| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Yet another TR/ATRAPS.Gen2 topicWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
19.01.2013, 14:55
| #1 |
 |  Yet another TR/ATRAPS.Gen2 topic Hallo Board, wie im Titel erwähnt, handelt es sich bei meinem Trojaner um den TR/ATRAPS.Gen2 Ich habe die Schritte wie in ryders Einführung beschrieben durchgeführt. Ich habe mich für eine Bereinigung entschieden. Werde gleichzeitig auch Ubuntu installieren. Ich frage mich, ob der Trojaner sich auch in anderen Partitionen versteckt oder ob ich diese einfach unter Linux mounten kann, ohne eine Gefährdung auf Linux zu übertragen? Es wäre nett, wenn ich win7 dann halt noch zum zocken verwenden kann, also beide OS parallel. 1.) defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:53 on 19/01/2013 (Steffen)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-19 14:10:35
-----------------------------
14:10:35.415 OS Version: Windows x64 6.1.7601 Service Pack 1
14:10:35.415 Number of processors: 4 586 0x403
14:10:35.416 ComputerName: NR1 UserName:
14:10:36.507 Initialize success
14:13:02.908 AVAST engine defs: 13011900
14:19:54.496 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
14:19:54.501 Disk 0 Vendor: WDC_WD15EARS-00Z5B1 80.00A80 Size: 1430799MB BusType: 3
14:19:54.506 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-6
14:19:54.511 Disk 1 Vendor: WDC_WD6400AAKS-00A7B0 01.03B01 Size: 610476MB BusType: 3
14:19:54.517 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-3
14:19:54.523 Disk 2 Vendor: WDC_WD20EARS-00MVWB0 51.0AB51 Size: 1907725MB BusType: 3
14:19:54.539 Disk 1 MBR read successfully
14:19:54.546 Disk 1 MBR scan
14:19:54.565 Disk 1 Windows 7 default MBR code
14:19:54.581 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:19:54.595 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 101099 MB offset 206848
14:19:54.600 Disk 1 Partition - 00 0F Extended LBA 509275 MB offset 207259648
14:19:54.614 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 509274 MB offset 207261696
14:19:54.642 Disk 1 scanning C:\Windows\system32\drivers
14:20:04.501 Service scanning
14:20:24.343 Modules scanning
14:20:24.347 Disk 1 trace - called modules:
14:20:24.381 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
14:20:24.385 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8007af8060]
14:20:24.388 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8006b2a670]
14:20:24.395 5 ACPI.sys[fffff88000f607a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T1L0-6[0xfffffa800784d060]
14:20:25.842 AVAST engine scan C:\Windows
14:20:27.758 AVAST engine scan C:\Windows\system32
14:22:15.588 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:22:17.331 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:23:12.378 AVAST engine scan C:\Windows\system32\drivers
14:23:21.048 AVAST engine scan C:\Users\Steffen
14:33:08.579 AVAST engine scan C:\ProgramData
14:34:17.766 Scan finished successfully
14:35:20.467 Disk 1 MBR has been saved successfully to "C:\Users\Steffen\Desktop\MBR.dat"
14:35:20.471 The log file has been saved successfully to "C:\Users\Steffen\Desktop\aswMBR.txt"
DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by Steffen at 14:38:14 on 2013-01-19
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8190.6042 [GMT 1:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k bthaudiosvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - <orphaned>
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} -
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Steffen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [RGSC] E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
uRun: [Infinite_Screen] C:\Users\Steffen\AppData\Local\Temp\infinite_screen\perl\bin\infinite_screen.exe -xC:\Users\Steffen\AppData\Local\Temp\infinite_screen C:\Users\Steffen\AppData\Local\Temp\infinite_screen\screen
mRun: [NWEReboot] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{38AC3330-CF9A-4284-8284-64489FB50CA8} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{9D529AD2-136F-46C2-B1DB-9EC76E68CF86} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{CA2E234F-5CE6-49C4-B3BB-196ADF498C6C} : DHCPNameServer = 78.46.246.142 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Steffen\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2012-12-07 16:42; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-1-19 27800]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-1-19 85280]
R2 AntiVirService;Avira Echtzeit-Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-1-19 109344]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-1-19 99912]
R2 DirMngr;DirMngr;C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [2011-3-2 224256]
R2 HFGService;Handsfree Headset Service;C:\Windows\System32\svchost.exe -k bthaudiosvc [2009-7-14 27136]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [2012-5-1 270672]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 BthAudioHF;BthAudioHF-Dienst;C:\Windows\System32\drivers\BthAudioHF.sys [2009-12-21 52224]
S3 BthAvrcp;Bluetooth-AVRCP-Profil;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184]
S3 csr_a2dp;Bluetooth-AV-Profil;C:\Windows\System32\drivers\bthav.sys [2009-12-21 78848]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-4-1 341856]
S3 LVUVC64;Logitech Webcam 905(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-4-1 4184672]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2012-5-1 11776]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187.sys [2010-1-7 448512]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-10 59392]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
FileExt: .js: Applications\notepad++.exe="C:\Users\Steffen\Downloads\npp.5.9.8.bin\unicode\notepad++.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-01-19 12:16:55 -------- d-----w- C:\Users\Steffen\AppData\Roaming\Avira
2013-01-19 12:11:32 99912 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2013-01-19 12:11:32 27800 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2013-01-19 12:11:32 -------- d-----w- C:\ProgramData\Avira
2013-01-19 12:11:32 -------- d-----w- C:\Program Files (x86)\Avira
2013-01-17 08:41:19 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2013-01-15 07:25:52 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B92C6F7-E9FE-4983-84F7-D6DEB53AAAA6}\mpengine.dll
2013-01-14 09:05:25 -------- d-----w- C:\Users\Steffen\AppData\Roaming\.minecraft
2013-01-13 20:28:00 -------- d-----w- C:\Users\Steffen\AppData\Roaming\LibreOffice
2013-01-13 20:26:43 -------- d-----w- C:\Program Files (x86)\LibreOffice 3.6
2013-01-10 11:29:14 -------- d-----w- C:\Users\Steffen\AppData\Roaming\collection
2013-01-09 19:06:36 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-07 23:42:37 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-01-07 23:42:37 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-01-07 23:42:37 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-01-07 23:42:37 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
.
==================== Find3M ====================
.
2013-01-17 08:45:59 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-17 08:45:59 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-10 11:50:41 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-01-10 11:50:41 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-01-10 11:50:41 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-01-10 11:50:41 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-10-27 06:26:55 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-27 05:51:21 1188864 ----a-w- C:\Windows\System32\wininet.dll
.
============= FINISH: 14:38:30,11 ===============
attach: Code:
ATTFilter .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 07.10.2010 22:55:38
System Uptime: 19.01.2013 14:07:34 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-870A-UD3
Processor: AMD Phenom(tm) II X4 955 Processor | Socket M2 | 3200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 99 GiB total, 23,31 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 497 GiB total, 182,898 GiB free.
F: is CDROM ()
G: is FIXED (NTFS) - 1863 GiB total, 918,595 GiB free.
I: is FIXED (NTFS) - 1397 GiB total, 1010,587 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VirtualBox Host-Only Ethernet Adapter
Device ID: ROOT\NET\0000
Manufacturer: Oracle Corporation
Name: VirtualBox Host-Only Ethernet Adapter
PNP Device ID: ROOT\NET\0000
Service: VBoxNetAdp
.
Class GUID:
Description: USB (Universal Serial Bus)-Controller
Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_50071458&REV_03\4&91A636&0&0048
Manufacturer:
Name: USB (Universal Serial Bus)-Controller
PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_50071458&REV_03\4&91A636&0&0048
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
1&1 Surf-Stick
7-Zip 4.65 (x64 edition)
Activision(R)
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01) - Deutsch
Adobe Shockwave Player 11.5
Aquaria
µTorrent
Avira Free Antivirus
Blocks That Matter
Blur(TM)
Borderlands
CameraHelperMsi
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.9
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities WFT-E1/E2/E3/E4 Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Command & Conquer™ 4 Tiberian Twilight
Crysis® 2
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX-Setup
doxygen 1.7.3
Dual-Core Optimizer
erLT
Express Rip
FAKEFACTORY Cinematic Mod V10
FLV Downloader
GIMP 2.6.11
Git version 1.7.3.1-preview20101002
Google Chrome
Google Earth
Google Update Helper
Gpg4win (2.1.0)
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
Gratuitous Space Battles
Half-Life 2
Half-Life 2 Awakening 1.1
Half-Life 2: Deathmatch
Half-Life 2: Episode One
Half-Life 2: Episode Two
Hugin 2011.4.0
Inkscape 0.48.2
Java Auto Updater
Java(TM) 6 Update 29
LEGO Digital Designer
LibreOffice 3.6
Lightworks
LIMBO
Logitech Webcam Software
LuminanceHDR 2.0.2
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Matrox VFW Software Codecs, build 28
Mendeley Desktop 1.7.1
Metro 2033
Microsoft .NET Compact Framework 3.5
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended DEU Language Pack
Microsoft Access 2010
Microsoft Application Error Reporting
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
MiKTeX 2.8
Mozilla Firefox 18.0 (x86 de)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 de)
Mp3tag v2.48
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multiwinia
Navigator 11 - Setup Utility 11.0.23-3
Nero 7 Essentials
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
neroxml
Notepad++
NVIDIA 3D Vision Controller-Treiber 280.19
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Treiber 306.97
NVIDIA Grafiktreiber 306.97
NVIDIA HD-Audiotreiber 1.2.23.3
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.10.0514
NVIDIA Stereoscopic 3D Driver
NVIDIA Systemsteuerung 306.97
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenAL
OpenVPN 2.2.1
Opera 11.62
Oracle VM VirtualBox 4.1.8
Phase 5 HTML-Editor
Pidgin
pidgin-otr 3.2.0-1
Portal
Portal 2
PuTTY 0.60 x64
PVSonyDll
Python 2.6 pygtk-2.22.0
QuickTime
R for Windows 2.11.1
RESIDENT EVIL 5
Return to Castle Wolfenstein
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
SIP Communicator
Skype™ 5.10
Solar 2
Source SDK
Source SDK Base 2007
SpeedFan (remove only)
Texmaker
The Basement Collection
The Binding of Isaac
Tinn-R 2.3.5.2
UFRaw 0.18
Unity Web Player (All users)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053
VLC media player 2.0.1
Winamp
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Mobile Device Center Driver Update
WinMerge 2.12.4
.
==== End Of File ===========================
Code:
ATTFilter 14:35:51.0278 4996 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:35:51.0520 4996 ============================================================
14:35:51.0520 4996 Current date / time: 2013/01/19 14:35:51.0520
14:35:51.0520 4996 SystemInfo:
14:35:51.0520 4996
14:35:51.0521 4996 OS Version: 6.1.7601 ServicePack: 1.0
14:35:51.0521 4996 Product type: Workstation
14:35:51.0521 4996 ComputerName: NR1
14:35:51.0521 4996 UserName: Steffen
14:35:51.0521 4996 Windows directory: C:\Windows
14:35:51.0521 4996 System windows directory: C:\Windows
14:35:51.0521 4996 Running under WOW64
14:35:51.0521 4996 Processor architecture: Intel x64
14:35:51.0521 4996 Number of processors: 4
14:35:51.0521 4996 Page size: 0x1000
14:35:51.0521 4996 Boot type: Normal boot
14:35:51.0521 4996 ============================================================
14:35:52.0438 4996 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:35:52.0449 4996 Drive \Device\Harddisk1\DR1 - Size: 0x950AC4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x14300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:35:52.0449 4996 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C0D0DE00 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B600, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:35:52.0452 4996 ============================================================
14:35:52.0452 4996 \Device\Harddisk0\DR0:
14:35:52.0453 4996 MBR partitions:
14:35:52.0453 4996 \Device\Harddisk1\DR1:
14:35:52.0453 4996 MBR partitions:
14:35:52.0453 4996 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:35:52.0453 4996 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC575800
14:35:52.0464 4996 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xC5A9000, BlocksNum 0x3E2AD270
14:35:52.0464 4996 \Device\Harddisk2\DR2:
14:35:52.0465 4996 MBR partitions:
14:35:52.0465 4996 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06070
14:35:52.0465 4996 ============================================================
14:35:52.0490 4996 C: <-> \Device\Harddisk1\DR1\Partition2
14:35:52.0517 4996 E: <-> \Device\Harddisk1\DR1\Partition3
14:35:52.0991 4996 G: <-> \Device\Harddisk2\DR2\Partition1
14:35:52.0991 4996 ============================================================
14:35:52.0992 4996 Initialize success
14:35:52.0992 4996 ============================================================
14:36:09.0153 1788 ============================================================
14:36:09.0153 1788 Scan started
14:36:09.0153 1788 Mode: Manual; TDLFS;
14:36:09.0153 1788 ============================================================
14:36:10.0702 1788 ================ Scan system memory ========================
14:36:10.0702 1788 System memory - ok
14:36:10.0703 1788 ================ Scan services =============================
14:36:10.0843 1788 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:36:10.0845 1788 1394ohci - ok
14:36:10.0868 1788 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:36:10.0871 1788 ACPI - ok
14:36:10.0882 1788 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:36:10.0882 1788 AcpiPmi - ok
14:36:10.0934 1788 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:36:10.0935 1788 Adobe LM Service - ok
14:36:11.0011 1788 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:36:11.0012 1788 AdobeARMservice - ok
14:36:11.0090 1788 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:36:11.0094 1788 AdobeFlashPlayerUpdateSvc - ok
14:36:11.0135 1788 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:36:11.0152 1788 adp94xx - ok
14:36:11.0182 1788 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:36:11.0188 1788 adpahci - ok
14:36:11.0209 1788 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:36:11.0212 1788 adpu320 - ok
14:36:11.0243 1788 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:36:11.0245 1788 AeLookupSvc - ok
14:36:11.0290 1788 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:36:11.0306 1788 AFD - ok
14:36:11.0333 1788 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:36:11.0334 1788 agp440 - ok
14:36:11.0350 1788 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:36:11.0351 1788 ALG - ok
14:36:11.0364 1788 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:36:11.0364 1788 aliide - ok
14:36:11.0419 1788 ALSysIO - ok
14:36:11.0447 1788 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:36:11.0448 1788 AMD External Events Utility - ok
14:36:11.0452 1788 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:36:11.0453 1788 amdide - ok
14:36:11.0468 1788 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:36:11.0468 1788 AmdK8 - ok
14:36:11.0484 1788 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:36:11.0485 1788 AmdPPM - ok
14:36:11.0507 1788 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:36:11.0507 1788 amdsata - ok
14:36:11.0531 1788 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:36:11.0532 1788 amdsbs - ok
14:36:11.0546 1788 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:36:11.0546 1788 amdxata - ok
14:36:11.0665 1788 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:36:11.0666 1788 AntiVirSchedulerService - ok
14:36:11.0684 1788 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:36:11.0685 1788 AntiVirService - ok
14:36:11.0716 1788 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:36:11.0716 1788 AppID - ok
14:36:11.0737 1788 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:36:11.0738 1788 AppIDSvc - ok
14:36:11.0765 1788 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:36:11.0765 1788 Appinfo - ok
14:36:11.0783 1788 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:36:11.0784 1788 AppMgmt - ok
14:36:11.0791 1788 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:36:11.0792 1788 arc - ok
14:36:11.0804 1788 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:36:11.0804 1788 arcsas - ok
14:36:11.0898 1788 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:36:11.0900 1788 aspnet_state - ok
14:36:11.0923 1788 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:36:11.0924 1788 AsyncMac - ok
14:36:11.0942 1788 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:36:11.0943 1788 atapi - ok
14:36:12.0053 1788 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:36:12.0141 1788 atikmdag - ok
14:36:12.0176 1788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:36:12.0182 1788 AudioEndpointBuilder - ok
14:36:12.0199 1788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:36:12.0202 1788 AudioSrv - ok
14:36:12.0218 1788 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:36:12.0219 1788 avgntflt - ok
14:36:12.0247 1788 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:36:12.0247 1788 avipbb - ok
14:36:12.0255 1788 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:36:12.0255 1788 avkmgr - ok
14:36:12.0295 1788 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:36:12.0295 1788 AxInstSV - ok
14:36:12.0325 1788 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:36:12.0329 1788 b06bdrv - ok
14:36:12.0348 1788 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:36:12.0439 1788 b57nd60a - ok
14:36:12.0467 1788 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:36:12.0470 1788 BDESVC - ok
14:36:12.0542 1788 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:36:12.0543 1788 Beep - ok
14:36:12.0632 1788 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:36:12.0634 1788 blbdrive - ok
14:36:12.0678 1788 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:36:12.0680 1788 bowser - ok
14:36:12.0692 1788 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:36:12.0693 1788 BrFiltLo - ok
14:36:12.0711 1788 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:36:12.0711 1788 BrFiltUp - ok
14:36:12.0739 1788 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:36:12.0740 1788 Browser - ok
14:36:12.0753 1788 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:36:12.0754 1788 Brserid - ok
14:36:12.0770 1788 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:36:12.0770 1788 BrSerWdm - ok
14:36:12.0774 1788 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:36:12.0774 1788 BrUsbMdm - ok
14:36:12.0778 1788 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:36:12.0779 1788 BrUsbSer - ok
14:36:12.0807 1788 [ 07DCB3C254D584E3949FE2C0EE3963F2 ] BthAudioHF C:\Windows\system32\DRIVERS\BthAudioHF.sys
14:36:12.0807 1788 BthAudioHF - ok
14:36:12.0818 1788 [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
14:36:12.0819 1788 BthAvrcp - ok
14:36:12.0856 1788 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:36:12.0857 1788 BthEnum - ok
14:36:12.0863 1788 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:36:12.0864 1788 BTHMODEM - ok
14:36:12.0885 1788 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:36:12.0886 1788 BthPan - ok
14:36:12.0920 1788 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:36:12.0926 1788 BTHPORT - ok
14:36:12.0955 1788 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:36:12.0956 1788 bthserv - ok
14:36:12.0977 1788 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:36:12.0978 1788 BTHUSB - ok
14:36:12.0999 1788 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:36:12.0999 1788 cdfs - ok
14:36:13.0029 1788 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:36:13.0030 1788 cdrom - ok
14:36:13.0063 1788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:36:13.0065 1788 CertPropSvc - ok
14:36:13.0087 1788 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:36:13.0089 1788 circlass - ok
14:36:13.0116 1788 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:36:13.0133 1788 CLFS - ok
14:36:13.0179 1788 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:36:13.0180 1788 clr_optimization_v2.0.50727_32 - ok
14:36:13.0205 1788 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:36:13.0206 1788 clr_optimization_v2.0.50727_64 - ok
14:36:13.0262 1788 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:36:13.0263 1788 clr_optimization_v4.0.30319_32 - ok
14:36:13.0271 1788 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:36:13.0272 1788 clr_optimization_v4.0.30319_64 - ok
14:36:13.0281 1788 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:36:13.0281 1788 CmBatt - ok
14:36:13.0299 1788 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:36:13.0299 1788 cmdide - ok
14:36:13.0327 1788 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:36:13.0332 1788 CNG - ok
14:36:13.0343 1788 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:36:13.0344 1788 Compbatt - ok
14:36:13.0354 1788 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:36:13.0354 1788 CompositeBus - ok
14:36:13.0359 1788 COMSysApp - ok
14:36:13.0363 1788 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:36:13.0364 1788 crcdisk - ok
14:36:13.0404 1788 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:36:13.0405 1788 CryptSvc - ok
14:36:13.0440 1788 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:36:13.0445 1788 CSC - ok
14:36:13.0485 1788 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:36:13.0507 1788 CscService - ok
14:36:13.0533 1788 [ DF07C6D98BA7F81D0571E366B1CD6672 ] csr_a2dp C:\Windows\system32\drivers\bthav.sys
14:36:13.0535 1788 csr_a2dp - ok
14:36:13.0568 1788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:36:13.0585 1788 DcomLaunch - ok
14:36:13.0617 1788 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:36:13.0633 1788 defragsvc - ok
14:36:13.0669 1788 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:36:13.0671 1788 DfsC - ok
14:36:13.0691 1788 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:36:13.0698 1788 Dhcp - ok
14:36:13.0768 1788 [ 4F26BB00747D41E7C0FE8EBB2900F862 ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
14:36:13.0772 1788 DirMngr - ok
14:36:13.0794 1788 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:36:13.0795 1788 discache - ok
14:36:13.0819 1788 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:36:13.0821 1788 Disk - ok
14:36:13.0855 1788 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:36:13.0857 1788 Dnscache - ok
14:36:13.0884 1788 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:36:13.0886 1788 dot3svc - ok
14:36:13.0913 1788 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:36:13.0914 1788 DPS - ok
14:36:13.0943 1788 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:36:13.0943 1788 drmkaud - ok
14:36:13.0974 1788 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:36:13.0978 1788 DXGKrnl - ok
14:36:13.0993 1788 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:36:13.0993 1788 EapHost - ok
14:36:14.0045 1788 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:36:14.0096 1788 ebdrv - ok
14:36:14.0118 1788 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:36:14.0119 1788 EFS - ok
14:36:14.0154 1788 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:36:14.0171 1788 ehRecvr - ok
14:36:14.0192 1788 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:36:14.0193 1788 ehSched - ok
14:36:14.0209 1788 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:36:14.0213 1788 elxstor - ok
14:36:14.0220 1788 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:36:14.0220 1788 ErrDev - ok
14:36:14.0239 1788 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:36:14.0242 1788 EventSystem - ok
14:36:14.0255 1788 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:36:14.0256 1788 exfat - ok
14:36:14.0272 1788 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:36:14.0273 1788 fastfat - ok
14:36:14.0303 1788 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:36:14.0317 1788 Fax - ok
14:36:14.0347 1788 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:36:14.0348 1788 fdc - ok
14:36:14.0370 1788 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:36:14.0372 1788 fdPHost - ok
14:36:14.0392 1788 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:36:14.0394 1788 FDResPub - ok
14:36:14.0422 1788 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:36:14.0424 1788 FileInfo - ok
14:36:14.0434 1788 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:36:14.0435 1788 Filetrace - ok
14:36:14.0455 1788 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:36:14.0456 1788 flpydisk - ok
14:36:14.0477 1788 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:36:14.0479 1788 FltMgr - ok
14:36:14.0517 1788 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:36:14.0533 1788 FontCache - ok
14:36:14.0579 1788 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:36:14.0579 1788 FontCache3.0.0.0 - ok
14:36:14.0591 1788 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:36:14.0591 1788 FsDepends - ok
14:36:14.0612 1788 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:36:14.0612 1788 Fs_Rec - ok
14:36:14.0632 1788 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:36:14.0633 1788 fvevol - ok
14:36:14.0648 1788 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:36:14.0649 1788 gagp30kx - ok
14:36:14.0681 1788 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:36:14.0697 1788 gpsvc - ok
14:36:14.0740 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:14.0740 1788 gupdate - ok
14:36:14.0764 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:14.0766 1788 gupdatem - ok
14:36:14.0780 1788 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:36:14.0781 1788 hcw85cir - ok
14:36:14.0818 1788 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:36:14.0825 1788 HdAudAddService - ok
14:36:14.0858 1788 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:36:14.0860 1788 HDAudBus - ok
14:36:14.0908 1788 [ EE8C05F926521A0E24EDAF40F45D01E6 ] HFGService C:\Windows\System32\HFGService.dll
14:36:14.0917 1788 HFGService - ok
14:36:14.0931 1788 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:36:14.0932 1788 HidBatt - ok
14:36:14.0946 1788 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:36:14.0947 1788 HidBth - ok
14:36:14.0957 1788 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:36:14.0958 1788 HidIr - ok
14:36:14.0973 1788 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:36:14.0973 1788 hidserv - ok
14:36:14.0983 1788 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:36:14.0984 1788 HidUsb - ok
14:36:15.0007 1788 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:36:15.0008 1788 hkmsvc - ok
14:36:15.0033 1788 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:36:15.0036 1788 HomeGroupListener - ok
14:36:15.0060 1788 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:36:15.0062 1788 HomeGroupProvider - ok
14:36:15.0079 1788 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:36:15.0080 1788 HpSAMD - ok
14:36:15.0230 1788 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Users\Steffen\AppData\Local\Temp\7zS5696\hpslpsvc64.dll
14:36:15.0255 1788 HPSLPSVC - ok
14:36:15.0306 1788 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:36:15.0323 1788 HTTP - ok
14:36:15.0347 1788 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:36:15.0347 1788 hwpolicy - ok
14:36:15.0364 1788 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:36:15.0365 1788 i8042prt - ok
14:36:15.0390 1788 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:36:15.0394 1788 iaStorV - ok
14:36:15.0439 1788 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:36:15.0456 1788 idsvc - ok
14:36:15.0472 1788 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:36:15.0472 1788 iirsp - ok
14:36:15.0508 1788 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:36:15.0525 1788 IKEEXT - ok
14:36:15.0540 1788 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:36:15.0540 1788 intelide - ok
14:36:15.0561 1788 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:36:15.0562 1788 intelppm - ok
14:36:15.0585 1788 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:36:15.0586 1788 IPBusEnum - ok
14:36:15.0608 1788 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:36:15.0609 1788 IpFilterDriver - ok
14:36:15.0630 1788 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:36:15.0632 1788 IPMIDRV - ok
14:36:15.0646 1788 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:36:15.0648 1788 IPNAT - ok
14:36:15.0674 1788 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:36:15.0674 1788 IRENUM - ok
14:36:15.0691 1788 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:36:15.0692 1788 isapnp - ok
14:36:15.0716 1788 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:36:15.0721 1788 iScsiPrt - ok
14:36:15.0741 1788 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:36:15.0743 1788 kbdclass - ok
14:36:15.0762 1788 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:36:15.0762 1788 kbdhid - ok
14:36:15.0769 1788 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:36:15.0770 1788 KeyIso - ok
14:36:15.0794 1788 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:36:15.0795 1788 KSecDD - ok
14:36:15.0826 1788 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:36:15.0827 1788 KSecPkg - ok
14:36:15.0838 1788 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:36:15.0839 1788 ksthunk - ok
14:36:15.0867 1788 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:36:15.0871 1788 KtmRm - ok
14:36:15.0901 1788 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:36:15.0903 1788 LanmanServer - ok
14:36:15.0932 1788 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:36:15.0934 1788 LanmanWorkstation - ok
14:36:15.0951 1788 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:36:15.0951 1788 lltdio - ok
14:36:15.0967 1788 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:36:15.0970 1788 lltdsvc - ok
14:36:15.0977 1788 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:36:15.0978 1788 lmhosts - ok
14:36:15.0991 1788 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:36:15.0992 1788 LSI_FC - ok
14:36:16.0003 1788 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:36:16.0003 1788 LSI_SAS - ok
14:36:16.0016 1788 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:36:16.0017 1788 LSI_SAS2 - ok
14:36:16.0040 1788 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:36:16.0041 1788 LSI_SCSI - ok
14:36:16.0059 1788 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:36:16.0059 1788 luafv - ok
14:36:16.0093 1788 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:16.0093 1788 LVPr2M64 - ok
14:36:16.0099 1788 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:16.0099 1788 LVPr2Mon - ok
14:36:16.0120 1788 [ EF586B959F747E74C76603FF16AE417B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
14:36:16.0122 1788 LVRS64 - ok
14:36:16.0204 1788 [ EDF73BFA1BD24D74D1D64DC0ED28A7CD ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
14:36:16.0264 1788 LVUVC64 - ok
14:36:16.0304 1788 [ 035C83CD72E06C47000793D32B1A642D ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:36:16.0305 1788 massfilter - ok
14:36:16.0330 1788 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:36:16.0333 1788 Mcx2Svc - ok
14:36:16.0365 1788 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:36:16.0367 1788 megasas - ok
14:36:16.0405 1788 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:36:16.0410 1788 MegaSR - ok
14:36:16.0429 1788 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:36:16.0432 1788 MMCSS - ok
14:36:16.0440 1788 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:36:16.0440 1788 Modem - ok
14:36:16.0445 1788 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:36:16.0446 1788 monitor - ok
14:36:16.0465 1788 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:36:16.0465 1788 mouclass - ok
14:36:16.0489 1788 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:36:16.0490 1788 mouhid - ok
14:36:16.0510 1788 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:36:16.0510 1788 mountmgr - ok
14:36:16.0558 1788 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:36:16.0560 1788 MozillaMaintenance - ok
14:36:16.0583 1788 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:36:16.0584 1788 mpio - ok
14:36:16.0600 1788 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:36:16.0600 1788 mpsdrv - ok
14:36:16.0632 1788 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:36:16.0633 1788 MRxDAV - ok
14:36:16.0657 1788 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:36:16.0658 1788 mrxsmb - ok
14:36:16.0687 1788 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:36:16.0689 1788 mrxsmb10 - ok
14:36:16.0700 1788 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:36:16.0701 1788 mrxsmb20 - ok
14:36:16.0716 1788 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:36:16.0716 1788 msahci - ok
14:36:16.0736 1788 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:36:16.0737 1788 msdsm - ok
14:36:16.0751 1788 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:36:16.0753 1788 MSDTC - ok
14:36:16.0778 1788 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:36:16.0779 1788 Msfs - ok
14:36:16.0786 1788 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:36:16.0786 1788 mshidkmdf - ok
14:36:16.0792 1788 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:36:16.0793 1788 msisadrv - ok
14:36:16.0825 1788 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:36:16.0826 1788 MSiSCSI - ok
14:36:16.0831 1788 msiserver - ok
14:36:16.0857 1788 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:36:16.0858 1788 MSKSSRV - ok
14:36:16.0872 1788 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:36:16.0873 1788 MSPCLOCK - ok
14:36:16.0884 1788 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:36:16.0884 1788 MSPQM - ok
14:36:16.0923 1788 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:36:16.0939 1788 MsRPC - ok
14:36:16.0957 1788 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:36:16.0958 1788 mssmbios - ok
14:36:16.0966 1788 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:36:16.0967 1788 MSTEE - ok
14:36:16.0977 1788 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:36:16.0978 1788 MTConfig - ok
14:36:17.0014 1788 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:36:17.0014 1788 MTsensor - ok
14:36:17.0031 1788 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:36:17.0032 1788 Mup - ok
14:36:17.0064 1788 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:36:17.0069 1788 napagent - ok
14:36:17.0094 1788 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:36:17.0097 1788 NativeWifiP - ok
14:36:17.0163 1788 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:36:17.0166 1788 NAUpdate - ok
14:36:17.0207 1788 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:36:17.0222 1788 NDIS - ok
14:36:17.0233 1788 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:36:17.0234 1788 NdisCap - ok
14:36:17.0245 1788 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:36:17.0245 1788 NdisTapi - ok
14:36:17.0276 1788 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:36:17.0276 1788 Ndisuio - ok
14:36:17.0303 1788 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:36:17.0306 1788 NdisWan - ok
14:36:17.0333 1788 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:36:17.0334 1788 NDProxy - ok
14:36:17.0351 1788 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:36:17.0352 1788 NetBIOS - ok
14:36:17.0390 1788 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:36:17.0392 1788 NetBT - ok
14:36:17.0402 1788 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:36:17.0403 1788 Netlogon - ok
14:36:17.0428 1788 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:36:17.0431 1788 Netman - ok
14:36:17.0466 1788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0468 1788 NetMsmqActivator - ok
14:36:17.0472 1788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0473 1788 NetPipeActivator - ok
14:36:17.0493 1788 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:36:17.0497 1788 netprofm - ok
14:36:17.0501 1788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0503 1788 NetTcpActivator - ok
14:36:17.0506 1788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0507 1788 NetTcpPortSharing - ok
14:36:17.0524 1788 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:36:17.0524 1788 nfrd960 - ok
14:36:17.0555 1788 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:36:17.0558 1788 NlaSvc - ok
14:36:17.0570 1788 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:36:17.0571 1788 Npfs - ok
14:36:17.0581 1788 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:36:17.0582 1788 nsi - ok
14:36:17.0586 1788 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:36:17.0587 1788 nsiproxy - ok
14:36:17.0632 1788 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:36:17.0657 1788 Ntfs - ok
14:36:17.0721 1788 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:36:17.0721 1788 Null - ok
14:36:17.0773 1788 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
14:36:17.0794 1788 NVENETFD - ok
14:36:17.0862 1788 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:36:17.0865 1788 NVHDA - ok
14:36:18.0087 1788 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:36:18.0143 1788 nvlddmkm - ok
14:36:18.0171 1788 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:36:18.0172 1788 nvraid - ok
14:36:18.0189 1788 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:36:18.0190 1788 nvstor - ok
14:36:18.0243 1788 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
14:36:18.0254 1788 NVSvc - ok
14:36:18.0355 1788 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:36:18.0383 1788 nvUpdatusService - ok
14:36:18.0441 1788 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:36:18.0444 1788 nv_agp - ok
14:36:18.0477 1788 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:36:18.0479 1788 ohci1394 - ok
14:36:18.0535 1788 [ D29D5E61A5722630BB58940D1E4E231A ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
14:36:18.0537 1788 OpenVPNService - ok
14:36:18.0622 1788 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:36:18.0626 1788 ose - ok
14:36:18.0788 1788 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:36:18.0861 1788 osppsvc - ok
14:36:18.0884 1788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:36:18.0887 1788 p2pimsvc - ok
14:36:18.0912 1788 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:36:18.0915 1788 p2psvc - ok
14:36:18.0937 1788 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:36:18.0937 1788 Parport - ok
14:36:18.0959 1788 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:36:18.0960 1788 partmgr - ok
14:36:18.0970 1788 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:36:18.0972 1788 PcaSvc - ok
14:36:18.0986 1788 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:36:18.0987 1788 pci - ok
14:36:19.0003 1788 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:36:19.0004 1788 pciide - ok
14:36:19.0017 1788 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:36:19.0018 1788 pcmcia - ok
14:36:19.0028 1788 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:36:19.0029 1788 pcw - ok
14:36:19.0042 1788 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:36:19.0047 1788 PEAUTH - ok
14:36:19.0084 1788 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:36:19.0110 1788 PeerDistSvc - ok
14:36:19.0168 1788 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:36:19.0171 1788 PerfHost - ok
14:36:19.0246 1788 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:36:19.0269 1788 pla - ok
14:36:19.0308 1788 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:36:19.0313 1788 PlugPlay - ok
14:36:19.0324 1788 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:36:19.0325 1788 PNRPAutoReg - ok
14:36:19.0343 1788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:36:19.0345 1788 PNRPsvc - ok
14:36:19.0360 1788 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:36:19.0367 1788 PolicyAgent - ok
14:36:19.0385 1788 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:36:19.0388 1788 Power - ok
14:36:19.0427 1788 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:36:19.0428 1788 PptpMiniport - ok
14:36:19.0450 1788 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:36:19.0451 1788 Processor - ok
14:36:19.0475 1788 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:36:19.0477 1788 ProfSvc - ok
14:36:19.0486 1788 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:36:19.0487 1788 ProtectedStorage - ok
14:36:19.0512 1788 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:36:19.0513 1788 Psched - ok
14:36:19.0549 1788 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:36:19.0574 1788 ql2300 - ok
14:36:19.0592 1788 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:36:19.0593 1788 ql40xx - ok
14:36:19.0607 1788 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:36:19.0610 1788 QWAVE - ok
14:36:19.0620 1788 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:36:19.0621 1788 QWAVEdrv - ok
14:36:19.0656 1788 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
14:36:19.0658 1788 RapiMgr - ok
14:36:19.0666 1788 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:36:19.0666 1788 RasAcd - ok
14:36:19.0681 1788 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:36:19.0681 1788 RasAgileVpn - ok
14:36:19.0690 1788 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:36:19.0691 1788 RasAuto - ok
14:36:19.0709 1788 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:36:19.0710 1788 Rasl2tp - ok
14:36:19.0744 1788 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:36:19.0747 1788 RasMan - ok
14:36:19.0759 1788 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:36:19.0759 1788 RasPppoe - ok
14:36:19.0767 1788 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:36:19.0767 1788 RasSstp - ok
14:36:19.0795 1788 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:36:19.0797 1788 rdbss - ok
14:36:19.0809 1788 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:36:19.0809 1788 rdpbus - ok
14:36:19.0820 1788 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:36:19.0821 1788 RDPCDD - ok
14:36:19.0853 1788 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:36:19.0854 1788 RDPDR - ok
14:36:19.0863 1788 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:36:19.0863 1788 RDPENCDD - ok
14:36:19.0868 1788 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:36:19.0868 1788 RDPREFMP - ok
14:36:19.0883 1788 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:36:19.0884 1788 RDPWD - ok
14:36:19.0908 1788 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:36:19.0909 1788 rdyboost - ok
14:36:19.0930 1788 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:36:19.0931 1788 RemoteAccess - ok
14:36:19.0943 1788 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:36:19.0944 1788 RemoteRegistry - ok
14:36:19.0971 1788 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:36:19.0972 1788 RFCOMM - ok
14:36:19.0981 1788 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:36:19.0982 1788 RpcEptMapper - ok
14:36:19.0995 1788 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:36:19.0996 1788 RpcLocator - ok
14:36:20.0023 1788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:36:20.0026 1788 RpcSs - ok
14:36:20.0035 1788 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:36:20.0036 1788 rspndr - ok
14:36:20.0067 1788 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:36:20.0068 1788 RTL8167 - ok
14:36:20.0101 1788 [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187 C:\Windows\system32\DRIVERS\rtl8187.sys
14:36:20.0104 1788 RTL8187 - ok
14:36:20.0118 1788 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:36:20.0118 1788 s3cap - ok
14:36:20.0127 1788 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:36:20.0128 1788 SamSs - ok
14:36:20.0139 1788 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:36:20.0139 1788 sbp2port - ok
14:36:20.0156 1788 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:36:20.0158 1788 SCardSvr - ok
14:36:20.0180 1788 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:36:20.0180 1788 scfilter - ok
14:36:20.0221 1788 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:36:20.0236 1788 Schedule - ok
14:36:20.0263 1788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:36:20.0263 1788 SCPolicySvc - ok
14:36:20.0294 1788 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:36:20.0299 1788 SDRSVC - ok
14:36:20.0322 1788 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:36:20.0324 1788 secdrv - ok
14:36:20.0354 1788 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:36:20.0358 1788 seclogon - ok
14:36:20.0384 1788 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:36:20.0388 1788 SENS - ok
14:36:20.0408 1788 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:36:20.0411 1788 SensrSvc - ok
14:36:20.0433 1788 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:36:20.0434 1788 Serenum - ok
14:36:20.0456 1788 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:36:20.0458 1788 Serial - ok
14:36:20.0482 1788 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:36:20.0483 1788 sermouse - ok
14:36:20.0538 1788 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:36:20.0542 1788 SessionEnv - ok
14:36:20.0571 1788 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:36:20.0572 1788 sffdisk - ok
14:36:20.0589 1788 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:36:20.0590 1788 sffp_mmc - ok
14:36:20.0607 1788 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:36:20.0608 1788 sffp_sd - ok
14:36:20.0626 1788 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:36:20.0627 1788 sfloppy - ok
14:36:20.0663 1788 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:36:20.0667 1788 ShellHWDetection - ok
14:36:20.0693 1788 [ 0F498DEE92FD73DD999BAE4D506367F5 ] SI3132 C:\Windows\system32\DRIVERS\SI3132.sys
14:36:20.0694 1788 SI3132 - ok
14:36:20.0698 1788 [ 127CE10E01F53F2EDACA7FE42E5631EA ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
14:36:20.0698 1788 SiFilter - ok
14:36:20.0706 1788 [ B742C37002B8EBEF6E230DF9B4B28546 ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
14:36:20.0706 1788 SiRemFil - ok
14:36:20.0718 1788 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:36:20.0718 1788 SiSRaid2 - ok
14:36:20.0723 1788 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:36:20.0723 1788 SiSRaid4 - ok
14:36:20.0777 1788 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:36:20.0778 1788 SkypeUpdate - ok
14:36:20.0796 1788 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:36:20.0797 1788 Smb - ok
14:36:20.0826 1788 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:36:20.0827 1788 SNMPTRAP - ok
14:36:20.0869 1788 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
14:36:20.0870 1788 speedfan - ok
14:36:20.0887 1788 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:36:20.0888 1788 spldr - ok
14:36:20.0922 1788 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:36:20.0926 1788 Spooler - ok
14:36:21.0030 1788 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:36:21.0093 1788 sppsvc - ok
14:36:21.0111 1788 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:36:21.0113 1788 sppuinotify - ok
14:36:21.0141 1788 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\System32\Drivers\sptd.sys
14:36:21.0158 1788 sptd - ok
14:36:21.0193 1788 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:36:21.0197 1788 srv - ok
14:36:21.0215 1788 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:36:21.0218 1788 srv2 - ok
14:36:21.0231 1788 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:36:21.0232 1788 srvnet - ok
14:36:21.0252 1788 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:36:21.0254 1788 SSDPSRV - ok
14:36:21.0268 1788 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:36:21.0270 1788 SstpSvc - ok
14:36:21.0300 1788 Steam Client Service - ok
14:36:21.0370 1788 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:36:21.0376 1788 Stereo Service - ok
14:36:21.0400 1788 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:36:21.0401 1788 stexstor - ok
14:36:21.0451 1788 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:36:21.0468 1788 stisvc - ok
14:36:21.0484 1788 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:36:21.0484 1788 storflt - ok
14:36:21.0505 1788 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:36:21.0506 1788 StorSvc - ok
14:36:21.0520 1788 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:36:21.0521 1788 storvsc - ok
14:36:21.0538 1788 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:36:21.0538 1788 swenum - ok
14:36:21.0555 1788 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:36:21.0571 1788 swprv - ok
14:36:21.0625 1788 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:36:21.0656 1788 SysMain - ok
14:36:21.0682 1788 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:36:21.0684 1788 TabletInputService - ok
14:36:21.0710 1788 [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
14:36:21.0710 1788 tap0901 - ok
14:36:21.0736 1788 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:36:21.0739 1788 TapiSrv - ok
14:36:21.0753 1788 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:36:21.0755 1788 TBS - ok
14:36:21.0814 1788 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:36:21.0857 1788 Tcpip - ok
14:36:21.0898 1788 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:36:21.0910 1788 TCPIP6 - ok
14:36:21.0935 1788 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:36:21.0936 1788 tcpipreg - ok
14:36:21.0954 1788 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:36:21.0954 1788 TDPIPE - ok
14:36:21.0978 1788 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:36:21.0978 1788 TDTCP - ok
14:36:22.0003 1788 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:36:22.0004 1788 tdx - ok
14:36:22.0014 1788 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:36:22.0015 1788 TermDD - ok
14:36:22.0040 1788 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:36:22.0057 1788 TermService - ok
14:36:22.0066 1788 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:36:22.0068 1788 Themes - ok
14:36:22.0078 1788 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:36:22.0079 1788 THREADORDER - ok
14:36:22.0089 1788 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:36:22.0091 1788 TrkWks - ok
14:36:22.0127 1788 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:36:22.0128 1788 TrustedInstaller - ok
14:36:22.0147 1788 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:36:22.0148 1788 tssecsrv - ok
14:36:22.0171 1788 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:36:22.0171 1788 TsUsbFlt - ok
14:36:22.0204 1788 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:36:22.0204 1788 tunnel - ok
14:36:22.0217 1788 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:36:22.0217 1788 uagp35 - ok
14:36:22.0243 1788 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:36:22.0246 1788 udfs - ok
14:36:22.0299 1788 [ 2E071263A409931F8AFF3A6A656E920C ] UI Assistant Service C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
14:36:22.0300 1788 UI Assistant Service - ok
14:36:22.0312 1788 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:36:22.0313 1788 UI0Detect - ok
14:36:22.0328 1788 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:36:22.0329 1788 uliagpkx - ok
14:36:22.0352 1788 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:36:22.0352 1788 umbus - ok
14:36:22.0360 1788 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:36:22.0360 1788 UmPass - ok
14:36:22.0385 1788 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:36:22.0391 1788 UmRdpService - ok
14:36:22.0460 1788 [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:36:22.0466 1788 UMVPFSrv - ok
14:36:22.0504 1788 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:36:22.0521 1788 upnphost - ok
14:36:22.0544 1788 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:36:22.0547 1788 usbaudio - ok
14:36:22.0588 1788 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:36:22.0590 1788 usbccgp - ok
14:36:22.0620 1788 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:36:22.0622 1788 usbcir - ok
14:36:22.0644 1788 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:36:22.0645 1788 usbehci - ok
14:36:22.0671 1788 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:36:22.0687 1788 usbhub - ok
14:36:22.0707 1788 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:36:22.0708 1788 usbohci - ok
14:36:22.0731 1788 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:36:22.0732 1788 usbprint - ok
14:36:22.0751 1788 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:36:22.0753 1788 USBSTOR - ok
14:36:22.0762 1788 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:36:22.0763 1788 usbuhci - ok
14:36:22.0795 1788 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
14:36:22.0796 1788 usb_rndisx - ok
14:36:22.0806 1788 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:36:22.0807 1788 UxSms - ok
14:36:22.0819 1788 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:36:22.0820 1788 VaultSvc - ok
14:36:22.0854 1788 [ C30F3D43CEB6F79ADE9B805387E5F63C ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:36:22.0855 1788 VBoxDrv - ok
14:36:22.0919 1788 [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:36:22.0921 1788 VBoxNetAdp - ok
14:36:22.0928 1788 [ 7B657669C53A0E6583F07EBAA303D9EA ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:36:22.0929 1788 VBoxNetFlt - ok
14:36:22.0968 1788 [ CF3EE68CD9723E9F21E3198A0F690400 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:36:22.0969 1788 VBoxUSBMon - ok
14:36:22.0978 1788 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:36:22.0978 1788 vdrvroot - ok
14:36:23.0005 1788 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:36:23.0021 1788 vds - ok
14:36:23.0037 1788 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:36:23.0038 1788 vga - ok
14:36:23.0045 1788 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:36:23.0046 1788 VgaSave - ok
14:36:23.0065 1788 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:36:23.0067 1788 vhdmp - ok
14:36:23.0082 1788 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:36:23.0082 1788 viaide - ok
14:36:23.0094 1788 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:36:23.0095 1788 vmbus - ok
14:36:23.0110 1788 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:36:23.0111 1788 VMBusHID - ok
14:36:23.0115 1788 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:36:23.0115 1788 volmgr - ok
14:36:23.0148 1788 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:36:23.0151 1788 volmgrx - ok
14:36:23.0168 1788 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:36:23.0170 1788 volsnap - ok
14:36:23.0204 1788 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:36:23.0205 1788 vsmraid - ok
14:36:23.0263 1788 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:36:23.0301 1788 VSS - ok
14:36:23.0310 1788 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:36:23.0310 1788 vwifibus - ok
14:36:23.0316 1788 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:36:23.0317 1788 vwififlt - ok
14:36:23.0325 1788 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:36:23.0325 1788 vwifimp - ok
14:36:23.0345 1788 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:36:23.0349 1788 W32Time - ok
14:36:23.0362 1788 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:36:23.0363 1788 WacomPen - ok
14:36:23.0386 1788 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:36:23.0387 1788 WANARP - ok
14:36:23.0400 1788 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:36:23.0401 1788 Wanarpv6 - ok
14:36:23.0447 1788 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:36:23.0473 1788 wbengine - ok
14:36:23.0482 1788 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:36:23.0485 1788 WbioSrvc - ok
14:36:23.0514 1788 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
14:36:23.0517 1788 WcesComm - ok
14:36:23.0547 1788 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:36:23.0551 1788 wcncsvc - ok
14:36:23.0563 1788 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:36:23.0564 1788 WcsPlugInService - ok
14:36:23.0573 1788 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:36:23.0574 1788 Wd - ok
14:36:23.0609 1788 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:36:23.0632 1788 Wdf01000 - ok
14:36:23.0652 1788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:36:23.0656 1788 WdiServiceHost - ok
14:36:23.0664 1788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:36:23.0669 1788 WdiSystemHost - ok
14:36:23.0708 1788 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:36:23.0716 1788 WebClient - ok
14:36:23.0736 1788 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:36:23.0745 1788 Wecsvc - ok
14:36:23.0761 1788 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:36:23.0766 1788 wercplsupport - ok
14:36:23.0788 1788 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:36:23.0792 1788 WerSvc - ok
14:36:23.0808 1788 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:36:23.0809 1788 WfpLwf - ok
14:36:23.0824 1788 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:36:23.0825 1788 WIMMount - ok
14:36:23.0831 1788 WinHttpAutoProxySvc - ok
14:36:23.0879 1788 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:36:23.0881 1788 Winmgmt - ok
14:36:23.0933 1788 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:36:23.0968 1788 WinRM - ok
14:36:24.0011 1788 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:36:24.0012 1788 WinUsb - ok
14:36:24.0042 1788 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:36:24.0058 1788 Wlansvc - ok
14:36:24.0192 1788 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:36:24.0243 1788 wlidsvc - ok
14:36:24.0251 1788 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:36:24.0252 1788 WmiAcpi - ok
14:36:24.0277 1788 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:36:24.0278 1788 wmiApSrv - ok
14:36:24.0292 1788 WMPNetworkSvc - ok
14:36:24.0298 1788 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:36:24.0299 1788 WPCSvc - ok
14:36:24.0326 1788 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:36:24.0328 1788 WPDBusEnum - ok
14:36:24.0340 1788 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:36:24.0341 1788 ws2ifsl - ok
14:36:24.0344 1788 WSearch - ok
14:36:24.0379 1788 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:36:24.0380 1788 WudfPf - ok
14:36:24.0388 1788 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:36:24.0389 1788 WUDFRd - ok
14:36:24.0415 1788 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:36:24.0417 1788 wudfsvc - ok
14:36:24.0429 1788 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:36:24.0432 1788 WwanSvc - ok
14:36:24.0474 1788 [ 3762B4C538B9D710F85042849C20319F ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:36:24.0475 1788 ZTEusbmdm6k - ok
14:36:24.0504 1788 [ 3762B4C538B9D710F85042849C20319F ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:36:24.0505 1788 ZTEusbnmea - ok
14:36:24.0536 1788 [ 3762B4C538B9D710F85042849C20319F ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:36:24.0537 1788 ZTEusbser6k - ok
14:36:24.0625 1788 ================ Scan global ===============================
14:36:24.0661 1788 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:36:24.0688 1788 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:24.0696 1788 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:24.0713 1788 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:36:24.0737 1788 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:36:24.0740 1788 [Global] - ok
14:36:24.0740 1788 ================ Scan MBR ==================================
14:36:24.0743 1788 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:36:24.0838 1788 \Device\Harddisk0\DR0 - ok
14:36:24.0850 1788 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:36:25.0062 1788 \Device\Harddisk1\DR1 - ok
14:36:25.0069 1788 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:36:25.0676 1788 \Device\Harddisk2\DR2 - ok
14:36:25.0677 1788 ================ Scan VBR ==================================
14:36:25.0682 1788 [ 038E15ACA723E15A511F829D69359BF4 ] \Device\Harddisk1\DR1\Partition1
14:36:25.0685 1788 \Device\Harddisk1\DR1\Partition1 - ok
14:36:25.0714 1788 [ 05AC193644A2634F0F2367971DA86463 ] \Device\Harddisk1\DR1\Partition2
14:36:25.0716 1788 \Device\Harddisk1\DR1\Partition2 - ok
14:36:25.0725 1788 [ 47000BFDEF05A45EA48B3FC5D8453F97 ] \Device\Harddisk1\DR1\Partition3
14:36:25.0727 1788 \Device\Harddisk1\DR1\Partition3 - ok
14:36:25.0729 1788 [ 62B41225929F02256BDF3763C969E7C2 ] \Device\Harddisk2\DR2\Partition1
14:36:25.0730 1788 \Device\Harddisk2\DR2\Partition1 - ok
14:36:25.0731 1788 ============================================================
14:36:25.0731 1788 Scan finished
14:36:25.0731 1788 ============================================================
14:36:25.0741 3936 Detected object count: 0
14:36:25.0741 3936 Actual detected object count: 0
14:36:47.0006 4472 ============================================================
14:36:47.0006 4472 Scan started
14:36:47.0006 4472 Mode: Manual; TDLFS;
14:36:47.0006 4472 ============================================================
|
| Themen zu Yet another TR/ATRAPS.Gen2 topic |
| 4d36e972-e325-11ce-bfc1-08002be10318, adobe, antivir, aswmbr, avast, avira, classpnp.sys, computer, defender, desktop.ini, dxgkrnl, echtzeit-scanner, error, explorer, file, firefox, flash player, fontcache, frage, google, lanmanworkstation, log file, mozilla, nvidia, pdf, plug-in, policyagent, realtek, required, svchost.exe, system, temp, trojaner, trustedinstaller, tunnel, updates, usb, virtualbox, windows, wlansvc, wsearch |
Baum-Darstellung