:21.0185 2652 iirsp - ok
17:47:21.0279 2652 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
17:47:21.0325 2652 IKEEXT - ok
17:47:21.0372 2652 [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide C:\Windows\system32\drivers\intelide.sys
17:47:21.0403 2652 intelide - ok
17:47:21.0435 2652 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:47:21.0481 2652 intelppm - ok
17:47:21.0513 2652 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:47:21.0575 2652 IPBusEnum - ok
17:47:21.0653 2652 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:47:21.0747 2652 IpFilterDriver - ok
17:47:21.0747 2652 IpInIp - ok
17:47:21.0793 2652 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:47:21.0871 2652 IPMIDRV - ok
17:47:21.0887 2652 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:47:21.0949 2652 IPNAT - ok
17:47:22.0121 2652 [ 24595EC9236D7E421661A2D4FFBD901A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:47:22.0137 2652 iPod Service - ok
17:47:22.0183 2652 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:47:22.0230 2652 IRENUM - ok
17:47:22.0293 2652 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:47:22.0293 2652 isapnp - ok
17:47:22.0371 2652 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:47:22.0386 2652 iScsiPrt - ok
17:47:22.0417 2652 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:47:22.0433 2652 iteatapi - ok
17:47:22.0511 2652 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:47:22.0527 2652 iteraid - ok
17:47:22.0542 2652 [ BB86B1C3489463BBA1FD04C876DBE414 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
17:47:22.0620 2652 JMCR - ok
17:47:22.0667 2652 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:47:22.0667 2652 kbdclass - ok
17:47:22.0729 2652 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:47:22.0807 2652 kbdhid - ok
17:47:22.0854 2652 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
17:47:22.0901 2652 KeyIso - ok
17:47:22.0995 2652 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:47:23.0010 2652 KSecDD - ok
17:47:23.0088 2652 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:47:23.0151 2652 ksthunk - ok
17:47:23.0197 2652 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
17:47:23.0275 2652 KtmRm - ok
17:47:23.0338 2652 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:47:23.0385 2652 LanmanServer - ok
17:47:23.0431 2652 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:47:23.0494 2652 LanmanWorkstation - ok
17:47:23.0650 2652 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:47:23.0681 2652 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
17:47:23.0681 2652 LightScribeService - detected UnsignedFile.Multi.Generic (1)
17:47:23.0697 2652 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:47:23.0743 2652 lltdio - ok
17:47:23.0790 2652 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:47:23.0853 2652 lltdsvc - ok
17:47:23.0884 2652 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:47:23.0962 2652 lmhosts - ok
17:47:24.0024 2652 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:47:24.0040 2652 LSI_FC - ok
17:47:24.0055 2652 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:47:24.0071 2652 LSI_SAS - ok
17:47:24.0087 2652 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:47:24.0102 2652 LSI_SCSI - ok
17:47:24.0149 2652 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
17:47:24.0227 2652 luafv - ok
17:47:24.0399 2652 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
17:47:24.0430 2652 McComponentHostService - ok
17:47:24.0461 2652 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:47:24.0477 2652 Mcx2Svc - ok
17:47:24.0539 2652 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
17:47:24.0555 2652 megasas - ok
17:47:24.0617 2652 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:47:24.0633 2652 MegaSR - ok
17:47:24.0711 2652 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
17:47:24.0757 2652 MMCSS - ok
17:47:24.0789 2652 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
17:47:24.0882 2652 Modem - ok
17:47:24.0898 2652 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:47:24.0960 2652 monitor - ok
17:47:24.0976 2652 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:47:24.0991 2652 mouclass - ok
17:47:25.0069 2652 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:47:25.0132 2652 mouhid - ok
17:47:25.0194 2652 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:47:25.0210 2652 MountMgr - ok
17:47:25.0303 2652 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:47:25.0319 2652 MozillaMaintenance - ok
17:47:25.0350 2652 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
17:47:25.0366 2652 mpio - ok
17:47:25.0413 2652 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:47:25.0459 2652 mpsdrv - ok
17:47:25.0475 2652 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:47:25.0491 2652 Mraid35x - ok
17:47:25.0537 2652 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:47:25.0553 2652 MRxDAV - ok
17:47:25.0631 2652 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:47:25.0693 2652 mrxsmb - ok
17:47:25.0756 2652 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:47:25.0787 2652 mrxsmb10 - ok
17:47:25.0803 2652 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:47:25.0849 2652 mrxsmb20 - ok
17:47:25.0912 2652 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
17:47:25.0927 2652 msahci - ok
17:47:26.0005 2652 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:47:26.0021 2652 msdsm - ok
17:47:26.0083 2652 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
17:47:26.0130 2652 MSDTC - ok
17:47:26.0193 2652 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:47:26.0255 2652 Msfs - ok
17:47:26.0286 2652 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:47:26.0302 2652 msisadrv - ok
17:47:26.0380 2652 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:47:26.0458 2652 MSiSCSI - ok
17:47:26.0473 2652 msiserver - ok
17:47:26.0505 2652 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:47:26.0551 2652 MSKSSRV - ok
17:47:26.0567 2652 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:47:26.0661 2652 MSPCLOCK - ok
17:47:26.0676 2652 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:47:26.0723 2652 MSPQM - ok
17:47:26.0801 2652 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:47:26.0817 2652 MsRPC - ok
17:47:26.0863 2652 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:47:26.0879 2652 mssmbios - ok
17:47:26.0926 2652 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:47:26.0988 2652 MSTEE - ok
17:47:27.0066 2652 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
17:47:27.0066 2652 Mup - ok
17:47:27.0144 2652 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
17:47:27.0191 2652 napagent - ok
17:47:27.0269 2652 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:47:27.0300 2652 NativeWifiP - ok
17:47:27.0425 2652 NAVENG - ok
17:47:27.0425 2652 NAVEX15 - ok
17:47:27.0675 2652 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:47:27.0706 2652 NDIS - ok
17:47:27.0768 2652 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:47:27.0815 2652 NdisTapi - ok
17:47:27.0862 2652 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:47:27.0924 2652 Ndisuio - ok
17:47:27.0987 2652 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:47:28.0033 2652 NdisWan - ok
17:47:28.0080 2652 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:47:28.0143 2652 NDProxy - ok
17:47:28.0221 2652 [ 89FD76A90CBE63F03A70C2D1B85E802C ] NEOFLTR_710_19243 C:\Windows\system32\Drivers\NEOFLTR_710_19243.SYS
17:47:28.0236 2652 NEOFLTR_710_19243 - ok
17:47:28.0283 2652 Nero BackItUp Scheduler 4.0 - ok
17:47:28.0299 2652 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:47:28.0408 2652 NetBIOS - ok
17:47:28.0470 2652 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:47:28.0501 2652 netbt - ok
17:47:28.0533 2652 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
17:47:28.0548 2652 Netlogon - ok
17:47:28.0704 2652 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
17:47:28.0813 2652 Netman - ok
17:47:28.0860 2652 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:47:28.0907 2652 NetMsmqActivator - ok
17:47:28.0907 2652 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:47:28.0923 2652 NetPipeActivator - ok
17:47:28.0969 2652 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
17:47:29.0032 2652 netprofm - ok
17:47:29.0047 2652 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:47:29.0063 2652 NetTcpActivator - ok
17:47:29.0063 2652 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:47:29.0079 2652 NetTcpPortSharing - ok
17:47:29.0406 2652 [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64 C:\Windows\system32\DRIVERS\NETw3v64.sys
17:47:29.0749 2652 NETw3v64 - ok
17:47:30.0295 2652 [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
17:47:31.0403 2652 NETw5v64 - ok
17:47:31.0419 2652 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:47:31.0419 2652 nfrd960 - ok
17:47:31.0465 2652 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
17:47:31.0512 2652 NlaSvc - ok
17:47:31.0575 2652 [ 02C1198276C0D4F39E54EB5148AF1E2A ] nmwcdcx64 C:\Windows\system32\drivers\ccdcmbox64.sys
17:47:31.0637 2652 nmwcdcx64 - ok
17:47:31.0684 2652 [ 76292103C5149EB140419F36DCF26C1B ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
17:47:31.0715 2652 nmwcdnsucx64 - ok
17:47:31.0762 2652 [ 2974296DA6296B4FEA3E313BF98C693D ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
17:47:31.0824 2652 nmwcdnsux64 - ok
17:47:31.0871 2652 [ D8F00FCC82451BDAA3DB93BB62AE6AC3 ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys
17:47:31.0918 2652 nmwcdx64 - ok
17:47:31.0918 2652 Norton Internet Security - ok
17:47:31.0965 2652 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:47:31.0996 2652 Npfs - ok
17:47:32.0058 2652 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
17:47:32.0136 2652 nsi - ok
17:47:32.0214 2652 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:47:32.0323 2652 nsiproxy - ok
17:47:32.0620 2652 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:47:32.0807 2652 Ntfs - ok
17:47:32.0885 2652 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
17:47:32.0994 2652 Null - ok
17:47:33.0072 2652 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:47:33.0088 2652 nvraid - ok
17:47:33.0103 2652 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:47:33.0103 2652 nvstor - ok
17:47:33.0135 2652 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:47:33.0150 2652 nv_agp - ok
17:47:33.0150 2652 NwlnkFlt - ok
17:47:33.0150 2652 NwlnkFwd - ok
17:47:33.0228 2652 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:47:33.0259 2652 ohci1394 - ok
17:47:33.0322 2652 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:47:33.0337 2652 ose - ok
17:47:33.0447 2652 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:47:33.0509 2652 p2pimsvc - ok
17:47:33.0509 2652 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
17:47:33.0540 2652 p2psvc - ok
17:47:33.0587 2652 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
17:47:33.0649 2652 Parport - ok
17:47:33.0712 2652 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:47:33.0712 2652 partmgr - ok
17:47:33.0759 2652 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
17:47:33.0852 2652 PcaSvc - ok
17:47:33.0915 2652 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:47:33.0977 2652 pccsmcfd - ok
17:47:34.0039 2652 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
17:47:34.0055 2652 pci - ok
17:47:34.0227 2652 [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide C:\Windows\system32\drivers\pciide.sys
17:47:34.0242 2652 pciide - ok
17:47:34.0320 2652 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:47:34.0336 2652 pcmcia - ok
17:47:34.0367 2652 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:47:34.0492 2652 PEAUTH - ok
17:47:34.0757 2652 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:47:34.0882 2652 PerfHost - ok
17:47:35.0038 2652 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
17:47:35.0178 2652 pla - ok
17:47:35.0319 2652 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:47:35.0350 2652 PlugPlay - ok
17:47:35.0490 2652 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:47:35.0521 2652 PNRPAutoReg - ok
17:47:35.0662 2652 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:47:35.0693 2652 PNRPsvc - ok
17:47:35.0927 2652 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:47:36.0021 2652 PolicyAgent - ok
17:47:36.0177 2652 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:47:36.0270 2652 PptpMiniport - ok
17:47:36.0364 2652 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
17:47:36.0442 2652 Processor - ok
17:47:36.0520 2652 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
17:47:36.0551 2652 ProfSvc - ok
17:47:36.0567 2652 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
17:47:36.0582 2652 ProtectedStorage - ok
17:47:36.0645 2652 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:47:36.0676 2652 PSched - ok
17:47:36.0785 2652 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:47:36.0832 2652 ql2300 - ok
17:47:36.0847 2652 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:47:36.0879 2652 ql40xx - ok
17:47:36.0925 2652 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
17:47:36.0941 2652 QWAVE - ok
17:47:36.0957 2652 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:47:37.0003 2652 QWAVEdrv - ok
17:47:37.0050 2652 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:47:37.0097 2652 RasAcd - ok
17:47:37.0113 2652 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
17:47:37.0175 2652 RasAuto - ok
17:47:37.0237 2652 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:47:37.0300 2652 Rasl2tp - ok
17:47:37.0331 2652 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
17:47:37.0378 2652 RasMan - ok
17:47:37.0425 2652 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:47:37.0487 2652 RasPppoe - ok
17:47:37.0518 2652 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:47:37.0534 2652 RasSstp - ok
17:47:37.0612 2652 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:47:37.0690 2652 rdbss - ok
17:47:37.0721 2652 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:47:37.0768 2652 RDPCDD - ok
17:47:37.0783 2652 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:47:37.0830 2652 rdpdr - ok
17:47:37.0861 2652 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:47:37.0908 2652 RDPENCDD - ok
17:47:37.0986 2652 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:47:38.0049 2652 RDPWD - ok
17:47:38.0111 2652 [ BC0A4D47472B042537F4E57B950415FA ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
17:47:38.0127 2652 Recovery Service for Windows - ok
17:47:38.0173 2652 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:47:38.0251 2652 RemoteAccess - ok
17:47:38.0361 2652 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:47:38.0392 2652 RemoteRegistry - ok
17:47:38.0532 2652 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:47:38.0595 2652 RichVideo ( UnsignedFile.Multi.Generic ) - warning
17:47:38.0595 2652 RichVideo - detected UnsignedFile.Multi.Generic (1)
17:47:38.0626 2652 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
17:47:38.0688 2652 RpcLocator - ok
17:47:38.0922 2652 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
17:47:39.0000 2652 RpcSs - ok
17:47:39.0063 2652 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:47:39.0125 2652 rspndr - ok
17:47:39.0187 2652 [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
17:47:39.0265 2652 RTL8169 - ok
17:47:39.0281 2652 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
17:47:39.0281 2652 SamSs - ok
17:47:39.0328 2652 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:47:39.0343 2652 sbp2port - ok
17:47:39.0375 2652 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:47:39.0390 2652 SCardSvr - ok
17:47:39.0484 2652 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
17:47:39.0546 2652 Schedule - ok
17:47:39.0640 2652 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:47:39.0671 2652 SCPolicySvc - ok
17:47:39.0702 2652 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:47:39.0765 2652 sdbus - ok
17:47:39.0796 2652 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:47:39.0858 2652 SDRSVC - ok
17:47:40.0092 2652 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\Andreas\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
17:47:40.0092 2652 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
17:47:40.0092 2652 SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
17:47:40.0139 2652 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:47:40.0295 2652 secdrv - ok
17:47:40.0404 2652 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
17:47:40.0529 2652 seclogon - ok
17:47:40.0545 2652 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
17:47:40.0607 2652 SENS - ok
17:47:40.0638 2652 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:47:40.0685 2652 Serenum - ok
17:47:40.0701 2652 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
17:47:40.0747 2652 Serial - ok
17:47:40.0763 2652 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:47:40.0810 2652 sermouse - ok
17:47:40.0966 2652 [ 58D5BFDF3ADF49FE9CABD78CC61D92F6 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
17:47:41.0013 2652 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
17:47:41.0013 2652 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
17:47:41.0091 2652 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
17:47:41.0153 2652 SessionEnv - ok
17:47:41.0200 2652 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:47:41.0231 2652 sffdisk - ok
17:47:41.0247 2652 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:47:41.0293 2652 sffp_mmc - ok
17:47:41.0325 2652 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:47:41.0387 2652 sffp_sd - ok
17:47:41.0403 2652 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:47:41.0465 2652 sfloppy - ok
17:47:41.0574 2652 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:47:41.0637 2652 ShellHWDetection - ok
17:47:41.0683 2652 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:47:41.0699 2652 SiSRaid2 - ok
17:47:41.0730 2652 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:47:41.0746 2652 SiSRaid4 - ok
17:47:41.0839 2652 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:47:41.0855 2652 SkypeUpdate - ok
17:47:42.0432 2652 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
17:47:42.0604 2652 slsvc - ok
17:47:42.0682 2652 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:47:42.0744 2652 SLUINotify - ok
17:47:42.0760 2652 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:47:42.0822 2652 Smb - ok
17:47:42.0869 2652 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:47:42.0916 2652 SNMPTRAP - ok
17:47:42.0947 2652 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
17:47:42.0963 2652 spldr - ok
17:47:43.0041 2652 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
17:47:43.0087 2652 Spooler - ok
17:47:43.0103 2652 SRTSP - ok
17:47:43.0103 2652 SRTSPX - ok
17:47:43.0150 2652 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
17:47:43.0197 2652 srv - ok
17:47:43.0259 2652 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:47:43.0337 2652 srv2 - ok
17:47:43.0353 2652 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:47:43.0399 2652 srvnet - ok
17:47:43.0431 2652 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:47:43.0524 2652 SSDPSRV - ok
17:47:43.0633 2652 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:47:43.0665 2652 SstpSvc - ok
17:47:43.0899 2652 [ 72EB6157E892A674E47E08732BB5CCE3 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
17:47:43.0961 2652 STacSV - ok
17:47:44.0117 2652 [ 0C7BDA7E9A329A071C080EB5210FE019 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:47:44.0195 2652 STHDA - ok
17:47:44.0335 2652 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
17:47:44.0429 2652 stisvc - ok
17:47:44.0476 2652 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:47:44.0507 2652 swenum - ok
17:47:44.0616 2652 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
17:47:44.0710 2652 swprv - ok
17:47:44.0741 2652 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:47:44.0772 2652 Symc8xx - ok
17:47:44.0819 2652 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:47:44.0850 2652 Sym_hi - ok
17:47:44.0866 2652 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:47:44.0897 2652 Sym_u3 - ok
17:47:44.0975 2652 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:47:44.0991 2652 SynTP - ok
17:47:45.0069 2652 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
17:47:45.0115 2652 SysMain - ok
17:47:45.0178 2652 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:47:45.0240 2652 TabletInputService - ok
17:47:45.0287 2652 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:47:45.0349 2652 TapiSrv - ok
17:47:45.0412 2652 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
17:47:45.0490 2652 TBS - ok
17:47:45.0724 2652 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:47:45.0786 2652 Tcpip - ok
17:47:45.0802 2652 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:47:45.0849 2652 Tcpip6 - ok
17:47:45.0927 2652 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:47:45.0989 2652 tcpipreg - ok
17:47:46.0051 2652 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:47:46.0129 2652 TDPIPE - ok
17:47:46.0145 2652 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:47:46.0223 2652 TDTCP - ok
17:47:46.0363 2652 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:47:46.0395 2652 tdx - ok
17:47:46.0441 2652 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:47:46.0457 2652 TermDD - ok
17:47:46.0597 2652 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
17:47:46.0675 2652 TermService - ok
17:47:46.0707 2652 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
17:47:46.0738 2652 Themes - ok
17:47:46.0785 2652 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
17:47:46.0831 2652 THREADORDER - ok
17:47:46.0925 2652 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
17:47:46.0941 2652 TomTomHOMEService - ok
17:47:46.0987 2652 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
17:47:47.0065 2652 TrkWks - ok
17:47:47.0143 2652 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:47:47.0206 2652 TrustedInstaller - ok
17:47:47.0268 2652 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:47:47.0299 2652 tssecsrv - ok
17:47:47.0346 2652 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:47:47.0393 2652 tunmp - ok
17:47:47.0424 2652 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:47:47.0471 2652 tunnel - ok
17:47:47.0752 2652 [ 1C31169DDDC70C1605F703DA701EAEEA ] TVCapSvc C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
17:47:47.0783 2652 TVCapSvc - ok
17:47:47.0799 2652 [ 290B8C381DBC15D3DBCBD2BDB6B0BA12 ] TVSched C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
17:47:47.0830 2652 TVSched - ok
17:47:47.0861 2652 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:47:47.0892 2652 uagp35 - ok
17:47:48.0095 2652 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:47:48.0189 2652 udfs - ok
17:47:48.0235 2652 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:47:48.0313 2652 UI0Detect - ok
17:47:48.0345 2652 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:47:48.0360 2652 uliagpkx - ok
17:47:48.0391 2652 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:47:48.0407 2652 uliahci - ok
17:47:48.0423 2652 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:47:48.0438 2652 UlSata - ok
17:47:48.0485 2652 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:47:48.0516 2652 ulsata2 - ok
17:47:48.0547 2652 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:47:48.0579 2652 umbus - ok
17:47:48.0641 2652 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
17:47:48.0688 2652 upnphost - ok
17:47:48.0735 2652 [ 9856C38AB8FAACCA4DD99DAC7B42F838 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
17:47:48.0797 2652 upperdev - ok
17:47:48.0859 2652 [ CD03479F2DA26500B203ED075C146A7A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:47:48.0906 2652 USBAAPL64 - ok
17:47:48.0984 2652 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:47:49.0047 2652 usbaudio - ok
17:47:49.0093 2652 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:47:49.0156 2652 usbccgp - ok
17:47:49.0249 2652 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:47:49.0312 2652 usbcir - ok
17:47:49.0374 2652 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:47:49.0405 2652 usbehci - ok
17:47:49.0515 2652 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:47:49.0593 2652 usbhub - ok
17:47:49.0655 2652 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:47:49.0733 2652 usbohci - ok
17:47:49.0764 2652 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:47:49.0842 2652 usbprint - ok
17:47:49.0905 2652 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:47:49.0936 2652 usbscan - ok
17:47:49.0967 2652 [ F7386007FB19E7685FC7B298560AA81F ] usbser C:\Windows\system32\drivers\usbser.sys
17:47:50.0014 2652 usbser - ok
17:47:50.0045 2652 [ 89123DC822AC7A708BD4C9E196A37610 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
17:47:50.0123 2652 UsbserFilt - ok
17:47:50.0170 2652 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:47:50.0217 2652 USBSTOR - ok
17:47:50.0295 2652 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:47:50.0341 2652 usbuhci - ok
17:47:50.0388 2652 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:47:50.0419 2652 usbvideo - ok
17:47:50.0466 2652 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
17:47:50.0513 2652 UxSms - ok
17:47:50.0544 2652 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
17:47:50.0591 2652 vds - ok
17:47:50.0669 2652 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:47:50.0731 2652 vga - ok
17:47:50.0778 2652 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:47:50.0809 2652 VgaSave - ok
17:47:50.0841 2652 [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide C:\Windows\system32\drivers\viaide.sys
17:47:50.0856 2652 viaide - ok
17:47:50.0887 2652 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:47:50.0903 2652 volmgr - ok
17:47:50.0950 2652 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:47:50.0965 2652 volmgrx - ok
17:47:51.0028 2652 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:47:51.0059 2652 volsnap - ok
17:47:51.0106 2652 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:47:51.0121 2652 vsmraid - ok
17:47:51.0418 2652 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
17:47:51.0589 2652 VSS - ok
17:47:51.0636 2652 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
17:47:51.0714 2652 W32Time - ok
17:47:51.0745 2652 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:47:51.0839 2652 WacomPen - ok
17:47:51.0933 2652 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:47:51.0964 2652 Wanarp - ok
17:47:51.0964 2652 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:47:52.0011 2652 Wanarpv6 - ok
17:47:52.0104 2652 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:47:52.0151 2652 wcncsvc - ok
17:47:52.0213 2652 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:47:52.0245 2652 WcsPlugInService - ok
17:47:52.0276 2652 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
17:47:52.0291 2652 Wd - ok
17:47:52.0479 2652 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:47:52.0510 2652 Wdf01000 - ok
17:47:52.0557 2652 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:47:52.0619 2652 WdiServiceHost - ok
17:47:52.0619 2652 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:47:52.0666 2652 WdiSystemHost - ok
17:47:52.0728 2652 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
17:47:52.0775 2652 WebClient - ok
17:47:52.0837 2652 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:47:52.0900 2652 Wecsvc - ok
17:47:52.0931 2652 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:47:52.0993 2652 wercplsupport - ok
17:47:53.0009 2652 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
17:47:53.0056 2652 WerSvc - ok
17:47:53.0071 2652 WinHttpAutoProxySvc - ok
17:47:53.0212 2652 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:47:53.0274 2652 Winmgmt - ok
17:47:53.0461 2652 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
17:47:53.0602 2652 WinRM - ok
17:47:53.0649 2652 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:47:53.0758 2652 Wlansvc - ok
17:47:54.0319 2652 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:47:54.0507 2652 wlidsvc - ok
17:47:54.0553 2652 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:47:54.0616 2652 WmiAcpi - ok
17:47:54.0694 2652 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:47:54.0756 2652 wmiApSrv - ok
17:47:54.0803 2652 WMPNetworkSvc - ok
17:47:54.0928 2652 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:47:54.0990 2652 WPCSvc - ok
17:47:55.0053 2652 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:47:55.0099 2652 WPDBusEnum - ok
17:47:55.0146 2652 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:47:55.0177 2652 WpdUsb - ok
17:47:56.0067 2652 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:47:56.0191 2652 WPFFontCache_v0400 - ok
17:47:56.0238 2652 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:47:56.0347 2652 ws2ifsl - ok
17:47:56.0394 2652 WSearch - ok
17:47:56.0425 2652 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:47:56.0472 2652 WUDFRd - ok
17:47:56.0503 2652 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:47:56.0566 2652 wudfsvc - ok
17:47:56.0628 2652 [ 07F7285220307AAFB755D890295F0F9A ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
17:47:56.0722 2652 yukonx64 - ok
17:47:56.0800 2652 [ 1CACFEF9E5DD866C5B79A135EE729E18 ] {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
17:47:56.0815 2652 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
17:47:56.0815 2652 ================ Scan global ===============================
17:47:56.0893 2652 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
17:47:57.0049 2652 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:47:57.0065 2652 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:47:57.0190 2652 [ B8844F93D2C5F1DCDB179AAA9AF134B7 ] C:\Windows\system32\services.exe
17:47:57.0205 2652 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
17:47:57.0205 2652 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
17:47:57.0205 2652 ================ Scan MBR ==================================
17:47:57.0221 2652 [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
17:47:57.0985 2652 \Device\Harddisk0\DR0 - ok
17:47:57.0985 2652 ================ Scan VBR ==================================
17:47:58.0017 2652 [ 4F671ACB12D2B23C2A215D3B242A1E8F ] \Device\Harddisk0\DR0\Partition1
17:47:58.0017 2652 \Device\Harddisk0\DR0\Partition1 - ok
17:47:58.0063 2652 [ 7B194D67144E38317068B1DBCA999781 ] \Device\Harddisk0\DR0\Partition2
17:47:58.0079 2652 \Device\Harddisk0\DR0\Partition2 - ok
17:47:58.0079 2652 ============================================================
17:47:58.0079 2652 Scan finished
17:47:58.0079 2652 ============================================================
17:47:58.0095 4060 Detected object count: 9
17:47:58.0095 4060 Actual detected object count: 9
17:48:04.0756 4060 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:04.0756 4060 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:48:04.0756 4060 DokanMounter ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:04.0756 4060 DokanMounter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:48:04.0756 4060 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:04.0756 4060 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:48:04.0756 4060 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:04.0756 4060 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:48:04.0756 4060 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:04.0756 4060 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:48:04.0771 4060 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:04.0771 4060 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:48:04.0771 4060 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:04.0771 4060 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:48:04.0771 4060 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:04.0771 4060 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:48:04.0771 4060 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
17:48:04.0771 4060 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip
|
|
08.10.2012, 16:57
| #23 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.Gen2 Ok, der TDSS-Killer schafft es nicht Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.10.2012, 17:21
| #24 |
| | Trojaner TR/ATRAPS.Gen2 jetzt kommt die meldung, dass ein real-time-scanner aktiv sein: antivirus: avira desktop antispyware: avira desktop ich soll beides beenden ehe ich auf OK klicke. allerdings hab ich avira vorsichtshalber sogar mal deinstalliert. ich versteh nicht, wie das angeblich noch laufen kann .. auch im taskmanager finde ich nichts, was nach "avira desktop" aussieht .. was mach ich jetzt? ich kann bei der combo-fix-warnmeldung ja nur "OK" klicken, oder oben rechts mit dem "X" schließen ... im taskmanager unter "dienste" läuft noch der "AAV UpdateService" .. soll ich den beenden? |
|
08.10.2012, 18:34
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.Gen2 Das ist ein Bug, ignorier es und lass CF laufen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.10.2012, 19:36
| #26 |
| | Trojaner TR/ATRAPS.Gen2 seit ca 40min heißts in diesem DOS-Fenster jetzt .. System file is infected !! attempting to restore "C:\Windows\system32.exe" ist das normal, dass das soo lang dauert? so .. endlich ;-) bin schon nervös geworden, nachdem es hieß "etwa 10min" .. Code:
ATTFilter ComboFix 12-10-08.02 - Andreas 08.10.2012 19:42:28.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.4092.2842 [GMT 2:00]
ausgeführt von:: c:\users\Andreas\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\xp-AntiSpy
c:\program files (x86)\xp-AntiSpy\Uninstall.exe
c:\program files (x86)\xp-AntiSpy\xp-AntiSpy.chm
c:\program files (x86)\xp-AntiSpy\xp-AntiSpy.exe
c:\program files (x86)\xp-AntiSpy\xp-AntiSpy.url
c:\users\Andreas\AppData\Local\lame_enc.dll
c:\users\Andreas\AppData\Local\no23xwrapper.dll
c:\users\Andreas\AppData\Local\ogg.dll
c:\users\Andreas\AppData\Local\vorbis.dll
c:\users\Andreas\AppData\Local\vorbisenc.dll
c:\users\Andreas\AppData\Local\vorbisfile.dll
c:\users\Andreas\Favorites\Lesezeichen Firefix 2010-03-19.json
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\IsUn0407.exe
.
c:\windows\system32\Services.exe . . . ist infiziert!!
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-08 bis 2012-10-08 ))))))))))))))))))))))))))))))
.
.
2012-10-08 19:26 . 2012-10-08 19:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-08 14:23 . 2012-10-08 14:23 208216 ----a-w- c:\windows\system32\drivers\54311847.sys
2012-10-08 14:15 . 2012-10-08 15:40 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-07 20:29 . 2012-10-07 20:29 -------- d-----w- C:\_OTL
2012-10-05 18:39 . 2012-10-05 18:39 -------- d-----w- c:\program files (x86)\ESET
2012-10-05 18:39 . 2012-10-05 18:39 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-10-04 15:27 . 2012-10-04 15:27 -------- d-----w- c:\users\Andreas\AppData\Roaming\Malwarebytes
2012-10-04 15:26 . 2012-10-04 15:26 -------- d-----w- c:\programdata\Malwarebytes
2012-10-04 15:26 . 2012-10-04 15:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-04 15:26 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-03 10:46 . 2012-10-03 10:46 -------- d-----w- c:\program files\Reimage
2012-10-03 09:12 . 2012-10-03 09:12 -------- d-----w- c:\users\Andreas\AppData\Local\Macroplant_LLC
2012-10-03 09:12 . 2012-10-03 09:12 -------- d-----w- c:\program files (x86)\Dokan
2012-10-03 09:12 . 2012-10-03 09:12 -------- d-----w- c:\program files (x86)\Phone Disk
2012-10-02 06:16 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A803EFB6-DF71-4A90-8D14-9BAD4D5468FB}\mpengine.dll
2012-09-30 06:46 . 2012-09-30 06:46 -------- d-----w- c:\users\Andreas\AppData\Roaming\com.unitedinternet.ums.sms-mms-manager
2012-09-30 06:46 . 2012-09-30 06:46 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-09-30 06:46 . 2012-09-30 06:46 -------- d-----w- c:\program files (x86)\GMX SMS-Manager
2012-09-26 19:51 . 2012-09-26 19:51 -------- d-----w- c:\program files (x86)\Bigasoft Audio Converter
2012-09-26 19:46 . 2012-09-26 19:46 -------- d-----w- c:\programdata\AVS4YOU
2012-09-26 19:46 . 2012-09-26 19:46 -------- d-----w- c:\users\Andreas\AppData\Roaming\AVS4YOU
2012-09-26 19:45 . 2012-09-26 19:49 -------- d-----w- c:\program files (x86)\AVS4YOU
2012-09-26 19:44 . 2012-03-26 10:27 11137024 ----a-w- c:\windows\SysWow64\libmfxsw32.dll
2012-09-26 19:44 . 2010-11-12 18:18 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2012-09-26 19:44 . 2010-11-12 18:18 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-09-26 19:43 . 2012-09-26 19:49 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia
2012-09-18 18:56 . 2012-09-18 18:56 -------- d-----w- c:\program files (x86)\No.23 Recorder
2012-09-18 18:29 . 2012-09-18 18:29 -------- d-----w- c:\program files (x86)\Lame For Audacity
2012-09-18 18:15 . 2012-06-09 17:21 206336 ----a-w- c:\windows\system32\unrar.dll
2012-09-18 18:15 . 2011-12-07 17:37 148992 ----a-w- c:\windows\system32\lagarith.dll
2012-09-18 18:15 . 2012-08-17 18:00 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2012-09-18 18:15 . 2012-09-18 18:15 -------- d-----w- c:\program files\K-Lite Codec Pack x64
2012-09-18 17:24 . 2012-09-18 17:24 -------- d-----w- c:\users\AppData
2012-09-18 17:23 . 2012-09-18 18:12 -------- d-----w- c:\users\Andreas\AppData\Roaming\NCH Software
2012-09-18 17:21 . 2012-09-18 18:12 -------- d-----w- c:\programdata\NCH Software
2012-09-17 10:44 . 2012-09-17 10:44 -------- d-----w- c:\users\Andreas\AppData\Roaming\HandBrake
2012-09-17 10:40 . 2012-09-17 10:41 -------- d-----w- c:\program files (x86)\DVDVideoSoft Free Studio
2012-09-15 15:24 . 2012-09-18 18:14 -------- d-----w- c:\programdata\VistaCodecs
2012-09-15 14:17 . 2012-09-15 14:17 -------- d-----w- c:\users\Andreas\AppData\Roaming\TuneUp Software
2012-09-15 14:16 . 2012-09-15 14:18 -------- d-----w- c:\programdata\TuneUp Software
2012-09-15 14:16 . 2012-09-15 14:16 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-09-15 14:16 . 2012-09-15 14:16 -------- d--h--w- c:\programdata\Common Files
2012-09-15 14:16 . 2009-09-27 07:39 369152 ----a-w- c:\windows\SysWow64\avisynth.dll
2012-09-15 14:16 . 2005-07-14 10:31 32256 ----a-w- c:\windows\SysWow64\AVSredirect.dll
2012-09-15 14:16 . 2004-02-22 08:11 719872 ----a-w- c:\windows\SysWow64\devil.dll
2012-09-15 14:16 . 2004-01-24 22:00 70656 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2012-09-15 14:16 . 2004-01-24 22:00 70656 ----a-w- c:\windows\SysWow64\i420vfw.dll
2012-09-15 14:16 . 2012-09-15 14:16 -------- d-----w- c:\program files (x86)\AviSynth 2.5
2012-09-15 14:14 . 2004-07-01 23:00 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2012-09-15 14:13 . 2012-09-15 14:13 -------- d-----w- c:\program files (x86)\eRightSoft
2012-09-15 11:26 . 2012-09-15 11:26 -------- d-----w- c:\programdata\xml_param
2012-09-15 11:22 . 2012-09-15 11:22 -------- d-----w- c:\users\Andreas\AppData\Roaming\iSkysoft Video Converter
2012-09-15 11:22 . 2011-08-31 12:39 892928 ----a-w- c:\windows\SysWow64\iconv.dll
2012-09-15 11:22 . 2011-08-31 12:39 675840 ----a-w- c:\windows\SysWow64\ac3filter.ax
2012-09-15 11:22 . 2011-08-31 12:39 496640 ----a-w- c:\windows\SysWow64\xvid.ax
2012-09-15 10:56 . 2012-09-15 10:56 -------- d-----w- c:\program files (x86)\Ashampoo
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-03 10:11 . 2012-08-18 18:25 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-03 10:11 . 2011-05-31 06:56 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-12 11:38 . 2006-11-02 12:35 64462936 ----a-w- c:\windows\system32\mrt.exe
2012-08-28 18:24 . 2012-08-18 17:52 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-08-28 18:24 . 2010-05-12 05:05 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-04-10 . B8844F93D2C5F1DCDB179AAA9AF134B7 . 381952 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"Infium"="c:\program files (x86)\QIP 2010\qip.exe" [2011-08-22 6821248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-12 103768]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"PDFPrint"="c:\program files (x86)\pdf24\pdf24.exe" [2011-12-16 220744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\AAVUpdateManager\aavus.exe [2008-10-24 128296]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [2009-03-02 89600]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2010-07-06 c:\windows\Tasks\{05622D7C-E102-421F-B9BD-F587BF569F37}.job
- c:\program files (x86)\mozilla firefox\firefox.exe [2012-09-08 09:37]
.
2010-07-06 c:\windows\Tasks\{26D45942-2C27-4338-93C2-049F1A435729}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2012-02-29 07:55]
.
2010-07-06 c:\windows\Tasks\{5B63F7D2-B10D-4B25-BCB3-4D2BBBDB9ABC}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2012-02-29 07:55]
.
2010-07-06 c:\windows\Tasks\{6E02B945-C0CE-453A-9BA6-230DC76E1BAC}.job
- c:\program files (x86)\mozilla firefox\firefox.exe [2012-09-08 09:37]
.
2011-04-01 c:\windows\Tasks\{83EBD7E3-5521-4D5A-897A-E105084669EA}.job
- c:\program files (x86)\mozilla firefox\firefox.exe [2012-09-08 09:37]
.
2009-05-18 c:\windows\Tasks\{B9B31758-9ABD-4FBC-875D-D4AA867B25D5}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2012-02-29 07:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-03 442368]
"Launch LCDMon"="c:\program files\Common Files\Logitech\LCD Manager\lcdmon.exe" [2007-04-26 790552]
"Ocs_SM"="c:\users\Andreas\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2012-08-21 106496]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://webzugang.brnet.de/dana-na/auth/url_default/welcome.cgi
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mStart Page =
mDefault_Page_URL =
mLocal Page =
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Free YouTube Download - c:\users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to Mp3 Converter - c:\users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\programme\Microsoft Office\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
LSP: mswsock.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\pn21nwmv.default\
FF - prefs.js: browser.startup.homepage - heute.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
AddRemove-Siedler3Deinstall - c:\windows\IsUn0407.exe
AddRemove-Siedler3MissionUninstall - c:\windows\IsUn0407.exe
AddRemove-Winamp - c:\programme\Winamp\UninstWA.exe
AddRemove-WinRAR archiver - c:\programme\WinRaR\uninstall.exe
AddRemove-xp-AntiSpy - c:\program files (x86)\xp-AntiSpy\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BFE]
"ImagePath"="."
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MpsSvc]
"ImagePath"="."
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Dokan\DokanLibrary\mounter.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\SMINST\BLService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files (x86)\Citrix\ICA Client\wfcrun32.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
c:\program files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-08 21:38:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-10-08 19:38
.
Vor Suchlauf: 12 Verzeichnis(se), 240.287.813.632 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 240.238.755.840 Bytes frei
.
- - End Of File - - D05ECE5EC57DEA1AE8909F528533F940
|
|
09.10.2012, 10:52
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.Gen2 Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter Filelook::
c:\windows\system32\drivers\54311847.sys
c:\windows\system32\services.exe
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.10.2012, 17:07
| #28 | |
| | Trojaner TR/ATRAPS.Gen2 jetzt heißt es erstmal: Zitat:
|
|
09.10.2012, 18:55
| #29 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.Gen2 Ja! So steht es auch in meiner ersten Anleitung Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.10.2012, 21:04
| #30 |
| | Trojaner TR/ATRAPS.Gen2 sorry .. is mir irgendwie durchgegangen hier der neue log: Code:
ATTFilter ComboFix 12-10-09.01 - Andreas 09.10.2012 20:08:29.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.4092.2604 [GMT 2:00]
ausgeführt von:: c:\users\Andreas\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Andreas\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Services.exe . . . ist infiziert!!
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-09 bis 2012-10-09 ))))))))))))))))))))))))))))))
.
.
2012-10-09 19:47 . 2012-10-09 19:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-08 14:23 . 2012-10-08 14:23 208216 ----a-w- c:\windows\system32\drivers\54311847.sys
2012-10-08 14:15 . 2012-10-08 15:40 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-07 20:29 . 2012-10-07 20:29 -------- d-----w- C:\_OTL
2012-10-05 18:39 . 2012-10-05 18:39 -------- d-----w- c:\program files (x86)\ESET
2012-10-05 18:39 . 2012-10-05 18:39 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-10-04 15:27 . 2012-10-04 15:27 -------- d-----w- c:\users\Andreas\AppData\Roaming\Malwarebytes
2012-10-04 15:26 . 2012-10-04 15:26 -------- d-----w- c:\programdata\Malwarebytes
2012-10-04 15:26 . 2012-10-04 15:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-04 15:26 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-03 10:46 . 2012-10-03 10:46 -------- d-----w- c:\program files\Reimage
2012-10-03 09:12 . 2012-10-03 09:12 -------- d-----w- c:\users\Andreas\AppData\Local\Macroplant_LLC
2012-10-03 09:12 . 2012-10-03 09:12 -------- d-----w- c:\program files (x86)\Dokan
2012-10-03 09:12 . 2012-10-03 09:12 -------- d-----w- c:\program files (x86)\Phone Disk
2012-09-30 06:46 . 2012-09-30 06:46 -------- d-----w- c:\users\Andreas\AppData\Roaming\com.unitedinternet.ums.sms-mms-manager
2012-09-30 06:46 . 2012-09-30 06:46 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-09-30 06:46 . 2012-09-30 06:46 -------- d-----w- c:\program files (x86)\GMX SMS-Manager
2012-09-26 19:51 . 2012-09-26 19:51 -------- d-----w- c:\program files (x86)\Bigasoft Audio Converter
2012-09-26 19:46 . 2012-09-26 19:46 -------- d-----w- c:\programdata\AVS4YOU
2012-09-26 19:46 . 2012-09-26 19:46 -------- d-----w- c:\users\Andreas\AppData\Roaming\AVS4YOU
2012-09-26 19:45 . 2012-09-26 19:49 -------- d-----w- c:\program files (x86)\AVS4YOU
2012-09-26 19:44 . 2012-03-26 10:27 11137024 ----a-w- c:\windows\SysWow64\libmfxsw32.dll
2012-09-26 19:44 . 2010-11-12 18:18 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2012-09-26 19:44 . 2010-11-12 18:18 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-09-26 19:43 . 2012-09-26 19:49 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia
2012-09-18 18:56 . 2012-09-18 18:56 -------- d-----w- c:\program files (x86)\No.23 Recorder
2012-09-18 18:29 . 2012-09-18 18:29 -------- d-----w- c:\program files (x86)\Lame For Audacity
2012-09-18 18:15 . 2012-06-09 17:21 206336 ----a-w- c:\windows\system32\unrar.dll
2012-09-18 18:15 . 2011-12-07 17:37 148992 ----a-w- c:\windows\system32\lagarith.dll
2012-09-18 18:15 . 2012-08-17 18:00 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2012-09-18 18:15 . 2012-09-18 18:15 -------- d-----w- c:\program files\K-Lite Codec Pack x64
2012-09-18 17:24 . 2012-10-08 19:38 -------- d-----w- c:\users\AppData
2012-09-18 17:23 . 2012-09-18 18:12 -------- d-----w- c:\users\Andreas\AppData\Roaming\NCH Software
2012-09-18 17:21 . 2012-09-18 18:12 -------- d-----w- c:\programdata\NCH Software
2012-09-17 10:44 . 2012-09-17 10:44 -------- d-----w- c:\users\Andreas\AppData\Roaming\HandBrake
2012-09-17 10:40 . 2012-09-17 10:41 -------- d-----w- c:\program files (x86)\DVDVideoSoft Free Studio
2012-09-15 15:24 . 2012-09-18 18:14 -------- d-----w- c:\programdata\VistaCodecs
2012-09-15 14:17 . 2012-09-15 14:17 -------- d-----w- c:\users\Andreas\AppData\Roaming\TuneUp Software
2012-09-15 14:16 . 2012-09-15 14:18 -------- d-----w- c:\programdata\TuneUp Software
2012-09-15 14:16 . 2012-09-15 14:16 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-09-15 14:16 . 2012-09-15 14:16 -------- d--h--w- c:\programdata\Common Files
2012-09-15 14:16 . 2009-09-27 07:39 369152 ----a-w- c:\windows\SysWow64\avisynth.dll
2012-09-15 14:16 . 2005-07-14 10:31 32256 ----a-w- c:\windows\SysWow64\AVSredirect.dll
2012-09-15 14:16 . 2004-02-22 08:11 719872 ----a-w- c:\windows\SysWow64\devil.dll
2012-09-15 14:16 . 2004-01-24 22:00 70656 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2012-09-15 14:16 . 2004-01-24 22:00 70656 ----a-w- c:\windows\SysWow64\i420vfw.dll
2012-09-15 14:16 . 2012-09-15 14:16 -------- d-----w- c:\program files (x86)\AviSynth 2.5
2012-09-15 14:14 . 2004-07-01 23:00 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2012-09-15 14:13 . 2012-09-15 14:13 -------- d-----w- c:\program files (x86)\eRightSoft
2012-09-15 11:26 . 2012-09-15 11:26 -------- d-----w- c:\programdata\xml_param
2012-09-15 11:22 . 2012-09-15 11:22 -------- d-----w- c:\users\Andreas\AppData\Roaming\iSkysoft Video Converter
2012-09-15 11:22 . 2011-08-31 12:39 892928 ----a-w- c:\windows\SysWow64\iconv.dll
2012-09-15 11:22 . 2011-08-31 12:39 675840 ----a-w- c:\windows\SysWow64\ac3filter.ax
2012-09-15 11:22 . 2011-08-31 12:39 496640 ----a-w- c:\windows\SysWow64\xvid.ax
2012-09-15 10:56 . 2012-09-15 10:56 -------- d-----w- c:\program files (x86)\Ashampoo
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-03 10:11 . 2012-08-18 18:25 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-03 10:11 . 2011-05-31 06:56 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-12 11:38 . 2006-11-02 12:35 64462936 ----a-w- c:\windows\system32\mrt.exe
2012-08-30 07:27 . 2012-10-09 16:14 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E00222FC-A86C-4DD0-99E7-86FF04D7C87F}\mpengine.dll
2012-08-28 18:24 . 2012-08-18 17:52 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-08-28 18:24 . 2010-05-12 05:05 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
--- c:\windows\system32\drivers\54311847.sys ---
Company: Kaspersky Lab, GERT
File Description: Kaspersky Lab Mini Driver
File Version: 2.8.4.0 built by: WinDDK
Product Name: Kaspersky Lab Mini Driver
Copyright: Copyright (c) Kaspersky Lab, GERT
Original Filename: klmd.sys
File size: 208216
Created time: 2012-10-08 14:23
Modified time: 2012-10-08 14:23
MD5: F146E2BA475893DD77B2370DC1211FC6
SHA1: B34C5CDBC9597694131FD20562DB201F62E6D1FE
.
.
--- c:\windows\system32\services.exe ---
Company: Microsoft Corporation
File Description: Anwendung für Dienste und Controller
File Version: 6.0.6000.16386 (vista_rtm.061101-2205)
Product Name: Betriebssystem Microsoft® Windows®
Copyright: © Microsoft Corporation. Alle Rechte vorbehalten.
Original Filename: services.exe.mui
File size: 381952
Created time: 2009-05-26 20:40
Modified time: 2009-04-10 22:10
MD5: B8844F93D2C5F1DCDB179AAA9AF134B7
SHA1: 6EA7D8B4EBA6063B1B13CA8A4EF8BF295B43E83D
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-04-10 . B8844F93D2C5F1DCDB179AAA9AF134B7 . 381952 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"Infium"="c:\program files (x86)\QIP 2010\qip.exe" [2011-08-22 6821248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-12 103768]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"PDFPrint"="c:\program files (x86)\pdf24\pdf24.exe" [2011-12-16 220744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\AAVUpdateManager\aavus.exe [2008-10-24 128296]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [2009-03-02 89600]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2010-07-06 c:\windows\Tasks\{05622D7C-E102-421F-B9BD-F587BF569F37}.job
- c:\program files (x86)\mozilla firefox\firefox.exe [2012-09-08 09:37]
.
2010-07-06 c:\windows\Tasks\{26D45942-2C27-4338-93C2-049F1A435729}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2012-02-29 07:55]
.
2010-07-06 c:\windows\Tasks\{5B63F7D2-B10D-4B25-BCB3-4D2BBBDB9ABC}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2012-02-29 07:55]
.
2010-07-06 c:\windows\Tasks\{6E02B945-C0CE-453A-9BA6-230DC76E1BAC}.job
- c:\program files (x86)\mozilla firefox\firefox.exe [2012-09-08 09:37]
.
2011-04-01 c:\windows\Tasks\{83EBD7E3-5521-4D5A-897A-E105084669EA}.job
- c:\program files (x86)\mozilla firefox\firefox.exe [2012-09-08 09:37]
.
2009-05-18 c:\windows\Tasks\{B9B31758-9ABD-4FBC-875D-D4AA867B25D5}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2012-02-29 07:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-03 442368]
"SmartMenu"="c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [BU]
"Launch LCDMon"="c:\program files\Common Files\Logitech\LCD Manager\lcdmon.exe" [2007-04-26 790552]
"Ocs_SM"="c:\users\Andreas\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2012-08-21 106496]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://webzugang.brnet.de/dana-na/auth/url_default/welcome.cgi
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mStart Page =
mDefault_Page_URL =
mLocal Page =
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Free YouTube Download - c:\users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to Mp3 Converter - c:\users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\programme\Microsoft Office\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
LSP: mswsock.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\pn21nwmv.default\
FF - prefs.js: browser.startup.homepage - heute.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Siedler3Deinstall - c:\windows\IsUn0407.exe
AddRemove-Siedler3MissionUninstall - c:\windows\IsUn0407.exe
AddRemove-Winamp - c:\programme\Winamp\UninstWA.exe
AddRemove-xp-AntiSpy - c:\program files (x86)\xp-AntiSpy\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MpsSvc]
"ImagePath"="."
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Dokan\DokanLibrary\mounter.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\SMINST\BLService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files (x86)\Citrix\ICA Client\wfcrun32.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
c:\program files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-09 22:00:07 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-10-09 20:00
ComboFix2.txt 2012-10-08 19:38
.
Vor Suchlauf: 18 Verzeichnis(se), 252.608.864.256 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 252.591.325.184 Bytes frei
.
- - End Of File - - F7D804CE17BDE496C091EC41B6B8780E
|
|
| Themen zu Trojaner TR/ATRAPS.Gen2 |
| 00000008.@, adobe, adw-cleaner, antivir, appdatalow, audiograbber, autorun, avg, avira searchfree toolbar, bho, bonjour, conduit, converter, desktop, excel, firefox, format, google, install.exe, internet browser, intranet, launch, mozilla, mp3, plug-in, realtek, registrierungsdatenbank, registry, reimage, rundll, security, software, trojaner, trojaner tr/atraps.gen, virus.win64.zaccess.a, vista, visual studio |
Linear-Darstellung
