| |
| |||||||
Log-Analyse und Auswertung: "Mail delivery failed" häuft sich im PosteingangWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.11.2012, 12:04
| #1 | |
| |  "Mail delivery failed" häuft sich im Posteingang Hallo, auf dem Mailaccount meiner Eltern (t-online) häufen sich Mails mit folgendem Inhalt: Zitat:
Malwarebytes hat bei einem Quickscan keine Funde ausgegeben. Genausowenig MSE, der dauerhaft aktualisiert war und regelmaessig Prüft. Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.17.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ***** :: ***[Administrator] 17.11.2012 11:33:11 mbam-log-2012-11-17 (11-33-11).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 219540 Laufzeit: 2 Minute(n), 45 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Geändert von JAgrazy (17.11.2012 um 12:14 Uhr) Grund: Malwarebytes Log angehängt |
|
17.11.2012, 13:46
| #2 | |||
| /// TB-Ausbilder  | "Mail delivery failed" häuft sich im Posteingang Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich. Schritt 1: Scan mit Combofix Schritt 2: Scan mit Farbar's Service Scanner
__________________ |
|
17.11.2012, 14:13
| #3 |
| | "Mail delivery failed" häuft sich im Posteingang ComboFix
__________________Code:
ATTFilter ComboFix 12-11-16.02 - $USER$ 17.11.2012 13:57:41.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4010.2294 [GMT 1:00]
ausgeführt von:: c:\users\$USER$\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\gt.exe
c:\windows\s.bat
c:\windows\version.txt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-10-17 bis 2012-11-17 ))))))))))))))))))))))))))))))
.
.
2012-11-17 13:02 . 2012-11-17 13:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-11-17 13:02 . 2012-11-17 13:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-17 10:31 . 2012-11-17 10:31 -------- d-----w- c:\users\$USER$\AppData\Roaming\Malwarebytes
2012-11-17 10:31 . 2012-11-17 10:31 -------- d-----w- c:\programdata\Malwarebytes
2012-11-17 10:31 . 2012-11-17 10:32 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-17 10:31 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-17 10:22 . 2012-11-17 10:22 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D26DB6B-70F3-4590-8FA8-B92B7EB5CC68}\offreg.dll
2012-11-16 10:16 . 2012-10-12 07:19 9291768 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D26DB6B-70F3-4590-8FA8-B92B7EB5CC68}\mpengine.dll
2012-11-15 14:07 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-15 14:07 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 14:07 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 14:07 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 14:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 14:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 14:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 14:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 14:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 14:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 14:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 19:34 . 2012-10-12 07:19 9291768 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-24 15:17 . 2012-11-08 17:24 -------- d-----w- c:\users\$USER$\AppData\Roaming\TS3Client
2012-10-24 15:17 . 2012-10-25 11:08 -------- d-----w- c:\program files\TeamSpeak 3 Client
2012-10-23 19:01 . 2012-10-23 19:05 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-10-23 15:33 . 2012-10-23 17:10 -------- d-----w- c:\users\$USER$\AppData\Roaming\vlc
2012-10-23 15:31 . 2012-10-23 15:31 -------- d-----w- c:\program files (x86)\VideoLAN
2012-10-22 15:46 . 2012-10-22 15:46 -------- d-----w- c:\users\$USER$\AppData\Roaming\NVIDIA
2012-10-22 14:43 . 2012-10-22 14:43 -------- d-----w- C:\NVIDIA
2012-10-22 09:48 . 2012-10-22 14:02 -------- d-----w- c:\program files (x86)\StarCraft II
2012-10-22 09:48 . 2012-10-22 09:48 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-10-22 09:48 . 2012-10-22 09:48 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2012-10-22 09:46 . 2012-10-22 09:46 -------- d-----w- c:\programdata\Battle.net
2012-10-20 06:56 . 2012-10-03 10:10 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{72C1F65C-21B0-4C2F-82C3-88CFEA329F4B}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-15 14:01 . 2012-05-24 17:16 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-03 10:10 . 2012-06-13 13:33 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-02 22:21 . 2012-02-16 19:23 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-02-16 19:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 22:21 . 2012-02-16 19:23 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-02 22:21 . 2012-02-16 19:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-02 19:51 . 2011-03-06 06:45 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2011-03-06 06:44 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2011-03-06 06:44 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2011-03-06 06:45 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2011-03-06 06:45 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2011-03-06 06:45 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2011-03-06 06:45 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:50 . 2011-03-06 06:45 866664 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-10-02 19:50 . 2011-03-06 06:45 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-10-02 19:50 . 2011-03-06 06:45 440168 ----a-w- c:\windows\SysWow64\oemdspif.dll
2012-09-14 19:19 . 2012-10-10 13:18 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 13:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-08-31 18:19 . 2012-10-10 13:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 18:03 . 2012-10-10 13:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 13:19 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 13:19 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 13:18 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 13:18 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-22 18:12 . 2012-09-18 13:15 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-18 13:15 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-18 13:15 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 15:10 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 11:01 . 2012-10-14 09:39 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2012-05-31 16:37 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2012-05-31 16:37 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-20 18:48 . 2012-10-10 13:19 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 13:19 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 13:19 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 13:19 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 13:19 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 13:19 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 13:19 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 13:19 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 13:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 13:19 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 13:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 13:19 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 13:19 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 13:19 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 13:19 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 13:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 15:38 . 2012-10-10 13:19 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2012-08-20 15:38 . 2012-10-10 13:19 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2010-12-05 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2010-12-05 224352]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
" Malwarebytes Anti-Malware "="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-09-29 766536]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-2-15 1136928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-02-16 57952]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-02-16 39008]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-02-16 13408]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-02-16 29792]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-02-15 349736]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-02-15 39464]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-12-05 31088]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-11-30 307304]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\usbvideo.sys [2010-11-21 184960]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-16 20:05]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-16 20:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-02-16 19:54 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-11-14 13353064]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-02-16 114688]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-02-16 789920]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-02-16 9769888]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-02-16 5908928]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\$USER$\AppData\Local\Akamai\netsession_win.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-11-17 14:04:12
ComboFix-quarantined-files.txt 2012-11-17 13:04
.
Vor Suchlauf: 9 Verzeichnis(se), 383.237.439.488 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 383.200.972.800 Bytes frei
.
- - End Of File - - 6A8822448F57CD49ECBD40B3CA91A5B9
Farbar Code:
ATTFilter Farbar Service Scanner Version: 09-11-2012
Ran by fandrej (administrator) on 17-11-2012 at 14:12:35
Running from "C:\Users\fandrej\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is offline
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-15 14:43] - [2012-10-03 18:56] - 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
|
|
17.11.2012, 14:17
| #4 |
| /// TB-Ausbilder | "Mail delivery failed" häuft sich im Posteingang Hm ... da sieht man schon mal nichts ... Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
17.11.2012, 14:22
| #5 |
| | "Mail delivery failed" häuft sich im PosteingangCode:
ATTFilter 14:20:44.0679 5532 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:20:44.0851 5532 ============================================================
14:20:44.0851 5532 Current date / time: 2012/11/17 14:20:44.0851
14:20:44.0851 5532 SystemInfo:
14:20:44.0851 5532
14:20:44.0851 5532 OS Version: 6.1.7601 ServicePack: 1.0
14:20:44.0851 5532 Product type: Workstation
14:20:44.0851 5532 ComputerName: FRED
14:20:44.0851 5532 UserName: $USER$
14:20:44.0851 5532 Windows directory: C:\windows
14:20:44.0851 5532 System windows directory: C:\windows
14:20:44.0851 5532 Running under WOW64
14:20:44.0851 5532 Processor architecture: Intel x64
14:20:44.0851 5532 Number of processors: 4
14:20:44.0851 5532 Page size: 0x1000
14:20:44.0851 5532 Boot type: Normal boot
14:20:44.0851 5532 ============================================================
14:20:45.0241 5532 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:20:45.0241 5532 ============================================================
14:20:45.0241 5532 \Device\Harddisk0\DR0:
14:20:45.0241 5532 MBR partitions:
14:20:45.0241 5532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
14:20:45.0241 5532 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000
14:20:45.0272 5532 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800
14:20:45.0272 5532 ============================================================
14:20:45.0319 5532 C: <-> \Device\Harddisk0\DR0\Partition2
14:20:45.0365 5532 D: <-> \Device\Harddisk0\DR0\Partition3
14:20:45.0365 5532 ============================================================
14:20:45.0365 5532 Initialize success
14:20:45.0365 5532 ============================================================
14:21:03.0040 2688 ============================================================
14:21:03.0040 2688 Scan started
14:21:03.0040 2688 Mode: Manual; TDLFS;
14:21:03.0040 2688 ============================================================
14:21:03.0602 2688 ================ Scan system memory ========================
14:21:03.0602 2688 System memory - ok
14:21:03.0602 2688 ================ Scan services =============================
14:21:03.0867 2688 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
14:21:03.0867 2688 1394ohci - ok
14:21:03.0898 2688 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
14:21:03.0898 2688 ACPI - ok
14:21:03.0929 2688 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
14:21:03.0929 2688 AcpiPmi - ok
14:21:03.0976 2688 [ 5BBFF8B826EC38D32C26334E079C7EFC ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
14:21:03.0976 2688 ACPIVPC - ok
14:21:04.0070 2688 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:21:04.0070 2688 AdobeARMservice - ok
14:21:04.0117 2688 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
14:21:04.0117 2688 adp94xx - ok
14:21:04.0132 2688 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
14:21:04.0132 2688 adpahci - ok
14:21:04.0163 2688 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
14:21:04.0163 2688 adpu320 - ok
14:21:04.0195 2688 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
14:21:04.0195 2688 AeLookupSvc - ok
14:21:04.0226 2688 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
14:21:04.0226 2688 AFD - ok
14:21:04.0257 2688 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
14:21:04.0257 2688 agp440 - ok
14:21:04.0288 2688 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
14:21:04.0288 2688 ALG - ok
14:21:04.0304 2688 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
14:21:04.0304 2688 aliide - ok
14:21:04.0304 2688 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
14:21:04.0319 2688 amdide - ok
14:21:04.0319 2688 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
14:21:04.0319 2688 AmdK8 - ok
14:21:04.0335 2688 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
14:21:04.0335 2688 AmdPPM - ok
14:21:04.0351 2688 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
14:21:04.0351 2688 amdsata - ok
14:21:04.0366 2688 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
14:21:04.0366 2688 amdsbs - ok
14:21:04.0382 2688 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
14:21:04.0382 2688 amdxata - ok
14:21:04.0413 2688 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
14:21:04.0413 2688 AppID - ok
14:21:04.0444 2688 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
14:21:04.0444 2688 AppIDSvc - ok
14:21:04.0444 2688 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
14:21:04.0444 2688 Appinfo - ok
14:21:04.0522 2688 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:21:04.0522 2688 Apple Mobile Device - ok
14:21:04.0553 2688 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
14:21:04.0553 2688 arc - ok
14:21:04.0569 2688 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
14:21:04.0569 2688 arcsas - ok
14:21:04.0585 2688 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
14:21:04.0585 2688 AsyncMac - ok
14:21:04.0600 2688 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
14:21:04.0600 2688 atapi - ok
14:21:04.0647 2688 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:21:04.0663 2688 AudioEndpointBuilder - ok
14:21:04.0678 2688 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
14:21:04.0694 2688 AudioSrv - ok
14:21:04.0725 2688 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
14:21:04.0725 2688 AxInstSV - ok
14:21:04.0756 2688 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
14:21:04.0756 2688 b06bdrv - ok
14:21:04.0803 2688 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
14:21:04.0803 2688 b57nd60a - ok
14:21:04.0897 2688 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
14:21:04.0928 2688 BCM43XX - ok
14:21:04.0943 2688 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
14:21:04.0943 2688 BDESVC - ok
14:21:04.0975 2688 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
14:21:04.0975 2688 Beep - ok
14:21:05.0021 2688 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
14:21:05.0021 2688 BFE - ok
14:21:05.0053 2688 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
14:21:05.0068 2688 BITS - ok
14:21:05.0084 2688 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
14:21:05.0084 2688 blbdrive - ok
14:21:05.0146 2688 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:21:05.0162 2688 Bonjour Service - ok
14:21:05.0193 2688 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
14:21:05.0193 2688 bowser - ok
14:21:05.0271 2688 [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv C:\windows\system32\drivers\BPntDrv.sys
14:21:05.0271 2688 BPntDrv - ok
14:21:05.0302 2688 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
14:21:05.0302 2688 BrFiltLo - ok
14:21:05.0318 2688 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
14:21:05.0318 2688 BrFiltUp - ok
14:21:05.0333 2688 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
14:21:05.0333 2688 BridgeMP - ok
14:21:05.0380 2688 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
14:21:05.0380 2688 Browser - ok
14:21:05.0380 2688 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
14:21:05.0380 2688 Brserid - ok
14:21:05.0396 2688 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
14:21:05.0396 2688 BrSerWdm - ok
14:21:05.0411 2688 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
14:21:05.0411 2688 BrUsbMdm - ok
14:21:05.0427 2688 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
14:21:05.0427 2688 BrUsbSer - ok
14:21:05.0474 2688 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
14:21:05.0474 2688 BthEnum - ok
14:21:05.0474 2688 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
14:21:05.0474 2688 BTHMODEM - ok
14:21:05.0489 2688 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
14:21:05.0489 2688 BthPan - ok
14:21:05.0521 2688 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
14:21:05.0521 2688 BTHPORT - ok
14:21:05.0552 2688 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
14:21:05.0567 2688 bthserv - ok
14:21:05.0567 2688 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
14:21:05.0567 2688 BTHUSB - ok
14:21:05.0614 2688 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\windows\system32\DRIVERS\btwampfl.sys
14:21:05.0630 2688 BTWAMPFL - ok
14:21:05.0661 2688 [ 7CF028CE78696882B327FF13D2DFA534 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
14:21:05.0661 2688 btwaudio - ok
14:21:05.0692 2688 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
14:21:05.0692 2688 btwavdt - ok
14:21:05.0739 2688 [ 3D5E7FB2CB69A6186C7954C0859173F4 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
14:21:05.0755 2688 btwdins - ok
14:21:05.0770 2688 [ 346B4051B3D7FF70E8F027869B8ECA6E ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
14:21:05.0770 2688 btwl2cap - ok
14:21:05.0801 2688 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
14:21:05.0801 2688 btwrchid - ok
14:21:05.0833 2688 catchme - ok
14:21:05.0864 2688 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
14:21:05.0864 2688 cdfs - ok
14:21:05.0895 2688 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
14:21:05.0895 2688 cdrom - ok
14:21:05.0926 2688 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
14:21:05.0926 2688 CertPropSvc - ok
14:21:05.0942 2688 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
14:21:05.0942 2688 circlass - ok
14:21:05.0973 2688 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
14:21:05.0973 2688 CLFS - ok
14:21:06.0067 2688 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:21:06.0067 2688 clr_optimization_v2.0.50727_32 - ok
14:21:06.0129 2688 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:21:06.0129 2688 clr_optimization_v2.0.50727_64 - ok
14:21:06.0207 2688 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:21:06.0207 2688 clr_optimization_v4.0.30319_32 - ok
14:21:06.0223 2688 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:21:06.0238 2688 clr_optimization_v4.0.30319_64 - ok
14:21:06.0269 2688 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
14:21:06.0269 2688 clwvd - ok
14:21:06.0301 2688 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
14:21:06.0301 2688 CmBatt - ok
14:21:06.0332 2688 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
14:21:06.0332 2688 cmdide - ok
14:21:06.0379 2688 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
14:21:06.0379 2688 CNG - ok
14:21:06.0410 2688 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
14:21:06.0410 2688 Compbatt - ok
14:21:06.0441 2688 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
14:21:06.0441 2688 CompositeBus - ok
14:21:06.0457 2688 COMSysApp - ok
14:21:06.0581 2688 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
14:21:06.0581 2688 cphs - ok
14:21:06.0597 2688 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
14:21:06.0597 2688 crcdisk - ok
14:21:06.0659 2688 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
14:21:06.0659 2688 CryptSvc - ok
14:21:06.0691 2688 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
14:21:06.0691 2688 DcomLaunch - ok
14:21:06.0737 2688 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
14:21:06.0737 2688 defragsvc - ok
14:21:06.0769 2688 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
14:21:06.0769 2688 DfsC - ok
14:21:06.0800 2688 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
14:21:06.0800 2688 Dhcp - ok
14:21:06.0815 2688 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
14:21:06.0815 2688 discache - ok
14:21:06.0847 2688 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
14:21:06.0847 2688 Disk - ok
14:21:06.0862 2688 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
14:21:06.0862 2688 Dnscache - ok
14:21:06.0878 2688 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
14:21:06.0878 2688 dot3svc - ok
14:21:06.0893 2688 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
14:21:06.0909 2688 DPS - ok
14:21:06.0940 2688 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
14:21:06.0940 2688 drmkaud - ok
14:21:06.0987 2688 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
14:21:06.0987 2688 DXGKrnl - ok
14:21:07.0003 2688 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
14:21:07.0003 2688 EapHost - ok
14:21:07.0065 2688 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
14:21:07.0096 2688 ebdrv - ok
14:21:07.0112 2688 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
14:21:07.0127 2688 EFS - ok
14:21:07.0174 2688 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
14:21:07.0190 2688 ehRecvr - ok
14:21:07.0190 2688 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
14:21:07.0190 2688 ehSched - ok
14:21:07.0237 2688 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
14:21:07.0252 2688 elxstor - ok
14:21:07.0252 2688 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
14:21:07.0252 2688 ErrDev - ok
14:21:07.0299 2688 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
14:21:07.0299 2688 EventSystem - ok
14:21:07.0330 2688 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
14:21:07.0330 2688 exfat - ok
14:21:07.0346 2688 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
14:21:07.0346 2688 fastfat - ok
14:21:07.0377 2688 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
14:21:07.0393 2688 Fax - ok
14:21:07.0439 2688 [ 3191ACA33088EE2481044FC0DB736442 ] fbfmon C:\windows\system32\drivers\fbfmon.sys
14:21:07.0439 2688 fbfmon - ok
14:21:07.0455 2688 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
14:21:07.0455 2688 fdc - ok
14:21:07.0486 2688 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
14:21:07.0486 2688 fdPHost - ok
14:21:07.0517 2688 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
14:21:07.0517 2688 FDResPub - ok
14:21:07.0549 2688 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
14:21:07.0549 2688 FileInfo - ok
14:21:07.0564 2688 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
14:21:07.0564 2688 Filetrace - ok
14:21:07.0595 2688 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
14:21:07.0595 2688 flpydisk - ok
14:21:07.0611 2688 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
14:21:07.0611 2688 FltMgr - ok
14:21:07.0642 2688 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
14:21:07.0658 2688 FontCache - ok
14:21:07.0705 2688 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:21:07.0705 2688 FontCache3.0.0.0 - ok
14:21:07.0720 2688 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
14:21:07.0720 2688 FsDepends - ok
14:21:07.0736 2688 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
14:21:07.0736 2688 Fs_Rec - ok
14:21:07.0783 2688 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
14:21:07.0783 2688 fvevol - ok
14:21:07.0814 2688 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
14:21:07.0814 2688 gagp30kx - ok
14:21:07.0845 2688 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:21:07.0845 2688 GEARAspiWDM - ok
14:21:07.0876 2688 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
14:21:07.0892 2688 gpsvc - ok
14:21:07.0939 2688 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:21:07.0939 2688 gupdate - ok
14:21:07.0939 2688 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:21:07.0939 2688 gupdatem - ok
14:21:07.0985 2688 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:21:07.0985 2688 gusvc - ok
14:21:08.0017 2688 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
14:21:08.0017 2688 hcw85cir - ok
14:21:08.0048 2688 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:21:08.0048 2688 HdAudAddService - ok
14:21:08.0063 2688 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
14:21:08.0063 2688 HDAudBus - ok
14:21:08.0079 2688 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
14:21:08.0079 2688 HidBatt - ok
14:21:08.0110 2688 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
14:21:08.0110 2688 HidBth - ok
14:21:08.0110 2688 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
14:21:08.0110 2688 HidIr - ok
14:21:08.0141 2688 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
14:21:08.0141 2688 hidserv - ok
14:21:08.0173 2688 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
14:21:08.0173 2688 HidUsb - ok
14:21:08.0204 2688 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
14:21:08.0204 2688 hkmsvc - ok
14:21:08.0219 2688 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:21:08.0219 2688 HomeGroupListener - ok
14:21:08.0251 2688 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:21:08.0251 2688 HomeGroupProvider - ok
14:21:08.0282 2688 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
14:21:08.0282 2688 HpSAMD - ok
14:21:08.0313 2688 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
14:21:08.0313 2688 HTTP - ok
14:21:08.0329 2688 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
14:21:08.0329 2688 hwpolicy - ok
14:21:08.0360 2688 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
14:21:08.0360 2688 i8042prt - ok
14:21:08.0391 2688 [ 53CC5BF8B5A219119953C7ABB19A7705 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
14:21:08.0391 2688 iaStor - ok
14:21:08.0453 2688 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
14:21:08.0469 2688 iaStorV - ok
14:21:08.0531 2688 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:21:08.0531 2688 idsvc - ok
14:21:08.0797 2688 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
14:21:08.0875 2688 igfx - ok
14:21:08.0906 2688 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
14:21:08.0906 2688 iirsp - ok
14:21:08.0953 2688 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
14:21:08.0953 2688 IKEEXT - ok
14:21:09.0046 2688 [ ABA41EE6F5EEFC034F3BBD025506B37E ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
14:21:09.0062 2688 IntcAzAudAddService - ok
14:21:09.0140 2688 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
14:21:09.0140 2688 IntcDAud - ok
14:21:09.0171 2688 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
14:21:09.0171 2688 intelide - ok
14:21:09.0187 2688 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
14:21:09.0187 2688 intelppm - ok
14:21:09.0218 2688 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
14:21:09.0218 2688 IPBusEnum - ok
14:21:09.0233 2688 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
14:21:09.0233 2688 IpFilterDriver - ok
14:21:09.0280 2688 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
14:21:09.0280 2688 iphlpsvc - ok
14:21:09.0296 2688 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
14:21:09.0296 2688 IPMIDRV - ok
14:21:09.0296 2688 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
14:21:09.0296 2688 IPNAT - ok
14:21:09.0405 2688 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:21:09.0421 2688 iPod Service - ok
14:21:09.0436 2688 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
14:21:09.0436 2688 IRENUM - ok
14:21:09.0436 2688 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
14:21:09.0436 2688 isapnp - ok
14:21:09.0467 2688 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
14:21:09.0467 2688 iScsiPrt - ok
14:21:09.0499 2688 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
14:21:09.0499 2688 kbdclass - ok
14:21:09.0514 2688 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
14:21:09.0514 2688 kbdhid - ok
14:21:09.0530 2688 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
14:21:09.0530 2688 KeyIso - ok
14:21:09.0561 2688 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
14:21:09.0561 2688 KSecDD - ok
14:21:09.0592 2688 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
14:21:09.0592 2688 KSecPkg - ok
14:21:09.0608 2688 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
14:21:09.0608 2688 ksthunk - ok
14:21:09.0639 2688 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
14:21:09.0639 2688 KtmRm - ok
14:21:09.0670 2688 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
14:21:09.0670 2688 LanmanServer - ok
14:21:09.0686 2688 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:21:09.0686 2688 LanmanWorkstation - ok
14:21:09.0748 2688 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
14:21:09.0748 2688 LHDmgr - ok
14:21:09.0779 2688 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
14:21:09.0779 2688 lltdio - ok
14:21:09.0795 2688 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
14:21:09.0795 2688 lltdsvc - ok
14:21:09.0842 2688 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
14:21:09.0842 2688 lmhosts - ok
14:21:09.0904 2688 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:21:09.0904 2688 LMS - ok
14:21:09.0951 2688 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
14:21:09.0951 2688 LSI_FC - ok
14:21:09.0982 2688 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
14:21:09.0982 2688 LSI_SAS - ok
14:21:09.0982 2688 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
14:21:09.0982 2688 LSI_SAS2 - ok
14:21:09.0998 2688 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
14:21:09.0998 2688 LSI_SCSI - ok
14:21:10.0013 2688 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
14:21:10.0013 2688 luafv - ok
14:21:10.0045 2688 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
14:21:10.0045 2688 Mcx2Svc - ok
14:21:10.0060 2688 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
14:21:10.0060 2688 megasas - ok
14:21:10.0076 2688 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
14:21:10.0076 2688 MegaSR - ok
14:21:10.0107 2688 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
14:21:10.0107 2688 MEIx64 - ok
14:21:10.0138 2688 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
14:21:10.0138 2688 MMCSS - ok
14:21:10.0154 2688 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
14:21:10.0154 2688 Modem - ok
14:21:10.0201 2688 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
14:21:10.0201 2688 monitor - ok
14:21:10.0216 2688 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
14:21:10.0232 2688 mouclass - ok
14:21:10.0232 2688 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
14:21:10.0232 2688 mouhid - ok
14:21:10.0263 2688 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
14:21:10.0263 2688 mountmgr - ok
14:21:10.0310 2688 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
14:21:10.0310 2688 MpFilter - ok
14:21:10.0325 2688 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
14:21:10.0325 2688 mpio - ok
14:21:10.0341 2688 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
14:21:10.0341 2688 mpsdrv - ok
14:21:10.0388 2688 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
14:21:10.0388 2688 MpsSvc - ok
14:21:10.0403 2688 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
14:21:10.0403 2688 MRxDAV - ok
14:21:10.0419 2688 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
14:21:10.0419 2688 mrxsmb - ok
14:21:10.0435 2688 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
14:21:10.0435 2688 mrxsmb10 - ok
14:21:10.0450 2688 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
14:21:10.0450 2688 mrxsmb20 - ok
14:21:10.0450 2688 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
14:21:10.0450 2688 msahci - ok
14:21:10.0481 2688 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
14:21:10.0481 2688 msdsm - ok
14:21:10.0497 2688 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
14:21:10.0497 2688 MSDTC - ok
14:21:10.0513 2688 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
14:21:10.0513 2688 Msfs - ok
14:21:10.0528 2688 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
14:21:10.0544 2688 mshidkmdf - ok
14:21:10.0544 2688 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
14:21:10.0544 2688 msisadrv - ok
14:21:10.0575 2688 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
14:21:10.0575 2688 MSiSCSI - ok
14:21:10.0575 2688 msiserver - ok
14:21:10.0606 2688 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
14:21:10.0622 2688 MSKSSRV - ok
14:21:10.0700 2688 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:21:10.0700 2688 MsMpSvc - ok
14:21:10.0715 2688 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
14:21:10.0715 2688 MSPCLOCK - ok
14:21:10.0731 2688 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
14:21:10.0731 2688 MSPQM - ok
14:21:10.0762 2688 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
14:21:10.0762 2688 MsRPC - ok
14:21:10.0778 2688 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
14:21:10.0778 2688 mssmbios - ok
14:21:10.0793 2688 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
14:21:10.0793 2688 MSTEE - ok
14:21:10.0793 2688 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
14:21:10.0809 2688 MTConfig - ok
14:21:10.0825 2688 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
14:21:10.0825 2688 Mup - ok
14:21:10.0856 2688 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
14:21:10.0856 2688 napagent - ok
14:21:10.0887 2688 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
14:21:10.0887 2688 NativeWifiP - ok
14:21:10.0934 2688 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
14:21:10.0949 2688 NDIS - ok
14:21:10.0965 2688 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
14:21:10.0965 2688 NdisCap - ok
14:21:10.0981 2688 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
14:21:10.0981 2688 NdisTapi - ok
14:21:10.0996 2688 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
14:21:10.0996 2688 Ndisuio - ok
14:21:11.0012 2688 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
14:21:11.0012 2688 NdisWan - ok
14:21:11.0027 2688 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
14:21:11.0027 2688 NDProxy - ok
14:21:11.0059 2688 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
14:21:11.0059 2688 NetBIOS - ok
14:21:11.0074 2688 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
14:21:11.0074 2688 NetBT - ok
14:21:11.0090 2688 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
14:21:11.0090 2688 Netlogon - ok
14:21:11.0121 2688 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
14:21:11.0137 2688 Netman - ok
14:21:11.0152 2688 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
14:21:11.0152 2688 netprofm - ok
14:21:11.0183 2688 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:21:11.0183 2688 NetTcpPortSharing - ok
14:21:11.0215 2688 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
14:21:11.0215 2688 nfrd960 - ok
14:21:11.0261 2688 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:21:11.0261 2688 NisDrv - ok
14:21:11.0324 2688 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:21:11.0324 2688 NisSrv - ok
14:21:11.0371 2688 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
14:21:11.0386 2688 NlaSvc - ok
14:21:11.0386 2688 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
14:21:11.0386 2688 Npfs - ok
14:21:11.0417 2688 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
14:21:11.0417 2688 nsi - ok
14:21:11.0417 2688 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
14:21:11.0417 2688 nsiproxy - ok
14:21:11.0495 2688 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
14:21:11.0495 2688 Ntfs - ok
14:21:11.0527 2688 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
14:21:11.0527 2688 Null - ok
14:21:11.0807 2688 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
14:21:11.0885 2688 nvlddmkm - ok
14:21:11.0901 2688 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
14:21:11.0901 2688 nvpciflt - ok
14:21:11.0932 2688 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
14:21:11.0932 2688 nvraid - ok
14:21:11.0948 2688 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
14:21:11.0948 2688 nvstor - ok
14:21:11.0995 2688 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\windows\system32\nvvsvc.exe
14:21:12.0010 2688 NVSvc - ok
14:21:12.0057 2688 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:21:12.0073 2688 nvUpdatusService - ok
14:21:12.0104 2688 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
14:21:12.0104 2688 nv_agp - ok
14:21:12.0135 2688 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
14:21:12.0135 2688 ohci1394 - ok
14:21:12.0166 2688 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
14:21:12.0166 2688 p2pimsvc - ok
14:21:12.0182 2688 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
14:21:12.0182 2688 p2psvc - ok
14:21:12.0197 2688 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
14:21:12.0213 2688 Parport - ok
14:21:12.0244 2688 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
14:21:12.0244 2688 partmgr - ok
14:21:12.0260 2688 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
14:21:12.0260 2688 PcaSvc - ok
14:21:12.0307 2688 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
14:21:12.0307 2688 pci - ok
14:21:12.0322 2688 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
14:21:12.0322 2688 pciide - ok
14:21:12.0338 2688 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
14:21:12.0338 2688 pcmcia - ok
14:21:12.0353 2688 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
14:21:12.0369 2688 pcw - ok
14:21:12.0385 2688 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
14:21:12.0385 2688 PEAUTH - ok
14:21:12.0416 2688 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
14:21:12.0416 2688 PerfHost - ok
14:21:12.0463 2688 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
14:21:12.0478 2688 pla - ok
14:21:12.0525 2688 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
14:21:12.0525 2688 PlugPlay - ok
14:21:12.0525 2688 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
14:21:12.0541 2688 PNRPAutoReg - ok
14:21:12.0556 2688 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
14:21:12.0556 2688 PNRPsvc - ok
14:21:12.0587 2688 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
14:21:12.0603 2688 PolicyAgent - ok
14:21:12.0603 2688 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
14:21:12.0619 2688 Power - ok
14:21:12.0650 2688 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
14:21:12.0650 2688 PptpMiniport - ok
14:21:12.0681 2688 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
14:21:12.0681 2688 Processor - ok
14:21:12.0712 2688 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
14:21:12.0712 2688 ProfSvc - ok
14:21:12.0728 2688 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
14:21:12.0728 2688 ProtectedStorage - ok
14:21:12.0743 2688 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
14:21:12.0759 2688 Psched - ok
14:21:12.0790 2688 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
14:21:12.0806 2688 ql2300 - ok
14:21:12.0821 2688 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
14:21:12.0821 2688 ql40xx - ok
14:21:12.0868 2688 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
14:21:12.0868 2688 QWAVE - ok
14:21:12.0884 2688 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
14:21:12.0884 2688 QWAVEdrv - ok
14:21:12.0884 2688 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
14:21:12.0884 2688 RasAcd - ok
14:21:12.0915 2688 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
14:21:12.0915 2688 RasAgileVpn - ok
14:21:12.0931 2688 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
14:21:12.0931 2688 RasAuto - ok
14:21:12.0946 2688 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
14:21:12.0946 2688 Rasl2tp - ok
14:21:12.0977 2688 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
14:21:12.0977 2688 RasMan - ok
14:21:13.0009 2688 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
14:21:13.0009 2688 RasPppoe - ok
14:21:13.0024 2688 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
14:21:13.0024 2688 RasSstp - ok
14:21:13.0055 2688 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
14:21:13.0055 2688 rdbss - ok
14:21:13.0071 2688 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
14:21:13.0087 2688 rdpbus - ok
14:21:13.0102 2688 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
14:21:13.0102 2688 RDPCDD - ok
14:21:13.0118 2688 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
14:21:13.0118 2688 RDPENCDD - ok
14:21:13.0133 2688 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
14:21:13.0133 2688 RDPREFMP - ok
14:21:13.0165 2688 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
14:21:13.0165 2688 RDPWD - ok
14:21:13.0196 2688 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
14:21:13.0196 2688 rdyboost - ok
14:21:13.0211 2688 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
14:21:13.0211 2688 RemoteAccess - ok
14:21:13.0258 2688 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
14:21:13.0258 2688 RemoteRegistry - ok
14:21:13.0289 2688 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
14:21:13.0289 2688 RFCOMM - ok
14:21:13.0321 2688 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
14:21:13.0321 2688 RpcEptMapper - ok
14:21:13.0336 2688 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
14:21:13.0336 2688 RpcLocator - ok
14:21:13.0352 2688 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
14:21:13.0367 2688 RpcSs - ok
14:21:13.0399 2688 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
14:21:13.0399 2688 rspndr - ok
14:21:13.0445 2688 [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
14:21:13.0445 2688 RSUSBVSTOR - ok
14:21:13.0492 2688 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
14:21:13.0492 2688 RTL8167 - ok
14:21:13.0523 2688 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
14:21:13.0523 2688 SamSs - ok
14:21:13.0539 2688 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
14:21:13.0539 2688 sbp2port - ok
14:21:13.0570 2688 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
14:21:13.0570 2688 SCardSvr - ok
14:21:13.0586 2688 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
14:21:13.0586 2688 scfilter - ok
14:21:13.0617 2688 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
14:21:13.0617 2688 Schedule - ok
14:21:13.0648 2688 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
14:21:13.0648 2688 SCPolicySvc - ok
14:21:13.0679 2688 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
14:21:13.0679 2688 SDRSVC - ok
14:21:13.0695 2688 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
14:21:13.0695 2688 secdrv - ok
14:21:13.0711 2688 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
14:21:13.0711 2688 seclogon - ok
14:21:13.0742 2688 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
14:21:13.0742 2688 SENS - ok
14:21:13.0773 2688 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
14:21:13.0773 2688 SensrSvc - ok
14:21:13.0789 2688 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
14:21:13.0789 2688 Serenum - ok
14:21:13.0804 2688 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
14:21:13.0804 2688 Serial - ok
14:21:13.0851 2688 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
14:21:13.0851 2688 sermouse - ok
14:21:13.0867 2688 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
14:21:13.0867 2688 SessionEnv - ok
14:21:13.0898 2688 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
14:21:13.0898 2688 sffdisk - ok
14:21:13.0898 2688 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
14:21:13.0898 2688 sffp_mmc - ok
14:21:13.0898 2688 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
14:21:13.0898 2688 sffp_sd - ok
14:21:13.0913 2688 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
14:21:13.0913 2688 sfloppy - ok
14:21:13.0945 2688 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
14:21:13.0945 2688 SharedAccess - ok
14:21:13.0960 2688 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:21:13.0976 2688 ShellHWDetection - ok
14:21:13.0991 2688 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
14:21:13.0991 2688 SiSRaid2 - ok
14:21:13.0991 2688 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
14:21:13.0991 2688 SiSRaid4 - ok
14:21:14.0054 2688 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:21:14.0054 2688 SkypeUpdate - ok
14:21:14.0069 2688 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
14:21:14.0069 2688 Smb - ok
14:21:14.0101 2688 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
14:21:14.0101 2688 SNMPTRAP - ok
14:21:14.0163 2688 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\windows\syswow64\speedfan.sys
14:21:14.0163 2688 speedfan - ok
14:21:14.0194 2688 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
14:21:14.0194 2688 spldr - ok
14:21:14.0241 2688 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
14:21:14.0241 2688 Spooler - ok
14:21:14.0319 2688 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
14:21:14.0350 2688 sppsvc - ok
14:21:14.0381 2688 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
14:21:14.0381 2688 sppuinotify - ok
14:21:14.0397 2688 [ 454800C2BC7F3927CE030141EE4F4C50 ] SPUVCbv C:\windows\system32\Drivers\usbvideo.sys
14:21:14.0397 2688 SPUVCbv - ok
14:21:14.0428 2688 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
14:21:14.0428 2688 srv - ok
14:21:14.0444 2688 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
14:21:14.0444 2688 srv2 - ok
14:21:14.0459 2688 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
14:21:14.0459 2688 srvnet - ok
14:21:14.0506 2688 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
14:21:14.0506 2688 SSDPSRV - ok
14:21:14.0522 2688 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
14:21:14.0522 2688 SstpSvc - ok
14:21:14.0537 2688 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
14:21:14.0537 2688 stexstor - ok
14:21:14.0569 2688 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
14:21:14.0569 2688 StillCam - ok
14:21:14.0584 2688 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
14:21:14.0600 2688 stisvc - ok
14:21:14.0600 2688 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
14:21:14.0600 2688 swenum - ok
14:21:14.0631 2688 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
14:21:14.0631 2688 swprv - ok
14:21:14.0678 2688 [ 08425CD92972C6430F350A9697F4A553 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
14:21:14.0693 2688 SynTP - ok
14:21:14.0756 2688 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
14:21:14.0756 2688 SysMain - ok
14:21:14.0818 2688 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
14:21:14.0818 2688 TabletInputService - ok
14:21:14.0834 2688 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
14:21:14.0849 2688 TapiSrv - ok
14:21:14.0865 2688 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
14:21:14.0865 2688 TBS - ok
14:21:14.0912 2688 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
14:21:14.0927 2688 Tcpip - ok
14:21:14.0990 2688 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
14:21:14.0990 2688 TCPIP6 - ok
14:21:15.0037 2688 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
14:21:15.0037 2688 tcpipreg - ok
14:21:15.0068 2688 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
14:21:15.0068 2688 TDPIPE - ok
14:21:15.0099 2688 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
14:21:15.0099 2688 TDTCP - ok
14:21:15.0130 2688 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
14:21:15.0130 2688 tdx - ok
14:21:15.0208 2688 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
14:21:15.0224 2688 TeamViewer7 - ok
14:21:15.0239 2688 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
14:21:15.0239 2688 TermDD - ok
14:21:15.0271 2688 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
14:21:15.0271 2688 TermService - ok
14:21:15.0286 2688 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
14:21:15.0286 2688 Themes - ok
14:21:15.0302 2688 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
14:21:15.0302 2688 THREADORDER - ok
14:21:15.0317 2688 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
14:21:15.0317 2688 TrkWks - ok
14:21:15.0380 2688 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:21:15.0380 2688 TrustedInstaller - ok
14:21:15.0380 2688 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
14:21:15.0380 2688 tssecsrv - ok
14:21:15.0427 2688 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
14:21:15.0427 2688 TsUsbFlt - ok
14:21:15.0427 2688 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
14:21:15.0427 2688 TsUsbGD - ok
14:21:15.0473 2688 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
14:21:15.0473 2688 tunnel - ok
14:21:15.0473 2688 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
14:21:15.0473 2688 uagp35 - ok
14:21:15.0505 2688 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
14:21:15.0505 2688 udfs - ok
14:21:15.0520 2688 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
14:21:15.0520 2688 UI0Detect - ok
14:21:15.0551 2688 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
14:21:15.0551 2688 uliagpkx - ok
14:21:15.0583 2688 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
14:21:15.0583 2688 umbus - ok
14:21:15.0598 2688 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
14:21:15.0598 2688 UmPass - ok
14:21:15.0676 2688 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:21:15.0692 2688 UNS - ok
14:21:15.0707 2688 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
14:21:15.0707 2688 upnphost - ok
14:21:15.0754 2688 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
14:21:15.0754 2688 USBAAPL64 - ok
14:21:15.0770 2688 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
14:21:15.0770 2688 usbccgp - ok
14:21:15.0785 2688 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
14:21:15.0785 2688 usbcir - ok
14:21:15.0801 2688 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
14:21:15.0801 2688 usbehci - ok
14:21:15.0848 2688 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
14:21:15.0848 2688 usbhub - ok
14:21:15.0848 2688 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
14:21:15.0863 2688 usbohci - ok
14:21:15.0863 2688 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
14:21:15.0863 2688 usbprint - ok
14:21:15.0879 2688 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
14:21:15.0879 2688 USBSTOR - ok
14:21:15.0879 2688 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
14:21:15.0879 2688 usbuhci - ok
14:21:15.0910 2688 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
14:21:15.0910 2688 usbvideo - ok
14:21:15.0926 2688 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
14:21:15.0926 2688 UxSms - ok
14:21:15.0941 2688 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
14:21:15.0941 2688 VaultSvc - ok
14:21:15.0973 2688 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
14:21:15.0973 2688 vdrvroot - ok
14:21:15.0988 2688 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
14:21:16.0004 2688 vds - ok
14:21:16.0035 2688 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
14:21:16.0035 2688 vga - ok
14:21:16.0051 2688 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
14:21:16.0051 2688 VgaSave - ok
14:21:16.0051 2688 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
14:21:16.0051 2688 vhdmp - ok
14:21:16.0066 2688 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
14:21:16.0066 2688 viaide - ok
14:21:16.0082 2688 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
14:21:16.0082 2688 volmgr - ok
14:21:16.0097 2688 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
14:21:16.0097 2688 volmgrx - ok
14:21:16.0113 2688 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
14:21:16.0113 2688 volsnap - ok
14:21:16.0144 2688 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
14:21:16.0144 2688 vsmraid - ok
14:21:16.0207 2688 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
14:21:16.0207 2688 VSS - ok
14:21:16.0222 2688 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
14:21:16.0222 2688 vwifibus - ok
14:21:16.0253 2688 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
14:21:16.0253 2688 vwififlt - ok
14:21:16.0269 2688 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
14:21:16.0269 2688 vwifimp - ok
14:21:16.0300 2688 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
14:21:16.0300 2688 W32Time - ok
14:21:16.0300 2688 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
14:21:16.0316 2688 WacomPen - ok
14:21:16.0331 2688 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
14:21:16.0331 2688 WANARP - ok
14:21:16.0331 2688 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
14:21:16.0331 2688 Wanarpv6 - ok
14:21:16.0378 2688 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
14:21:16.0394 2688 wbengine - ok
14:21:16.0409 2688 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
14:21:16.0409 2688 WbioSrvc - ok
14:21:16.0425 2688 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
14:21:16.0425 2688 wcncsvc - ok
14:21:16.0456 2688 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:21:16.0456 2688 WcsPlugInService - ok
14:21:16.0487 2688 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
14:21:16.0487 2688 Wd - ok
14:21:16.0519 2688 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
14:21:16.0534 2688 Wdf01000 - ok
14:21:16.0550 2688 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
14:21:16.0550 2688 WdiServiceHost - ok
14:21:16.0550 2688 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
14:21:16.0565 2688 WdiSystemHost - ok
14:21:16.0581 2688 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
14:21:16.0581 2688 WebClient - ok
14:21:16.0597 2688 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
14:21:16.0597 2688 Wecsvc - ok
14:21:16.0612 2688 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
14:21:16.0612 2688 wercplsupport - ok
14:21:16.0628 2688 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
14:21:16.0628 2688 WerSvc - ok
14:21:16.0659 2688 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
14:21:16.0659 2688 WfpLwf - ok
14:21:16.0675 2688 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
14:21:16.0690 2688 WIMMount - ok
14:21:16.0706 2688 WinDefend - ok
14:21:16.0706 2688 WinHttpAutoProxySvc - ok
14:21:16.0768 2688 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
14:21:16.0768 2688 Winmgmt - ok
14:21:16.0831 2688 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
14:21:16.0831 2688 WinRM - ok
14:21:16.0893 2688 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
14:21:16.0893 2688 WinUsb - ok
14:21:16.0924 2688 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
14:21:16.0940 2688 Wlansvc - ok
14:21:16.0987 2688 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:21:16.0987 2688 wlcrasvc - ok
14:21:17.0111 2688 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:21:17.0111 2688 wlidsvc - ok
14:21:17.0143 2688 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
14:21:17.0143 2688 WmiAcpi - ok
14:21:17.0189 2688 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
14:21:17.0189 2688 wmiApSrv - ok
14:21:17.0221 2688 WMPNetworkSvc - ok
14:21:17.0252 2688 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
14:21:17.0252 2688 WPCSvc - ok
14:21:17.0267 2688 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
14:21:17.0267 2688 WPDBusEnum - ok
14:21:17.0283 2688 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
14:21:17.0283 2688 ws2ifsl - ok
14:21:17.0299 2688 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
14:21:17.0299 2688 wscsvc - ok
14:21:17.0299 2688 WSearch - ok
14:21:17.0345 2688 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
14:21:17.0345 2688 wsvd - ok
14:21:17.0408 2688 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
14:21:17.0423 2688 wuauserv - ok
14:21:17.0455 2688 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
14:21:17.0455 2688 WudfPf - ok
14:21:17.0486 2688 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
14:21:17.0486 2688 WUDFRd - ok
14:21:17.0517 2688 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
14:21:17.0517 2688 wudfsvc - ok
14:21:17.0548 2688 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
14:21:17.0548 2688 WwanSvc - ok
14:21:17.0579 2688 ================ Scan global ===============================
14:21:17.0595 2688 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
14:21:17.0626 2688 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
14:21:17.0642 2688 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
14:21:17.0673 2688 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
14:21:17.0704 2688 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
14:21:17.0704 2688 [Global] - ok
14:21:17.0704 2688 ================ Scan MBR ==================================
14:21:17.0720 2688 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:21:18.0110 2688 \Device\Harddisk0\DR0 - ok
14:21:18.0110 2688 ================ Scan VBR ==================================
14:21:18.0110 2688 [ 2E001E7BB9E7C89F06858EC6338D335F ] \Device\Harddisk0\DR0\Partition1
14:21:18.0125 2688 \Device\Harddisk0\DR0\Partition1 - ok
14:21:18.0141 2688 [ B98174802C8F75412D14CB157BC4004A ] \Device\Harddisk0\DR0\Partition2
14:21:18.0141 2688 \Device\Harddisk0\DR0\Partition2 - ok
14:21:18.0172 2688 [ 75308F4AE6C240F411BC15369618A708 ] \Device\Harddisk0\DR0\Partition3
14:21:18.0172 2688 \Device\Harddisk0\DR0\Partition3 - ok
14:21:18.0172 2688 ============================================================
14:21:18.0172 2688 Scan finished
14:21:18.0172 2688 ============================================================
14:21:18.0188 0904 Detected object count: 0
14:21:18.0188 0904 Actual detected object count: 0
|
|
17.11.2012, 14:24
| #6 |
| /// TB-Ausbilder | "Mail delivery failed" häuft sich im Posteingang Auch nichts. Ich fürchte ich kann dir da derzeit nicht weiter helfen. Hast du dich schon mal an die Telefonhotline von T-Online gewendet?
__________________ --> "Mail delivery failed" häuft sich im Posteingang |
|
17.11.2012, 14:28
| #7 |
| | "Mail delivery failed" häuft sich im Posteingang Vielen Dank erstmal für die schnelle Hilfe! Die Hotline hatte ich noch nicht in betracht gezogen, da ich das ja alles "remote" mache und nicht direkt an den Computer komme. Kann ich denn erstmal Entwarnung geben, dass zumindest der PC nicht betroffen ist? (Es wird ein Papypal konto genutzt mit dem PC). Komisch ist halt nur, dass im Header der Mails ja eindeutig die t-online server stehen. |
|
17.11.2012, 14:29
| #8 | ||||
| /// TB-Ausbilder | "Mail delivery failed" häuft sich im Posteingang Man kann sie nicht 100% sicher sein. Aber gesehen haben wir nichts. Dann bitte ... Tools deinstallieren
Abschließend noch Tipps zu folgenden Themen:
Damit wünsche ich dir noch viel Spaß beim Surfen im Internet  ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Eine Bitte: Gib mir eine kurze Rückmeldung, wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
17.11.2012, 14:44
| #9 |
| | "Mail delivery failed" häuft sich im Posteingang Vielen Dank! Kann dann zu. |
|
17.11.2012, 14:44
| #10 |
| /// TB-Ausbilder | "Mail delivery failed" häuft sich im Posteingang Schön, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu "Mail delivery failed" häuft sich im Posteingang |
| aktualisiert, befürchtung, could, dateisystem, dauerhaft, delivered, delivery, failed, fake, folge, funde, heuristiks/extra, heuristiks/shuriken, inhalt, keine funde, landen, mail, mail delivery, mails, message, möglicherweise, not, permanent, posteingang, returning message to sender, sender, t-online, t-online.de, timeout, täglich |
Linear-Darstellung
