| |
| |||||||
Log-Analyse und Auswertung: Umleitung von URLs im IEWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.11.2012, 08:38
| #16 |
| /// TB-Ausbilder  |  Umleitung von URLs im IE Na sicher. Das ist echt ein komisches Teil, was du da hast.
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
22.11.2012, 16:10
| #17 |
| /// TB-Ausbilder | Umleitung von URLs im IE Nach Rückfrage mit Kollegen habe ich noch ein paar Ideen:
__________________
__________________ |
|
25.11.2012, 15:05
| #18 |
  | Umleitung von URLs im IE Hallo ryder,
__________________so, ich schaue es mir jetzt wieder an: DNS-Cache habe ich geleert, leider kein Effekt. Umleitung nur im IE, nicht in Chrome. Router wurde sogar aus einem anderen Grund ausgetauscht, Umleitung der URL ist unter beiden der Fall gewesen. Habe jetzt auch noch mal im IE den gesamten Cache gelöscht und alle Adins deaktiviert, leider ebenfalls ohne Effekt. Ich habe mal spaßeshalber ein Desktopvideo mit dem Phänomen erstellt, siehe Anhang. Grüße Wildone |
|
25.11.2012, 15:28
| #19 |
| /// TB-Ausbilder | Umleitung von URLs im IE Hm jetzt wirds mir aber zu bunt ... Schritt 1: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Schritt 2: Scan mit MBAR Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Wenn das nichts zeigt würde ich mit dir verdächtige Objekte entfernen und schauen ob das fruchtet ...
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
25.11.2012, 16:07
| #20 |
| | Umleitung von URLs im IE Hallo ryder, hm, alles weiterhin sehr seltsam, leider haben die rootkit scans auch nichts neues gebracht... TDSS: Code:
ATTFilter 15:40:34.0307 2848 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:40:34.0457 2848 ============================================================
15:40:34.0457 2848 Current date / time: 2012/11/25 15:40:34.0457
15:40:34.0457 2848 SystemInfo:
15:40:34.0457 2848
15:40:34.0457 2848 OS Version: 6.1.7601 ServicePack: 1.0
15:40:34.0457 2848 Product type: Workstation
15:40:34.0457 2848 ComputerName: ROBERT-HP
15:40:34.0457 2848 UserName: Robert
15:40:34.0457 2848 Windows directory: C:\Windows
15:40:34.0457 2848 System windows directory: C:\Windows
15:40:34.0457 2848 Running under WOW64
15:40:34.0457 2848 Processor architecture: Intel x64
15:40:34.0457 2848 Number of processors: 4
15:40:34.0457 2848 Page size: 0x1000
15:40:34.0457 2848 Boot type: Normal boot
15:40:34.0457 2848 ============================================================
15:40:35.0077 2848 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:40:35.0087 2848 ============================================================
15:40:35.0087 2848 \Device\Harddisk0\DR0:
15:40:35.0087 2848 MBR partitions:
15:40:35.0087 2848 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
15:40:35.0087 2848 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37AAC000
15:40:35.0087 2848 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37B10000, BlocksNum 0x2086000
15:40:35.0087 2848 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
15:40:35.0087 2848 ============================================================
15:40:35.0107 2848 C: <-> \Device\Harddisk0\DR0\Partition2
15:40:35.0157 2848 D: <-> \Device\Harddisk0\DR0\Partition3
15:40:35.0177 2848 E: <-> \Device\Harddisk0\DR0\Partition4
15:40:35.0177 2848 ============================================================
15:40:35.0177 2848 Initialize success
15:40:35.0177 2848 ============================================================
15:41:30.0116 6252 ============================================================
15:41:30.0116 6252 Scan started
15:41:30.0116 6252 Mode: Manual;
15:41:30.0116 6252 ============================================================
15:41:30.0475 6252 ================ Scan system memory ========================
15:41:30.0475 6252 System memory - ok
15:41:30.0475 6252 ================ Scan services =============================
15:41:30.0740 6252 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:41:30.0756 6252 1394ohci - ok
15:41:30.0772 6252 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:41:30.0787 6252 ACPI - ok
15:41:30.0818 6252 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:41:30.0818 6252 AcpiPmi - ok
15:41:30.0928 6252 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:41:30.0928 6252 AdobeARMservice - ok
15:41:31.0084 6252 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:41:31.0099 6252 AdobeFlashPlayerUpdateSvc - ok
15:41:31.0146 6252 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:41:31.0162 6252 adp94xx - ok
15:41:31.0208 6252 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:41:31.0208 6252 adpahci - ok
15:41:31.0240 6252 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:41:31.0240 6252 adpu320 - ok
15:41:31.0271 6252 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:41:31.0271 6252 AeLookupSvc - ok
15:41:31.0318 6252 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:41:31.0318 6252 AFD - ok
15:41:31.0364 6252 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:41:31.0380 6252 agp440 - ok
15:41:31.0396 6252 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:41:31.0396 6252 ALG - ok
15:41:31.0442 6252 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:41:31.0442 6252 aliide - ok
15:41:31.0474 6252 [ 46052887A640397A834CFA61D607BFC5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:41:31.0489 6252 AMD External Events Utility - ok
15:41:31.0505 6252 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:41:31.0505 6252 amdide - ok
15:41:31.0536 6252 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:41:31.0536 6252 AmdK8 - ok
15:41:31.0786 6252 [ F419E5CC07DECDAB85E4E6ADAB1DBB49 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:41:31.0817 6252 amdkmdag - ok
15:41:31.0879 6252 [ A2F3F99349169D53E91A953A6F539635 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:41:31.0879 6252 amdkmdap - ok
15:41:31.0910 6252 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:41:31.0910 6252 AmdPPM - ok
15:41:31.0957 6252 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:41:31.0957 6252 amdsata - ok
15:41:32.0004 6252 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:41:32.0004 6252 amdsbs - ok
15:41:32.0020 6252 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:41:32.0020 6252 amdxata - ok
15:41:32.0207 6252 [ A5569C4429D1C5494049FBFE2B2D20FF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:41:32.0207 6252 AntiVirSchedulerService - ok
15:41:32.0269 6252 [ CB7EA00A4E70DF6828EBB68633D000D2 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:41:32.0269 6252 AntiVirService - ok
15:41:32.0332 6252 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:41:32.0332 6252 AppID - ok
15:41:32.0347 6252 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:41:32.0347 6252 AppIDSvc - ok
15:41:32.0394 6252 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:41:32.0394 6252 Appinfo - ok
15:41:32.0456 6252 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:41:32.0456 6252 arc - ok
15:41:32.0503 6252 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:41:32.0503 6252 arcsas - ok
15:41:32.0519 6252 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:41:32.0519 6252 AsyncMac - ok
15:41:32.0534 6252 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:41:32.0534 6252 atapi - ok
15:41:32.0597 6252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:41:32.0612 6252 AudioEndpointBuilder - ok
15:41:32.0628 6252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:41:32.0644 6252 AudioSrv - ok
15:41:32.0706 6252 [ 58AEE8F9E26595ADEB6F008FBB0D6174 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:41:32.0706 6252 avgntflt - ok
15:41:32.0753 6252 [ 37D3D3D28B107BCBC1C0137FF31AE480 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:41:32.0753 6252 avipbb - ok
15:41:32.0768 6252 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:41:32.0768 6252 avkmgr - ok
15:41:32.0815 6252 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:41:32.0815 6252 AxInstSV - ok
15:41:32.0878 6252 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:41:32.0878 6252 b06bdrv - ok
15:41:32.0909 6252 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:41:32.0924 6252 b57nd60a - ok
15:41:33.0127 6252 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
15:41:33.0143 6252 BCM43XX - ok
15:41:33.0174 6252 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:41:33.0174 6252 BDESVC - ok
15:41:33.0190 6252 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:41:33.0190 6252 Beep - ok
15:41:33.0236 6252 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:41:33.0252 6252 BFE - ok
15:41:33.0283 6252 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:41:33.0299 6252 BITS - ok
15:41:33.0314 6252 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:41:33.0314 6252 blbdrive - ok
15:41:33.0361 6252 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:41:33.0361 6252 bowser - ok
15:41:33.0408 6252 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:41:33.0408 6252 BrFiltLo - ok
15:41:33.0424 6252 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:41:33.0424 6252 BrFiltUp - ok
15:41:33.0486 6252 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:41:33.0486 6252 BridgeMP - ok
15:41:33.0533 6252 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:41:33.0533 6252 Browser - ok
15:41:33.0564 6252 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:41:33.0564 6252 Brserid - ok
15:41:33.0580 6252 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:41:33.0595 6252 BrSerWdm - ok
15:41:33.0611 6252 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:41:33.0626 6252 BrUsbMdm - ok
15:41:33.0658 6252 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:41:33.0658 6252 BrUsbSer - ok
15:41:33.0689 6252 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:41:33.0689 6252 BTHMODEM - ok
15:41:33.0720 6252 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:41:33.0720 6252 bthserv - ok
15:41:33.0751 6252 catchme - ok
15:41:33.0782 6252 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:41:33.0782 6252 cdfs - ok
15:41:33.0829 6252 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:41:33.0829 6252 cdrom - ok
15:41:33.0860 6252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:41:33.0860 6252 CertPropSvc - ok
15:41:33.0892 6252 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:41:33.0907 6252 circlass - ok
15:41:33.0923 6252 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:41:33.0923 6252 CLFS - ok
15:41:34.0001 6252 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:41:34.0001 6252 clr_optimization_v2.0.50727_32 - ok
15:41:34.0079 6252 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:41:34.0079 6252 clr_optimization_v2.0.50727_64 - ok
15:41:34.0141 6252 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:41:34.0157 6252 clr_optimization_v4.0.30319_32 - ok
15:41:34.0204 6252 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:41:34.0204 6252 clr_optimization_v4.0.30319_64 - ok
15:41:34.0250 6252 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
15:41:34.0250 6252 clwvd - ok
15:41:34.0282 6252 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:41:34.0282 6252 CmBatt - ok
15:41:34.0297 6252 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:41:34.0297 6252 cmdide - ok
15:41:34.0360 6252 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:41:34.0360 6252 CNG - ok
15:41:34.0406 6252 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:41:34.0406 6252 Compbatt - ok
15:41:34.0438 6252 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:41:34.0438 6252 CompositeBus - ok
15:41:34.0453 6252 COMSysApp - ok
15:41:34.0500 6252 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:41:34.0500 6252 crcdisk - ok
15:41:34.0547 6252 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:41:34.0547 6252 CryptSvc - ok
15:41:34.0608 6252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:41:34.0618 6252 DcomLaunch - ok
15:41:34.0648 6252 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:41:34.0648 6252 defragsvc - ok
15:41:34.0678 6252 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:41:34.0678 6252 DfsC - ok
15:41:34.0728 6252 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:41:34.0728 6252 Dhcp - ok
15:41:34.0758 6252 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:41:34.0758 6252 discache - ok
15:41:34.0798 6252 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:41:34.0798 6252 Disk - ok
15:41:34.0828 6252 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:41:34.0828 6252 Dnscache - ok
15:41:34.0858 6252 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:41:34.0858 6252 dot3svc - ok
15:41:34.0878 6252 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:41:34.0878 6252 DPS - ok
15:41:34.0908 6252 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:41:34.0908 6252 drmkaud - ok
15:41:34.0958 6252 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:41:34.0978 6252 DXGKrnl - ok
15:41:35.0028 6252 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:41:35.0028 6252 EapHost - ok
15:41:35.0258 6252 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:41:35.0288 6252 ebdrv - ok
15:41:35.0318 6252 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:41:35.0328 6252 EFS - ok
15:41:35.0398 6252 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:41:35.0408 6252 ehRecvr - ok
15:41:35.0428 6252 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:41:35.0428 6252 ehSched - ok
15:41:35.0478 6252 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:41:35.0488 6252 elxstor - ok
15:41:35.0498 6252 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:41:35.0498 6252 ErrDev - ok
15:41:35.0558 6252 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:41:35.0568 6252 EventSystem - ok
15:41:35.0598 6252 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:41:35.0608 6252 exfat - ok
15:41:35.0668 6252 [ 8F93C608D32F026F4233E80DA2998921 ] extrbc32 C:\Windows\system32\KBDNO164.exe
15:41:35.0668 6252 extrbc32 - ok
15:41:35.0688 6252 ezSharedSvc - ok
15:41:35.0768 6252 Fabs - ok
15:41:35.0798 6252 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:41:35.0798 6252 fastfat - ok
15:41:35.0848 6252 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:41:35.0858 6252 Fax - ok
15:41:35.0908 6252 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:41:35.0908 6252 fdc - ok
15:41:35.0928 6252 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:41:35.0938 6252 fdPHost - ok
15:41:35.0948 6252 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:41:35.0948 6252 FDResPub - ok
15:41:35.0998 6252 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:41:35.0998 6252 FileInfo - ok
15:41:36.0008 6252 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:41:36.0008 6252 Filetrace - ok
15:41:36.0108 6252 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
15:41:36.0138 6252 FirebirdServerMAGIXInstance - ok
15:41:36.0168 6252 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:41:36.0168 6252 flpydisk - ok
15:41:36.0198 6252 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:41:36.0198 6252 FltMgr - ok
15:41:36.0248 6252 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:41:36.0268 6252 FontCache - ok
15:41:36.0308 6252 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:41:36.0308 6252 FontCache3.0.0.0 - ok
15:41:36.0368 6252 [ 26065327BB2AA358140381FC76520908 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
15:41:36.0368 6252 FPLService - ok
15:41:36.0388 6252 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:41:36.0388 6252 FsDepends - ok
15:41:36.0418 6252 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:41:36.0418 6252 Fs_Rec - ok
15:41:36.0468 6252 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:41:36.0468 6252 fvevol - ok
15:41:36.0508 6252 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:41:36.0508 6252 gagp30kx - ok
15:41:36.0558 6252 [ 7EAFAB9E426E23755C798C185FE3F2C4 ] GFilterSvc C:\Windows\System32\GFilterSvc.exe
15:41:36.0558 6252 GFilterSvc - ok
15:41:36.0618 6252 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:41:36.0628 6252 gpsvc - ok
15:41:36.0700 6252 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:41:36.0716 6252 gupdate - ok
15:41:36.0716 6252 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:41:36.0716 6252 gupdatem - ok
15:41:36.0763 6252 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:41:36.0763 6252 hcw85cir - ok
15:41:36.0794 6252 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:41:36.0794 6252 HdAudAddService - ok
15:41:36.0841 6252 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:41:36.0841 6252 HDAudBus - ok
15:41:36.0872 6252 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:41:36.0872 6252 HidBatt - ok
15:41:36.0888 6252 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:41:36.0888 6252 HidBth - ok
15:41:36.0934 6252 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:41:36.0934 6252 HidIr - ok
15:41:36.0950 6252 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:41:36.0950 6252 hidserv - ok
15:41:36.0981 6252 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:41:36.0981 6252 HidUsb - ok
15:41:37.0028 6252 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:41:37.0028 6252 hkmsvc - ok
15:41:37.0044 6252 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:41:37.0059 6252 HomeGroupListener - ok
15:41:37.0075 6252 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:41:37.0090 6252 HomeGroupProvider - ok
15:41:37.0153 6252 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
15:41:37.0153 6252 HP Support Assistant Service - ok
15:41:37.0200 6252 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
15:41:37.0200 6252 HPClientSvc - ok
15:41:37.0262 6252 [ 9BFDA0BC109EB6D16F2CB862BB85E28C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:41:37.0278 6252 HPDrvMntSvc.exe - ok
15:41:37.0309 6252 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
15:41:37.0309 6252 hpqwmiex - ok
15:41:37.0340 6252 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:41:37.0340 6252 HpSAMD - ok
15:41:37.0387 6252 [ 28E15C3D39DCD27A79251BA0BF216A11 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
15:41:37.0387 6252 HPWMISVC - ok
15:41:37.0449 6252 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:41:37.0465 6252 HTTP - ok
15:41:37.0480 6252 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:41:37.0480 6252 hwpolicy - ok
15:41:37.0527 6252 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:41:37.0527 6252 i8042prt - ok
15:41:37.0558 6252 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:41:37.0574 6252 iaStor - ok
15:41:37.0652 6252 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:41:37.0652 6252 IAStorDataMgrSvc - ok
15:41:37.0699 6252 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:41:37.0699 6252 iaStorV - ok
15:41:37.0808 6252 [ D22D82D74FD1B6C77E7556DBDC3EA9D2 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
15:41:37.0839 6252 IconMan_R - ok
15:41:37.0886 6252 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:41:37.0886 6252 idsvc - ok
15:41:37.0933 6252 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:41:37.0933 6252 iirsp - ok
15:41:37.0964 6252 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:41:37.0980 6252 IKEEXT - ok
15:41:38.0011 6252 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:41:38.0011 6252 IntcDAud - ok
15:41:38.0026 6252 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:41:38.0026 6252 intelide - ok
15:41:38.0307 6252 [ 6383899C5F964D71B0F96B81FBE59BB8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
15:41:38.0370 6252 intelkmd - ok
15:41:38.0401 6252 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:41:38.0401 6252 intelppm - ok
15:41:38.0432 6252 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:41:38.0432 6252 IPBusEnum - ok
15:41:38.0463 6252 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:41:38.0463 6252 IpFilterDriver - ok
15:41:38.0510 6252 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:41:38.0526 6252 iphlpsvc - ok
15:41:38.0572 6252 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:41:38.0572 6252 IPMIDRV - ok
15:41:38.0604 6252 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:41:38.0604 6252 IPNAT - ok
15:41:38.0635 6252 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:41:38.0635 6252 IRENUM - ok
15:41:38.0666 6252 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:41:38.0666 6252 isapnp - ok
15:41:38.0713 6252 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:41:38.0713 6252 iScsiPrt - ok
15:41:38.0760 6252 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
15:41:38.0775 6252 jhi_service - ok
15:41:38.0806 6252 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:41:38.0806 6252 kbdclass - ok
15:41:38.0838 6252 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:41:38.0838 6252 kbdhid - ok
15:41:38.0853 6252 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:41:38.0853 6252 KeyIso - ok
15:41:38.0884 6252 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:41:38.0900 6252 KSecDD - ok
15:41:38.0916 6252 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:41:38.0916 6252 KSecPkg - ok
15:41:38.0947 6252 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:41:38.0947 6252 ksthunk - ok
15:41:38.0994 6252 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:41:39.0009 6252 KtmRm - ok
15:41:39.0065 6252 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:41:39.0065 6252 LanmanServer - ok
15:41:39.0085 6252 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:41:39.0095 6252 LanmanWorkstation - ok
15:41:39.0135 6252 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:41:39.0135 6252 lltdio - ok
15:41:39.0175 6252 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:41:39.0185 6252 lltdsvc - ok
15:41:39.0215 6252 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:41:39.0215 6252 lmhosts - ok
15:41:39.0265 6252 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:41:39.0275 6252 LMS - ok
15:41:39.0325 6252 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:41:39.0325 6252 LSI_FC - ok
15:41:39.0345 6252 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:41:39.0355 6252 LSI_SAS - ok
15:41:39.0375 6252 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:41:39.0375 6252 LSI_SAS2 - ok
15:41:39.0395 6252 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:41:39.0395 6252 LSI_SCSI - ok
15:41:39.0415 6252 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:41:39.0425 6252 luafv - ok
15:41:39.0445 6252 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:41:39.0445 6252 Mcx2Svc - ok
15:41:39.0465 6252 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:41:39.0465 6252 megasas - ok
15:41:39.0515 6252 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:41:39.0525 6252 MegaSR - ok
15:41:39.0555 6252 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:41:39.0555 6252 MEIx64 - ok
15:41:39.0615 6252 Microsoft SharePoint Workspace Audit Service - ok
15:41:39.0655 6252 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:41:39.0655 6252 MMCSS - ok
15:41:39.0685 6252 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:41:39.0685 6252 Modem - ok
15:41:39.0705 6252 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:41:39.0705 6252 monitor - ok
15:41:39.0735 6252 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:41:39.0735 6252 mouclass - ok
15:41:39.0775 6252 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:41:39.0785 6252 mouhid - ok
15:41:39.0795 6252 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:41:39.0805 6252 mountmgr - ok
15:41:39.0825 6252 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:41:39.0835 6252 mpio - ok
15:41:39.0855 6252 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:41:39.0855 6252 mpsdrv - ok
15:41:39.0915 6252 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:41:39.0925 6252 MpsSvc - ok
15:41:39.0945 6252 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:41:39.0955 6252 MRxDAV - ok
15:41:39.0995 6252 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:41:39.0995 6252 mrxsmb - ok
15:41:40.0035 6252 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:41:40.0045 6252 mrxsmb10 - ok
15:41:40.0055 6252 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:41:40.0055 6252 mrxsmb20 - ok
15:41:40.0085 6252 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:41:40.0085 6252 msahci - ok
15:41:40.0105 6252 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:41:40.0105 6252 msdsm - ok
15:41:40.0125 6252 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:41:40.0135 6252 MSDTC - ok
15:41:40.0185 6252 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:41:40.0185 6252 Msfs - ok
15:41:40.0205 6252 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:41:40.0205 6252 mshidkmdf - ok
15:41:40.0235 6252 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:41:40.0235 6252 msisadrv - ok
15:41:40.0265 6252 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:41:40.0275 6252 MSiSCSI - ok
15:41:40.0275 6252 msiserver - ok
15:41:40.0315 6252 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:41:40.0315 6252 MSKSSRV - ok
15:41:40.0335 6252 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:41:40.0335 6252 MSPCLOCK - ok
15:41:40.0345 6252 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:41:40.0345 6252 MSPQM - ok
15:41:40.0375 6252 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:41:40.0375 6252 MsRPC - ok
15:41:40.0415 6252 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:41:40.0415 6252 mssmbios - ok
15:41:40.0445 6252 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:41:40.0445 6252 MSTEE - ok
15:41:40.0475 6252 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:41:40.0485 6252 MTConfig - ok
15:41:40.0505 6252 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:41:40.0505 6252 Mup - ok
15:41:40.0545 6252 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:41:40.0555 6252 napagent - ok
15:41:40.0585 6252 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:41:40.0595 6252 NativeWifiP - ok
15:41:40.0655 6252 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:41:40.0675 6252 NDIS - ok
15:41:40.0715 6252 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:41:40.0715 6252 NdisCap - ok
15:41:40.0735 6252 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:41:40.0735 6252 NdisTapi - ok
15:41:40.0755 6252 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:41:40.0755 6252 Ndisuio - ok
15:41:40.0775 6252 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:41:40.0785 6252 NdisWan - ok
15:41:40.0815 6252 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:41:40.0815 6252 NDProxy - ok
15:41:40.0835 6252 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:41:40.0835 6252 NetBIOS - ok
15:41:40.0855 6252 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:41:40.0855 6252 NetBT - ok
15:41:40.0865 6252 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:41:40.0865 6252 Netlogon - ok
15:41:40.0905 6252 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:41:40.0915 6252 Netman - ok
15:41:40.0935 6252 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:41:40.0945 6252 netprofm - ok
15:41:41.0065 6252 [ 5758FD37BF31E759F8610311E4D08ECA ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
15:41:41.0085 6252 netr28x - ok
15:41:41.0115 6252 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:41:41.0115 6252 NetTcpPortSharing - ok
15:41:41.0145 6252 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:41:41.0145 6252 nfrd960 - ok
15:41:41.0205 6252 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:41:41.0215 6252 NlaSvc - ok
15:41:41.0245 6252 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:41:41.0245 6252 Npfs - ok
15:41:41.0275 6252 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:41:41.0275 6252 nsi - ok
15:41:41.0295 6252 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:41:41.0305 6252 nsiproxy - ok
15:41:41.0385 6252 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:41:41.0405 6252 Ntfs - ok
15:41:41.0435 6252 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:41:41.0435 6252 Null - ok
15:41:41.0465 6252 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
15:41:41.0475 6252 NVENETFD - ok
15:41:41.0525 6252 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:41:41.0525 6252 nvraid - ok
15:41:41.0545 6252 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:41:41.0555 6252 nvstor - ok
15:41:41.0590 6252 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:41:41.0606 6252 nv_agp - ok
15:41:41.0637 6252 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:41:41.0637 6252 ohci1394 - ok
15:41:41.0684 6252 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:41:41.0684 6252 ose - ok
15:41:41.0902 6252 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:41:41.0934 6252 osppsvc - ok
15:41:41.0980 6252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:41:41.0980 6252 p2pimsvc - ok
15:41:42.0012 6252 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:41:42.0027 6252 p2psvc - ok
15:41:42.0043 6252 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:41:42.0043 6252 Parport - ok
15:41:42.0058 6252 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:41:42.0058 6252 partmgr - ok
15:41:42.0090 6252 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:41:42.0105 6252 PcaSvc - ok
15:41:42.0121 6252 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:41:42.0121 6252 pci - ok
15:41:42.0136 6252 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:41:42.0136 6252 pciide - ok
15:41:42.0168 6252 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:41:42.0168 6252 pcmcia - ok
15:41:42.0183 6252 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:41:42.0183 6252 pcw - ok
15:41:42.0199 6252 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:41:42.0214 6252 PEAUTH - ok
15:41:42.0292 6252 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:41:42.0292 6252 PerfHost - ok
15:41:42.0370 6252 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:41:42.0402 6252 pla - ok
15:41:42.0433 6252 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:41:42.0448 6252 PlugPlay - ok
15:41:42.0480 6252 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:41:42.0480 6252 PNRPAutoReg - ok
15:41:42.0495 6252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:41:42.0511 6252 PNRPsvc - ok
15:41:42.0558 6252 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:41:42.0558 6252 PolicyAgent - ok
15:41:42.0620 6252 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:41:42.0620 6252 Power - ok
15:41:42.0651 6252 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:41:42.0651 6252 PptpMiniport - ok
15:41:42.0682 6252 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:41:42.0682 6252 Processor - ok
15:41:42.0714 6252 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:41:42.0714 6252 ProfSvc - ok
15:41:42.0729 6252 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:41:42.0729 6252 ProtectedStorage - ok
15:41:42.0776 6252 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:41:42.0776 6252 Psched - ok
15:41:42.0838 6252 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:41:42.0838 6252 PxHlpa64 - ok
15:41:42.0901 6252 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:41:42.0932 6252 ql2300 - ok
15:41:42.0963 6252 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:41:42.0963 6252 ql40xx - ok
15:41:42.0994 6252 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:41:42.0994 6252 QWAVE - ok
15:41:43.0026 6252 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:41:43.0026 6252 QWAVEdrv - ok
15:41:43.0057 6252 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:41:43.0057 6252 RasAcd - ok
15:41:43.0088 6252 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:41:43.0104 6252 RasAgileVpn - ok
15:41:43.0135 6252 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:41:43.0150 6252 RasAuto - ok
15:41:43.0166 6252 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:41:43.0166 6252 Rasl2tp - ok
15:41:43.0197 6252 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:41:43.0197 6252 RasMan - ok
15:41:43.0228 6252 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:41:43.0228 6252 RasPppoe - ok
15:41:43.0244 6252 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:41:43.0244 6252 RasSstp - ok
15:41:43.0275 6252 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:41:43.0275 6252 rdbss - ok
15:41:43.0291 6252 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:41:43.0306 6252 rdpbus - ok
15:41:43.0322 6252 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:41:43.0322 6252 RDPCDD - ok
15:41:43.0338 6252 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:41:43.0338 6252 RDPENCDD - ok
15:41:43.0369 6252 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:41:43.0369 6252 RDPREFMP - ok
15:41:43.0400 6252 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:41:43.0400 6252 RDPWD - ok
15:41:43.0431 6252 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:41:43.0431 6252 rdyboost - ok
15:41:43.0462 6252 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:41:43.0462 6252 RemoteAccess - ok
15:41:43.0494 6252 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:41:43.0509 6252 RemoteRegistry - ok
15:41:43.0525 6252 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:41:43.0525 6252 RpcEptMapper - ok
15:41:43.0540 6252 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:41:43.0540 6252 RpcLocator - ok
15:41:43.0572 6252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:41:43.0587 6252 RpcSs - ok
15:41:43.0618 6252 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
15:41:43.0634 6252 RSPCIESTOR - ok
15:41:43.0650 6252 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:41:43.0650 6252 rspndr - ok
15:41:43.0696 6252 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:41:43.0712 6252 RTL8167 - ok
15:41:43.0712 6252 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:41:43.0728 6252 SamSs - ok
15:41:43.0743 6252 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:41:43.0743 6252 sbp2port - ok
15:41:43.0774 6252 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:41:43.0774 6252 SCardSvr - ok
15:41:43.0806 6252 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:41:43.0806 6252 scfilter - ok
15:41:43.0852 6252 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:41:43.0868 6252 Schedule - ok
15:41:43.0915 6252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:41:43.0915 6252 SCPolicySvc - ok
15:41:43.0946 6252 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
15:41:43.0962 6252 sdbus - ok
15:41:43.0993 6252 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:41:43.0993 6252 SDRSVC - ok
15:41:44.0008 6252 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:41:44.0008 6252 secdrv - ok
15:41:44.0040 6252 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:41:44.0040 6252 seclogon - ok
15:41:44.0071 6252 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:41:44.0071 6252 SENS - ok
15:41:44.0102 6252 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:41:44.0102 6252 SensrSvc - ok
15:41:44.0149 6252 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:41:44.0149 6252 Serenum - ok
15:41:44.0164 6252 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:41:44.0164 6252 Serial - ok
15:41:44.0196 6252 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:41:44.0196 6252 sermouse - ok
15:41:44.0246 6252 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:41:44.0256 6252 SessionEnv - ok
15:41:44.0276 6252 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:41:44.0276 6252 sffdisk - ok
15:41:44.0296 6252 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:41:44.0306 6252 sffp_mmc - ok
15:41:44.0326 6252 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:41:44.0326 6252 sffp_sd - ok
15:41:44.0336 6252 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:41:44.0336 6252 sfloppy - ok
15:41:44.0386 6252 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:41:44.0396 6252 SharedAccess - ok
15:41:44.0426 6252 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:41:44.0436 6252 ShellHWDetection - ok
15:41:44.0456 6252 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:41:44.0456 6252 SiSRaid2 - ok
15:41:44.0496 6252 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:41:44.0496 6252 SiSRaid4 - ok
15:41:44.0676 6252 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:41:44.0706 6252 Skype C2C Service - ok
15:41:44.0776 6252 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:41:44.0776 6252 SkypeUpdate - ok
15:41:44.0826 6252 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:41:44.0826 6252 Smb - ok
15:41:44.0886 6252 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:41:44.0886 6252 SNMPTRAP - ok
15:41:44.0916 6252 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:41:44.0916 6252 spldr - ok
15:41:44.0956 6252 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:41:44.0966 6252 Spooler - ok
15:41:45.0086 6252 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:41:45.0136 6252 sppsvc - ok
15:41:45.0146 6252 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:41:45.0146 6252 sppuinotify - ok
15:41:45.0176 6252 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:41:45.0186 6252 srv - ok
15:41:45.0206 6252 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:41:45.0206 6252 srv2 - ok
15:41:45.0246 6252 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:41:45.0246 6252 SrvHsfHDA - ok
15:41:45.0286 6252 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:41:45.0296 6252 SrvHsfV92 - ok
15:41:45.0326 6252 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:41:45.0336 6252 SrvHsfWinac - ok
15:41:45.0356 6252 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:41:45.0356 6252 srvnet - ok
15:41:45.0406 6252 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:41:45.0406 6252 SSDPSRV - ok
15:41:45.0426 6252 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:41:45.0426 6252 SstpSvc - ok
15:41:45.0486 6252 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
15:41:45.0496 6252 STacSV - ok
15:41:45.0516 6252 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:41:45.0516 6252 stexstor - ok
15:41:45.0576 6252 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
15:41:45.0586 6252 STHDA - ok
15:41:45.0636 6252 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:41:45.0656 6252 stisvc - ok
15:41:45.0666 6252 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:41:45.0666 6252 swenum - ok
15:41:45.0696 6252 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:41:45.0706 6252 swprv - ok
15:41:45.0786 6252 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:41:45.0806 6252 SynTP - ok
15:41:45.0876 6252 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:41:45.0906 6252 SysMain - ok
15:41:45.0916 6252 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:41:45.0916 6252 TabletInputService - ok
15:41:45.0956 6252 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:41:45.0956 6252 TapiSrv - ok
15:41:45.0966 6252 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:41:45.0976 6252 TBS - ok
15:41:46.0056 6252 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:41:46.0086 6252 Tcpip - ok
15:41:46.0186 6252 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:41:46.0216 6252 TCPIP6 - ok
15:41:46.0236 6252 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:41:46.0236 6252 tcpipreg - ok
15:41:46.0266 6252 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:41:46.0266 6252 TDPIPE - ok
15:41:46.0306 6252 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:41:46.0306 6252 TDTCP - ok
15:41:46.0346 6252 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:41:46.0346 6252 tdx - ok
15:41:46.0366 6252 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:41:46.0376 6252 TermDD - ok
15:41:46.0416 6252 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:41:46.0436 6252 TermService - ok
15:41:46.0446 6252 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:41:46.0446 6252 Themes - ok
15:41:46.0476 6252 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:41:46.0476 6252 THREADORDER - ok
15:41:46.0506 6252 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:41:46.0516 6252 TrkWks - ok
15:41:46.0566 6252 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:41:46.0566 6252 TrustedInstaller - ok
15:41:46.0606 6252 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:41:46.0606 6252 tssecsrv - ok
15:41:46.0646 6252 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:41:46.0646 6252 TsUsbFlt - ok
15:41:46.0656 6252 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:41:46.0656 6252 TsUsbGD - ok
15:41:46.0696 6252 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:41:46.0696 6252 tunnel - ok
15:41:46.0726 6252 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:41:46.0726 6252 uagp35 - ok
15:41:46.0766 6252 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:41:46.0776 6252 udfs - ok
15:41:46.0816 6252 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:41:46.0816 6252 UI0Detect - ok
15:41:46.0856 6252 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:41:46.0856 6252 uliagpkx - ok
15:41:46.0896 6252 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:41:46.0906 6252 umbus - ok
15:41:46.0946 6252 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:41:46.0946 6252 UmPass - ok
15:41:47.0116 6252 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:41:47.0146 6252 UNS - ok
15:41:47.0176 6252 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:41:47.0186 6252 upnphost - ok
15:41:47.0216 6252 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
15:41:47.0216 6252 usbccgp - ok
15:41:47.0246 6252 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:41:47.0256 6252 usbcir - ok
15:41:47.0276 6252 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:41:47.0276 6252 usbehci - ok
15:41:47.0306 6252 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:41:47.0316 6252 usbhub - ok
15:41:47.0346 6252 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:41:47.0346 6252 usbohci - ok
15:41:47.0366 6252 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:41:47.0376 6252 usbprint - ok
15:41:47.0406 6252 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:41:47.0406 6252 USBSTOR - ok
15:41:47.0436 6252 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:41:47.0436 6252 usbuhci - ok
15:41:47.0476 6252 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:41:47.0476 6252 usbvideo - ok
15:41:47.0506 6252 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:41:47.0506 6252 UxSms - ok
15:41:47.0536 6252 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:41:47.0536 6252 VaultSvc - ok
15:41:47.0556 6252 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:41:47.0566 6252 vdrvroot - ok
15:41:47.0586 6252 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:41:47.0596 6252 vds - ok
15:41:47.0636 6252 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:41:47.0636 6252 vga - ok
15:41:47.0656 6252 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:41:47.0666 6252 VgaSave - ok
15:41:47.0676 6252 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:41:47.0686 6252 vhdmp - ok
15:41:47.0706 6252 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:41:47.0706 6252 viaide - ok
15:41:47.0726 6252 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:41:47.0726 6252 volmgr - ok
15:41:47.0796 6252 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:41:47.0806 6252 volmgrx - ok
15:41:47.0846 6252 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:41:47.0846 6252 volsnap - ok
15:41:47.0896 6252 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:41:47.0896 6252 vsmraid - ok
15:41:47.0966 6252 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:41:47.0986 6252 VSS - ok
15:41:48.0006 6252 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:41:48.0016 6252 vwifibus - ok
15:41:48.0036 6252 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:41:48.0036 6252 vwififlt - ok
15:41:48.0066 6252 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:41:48.0066 6252 W32Time - ok
15:41:48.0096 6252 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:41:48.0096 6252 WacomPen - ok
15:41:48.0146 6252 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:41:48.0146 6252 WANARP - ok
15:41:48.0146 6252 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:41:48.0156 6252 Wanarpv6 - ok
15:41:48.0206 6252 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:41:48.0226 6252 wbengine - ok
15:41:48.0236 6252 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:41:48.0236 6252 WbioSrvc - ok
15:41:48.0266 6252 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:41:48.0266 6252 wcncsvc - ok
15:41:48.0296 6252 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:41:48.0296 6252 WcsPlugInService - ok
15:41:48.0326 6252 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:41:48.0326 6252 Wd - ok
15:41:48.0376 6252 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:41:48.0386 6252 Wdf01000 - ok
15:41:48.0416 6252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:41:48.0426 6252 WdiServiceHost - ok
15:41:48.0426 6252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:41:48.0436 6252 WdiSystemHost - ok
15:41:48.0476 6252 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:41:48.0476 6252 WebClient - ok
15:41:48.0506 6252 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:41:48.0506 6252 Wecsvc - ok
15:41:48.0536 6252 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:41:48.0536 6252 wercplsupport - ok
15:41:48.0576 6252 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:41:48.0576 6252 WerSvc - ok
15:41:48.0606 6252 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:41:48.0616 6252 WfpLwf - ok
15:41:48.0626 6252 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:41:48.0626 6252 WIMMount - ok
15:41:48.0656 6252 WinDefend - ok
15:41:48.0666 6252 WinHttpAutoProxySvc - ok
15:41:48.0736 6252 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:41:48.0736 6252 Winmgmt - ok
15:41:48.0826 6252 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:41:48.0856 6252 WinRM - ok
15:41:48.0916 6252 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:41:48.0916 6252 WinUsb - ok
15:41:48.0976 6252 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:41:48.0996 6252 Wlansvc - ok
15:41:49.0056 6252 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:41:49.0056 6252 wlcrasvc - ok
15:41:49.0216 6252 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:41:49.0246 6252 wlidsvc - ok
15:41:49.0286 6252 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:41:49.0286 6252 WmiAcpi - ok
15:41:49.0316 6252 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:41:49.0316 6252 wmiApSrv - ok
15:41:49.0356 6252 WMPNetworkSvc - ok
15:41:49.0386 6252 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:41:49.0386 6252 WPCSvc - ok
15:41:49.0406 6252 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:41:49.0416 6252 WPDBusEnum - ok
15:41:49.0436 6252 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:41:49.0446 6252 ws2ifsl - ok
15:41:49.0476 6252 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:41:49.0486 6252 wscsvc - ok
15:41:49.0516 6252 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:41:49.0516 6252 WSDPrintDevice - ok
15:41:49.0536 6252 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
15:41:49.0546 6252 WSDScan - ok
15:41:49.0556 6252 WSearch - ok
15:41:49.0656 6252 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:41:49.0676 6252 wuauserv - ok
15:41:49.0706 6252 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:41:49.0706 6252 WudfPf - ok
15:41:49.0756 6252 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:41:49.0756 6252 WUDFRd - ok
15:41:49.0766 6252 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:41:49.0766 6252 wudfsvc - ok
15:41:49.0796 6252 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
15:41:49.0806 6252 WwanSvc - ok
15:41:49.0836 6252 ================ Scan global ===============================
15:41:49.0856 6252 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:41:49.0886 6252 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:41:49.0906 6252 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:41:49.0936 6252 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:41:49.0946 6252 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:41:49.0956 6252 [Global] - ok
15:41:49.0956 6252 ================ Scan MBR ==================================
15:41:49.0966 6252 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:41:50.0206 6252 \Device\Harddisk0\DR0 - ok
15:41:50.0206 6252 ================ Scan VBR ==================================
15:41:50.0216 6252 [ C01C5402120EF2FF3FC52449175F7E3C ] \Device\Harddisk0\DR0\Partition1
15:41:50.0216 6252 \Device\Harddisk0\DR0\Partition1 - ok
15:41:50.0226 6252 [ 28D5634CD4DF075239C1D3257984EA04 ] \Device\Harddisk0\DR0\Partition2
15:41:50.0236 6252 \Device\Harddisk0\DR0\Partition2 - ok
15:41:50.0256 6252 [ EC48D7522B00B2817FF6A0B266A852DD ] \Device\Harddisk0\DR0\Partition3
15:41:50.0266 6252 \Device\Harddisk0\DR0\Partition3 - ok
15:41:50.0276 6252 [ BFC8DD8FB31E2DBFAD46492815081E33 ] \Device\Harddisk0\DR0\Partition4
15:41:50.0276 6252 \Device\Harddisk0\DR0\Partition4 - ok
15:41:50.0276 6252 ============================================================
15:41:50.0276 6252 Scan finished
15:41:50.0286 6252 ============================================================
15:41:50.0306 5844 Detected object count: 0
15:41:50.0306 5844 Actual detected object count: 0
15:44:35.0492 4588 Deinitialize success
Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1009
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 4240293888, free: 2175660032
------------ Kernel report ------------
11/25/2012 15:45:45
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\igdpmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\gdi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\msctf.dll
\Windows\System32\shell32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\advapi32.dll
\Windows\System32\imm32.dll
\Windows\System32\nsi.dll
\Windows\System32\difxapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\wininet.dll
\Windows\System32\setupapi.dll
\Windows\System32\usp10.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\user32.dll
\Windows\System32\psapi.dll
\Windows\System32\lpk.dll
\Windows\System32\iertutil.dll
\Windows\System32\Wldap32.dll
\Windows\System32\normaliz.dll
\Windows\System32\sechost.dll
\Windows\System32\kernel32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\ole32.dll
\Windows\System32\urlmon.dll
\Windows\System32\comdlg32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\wintrust.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\devobj.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007585060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004cf1050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2012.11.25.03
Downloaded database version: v2012.11.19.01
Initializing...
Done!
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007585060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007585b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007585060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004cf1050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xfffff8a002d200b0, 0xfffffa8007585060, 0xfffffa8004af2090
Lower DeviceData: 0xfffff8a003053550, 0xfffffa8004cf1050, 0xfffffa8004896520
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F36AF300
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 407552
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 409600 Numsec = 933937152
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 934346752 Numsec = 34103296
Partition 3 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 968450048 Numsec = 8321072
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
|
|
25.11.2012, 16:09
| #21 |
| /// TB-Ausbilder | Umleitung von URLs im IE *seufz* Geh bitte mal in Abgesichert mit Netzwerk ob da die Umleitungen auch auftreten.
__________________ --> Umleitung von URLs im IE |
|
25.11.2012, 16:34
| #22 |
| | Umleitung von URLs im IE Hallo ryder, im abgesicherten Modus (mit Netzwerktreibern) werde ich nicht umgeleitet. Grüße Wildone |
|
25.11.2012, 16:44
| #23 |
| /// TB-Ausbilder | Umleitung von URLs im IE Das ist doch schon mal gut. Dann deaktiviere bitte mal die Dienste: GFilterSvc extrbc32 (Benutzerprofildienst SNMP-Trap Benutzerprofildienst) Kommen im normalen Modus dann die Umleitungen noch?
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
25.11.2012, 19:19
| #24 |
| | Umleitung von URLs im IE Hallo ryder, sieht gut aus! Hatte ehrlich gesagt schon fast aufgegeben. Kann ich die Startup-Einträge der Dienste mit OTL löschen? Grüße Wildone |
|
25.11.2012, 20:37
| #25 | ||
| /// TB-Ausbilder | Umleitung von URLs im IE Nein das machen wir mit Combofix und schicken das gleich zur Analyse mit ein: Combofix-Skript
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
25.11.2012, 21:54
| #26 |
| | Umleitung von URLs im IE Hallo ryder, ich hatte die Dateien jetzt blöderweise schon manuell entfernt und die Startup-Einträge per HijackThis entfernt (Ja, ich weiß, sehr Oldschool, aber damit kenne ich mich halt noch aus meiner aktiven Zeit gut aus :-D ) Die Dateien selbst habe ich noch gesichert, falls es eine Möglichkeit gibt die manuell an mbam und/oder combofix zu schicken mache ich das nächste Woche. Bleibt mir dir herzlich für die kompetente Hilfe zu danken :-) Grüße Wildone |
|
25.11.2012, 21:57
| #27 |
| /// TB-Ausbilder | Umleitung von URLs im IE Oh mann ... keine alleingänge heißt es doch ... wofür schreib ich dann ein Skript?
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
25.11.2012, 22:10
| #28 |
| | Umleitung von URLs im IE Hallo ryder, ja, tut mir Leid. Mir ist die Zeit bei meinen Eltern etwas davon gelaufen und da war die Verlockung manuell zu friemeln zu groß. Ich werde noch die Dateien an alle AV-Hersteller schicken, schöne Liste gibt es ja hier: http://www.rokop-security.de/index.php?showtopic=17635 Und wie schon geschrieben, vielen Dank dir, ohne deine Hilfe hätte ich es nicht geschafft. Grüße Wildone |
|
25.11.2012, 22:27
| #29 |
| /// TB-Ausbilder | Umleitung von URLs im IE Es wäre ja nur noch ein Schritt gewesen und jetzt haben wir keine Chance, dass es in unser Werkzeug integriert wird  Aber okay wir haben dich zumindest sauber. Also bitte aufräumen: Tools deinstallieren
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
25.11.2012, 22:39
| #30 | |
| | Umleitung von URLs im IE Hallo ryder, Zitat:
Die Tools zur Deinstallation werde ich dann nächste Woche drüber laufen lassen. Grüße Wildone |
|
| Themen zu Umleitung von URLs im IE |
| antivir, appdatalow, avira, avira searchfree toolbar, benutzerprofildienst, bho, converter, desktop, error, firefox, flash player, format, gfiltersvc.exe, google, helper, home, homepage, igdpmd64.sys, index, install.exe, internet, internet browser, internet explorer, launch, logfile, plug-in, realtek, registrierungsdatenbank, registry, rundll, scan, security, senden, software, super, udp, wildtangent games, windows |
Linear-Darstellung
