| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: HEUR:Exploit.Java.CVE-2012-0507.genWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.02.2013, 15:13
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  HEUR:Exploit.Java.CVE-2012-0507.gen Wieso denn schon wieder im Anhang  Zu groß ist das Log diesmal ja nicht
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.02.2013, 00:43
| #17 |
 | HEUR:Exploit.Java.CVE-2012-0507.gen Hast Recht, tut mir leid hab einfach nicht richtig nachgedacht.
__________________ |
|
15.02.2013, 11:05
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HEUR:Exploit.Java.CVE-2012-0507.gen Bei aswMBR ist das Log falsch erstellt worden, bitte nochmal richtig machen. Und das Log bitte NICHT in den Anhang stecken
__________________
__________________ |
|
15.02.2013, 14:39
| #19 |
| | HEUR:Exploit.Java.CVE-2012-0507.gen Ich habe den Zugriff versehentlich eingeschränkt und nun lädt er den avast scan nicht herunter.-.- |
|
15.02.2013, 14:41
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HEUR:Exploit.Java.CVE-2012-0507.gen Was auch immer du da gemacht hast hebe die Einschränkung wieder auf
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.02.2013, 16:06
| #21 |
| | HEUR:Exploit.Java.CVE-2012-0507.gen Okay habe es entblockt bekommen und nun den Scan ausgeführt. aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software Run date: 2013-02-15 15:42:35 ----------------------------- 15:42:35.496 OS Version: Windows x64 6.1.7600 15:42:35.496 Number of processors: 4 586 0x502 15:42:35.497 ComputerName: BATHEKAI-UWE-PC UserName: Bathe Kai-Uwe 15:42:38.203 Initialize success 15:42:49.273 AVAST engine defs: 13021500 15:43:15.255 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000062 15:43:15.257 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3 15:43:15.276 Disk 0 MBR read successfully 15:43:15.278 Disk 0 MBR scan 15:43:15.282 Disk 0 unknown MBR code 15:43:15.292 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 15:43:15.323 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 940253 MB offset 206848 15:43:15.376 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13514 MB offset 1925844992 15:43:15.458 Disk 0 scanning C:\Windows\system32\drivers 15:43:47.721 Service scanning 15:44:14.143 Service PCDSRVC{F36B3A4C-F95654BD-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms **LOCKED** 32 15:44:31.992 Modules scanning 15:44:31.992 Disk 0 trace - called modules: 15:44:32.352 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys 15:44:32.352 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004764060] 15:44:32.362 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004503ac0] 15:44:32.362 5 ACPI.sys[fffff88000e97781] -> nt!IofCallDriver -> \Device\00000062[0xfffffa8004500750] 15:44:32.372 Scan finished successfully 16:04:48.125 Disk 0 MBR has been saved successfully to "C:\Users\Bathe Kai-Uwe\Desktop\MBR.dat" 16:04:48.125 The log file has been saved successfully to "C:\Users\Bathe Kai-Uwe\Desktop\aswMBR.txt" |
|
16.02.2013, 14:36
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HEUR:Exploit.Java.CVE-2012-0507.gen MBAR Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.03.2013, 18:20
| #23 |
| | HEUR:Exploit.Java.CVE-2012-0507.gen Guten Abend Tut mir noch einmal leid, wegen der langen Wartezeit. Ich bin mir nicht sicher welches mbar log ich einfügen soll, deswegen werde ich beide (das vor und nach dem Clean Up) mit einfügen. Bei dem TDSSKiller wurde nichts gefunden. mfg Dr.Eps Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.02.15.09
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Bathe Kai-Uwe :: BATHEKAI-UWE-PC [administrator]
07.03.2013 16:20:02
mbar-log-2013-03-07 (16-20-02).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 36017
Time elapsed: 38 minute(s), 42 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 2
c:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (PUP.CrossRider.SSK) -> Delete on reboot.
c:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (PUP.CrossRider.SSK) -> Delete on reboot.
Registry Keys Detected: 23
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440044504460} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550055505560} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660066506660} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550055505560} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660066506660} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440044504460} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\CrossriderApp0005060.BHO.1 (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\CrossriderApp0005060.BHO (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0005060.BHO (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0005060.BHO.1 (PUP.CrossRider.SSK) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220022502260} (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\CrossriderApp0005060.Sandbox.1 (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\CrossriderApp0005060.Sandbox (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0005060.Sandbox (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0005060.Sandbox.1 (PUP.CrossRider.SSK) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Savings Sidekick (PUP.CrossRider.SSK) -> Delete on reboot.
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Delete on reboot.
Registry Values Detected: 1
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS|5060 (PUP.CrossFire.SA) -> Data: Savings Sidekick -> Delete on reboot.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 2
c:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Delete on reboot.
c:\Program Files (x86)\Savings Sidekick (PUP.CrossRider.SSK) -> Delete on reboot.
Files Detected: 12
c:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (PUP.CrossRider.SSK) -> Delete on reboot.
c:\Users\Bathe Kai-Uwe\AppData\Local\Temp\47977951.Uninstall\Uninstall.exe (Adware.Agent) -> Delete on reboot.
c:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Delete on reboot.
c:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Delete on reboot.
c:\Program Files (x86)\Savings Sidekick\Savings SidekickInstaller.log (PUP.CrossRider.SSK) -> Delete on reboot.
c:\Program Files (x86)\Savings Sidekick\ButtonUtil.dll (PUP.CrossRider.SSK) -> Delete on reboot.
c:\Program Files (x86)\Savings Sidekick\Savings Sidekick-bg.exe (PUP.CrossRider.SSK) -> Delete on reboot.
c:\Program Files (x86)\Savings Sidekick\Savings Sidekick.exe (PUP.CrossRider.SSK) -> Delete on reboot.
c:\Program Files (x86)\Savings Sidekick\Savings Sidekick.ico (PUP.CrossRider.SSK) -> Delete on reboot.
c:\Program Files (x86)\Savings Sidekick\Savings Sidekick.ini (PUP.CrossRider.SSK) -> Delete on reboot.
c:\Program Files (x86)\Savings Sidekick\Uninstall.exe (PUP.CrossRider.SSK) -> Delete on reboot.
c:\Users\Bathe Kai-Uwe\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx (PUP.CrossRider.SSK) -> Delete on reboot.
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.02.15.09
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Bathe Kai-Uwe :: BATHEKAI-UWE-PC [administrator]
07.03.2013 17:34:52
mbar-log-2013-03-07 (17-34-52).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 35925
Time elapsed: 33 minute(s), 4 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
08.03.2013, 09:33
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HEUR:Exploit.Java.CVE-2012-0507.genZitat:
Es geht um mehr als nur Fund oder kein Fund
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.03.2013, 12:51
| #25 |
| | HEUR:Exploit.Java.CVE-2012-0507.gen Okay, tut mir leid. Hier also nochmal das Log vom TDSSKiller. Code:
ATTFilter 12:48:23.0601 6340 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:48:23.0726 6340 ============================================================
12:48:23.0726 6340 Current date / time: 2013/03/08 12:48:23.0726
12:48:23.0726 6340 SystemInfo:
12:48:23.0726 6340
12:48:23.0726 6340 OS Version: 6.1.7600 ServicePack: 0.0
12:48:23.0726 6340 Product type: Workstation
12:48:23.0726 6340 ComputerName: BATHEKAI-UWE-PC
12:48:23.0726 6340 UserName: Bathe Kai-Uwe
12:48:23.0726 6340 Windows directory: C:\Windows
12:48:23.0726 6340 System windows directory: C:\Windows
12:48:23.0726 6340 Running under WOW64
12:48:23.0726 6340 Processor architecture: Intel x64
12:48:23.0726 6340 Number of processors: 4
12:48:23.0726 6340 Page size: 0x1000
12:48:23.0726 6340 Boot type: Normal boot
12:48:23.0726 6340 ============================================================
12:48:24.0989 6340 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:48:25.0005 6340 ============================================================
12:48:25.0005 6340 \Device\Harddisk0\DR0:
12:48:25.0005 6340 MBR partitions:
12:48:25.0005 6340 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:48:25.0005 6340 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72C6E800
12:48:25.0005 6340 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72CA1000, BlocksNum 0x1A65000
12:48:25.0005 6340 ============================================================
12:48:25.0036 6340 C: <-> \Device\Harddisk0\DR0\Partition2
12:48:25.0098 6340 D: <-> \Device\Harddisk0\DR0\Partition3
12:48:25.0098 6340 ============================================================
12:48:25.0098 6340 Initialize success
12:48:25.0098 6340 ============================================================
12:48:26.0877 5564 ============================================================
12:48:26.0877 5564 Scan started
12:48:26.0877 5564 Mode: Manual;
12:48:26.0877 5564 ============================================================
12:48:28.0967 5564 ================ Scan system memory ========================
12:48:28.0967 5564 System memory - ok
12:48:28.0967 5564 ================ Scan services =============================
12:48:29.0092 5564 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
12:48:29.0123 5564 1394ohci - ok
12:48:29.0217 5564 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
12:48:29.0217 5564 ACPI - ok
12:48:29.0279 5564 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
12:48:29.0279 5564 AcpiPmi - ok
12:48:29.0435 5564 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:48:29.0435 5564 AdobeFlashPlayerUpdateSvc - ok
12:48:29.0466 5564 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:48:29.0513 5564 adp94xx - ok
12:48:29.0560 5564 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:48:29.0576 5564 adpahci - ok
12:48:29.0638 5564 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:48:29.0638 5564 adpu320 - ok
12:48:29.0700 5564 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:48:29.0716 5564 AeLookupSvc - ok
12:48:29.0794 5564 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
12:48:29.0841 5564 AFD - ok
12:48:29.0856 5564 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
12:48:29.0872 5564 agp440 - ok
12:48:29.0919 5564 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:48:29.0934 5564 ALG - ok
12:48:29.0950 5564 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
12:48:29.0966 5564 aliide - ok
12:48:29.0981 5564 [ 6290BA92CA8A23DB6BED83397CF97002 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:48:29.0997 5564 AMD External Events Utility - ok
12:48:30.0028 5564 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
12:48:30.0028 5564 amdide - ok
12:48:30.0044 5564 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:48:30.0044 5564 AmdK8 - ok
12:48:30.0059 5564 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:48:30.0075 5564 AmdPPM - ok
12:48:30.0090 5564 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
12:48:30.0106 5564 amdsata - ok
12:48:30.0122 5564 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:48:30.0137 5564 amdsbs - ok
12:48:30.0153 5564 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
12:48:30.0168 5564 amdxata - ok
12:48:30.0215 5564 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
12:48:30.0215 5564 androidusb - ok
12:48:30.0246 5564 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
12:48:30.0278 5564 AppID - ok
12:48:30.0324 5564 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:48:30.0324 5564 AppIDSvc - ok
12:48:30.0356 5564 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
12:48:30.0371 5564 Appinfo - ok
12:48:30.0387 5564 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:48:30.0418 5564 arc - ok
12:48:30.0434 5564 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:48:30.0449 5564 arcsas - ok
12:48:30.0480 5564 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:48:30.0496 5564 AsyncMac - ok
12:48:30.0527 5564 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
12:48:30.0543 5564 atapi - ok
12:48:30.0574 5564 [ 04A5815DF7E8B037DF674D3CCACC0C31 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
12:48:30.0574 5564 AtiHdmiService - ok
12:48:30.0714 5564 [ 29623DB7E23B65F0C50CA19D7E0DFD03 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:48:30.0886 5564 atikmdag - ok
12:48:30.0933 5564 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:48:30.0980 5564 AudioEndpointBuilder - ok
12:48:31.0011 5564 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:48:31.0011 5564 AudioSrv - ok
12:48:31.0104 5564 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
12:48:31.0167 5564 AVM WLAN Connection Service - ok
12:48:31.0229 5564 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
12:48:31.0229 5564 avmeject - ok
12:48:31.0338 5564 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
12:48:31.0401 5564 AVP - ok
12:48:31.0448 5564 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:48:31.0448 5564 AxInstSV - ok
12:48:31.0479 5564 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:48:31.0494 5564 b06bdrv - ok
12:48:31.0541 5564 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:48:31.0572 5564 b57nd60a - ok
12:48:31.0604 5564 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:48:31.0619 5564 BDESVC - ok
12:48:31.0635 5564 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:48:31.0635 5564 Beep - ok
12:48:31.0666 5564 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
12:48:31.0697 5564 BFE - ok
12:48:31.0744 5564 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
12:48:31.0806 5564 BITS - ok
12:48:31.0838 5564 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:48:31.0838 5564 blbdrive - ok
12:48:31.0884 5564 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:48:31.0916 5564 bowser - ok
12:48:31.0947 5564 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:48:31.0962 5564 BrFiltLo - ok
12:48:31.0962 5564 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:48:31.0962 5564 BrFiltUp - ok
12:48:32.0009 5564 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
12:48:32.0025 5564 Browser - ok
12:48:32.0212 5564 [ B98EF68B1E3DC5AC79A432900947EA2D ] Browser Manager C:\ProgramData\Browser Manager\2.6.1123.78\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
12:48:32.0274 5564 Browser Manager - ok
12:48:32.0306 5564 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:48:32.0306 5564 Brserid - ok
12:48:32.0321 5564 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:48:32.0337 5564 BrSerWdm - ok
12:48:32.0352 5564 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:48:32.0352 5564 BrUsbMdm - ok
12:48:32.0368 5564 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:48:32.0368 5564 BrUsbSer - ok
12:48:32.0384 5564 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:48:32.0399 5564 BTHMODEM - ok
12:48:32.0415 5564 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:48:32.0430 5564 bthserv - ok
12:48:32.0446 5564 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:48:32.0462 5564 cdfs - ok
12:48:32.0493 5564 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:48:32.0493 5564 cdrom - ok
12:48:32.0524 5564 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
12:48:32.0524 5564 CertPropSvc - ok
12:48:32.0540 5564 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:48:32.0540 5564 circlass - ok
12:48:32.0555 5564 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:48:32.0571 5564 CLFS - ok
12:48:32.0633 5564 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:48:32.0711 5564 clr_optimization_v2.0.50727_32 - ok
12:48:32.0758 5564 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:48:32.0774 5564 clr_optimization_v2.0.50727_64 - ok
12:48:32.0805 5564 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:48:32.0805 5564 CmBatt - ok
12:48:32.0836 5564 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
12:48:32.0836 5564 cmdide - ok
12:48:32.0883 5564 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
12:48:32.0930 5564 CNG - ok
12:48:32.0945 5564 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:48:32.0945 5564 Compbatt - ok
12:48:32.0992 5564 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:48:33.0008 5564 CompositeBus - ok
12:48:33.0023 5564 COMSysApp - ok
12:48:33.0054 5564 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:48:33.0070 5564 crcdisk - ok
12:48:33.0117 5564 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:48:33.0132 5564 CryptSvc - ok
12:48:33.0164 5564 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:48:33.0179 5564 DcomLaunch - ok
12:48:33.0226 5564 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:48:33.0257 5564 defragsvc - ok
12:48:33.0320 5564 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:48:33.0351 5564 DfsC - ok
12:48:33.0382 5564 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
12:48:33.0398 5564 Dhcp - ok
12:48:33.0429 5564 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:48:33.0460 5564 discache - ok
12:48:33.0507 5564 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:48:33.0538 5564 Disk - ok
12:48:33.0585 5564 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:48:33.0600 5564 Dnscache - ok
12:48:33.0616 5564 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
12:48:33.0647 5564 dot3svc - ok
12:48:33.0647 5564 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
12:48:33.0647 5564 DPS - ok
12:48:33.0678 5564 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:48:33.0694 5564 drmkaud - ok
12:48:33.0741 5564 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:48:33.0803 5564 DXGKrnl - ok
12:48:33.0819 5564 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:48:33.0819 5564 EapHost - ok
12:48:33.0897 5564 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:48:33.0959 5564 ebdrv - ok
12:48:34.0006 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
12:48:34.0022 5564 EFS - ok
12:48:34.0100 5564 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:48:34.0162 5564 ehRecvr - ok
12:48:34.0178 5564 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:48:34.0178 5564 ehSched - ok
12:48:34.0209 5564 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:48:34.0224 5564 elxstor - ok
12:48:34.0240 5564 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
12:48:34.0240 5564 ErrDev - ok
12:48:34.0287 5564 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:48:34.0302 5564 EventSystem - ok
12:48:34.0334 5564 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:48:34.0349 5564 exfat - ok
12:48:34.0365 5564 ezSharedSvc - ok
12:48:34.0365 5564 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:48:34.0380 5564 fastfat - ok
12:48:34.0412 5564 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
12:48:34.0412 5564 Fax - ok
12:48:34.0427 5564 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:48:34.0443 5564 fdc - ok
12:48:34.0458 5564 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:48:34.0458 5564 fdPHost - ok
12:48:34.0458 5564 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:48:34.0474 5564 FDResPub - ok
12:48:34.0490 5564 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:48:34.0490 5564 FileInfo - ok
12:48:34.0505 5564 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:48:34.0505 5564 Filetrace - ok
12:48:34.0630 5564 [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:48:34.0677 5564 FLEXnet Licensing Service 64 - ok
12:48:34.0708 5564 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:48:34.0724 5564 flpydisk - ok
12:48:34.0739 5564 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:48:34.0770 5564 FltMgr - ok
12:48:34.0833 5564 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
12:48:34.0880 5564 FontCache - ok
12:48:34.0926 5564 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:48:34.0958 5564 FontCache3.0.0.0 - ok
12:48:35.0004 5564 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:48:35.0020 5564 FsDepends - ok
12:48:35.0067 5564 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:48:35.0082 5564 Fs_Rec - ok
12:48:35.0129 5564 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:48:35.0145 5564 fvevol - ok
12:48:35.0223 5564 [ 4632BB93B668004965246D7911E2DD05 ] fwlanusb4 C:\Windows\system32\DRIVERS\fwlanusb4.sys
12:48:35.0254 5564 fwlanusb4 - ok
12:48:35.0301 5564 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:48:35.0301 5564 gagp30kx - ok
12:48:35.0348 5564 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
12:48:35.0426 5564 GameConsoleService - ok
12:48:35.0472 5564 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
12:48:35.0488 5564 gpsvc - ok
12:48:35.0597 5564 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:48:35.0597 5564 gupdate - ok
12:48:35.0613 5564 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:48:35.0613 5564 gupdatem - ok
12:48:35.0691 5564 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:48:35.0738 5564 gusvc - ok
12:48:35.0831 5564 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:48:35.0847 5564 hamachi - ok
12:48:36.0174 5564 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:48:36.0252 5564 Hamachi2Svc - ok
12:48:36.0284 5564 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:48:36.0299 5564 hcw85cir - ok
12:48:36.0346 5564 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:48:36.0346 5564 HdAudAddService - ok
12:48:36.0377 5564 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:48:36.0408 5564 HDAudBus - ok
12:48:36.0408 5564 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:48:36.0424 5564 HidBatt - ok
12:48:36.0455 5564 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:48:36.0455 5564 HidBth - ok
12:48:36.0486 5564 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:48:36.0486 5564 HidIr - ok
12:48:36.0518 5564 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:48:36.0533 5564 hidserv - ok
12:48:36.0549 5564 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:48:36.0549 5564 HidUsb - ok
12:48:36.0564 5564 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:48:36.0580 5564 hkmsvc - ok
12:48:36.0580 5564 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:48:36.0596 5564 HomeGroupListener - ok
12:48:36.0627 5564 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:48:36.0642 5564 HomeGroupProvider - ok
12:48:36.0658 5564 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
12:48:36.0674 5564 HpSAMD - ok
12:48:36.0705 5564 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:48:36.0720 5564 HTTP - ok
12:48:36.0736 5564 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:48:36.0752 5564 hwpolicy - ok
12:48:36.0767 5564 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:48:36.0767 5564 i8042prt - ok
12:48:36.0798 5564 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
12:48:36.0814 5564 iaStorV - ok
12:48:36.0861 5564 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:48:36.0876 5564 idsvc - ok
12:48:36.0923 5564 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:48:36.0923 5564 iirsp - ok
12:48:36.0970 5564 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
12:48:37.0017 5564 IKEEXT - ok
12:48:37.0032 5564 IntcAzAudAddService - ok
12:48:37.0048 5564 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
12:48:37.0064 5564 intelide - ok
12:48:37.0079 5564 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:48:37.0095 5564 intelppm - ok
12:48:37.0110 5564 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:48:37.0126 5564 IPBusEnum - ok
12:48:37.0157 5564 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:48:37.0157 5564 IpFilterDriver - ok
12:48:37.0235 5564 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:48:37.0282 5564 iphlpsvc - ok
12:48:37.0344 5564 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:48:37.0360 5564 IPMIDRV - ok
12:48:37.0422 5564 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:48:37.0438 5564 IPNAT - ok
12:48:37.0454 5564 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:48:37.0454 5564 IRENUM - ok
12:48:37.0485 5564 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
12:48:37.0485 5564 isapnp - ok
12:48:37.0500 5564 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:48:37.0532 5564 iScsiPrt - ok
12:48:37.0594 5564 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:48:37.0610 5564 kbdclass - ok
12:48:37.0625 5564 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:48:37.0641 5564 kbdhid - ok
12:48:37.0656 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
12:48:37.0656 5564 KeyIso - ok
12:48:37.0719 5564 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
12:48:37.0750 5564 kl1 - ok
12:48:37.0844 5564 [ 65F3B81FA285EAB641F5E6EF7AEB984D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
12:48:37.0875 5564 KLIF - ok
12:48:37.0953 5564 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
12:48:37.0968 5564 KLIM6 - ok
12:48:38.0000 5564 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
12:48:38.0015 5564 klkbdflt - ok
12:48:38.0031 5564 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
12:48:38.0062 5564 klmouflt - ok
12:48:38.0078 5564 [ A8081ED8D48FA611D11DB97F49A5343D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
12:48:38.0078 5564 kltdi - ok
12:48:38.0093 5564 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
12:48:38.0109 5564 kneps - ok
12:48:38.0156 5564 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:48:38.0171 5564 KSecDD - ok
12:48:38.0218 5564 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:48:38.0249 5564 KSecPkg - ok
12:48:38.0280 5564 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:48:38.0312 5564 ksthunk - ok
12:48:38.0327 5564 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:48:38.0343 5564 KtmRm - ok
12:48:38.0421 5564 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:48:38.0452 5564 LanmanServer - ok
12:48:38.0483 5564 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:48:38.0499 5564 LanmanWorkstation - ok
12:48:38.0561 5564 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:48:38.0624 5564 LightScribeService - ok
12:48:38.0655 5564 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:48:38.0670 5564 lltdio - ok
12:48:38.0686 5564 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:48:38.0702 5564 lltdsvc - ok
12:48:38.0748 5564 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:48:38.0780 5564 lmhosts - ok
12:48:38.0811 5564 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:48:38.0826 5564 LSI_FC - ok
12:48:38.0842 5564 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:48:38.0842 5564 LSI_SAS - ok
12:48:38.0873 5564 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:48:38.0873 5564 LSI_SAS2 - ok
12:48:38.0904 5564 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:48:38.0904 5564 LSI_SCSI - ok
12:48:38.0936 5564 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:48:38.0936 5564 luafv - ok
12:48:38.0998 5564 [ 5D43CC3ECD4F2E733460A6E4AF576128 ] LVcKap64 C:\Windows\system32\DRIVERS\LVcKap64.sys
12:48:39.0060 5564 LVcKap64 - ok
12:48:39.0138 5564 [ 2404A511B682BFD8790E663A3E432473 ] LVMVDrv C:\Windows\system32\DRIVERS\LVMVDrv.sys
12:48:39.0279 5564 LVMVDrv - ok
12:48:39.0326 5564 [ 25F430702E3923F9DFB6B9A4D1DD9C29 ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
12:48:39.0357 5564 LVSrvLauncher - ok
12:48:39.0388 5564 [ 6F9B043FD18C17D7E719382608817C72 ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
12:48:39.0388 5564 LVUSBS64 - ok
12:48:39.0419 5564 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:48:39.0419 5564 Mcx2Svc - ok
12:48:39.0435 5564 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:48:39.0450 5564 megasas - ok
12:48:39.0466 5564 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:48:39.0482 5564 MegaSR - ok
12:48:39.0560 5564 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:48:39.0575 5564 Microsoft Office Groove Audit Service - ok
12:48:39.0747 5564 [ 6BF0A4A21FBB50FCF644E9B7E8955241 ] mitsijm2011 C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
12:48:39.0762 5564 mitsijm2011 - ok
12:48:39.0809 5564 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:48:39.0809 5564 MMCSS - ok
12:48:39.0825 5564 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:48:39.0840 5564 Modem - ok
12:48:39.0872 5564 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:48:39.0887 5564 monitor - ok
12:48:39.0903 5564 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:48:39.0918 5564 mouclass - ok
12:48:39.0934 5564 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:48:39.0934 5564 mouhid - ok
12:48:39.0950 5564 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:48:39.0965 5564 mountmgr - ok
12:48:40.0043 5564 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:48:40.0043 5564 MozillaMaintenance - ok
12:48:40.0074 5564 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
12:48:40.0074 5564 mpio - ok
12:48:40.0090 5564 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:48:40.0121 5564 mpsdrv - ok
12:48:40.0137 5564 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:48:40.0152 5564 MpsSvc - ok
12:48:40.0168 5564 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:48:40.0168 5564 MRxDAV - ok
12:48:40.0215 5564 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:48:40.0246 5564 mrxsmb - ok
12:48:40.0293 5564 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:48:40.0340 5564 mrxsmb10 - ok
12:48:40.0355 5564 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:48:40.0371 5564 mrxsmb20 - ok
12:48:40.0371 5564 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
12:48:40.0386 5564 msahci - ok
12:48:40.0402 5564 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
12:48:40.0418 5564 msdsm - ok
12:48:40.0418 5564 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:48:40.0433 5564 MSDTC - ok
12:48:40.0449 5564 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:48:40.0449 5564 Msfs - ok
12:48:40.0480 5564 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:48:40.0480 5564 mshidkmdf - ok
12:48:40.0480 5564 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
12:48:40.0496 5564 msisadrv - ok
12:48:40.0542 5564 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:48:40.0558 5564 MSiSCSI - ok
12:48:40.0558 5564 msiserver - ok
12:48:40.0589 5564 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:48:40.0589 5564 MSKSSRV - ok
12:48:40.0620 5564 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:48:40.0636 5564 MSPCLOCK - ok
12:48:40.0652 5564 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:48:40.0667 5564 MSPQM - ok
12:48:40.0683 5564 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:48:40.0698 5564 MsRPC - ok
12:48:40.0730 5564 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:48:40.0730 5564 mssmbios - ok
12:48:40.0730 5564 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:48:40.0745 5564 MSTEE - ok
12:48:40.0761 5564 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:48:40.0761 5564 MTConfig - ok
12:48:40.0776 5564 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:48:40.0776 5564 Mup - ok
12:48:40.0808 5564 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
12:48:40.0808 5564 napagent - ok
12:48:40.0839 5564 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:48:40.0839 5564 NativeWifiP - ok
12:48:40.0870 5564 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
12:48:40.0901 5564 NDIS - ok
12:48:40.0917 5564 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:48:40.0932 5564 NdisCap - ok
12:48:40.0964 5564 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:48:40.0964 5564 NdisTapi - ok
12:48:40.0964 5564 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:48:40.0979 5564 Ndisuio - ok
12:48:40.0995 5564 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:48:41.0010 5564 NdisWan - ok
12:48:41.0010 5564 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:48:41.0026 5564 NDProxy - ok
12:48:41.0042 5564 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:48:41.0042 5564 NetBIOS - ok
12:48:41.0057 5564 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:48:41.0073 5564 NetBT - ok
12:48:41.0088 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
12:48:41.0088 5564 Netlogon - ok
12:48:41.0120 5564 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:48:41.0166 5564 Netman - ok
12:48:41.0213 5564 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:48:41.0213 5564 netprofm - ok
12:48:41.0276 5564 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
12:48:41.0291 5564 netr28ux - ok
12:48:41.0338 5564 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:48:41.0369 5564 NetTcpPortSharing - ok
12:48:41.0416 5564 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:48:41.0432 5564 nfrd960 - ok
12:48:41.0463 5564 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:48:41.0463 5564 NlaSvc - ok
12:48:41.0510 5564 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
12:48:41.0572 5564 NMSAccessU - ok
12:48:41.0619 5564 [ C31FA031335EFF434B2D94278E74BCCE ] npf C:\Windows\system32\drivers\npf.sys
12:48:41.0634 5564 npf - ok
12:48:41.0650 5564 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:48:41.0666 5564 Npfs - ok
12:48:41.0681 5564 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:48:41.0681 5564 nsi - ok
12:48:41.0697 5564 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:48:41.0712 5564 nsiproxy - ok
12:48:41.0744 5564 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:48:41.0790 5564 Ntfs - ok
12:48:41.0790 5564 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:48:41.0806 5564 Null - ok
12:48:41.0837 5564 [ 9C3024E48DB4C98E50AF7D8B72D0EF89 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
12:48:41.0853 5564 NVNET - ok
12:48:41.0884 5564 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
12:48:41.0900 5564 nvraid - ok
12:48:41.0900 5564 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
12:48:41.0915 5564 nvstor - ok
12:48:41.0931 5564 [ 6BA747B1A9297A6C0271700D12FDD495 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
12:48:41.0931 5564 nvstor64 - ok
12:48:41.0962 5564 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
12:48:41.0962 5564 nv_agp - ok
12:48:42.0056 5564 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:48:42.0180 5564 odserv - ok
12:48:42.0180 5564 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:48:42.0196 5564 ohci1394 - ok
12:48:42.0243 5564 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:48:42.0290 5564 ose - ok
12:48:42.0336 5564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:48:42.0336 5564 p2pimsvc - ok
12:48:42.0368 5564 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:48:42.0368 5564 p2psvc - ok
12:48:42.0383 5564 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:48:42.0383 5564 Parport - ok
12:48:42.0430 5564 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:48:42.0446 5564 partmgr - ok
12:48:42.0524 5564 [ 54C6BD3C6C102396EB01A4877DF7B6E3 ] PcaSp50 C:\Windows\system32\Drivers\PcaSp50.sys
12:48:42.0524 5564 PcaSp50 - ok
12:48:42.0539 5564 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:48:42.0570 5564 PcaSvc - ok
12:48:42.0664 5564 [ 51209FBDB13A46E05C1B0077A9310264 ] PCDSRVC{F36B3A4C-F95654BD-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
12:48:42.0820 5564 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok
12:48:42.0851 5564 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
12:48:42.0867 5564 pci - ok
12:48:42.0882 5564 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
12:48:42.0882 5564 pciide - ok
12:48:42.0929 5564 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:48:42.0929 5564 pcmcia - ok
12:48:42.0960 5564 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:48:42.0960 5564 pcw - ok
12:48:42.0992 5564 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:48:43.0023 5564 PEAUTH - ok
12:48:43.0116 5564 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:48:43.0148 5564 PerfHost - ok
12:48:43.0257 5564 [ DD797B8B2B295AFBDCD9F35CF62B5DCC ] PID_0928 C:\Windows\system32\DRIVERS\LV561V64.SYS
12:48:43.0304 5564 PID_0928 - ok
12:48:43.0366 5564 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
12:48:43.0428 5564 pla - ok
12:48:43.0475 5564 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:48:43.0491 5564 PlugPlay - ok
12:48:43.0553 5564 PnkBstrA - ok
12:48:43.0569 5564 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:48:43.0584 5564 PNRPAutoReg - ok
12:48:43.0600 5564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:48:43.0600 5564 PNRPsvc - ok
12:48:43.0647 5564 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:48:43.0678 5564 PolicyAgent - ok
12:48:43.0694 5564 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:48:43.0709 5564 Power - ok
12:48:43.0740 5564 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:48:43.0740 5564 PptpMiniport - ok
12:48:43.0772 5564 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:48:43.0772 5564 Processor - ok
12:48:43.0787 5564 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
12:48:43.0803 5564 ProfSvc - ok
12:48:43.0850 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:48:43.0850 5564 ProtectedStorage - ok
12:48:43.0865 5564 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:48:43.0896 5564 Psched - ok
12:48:43.0943 5564 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:48:43.0974 5564 PSI_SVC_2 - ok
12:48:44.0021 5564 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:48:44.0068 5564 ql2300 - ok
12:48:44.0084 5564 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:48:44.0115 5564 ql40xx - ok
12:48:44.0130 5564 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:48:44.0146 5564 QWAVE - ok
12:48:44.0162 5564 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:48:44.0177 5564 QWAVEdrv - ok
12:48:44.0193 5564 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:48:44.0208 5564 RasAcd - ok
12:48:44.0255 5564 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:48:44.0255 5564 RasAgileVpn - ok
12:48:44.0271 5564 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:48:44.0302 5564 RasAuto - ok
12:48:44.0318 5564 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:48:44.0333 5564 Rasl2tp - ok
12:48:44.0349 5564 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
12:48:44.0364 5564 RasMan - ok
12:48:44.0380 5564 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:48:44.0380 5564 RasPppoe - ok
12:48:44.0396 5564 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:48:44.0396 5564 RasSstp - ok
12:48:44.0411 5564 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:48:44.0427 5564 rdbss - ok
12:48:44.0442 5564 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:48:44.0442 5564 rdpbus - ok
12:48:44.0458 5564 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:48:44.0474 5564 RDPCDD - ok
12:48:44.0489 5564 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:48:44.0489 5564 RDPENCDD - ok
12:48:44.0505 5564 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:48:44.0520 5564 RDPREFMP - ok
12:48:44.0552 5564 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:48:44.0567 5564 RDPWD - ok
12:48:44.0583 5564 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:48:44.0598 5564 rdyboost - ok
12:48:44.0661 5564 [ BBFCAC1C23B867AE5D7EF96DF40680C5 ] Realtek11nSU C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
12:48:44.0661 5564 Realtek11nSU - ok
12:48:44.0723 5564 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:48:44.0723 5564 RemoteAccess - ok
12:48:44.0770 5564 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:48:44.0770 5564 RemoteRegistry - ok
12:48:44.0801 5564 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:48:44.0817 5564 RpcEptMapper - ok
12:48:44.0848 5564 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:48:44.0879 5564 RpcLocator - ok
12:48:44.0910 5564 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
12:48:44.0910 5564 RpcSs - ok
12:48:44.0926 5564 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:48:44.0926 5564 rspndr - ok
12:48:44.0988 5564 [ FC00C0DE6DC83DE1B2B01420E2195B21 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
12:48:45.0004 5564 RTL8192su - ok
12:48:45.0004 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
12:48:45.0020 5564 SamSs - ok
12:48:45.0035 5564 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
12:48:45.0051 5564 sbp2port - ok
12:48:45.0113 5564 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:48:45.0144 5564 SCardSvr - ok
12:48:45.0144 5564 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:48:45.0176 5564 scfilter - ok
12:48:45.0254 5564 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
12:48:45.0316 5564 Schedule - ok
12:48:45.0347 5564 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:48:45.0347 5564 SCPolicySvc - ok
12:48:45.0363 5564 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:48:45.0378 5564 SDRSVC - ok
12:48:45.0456 5564 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:48:45.0519 5564 SeaPort - ok
12:48:45.0534 5564 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:48:45.0550 5564 secdrv - ok
12:48:45.0566 5564 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
12:48:45.0566 5564 seclogon - ok
12:48:45.0581 5564 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:48:45.0597 5564 SENS - ok
12:48:45.0612 5564 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:48:45.0628 5564 SensrSvc - ok
12:48:45.0659 5564 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:48:45.0675 5564 Serenum - ok
12:48:45.0690 5564 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:48:45.0690 5564 Serial - ok
12:48:45.0706 5564 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:48:45.0706 5564 sermouse - ok
12:48:45.0737 5564 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
12:48:45.0753 5564 SessionEnv - ok
12:48:45.0768 5564 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
12:48:45.0784 5564 sffdisk - ok
12:48:45.0784 5564 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:48:45.0784 5564 sffp_mmc - ok
12:48:45.0800 5564 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
12:48:45.0815 5564 sffp_sd - ok
12:48:45.0831 5564 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:48:45.0846 5564 sfloppy - ok
12:48:45.0893 5564 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:48:45.0924 5564 SharedAccess - ok
12:48:45.0940 5564 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:48:45.0971 5564 ShellHWDetection - ok
12:48:45.0987 5564 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:48:45.0987 5564 SiSRaid2 - ok
12:48:46.0002 5564 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:48:46.0002 5564 SiSRaid4 - ok
12:48:46.0080 5564 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:48:46.0080 5564 SkypeUpdate - ok
12:48:46.0143 5564 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:48:46.0190 5564 Smb - ok
12:48:46.0252 5564 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:48:46.0283 5564 SNMPTRAP - ok
12:48:46.0314 5564 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:48:46.0330 5564 spldr - ok
12:48:46.0392 5564 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
12:48:46.0424 5564 Spooler - ok
12:48:46.0502 5564 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
12:48:46.0611 5564 sppsvc - ok
12:48:46.0642 5564 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:48:46.0642 5564 sppuinotify - ok
12:48:46.0704 5564 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:48:46.0736 5564 srv - ok
12:48:46.0751 5564 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:48:46.0767 5564 srv2 - ok
12:48:46.0814 5564 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:48:46.0829 5564 srvnet - ok
12:48:46.0876 5564 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
12:48:46.0907 5564 ssadbus - ok
12:48:46.0954 5564 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:48:46.0970 5564 ssadmdfl - ok
12:48:47.0016 5564 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
12:48:47.0016 5564 ssadmdm - ok
12:48:47.0094 5564 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
12:48:47.0094 5564 ssadserd - ok
12:48:47.0141 5564 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
12:48:47.0172 5564 sscdbus - ok
12:48:47.0235 5564 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
12:48:47.0250 5564 sscdmdfl - ok
12:48:47.0313 5564 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
12:48:47.0328 5564 sscdmdm - ok
12:48:47.0375 5564 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:48:47.0375 5564 SSDPSRV - ok
12:48:47.0422 5564 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:48:47.0453 5564 SstpSvc - ok
12:48:47.0484 5564 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
12:48:47.0500 5564 StarOpen - ok
12:48:47.0531 5564 Steam Client Service - ok
12:48:47.0562 5564 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:48:47.0578 5564 stexstor - ok
12:48:47.0609 5564 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
12:48:47.0640 5564 stisvc - ok
12:48:47.0656 5564 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:48:47.0672 5564 swenum - ok
12:48:47.0687 5564 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:48:47.0718 5564 swprv - ok
12:48:47.0750 5564 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
12:48:47.0796 5564 SysMain - ok
12:48:47.0812 5564 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:48:47.0828 5564 TabletInputService - ok
12:48:47.0843 5564 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
12:48:47.0859 5564 TapiSrv - ok
12:48:47.0874 5564 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:48:47.0890 5564 TBS - ok
12:48:47.0968 5564 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:48:48.0046 5564 Tcpip - ok
12:48:48.0062 5564 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:48:48.0077 5564 TCPIP6 - ok
12:48:48.0108 5564 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:48:48.0124 5564 tcpipreg - ok
12:48:48.0140 5564 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:48:48.0155 5564 TDPIPE - ok
12:48:48.0186 5564 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:48:48.0202 5564 TDTCP - ok
12:48:48.0218 5564 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:48:48.0233 5564 tdx - ok
12:48:48.0420 5564 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
12:48:48.0670 5564 TeamViewer7 - ok
12:48:48.0701 5564 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:48:48.0701 5564 TermDD - ok
12:48:48.0748 5564 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
12:48:48.0795 5564 TermService - ok
12:48:48.0810 5564 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:48:48.0842 5564 Themes - ok
12:48:48.0873 5564 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:48:48.0873 5564 THREADORDER - ok
12:48:48.0888 5564 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:48:48.0904 5564 TrkWks - ok
12:48:48.0951 5564 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:48:48.0951 5564 TrustedInstaller - ok
12:48:48.0998 5564 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:48:49.0013 5564 tssecsrv - ok
12:48:49.0060 5564 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:48:49.0091 5564 tunnel - ok
12:48:49.0122 5564 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:48:49.0122 5564 uagp35 - ok
12:48:49.0138 5564 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:48:49.0154 5564 udfs - ok
12:48:49.0169 5564 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:48:49.0185 5564 UI0Detect - ok
12:48:49.0216 5564 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
12:48:49.0216 5564 uliagpkx - ok
12:48:49.0232 5564 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:48:49.0232 5564 umbus - ok
12:48:49.0247 5564 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:48:49.0263 5564 UmPass - ok
12:48:49.0278 5564 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:48:49.0294 5564 upnphost - ok
12:48:49.0325 5564 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:48:49.0341 5564 usbaudio - ok
12:48:49.0372 5564 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:48:49.0372 5564 usbccgp - ok
12:48:49.0403 5564 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
12:48:49.0403 5564 usbcir - ok
12:48:49.0419 5564 [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:48:49.0419 5564 usbehci - ok
12:48:49.0450 5564 [ 372A91BC3C6603080A793880B0873785 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:48:49.0450 5564 usbhub - ok
12:48:49.0466 5564 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:48:49.0466 5564 usbohci - ok
12:48:49.0497 5564 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:48:49.0497 5564 usbprint - ok
12:48:49.0559 5564 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:48:49.0575 5564 usbscan - ok
12:48:49.0637 5564 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:48:49.0668 5564 USBSTOR - ok
12:48:49.0684 5564 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:48:49.0684 5564 usbuhci - ok
12:48:49.0731 5564 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:48:49.0746 5564 UxSms - ok
12:48:49.0762 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
12:48:49.0762 5564 VaultSvc - ok
12:48:49.0778 5564 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
12:48:49.0793 5564 vdrvroot - ok
12:48:49.0809 5564 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
12:48:49.0840 5564 vds - ok
12:48:49.0856 5564 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:48:49.0871 5564 vga - ok
12:48:49.0887 5564 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:48:49.0887 5564 VgaSave - ok
12:48:49.0918 5564 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
12:48:49.0918 5564 vhdmp - ok
12:48:49.0934 5564 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
12:48:49.0934 5564 viaide - ok
12:48:49.0965 5564 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
12:48:49.0996 5564 volmgr - ok
12:48:50.0012 5564 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:48:50.0027 5564 volmgrx - ok
12:48:50.0074 5564 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:48:50.0090 5564 volsnap - ok
12:48:50.0105 5564 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:48:50.0121 5564 vsmraid - ok
12:48:50.0168 5564 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
12:48:50.0214 5564 VSS - ok
12:48:50.0230 5564 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:48:50.0246 5564 vwifibus - ok
12:48:50.0261 5564 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:48:50.0277 5564 vwififlt - ok
12:48:50.0308 5564 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:48:50.0324 5564 vwifimp - ok
12:48:50.0339 5564 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:48:50.0339 5564 W32Time - ok
12:48:50.0370 5564 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:48:50.0370 5564 WacomPen - ok
12:48:50.0402 5564 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:48:50.0417 5564 WANARP - ok
12:48:50.0417 5564 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:48:50.0417 5564 Wanarpv6 - ok
12:48:50.0526 5564 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:48:50.0573 5564 WatAdminSvc - ok
12:48:50.0636 5564 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
12:48:50.0667 5564 wbengine - ok
12:48:50.0682 5564 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:48:50.0698 5564 WbioSrvc - ok
12:48:50.0714 5564 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:48:50.0729 5564 wcncsvc - ok
12:48:50.0776 5564 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:48:50.0776 5564 WcsPlugInService - ok
12:48:50.0807 5564 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:48:50.0807 5564 Wd - ok
12:48:50.0854 5564 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:48:50.0854 5564 Wdf01000 - ok
12:48:50.0870 5564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:48:50.0885 5564 WdiServiceHost - ok
12:48:50.0885 5564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:48:50.0885 5564 WdiSystemHost - ok
12:48:50.0901 5564 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
12:48:50.0916 5564 WebClient - ok
12:48:50.0932 5564 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:48:50.0948 5564 Wecsvc - ok
12:48:50.0963 5564 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:48:50.0963 5564 wercplsupport - ok
12:48:50.0994 5564 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:48:51.0010 5564 WerSvc - ok
12:48:51.0026 5564 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:48:51.0041 5564 WfpLwf - ok
12:48:51.0057 5564 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:48:51.0072 5564 WIMMount - ok
12:48:51.0088 5564 WinDefend - ok
12:48:51.0104 5564 WinHttpAutoProxySvc - ok
12:48:51.0182 5564 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:48:51.0213 5564 Winmgmt - ok
12:48:51.0291 5564 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
12:48:51.0416 5564 WinRM - ok
12:48:51.0509 5564 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:48:51.0540 5564 Wlansvc - ok
12:48:51.0556 5564 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:48:51.0572 5564 WmiAcpi - ok
12:48:51.0587 5564 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:48:51.0618 5564 wmiApSrv - ok
12:48:51.0618 5564 WMPNetworkSvc - ok
12:48:51.0634 5564 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:48:51.0634 5564 WPCSvc - ok
12:48:51.0650 5564 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:48:51.0665 5564 WPDBusEnum - ok
12:48:51.0696 5564 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:48:51.0696 5564 ws2ifsl - ok
12:48:51.0712 5564 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:48:51.0728 5564 wscsvc - ok
12:48:51.0728 5564 WSearch - ok
12:48:51.0837 5564 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:48:51.0884 5564 wuauserv - ok
12:48:51.0899 5564 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:48:51.0915 5564 WudfPf - ok
12:48:51.0930 5564 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:48:51.0930 5564 WUDFRd - ok
12:48:51.0946 5564 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:48:51.0946 5564 wudfsvc - ok
12:48:51.0962 5564 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:48:51.0977 5564 WwanSvc - ok
12:48:52.0024 5564 ================ Scan global ===============================
12:48:52.0040 5564 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:48:52.0102 5564 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
12:48:52.0149 5564 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
12:48:52.0164 5564 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:48:52.0211 5564 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:48:52.0211 5564 [Global] - ok
12:48:52.0211 5564 ================ Scan MBR ==================================
12:48:52.0227 5564 [ EC0F615F5F54E2F620FC43D016E1565F ] \Device\Harddisk0\DR0
12:48:52.0430 5564 \Device\Harddisk0\DR0 - ok
12:48:52.0445 5564 ================ Scan VBR ==================================
12:48:52.0445 5564 [ CD7561EF7B848605F9233306A05F7210 ] \Device\Harddisk0\DR0\Partition1
12:48:52.0445 5564 \Device\Harddisk0\DR0\Partition1 - ok
12:48:52.0461 5564 [ 190955CD329A1ACD0BE88CF4DBE53531 ] \Device\Harddisk0\DR0\Partition2
12:48:52.0461 5564 \Device\Harddisk0\DR0\Partition2 - ok
12:48:52.0508 5564 [ 5EA32B53C47A03AC7B308CB67D66E23C ] \Device\Harddisk0\DR0\Partition3
12:48:52.0508 5564 \Device\Harddisk0\DR0\Partition3 - ok
12:48:52.0508 5564 ============================================================
12:48:52.0508 5564 Scan finished
12:48:52.0508 5564 ============================================================
12:48:52.0523 6160 Detected object count: 0
12:48:52.0523 6160 Actual detected object count: 0
|
|
08.03.2013, 13:43
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HEUR:Exploit.Java.CVE-2012-0507.genZitat:
Bitte nochmal machen aber vorher richtig einstellen das Tool
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.03.2013, 21:40
| #27 |
| | HEUR:Exploit.Java.CVE-2012-0507.gen Okay, tut mir leid, diesmal hat er etwas gefunden. Code:
ATTFilter 21:36:00.0797 6688 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:36:00.0968 6688 ============================================================
21:36:00.0968 6688 Current date / time: 2013/03/09 21:36:00.0968
21:36:00.0968 6688 SystemInfo:
21:36:00.0968 6688
21:36:00.0968 6688 OS Version: 6.1.7600 ServicePack: 0.0
21:36:00.0968 6688 Product type: Workstation
21:36:00.0968 6688 ComputerName: BATHEKAI-UWE-PC
21:36:00.0968 6688 UserName: Bathe Kai-Uwe
21:36:00.0968 6688 Windows directory: C:\Windows
21:36:00.0968 6688 System windows directory: C:\Windows
21:36:00.0968 6688 Running under WOW64
21:36:00.0968 6688 Processor architecture: Intel x64
21:36:00.0968 6688 Number of processors: 4
21:36:00.0968 6688 Page size: 0x1000
21:36:00.0968 6688 Boot type: Normal boot
21:36:00.0968 6688 ============================================================
21:36:02.0014 6688 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:36:02.0029 6688 ============================================================
21:36:02.0029 6688 \Device\Harddisk0\DR0:
21:36:02.0029 6688 MBR partitions:
21:36:02.0029 6688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:36:02.0029 6688 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72C6E800
21:36:02.0029 6688 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72CA1000, BlocksNum 0x1A65000
21:36:02.0029 6688 ============================================================
21:36:02.0076 6688 C: <-> \Device\Harddisk0\DR0\Partition2
21:36:02.0138 6688 D: <-> \Device\Harddisk0\DR0\Partition3
21:36:02.0138 6688 ============================================================
21:36:02.0138 6688 Initialize success
21:36:02.0138 6688 ============================================================
21:36:10.0890 6084 ============================================================
21:36:10.0890 6084 Scan started
21:36:10.0890 6084 Mode: Manual; SigCheck; TDLFS;
21:36:10.0890 6084 ============================================================
21:36:13.0464 6084 ================ Scan system memory ========================
21:36:13.0464 6084 System memory - ok
21:36:13.0464 6084 ================ Scan services =============================
21:36:13.0760 6084 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:36:14.0119 6084 1394ohci - ok
21:36:14.0166 6084 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:36:14.0182 6084 ACPI - ok
21:36:14.0213 6084 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:36:14.0338 6084 AcpiPmi - ok
21:36:14.0478 6084 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:36:14.0509 6084 AdobeFlashPlayerUpdateSvc - ok
21:36:14.0572 6084 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:36:14.0618 6084 adp94xx - ok
21:36:14.0650 6084 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:36:14.0665 6084 adpahci - ok
21:36:14.0696 6084 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:36:14.0712 6084 adpu320 - ok
21:36:14.0759 6084 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:36:14.0930 6084 AeLookupSvc - ok
21:36:15.0008 6084 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
21:36:15.0164 6084 AFD - ok
21:36:15.0211 6084 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:36:15.0242 6084 agp440 - ok
21:36:15.0274 6084 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:36:15.0383 6084 ALG - ok
21:36:15.0414 6084 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:36:15.0445 6084 aliide - ok
21:36:15.0461 6084 [ 6290BA92CA8A23DB6BED83397CF97002 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:36:15.0554 6084 AMD External Events Utility - ok
21:36:15.0601 6084 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:36:15.0632 6084 amdide - ok
21:36:15.0664 6084 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:36:15.0726 6084 AmdK8 - ok
21:36:15.0757 6084 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:36:15.0835 6084 AmdPPM - ok
21:36:15.0851 6084 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
21:36:15.0882 6084 amdsata - ok
21:36:15.0913 6084 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:36:15.0929 6084 amdsbs - ok
21:36:15.0944 6084 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
21:36:15.0960 6084 amdxata - ok
21:36:16.0007 6084 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
21:36:16.0116 6084 androidusb - ok
21:36:16.0147 6084 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
21:36:16.0288 6084 AppID - ok
21:36:16.0334 6084 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:36:16.0428 6084 AppIDSvc - ok
21:36:16.0459 6084 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
21:36:16.0568 6084 Appinfo - ok
21:36:16.0615 6084 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:36:16.0662 6084 arc - ok
21:36:16.0693 6084 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:36:16.0724 6084 arcsas - ok
21:36:16.0740 6084 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:36:16.0834 6084 AsyncMac - ok
21:36:16.0865 6084 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:36:16.0912 6084 atapi - ok
21:36:16.0943 6084 [ 04A5815DF7E8B037DF674D3CCACC0C31 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:36:16.0958 6084 AtiHdmiService - ok
21:36:17.0099 6084 [ 29623DB7E23B65F0C50CA19D7E0DFD03 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:36:17.0270 6084 atikmdag - ok
21:36:17.0317 6084 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:36:17.0364 6084 AudioEndpointBuilder - ok
21:36:17.0380 6084 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:36:17.0426 6084 AudioSrv - ok
21:36:17.0520 6084 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:36:17.0567 6084 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
21:36:17.0567 6084 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
21:36:17.0645 6084 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
21:36:17.0676 6084 avmeject - ok
21:36:17.0785 6084 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
21:36:17.0848 6084 AVP - ok
21:36:17.0879 6084 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:36:17.0988 6084 AxInstSV - ok
21:36:18.0019 6084 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:36:18.0128 6084 b06bdrv - ok
21:36:18.0160 6084 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:36:18.0269 6084 b57nd60a - ok
21:36:18.0284 6084 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:36:18.0378 6084 BDESVC - ok
21:36:18.0394 6084 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:36:18.0503 6084 Beep - ok
21:36:18.0550 6084 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
21:36:18.0643 6084 BFE - ok
21:36:18.0815 6084 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
21:36:19.0080 6084 BITS - ok
21:36:19.0111 6084 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:36:19.0142 6084 blbdrive - ok
21:36:19.0189 6084 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:36:19.0298 6084 bowser - ok
21:36:19.0330 6084 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:36:19.0408 6084 BrFiltLo - ok
21:36:19.0454 6084 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:36:19.0470 6084 BrFiltUp - ok
21:36:19.0517 6084 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
21:36:19.0626 6084 Browser - ok
21:36:19.0829 6084 [ CA2E0AAA6943618108D786FF31848989 ] Browser Manager C:\ProgramData\Browser Manager\2.6.1125.80\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
21:36:19.0891 6084 Browser Manager - ok
21:36:19.0922 6084 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:36:20.0032 6084 Brserid - ok
21:36:20.0047 6084 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:36:20.0125 6084 BrSerWdm - ok
21:36:20.0172 6084 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:36:20.0281 6084 BrUsbMdm - ok
21:36:20.0297 6084 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:36:20.0328 6084 BrUsbSer - ok
21:36:20.0375 6084 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:36:20.0437 6084 BTHMODEM - ok
21:36:20.0468 6084 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:36:20.0546 6084 bthserv - ok
21:36:20.0593 6084 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:36:20.0702 6084 cdfs - ok
21:36:20.0749 6084 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:36:20.0796 6084 cdrom - ok
21:36:20.0812 6084 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
21:36:20.0936 6084 CertPropSvc - ok
21:36:20.0983 6084 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:36:20.0999 6084 circlass - ok
21:36:21.0014 6084 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:36:21.0030 6084 CLFS - ok
21:36:21.0092 6084 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:36:21.0108 6084 clr_optimization_v2.0.50727_32 - ok
21:36:21.0155 6084 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:36:21.0170 6084 clr_optimization_v2.0.50727_64 - ok
21:36:21.0202 6084 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:36:21.0248 6084 CmBatt - ok
21:36:21.0295 6084 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:36:21.0326 6084 cmdide - ok
21:36:21.0389 6084 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
21:36:21.0514 6084 CNG - ok
21:36:21.0529 6084 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:36:21.0545 6084 Compbatt - ok
21:36:21.0576 6084 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:36:21.0654 6084 CompositeBus - ok
21:36:21.0670 6084 COMSysApp - ok
21:36:21.0685 6084 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:36:21.0701 6084 crcdisk - ok
21:36:21.0748 6084 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:36:21.0841 6084 CryptSvc - ok
21:36:21.0872 6084 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:36:21.0966 6084 DcomLaunch - ok
21:36:22.0013 6084 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:36:22.0106 6084 defragsvc - ok
21:36:22.0153 6084 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:36:22.0247 6084 DfsC - ok
21:36:22.0278 6084 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
21:36:22.0403 6084 Dhcp - ok
21:36:22.0434 6084 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:36:22.0528 6084 discache - ok
21:36:22.0606 6084 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:36:22.0621 6084 Disk - ok
21:36:22.0668 6084 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:36:22.0777 6084 Dnscache - ok
21:36:22.0824 6084 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
21:36:22.0918 6084 dot3svc - ok
21:36:22.0949 6084 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
21:36:23.0011 6084 DPS - ok
21:36:23.0058 6084 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:36:23.0105 6084 drmkaud - ok
21:36:23.0183 6084 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:36:23.0245 6084 DXGKrnl - ok
21:36:23.0261 6084 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:36:23.0323 6084 EapHost - ok
21:36:23.0417 6084 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:36:23.0588 6084 ebdrv - ok
21:36:23.0635 6084 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
21:36:23.0729 6084 EFS - ok
21:36:23.0776 6084 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:36:23.0932 6084 ehRecvr - ok
21:36:23.0947 6084 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:36:23.0978 6084 ehSched - ok
21:36:24.0025 6084 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:36:24.0072 6084 elxstor - ok
21:36:24.0088 6084 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:36:24.0166 6084 ErrDev - ok
21:36:24.0228 6084 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:36:24.0306 6084 EventSystem - ok
21:36:24.0337 6084 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:36:24.0368 6084 exfat - ok
21:36:24.0415 6084 ezSharedSvc - ok
21:36:24.0446 6084 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:36:24.0524 6084 fastfat - ok
21:36:24.0556 6084 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
21:36:24.0649 6084 Fax - ok
21:36:24.0696 6084 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:36:24.0774 6084 fdc - ok
21:36:24.0790 6084 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:36:24.0852 6084 fdPHost - ok
21:36:24.0883 6084 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:36:24.0961 6084 FDResPub - ok
21:36:24.0992 6084 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:36:25.0008 6084 FileInfo - ok
21:36:25.0024 6084 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:36:25.0102 6084 Filetrace - ok
21:36:25.0242 6084 [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
21:36:25.0367 6084 FLEXnet Licensing Service 64 - ok
21:36:25.0398 6084 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:36:25.0460 6084 flpydisk - ok
21:36:25.0507 6084 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:36:25.0538 6084 FltMgr - ok
21:36:25.0616 6084 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
21:36:25.0757 6084 FontCache - ok
21:36:25.0804 6084 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:36:25.0819 6084 FontCache3.0.0.0 - ok
21:36:25.0866 6084 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:36:25.0913 6084 FsDepends - ok
21:36:25.0960 6084 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:36:26.0006 6084 Fs_Rec - ok
21:36:26.0022 6084 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:36:26.0038 6084 fvevol - ok
21:36:26.0116 6084 [ 4632BB93B668004965246D7911E2DD05 ] fwlanusb4 C:\Windows\system32\DRIVERS\fwlanusb4.sys
21:36:26.0240 6084 fwlanusb4 - ok
21:36:26.0272 6084 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:36:26.0303 6084 gagp30kx - ok
21:36:26.0350 6084 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
21:36:26.0396 6084 GameConsoleService - ok
21:36:26.0443 6084 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
21:36:26.0521 6084 gpsvc - ok
21:36:26.0646 6084 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:36:26.0693 6084 gupdate - ok
21:36:26.0724 6084 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:36:26.0740 6084 gupdatem - ok
21:36:26.0818 6084 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:36:26.0849 6084 gusvc - ok
21:36:26.0911 6084 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
21:36:26.0942 6084 hamachi - ok
21:36:27.0161 6084 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
21:36:27.0270 6084 Hamachi2Svc - ok
21:36:27.0301 6084 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:36:27.0395 6084 hcw85cir - ok
21:36:27.0473 6084 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:36:27.0535 6084 HdAudAddService - ok
21:36:27.0566 6084 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:36:27.0629 6084 HDAudBus - ok
21:36:27.0660 6084 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:36:27.0707 6084 HidBatt - ok
21:36:27.0738 6084 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:36:27.0816 6084 HidBth - ok
21:36:27.0863 6084 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:36:27.0910 6084 HidIr - ok
21:36:27.0941 6084 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:36:28.0019 6084 hidserv - ok
21:36:28.0050 6084 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:36:28.0097 6084 HidUsb - ok
21:36:28.0128 6084 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:36:28.0175 6084 hkmsvc - ok
21:36:28.0206 6084 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:36:28.0300 6084 HomeGroupListener - ok
21:36:28.0331 6084 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:36:28.0409 6084 HomeGroupProvider - ok
21:36:28.0456 6084 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:36:28.0471 6084 HpSAMD - ok
21:36:28.0502 6084 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:36:28.0580 6084 HTTP - ok
21:36:28.0612 6084 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:36:28.0627 6084 hwpolicy - ok
21:36:28.0658 6084 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:36:28.0674 6084 i8042prt - ok
21:36:28.0705 6084 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
21:36:28.0721 6084 iaStorV - ok
21:36:28.0814 6084 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:36:28.0877 6084 idsvc - ok
21:36:28.0939 6084 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:36:29.0002 6084 iirsp - ok
21:36:29.0158 6084 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
21:36:29.0251 6084 IKEEXT - ok
21:36:29.0282 6084 IntcAzAudAddService - ok
21:36:29.0298 6084 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:36:29.0314 6084 intelide - ok
21:36:29.0329 6084 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:36:29.0392 6084 intelppm - ok
21:36:29.0438 6084 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:36:29.0501 6084 IPBusEnum - ok
21:36:29.0548 6084 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:36:29.0610 6084 IpFilterDriver - ok
21:36:29.0626 6084 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:36:29.0719 6084 iphlpsvc - ok
21:36:29.0735 6084 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:36:29.0813 6084 IPMIDRV - ok
21:36:29.0828 6084 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:36:29.0906 6084 IPNAT - ok
21:36:29.0938 6084 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:36:29.0953 6084 IRENUM - ok
21:36:29.0969 6084 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:36:29.0984 6084 isapnp - ok
21:36:30.0000 6084 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:36:30.0031 6084 iScsiPrt - ok
21:36:30.0062 6084 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:36:30.0109 6084 kbdclass - ok
21:36:30.0125 6084 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:36:30.0156 6084 kbdhid - ok
21:36:30.0172 6084 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
21:36:30.0187 6084 KeyIso - ok
21:36:30.0250 6084 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
21:36:30.0296 6084 kl1 - ok
21:36:30.0390 6084 [ 65F3B81FA285EAB641F5E6EF7AEB984D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
21:36:30.0437 6084 KLIF - ok
21:36:30.0499 6084 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
21:36:30.0530 6084 KLIM6 - ok
21:36:30.0562 6084 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
21:36:30.0593 6084 klkbdflt - ok
21:36:30.0624 6084 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
21:36:30.0640 6084 klmouflt - ok
21:36:30.0702 6084 [ A8081ED8D48FA611D11DB97F49A5343D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
21:36:30.0733 6084 kltdi - ok
21:36:30.0764 6084 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
21:36:30.0796 6084 kneps - ok
21:36:30.0842 6084 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:36:30.0874 6084 KSecDD - ok
21:36:30.0920 6084 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:36:30.0936 6084 KSecPkg - ok
21:36:30.0967 6084 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:36:31.0014 6084 ksthunk - ok
21:36:31.0061 6084 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:36:31.0154 6084 KtmRm - ok
21:36:31.0232 6084 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:36:31.0310 6084 LanmanServer - ok
21:36:31.0357 6084 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:36:31.0420 6084 LanmanWorkstation - ok
21:36:31.0513 6084 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:36:31.0560 6084 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
21:36:31.0560 6084 LightScribeService - detected UnsignedFile.Multi.Generic (1)
21:36:31.0607 6084 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:36:31.0685 6084 lltdio - ok
21:36:31.0732 6084 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:36:31.0825 6084 lltdsvc - ok
21:36:31.0888 6084 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:36:31.0950 6084 lmhosts - ok
21:36:31.0966 6084 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:36:31.0981 6084 LSI_FC - ok
21:36:31.0997 6084 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:36:32.0012 6084 LSI_SAS - ok
21:36:32.0028 6084 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:36:32.0044 6084 LSI_SAS2 - ok
21:36:32.0075 6084 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:36:32.0122 6084 LSI_SCSI - ok
21:36:32.0137 6084 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:36:32.0200 6084 luafv - ok
21:36:32.0262 6084 [ 5D43CC3ECD4F2E733460A6E4AF576128 ] LVcKap64 C:\Windows\system32\DRIVERS\LVcKap64.sys
21:36:32.0340 6084 LVcKap64 - ok
21:36:32.0434 6084 [ 2404A511B682BFD8790E663A3E432473 ] LVMVDrv C:\Windows\system32\DRIVERS\LVMVDrv.sys
21:36:32.0558 6084 LVMVDrv - ok
21:36:32.0605 6084 [ 25F430702E3923F9DFB6B9A4D1DD9C29 ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
21:36:32.0636 6084 LVSrvLauncher - ok
21:36:32.0699 6084 [ 6F9B043FD18C17D7E719382608817C72 ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
21:36:32.0714 6084 LVUSBS64 - ok
21:36:32.0761 6084 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:36:32.0855 6084 Mcx2Svc - ok
21:36:32.0886 6084 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:36:32.0902 6084 megasas - ok
21:36:32.0933 6084 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:36:32.0948 6084 MegaSR - ok
21:36:33.0026 6084 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:36:33.0058 6084 Microsoft Office Groove Audit Service - ok
21:36:33.0229 6084 [ 6BF0A4A21FBB50FCF644E9B7E8955241 ] mitsijm2011 C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
21:36:33.0276 6084 mitsijm2011 ( UnsignedFile.Multi.Generic ) - warning
21:36:33.0276 6084 mitsijm2011 - detected UnsignedFile.Multi.Generic (1)
21:36:33.0323 6084 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:36:33.0448 6084 MMCSS - ok
21:36:33.0479 6084 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:36:33.0557 6084 Modem - ok
21:36:33.0604 6084 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:36:33.0682 6084 monitor - ok
21:36:33.0713 6084 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:36:33.0728 6084 mouclass - ok
21:36:33.0744 6084 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:36:33.0775 6084 mouhid - ok
21:36:33.0806 6084 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:36:33.0822 6084 mountmgr - ok
21:36:33.0900 6084 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:36:33.0931 6084 MozillaMaintenance - ok
21:36:33.0962 6084 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:36:33.0978 6084 mpio - ok
21:36:33.0994 6084 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:36:34.0025 6084 mpsdrv - ok
21:36:34.0040 6084 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:36:34.0118 6084 MpsSvc - ok
21:36:34.0134 6084 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:36:34.0228 6084 MRxDAV - ok
21:36:34.0259 6084 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:36:34.0368 6084 mrxsmb - ok
21:36:34.0430 6084 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:36:34.0477 6084 mrxsmb10 - ok
21:36:34.0493 6084 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:36:34.0524 6084 mrxsmb20 - ok
21:36:34.0555 6084 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:36:34.0571 6084 msahci - ok
21:36:34.0586 6084 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:36:34.0602 6084 msdsm - ok
21:36:34.0633 6084 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:36:34.0664 6084 MSDTC - ok
21:36:34.0696 6084 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:36:34.0727 6084 Msfs - ok
21:36:34.0758 6084 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:36:34.0789 6084 mshidkmdf - ok
21:36:34.0805 6084 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:36:34.0820 6084 msisadrv - ok
21:36:34.0867 6084 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:36:34.0930 6084 MSiSCSI - ok
21:36:34.0930 6084 msiserver - ok
21:36:34.0961 6084 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:36:35.0023 6084 MSKSSRV - ok
21:36:35.0039 6084 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:36:35.0101 6084 MSPCLOCK - ok
21:36:35.0117 6084 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:36:35.0195 6084 MSPQM - ok
21:36:35.0226 6084 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:36:35.0273 6084 MsRPC - ok
21:36:35.0304 6084 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:36:35.0320 6084 mssmbios - ok
21:36:35.0320 6084 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:36:35.0382 6084 MSTEE - ok
21:36:35.0413 6084 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:36:35.0429 6084 MTConfig - ok
21:36:35.0460 6084 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:36:35.0476 6084 Mup - ok
21:36:35.0491 6084 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
21:36:35.0585 6084 napagent - ok
21:36:35.0632 6084 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:36:35.0694 6084 NativeWifiP - ok
21:36:35.0741 6084 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:36:35.0788 6084 NDIS - ok
21:36:35.0803 6084 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:36:35.0850 6084 NdisCap - ok
21:36:35.0866 6084 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:36:35.0912 6084 NdisTapi - ok
21:36:35.0912 6084 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:36:35.0975 6084 Ndisuio - ok
21:36:35.0990 6084 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:36:36.0037 6084 NdisWan - ok
21:36:36.0037 6084 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:36:36.0084 6084 NDProxy - ok
21:36:36.0084 6084 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:36:36.0146 6084 NetBIOS - ok
21:36:36.0178 6084 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:36:36.0224 6084 NetBT - ok
21:36:36.0256 6084 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
21:36:36.0271 6084 Netlogon - ok
21:36:36.0302 6084 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:36:36.0396 6084 Netman - ok
21:36:36.0427 6084 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:36:36.0490 6084 netprofm - ok
21:36:36.0568 6084 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
21:36:36.0661 6084 netr28ux - ok
21:36:36.0739 6084 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:36:36.0802 6084 NetTcpPortSharing - ok
21:36:36.0817 6084 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:36:36.0895 6084 nfrd960 - ok
21:36:36.0942 6084 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:36:36.0973 6084 NlaSvc - ok
21:36:37.0020 6084 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
21:36:37.0051 6084 NMSAccessU - ok
21:36:37.0082 6084 [ C31FA031335EFF434B2D94278E74BCCE ] npf C:\Windows\system32\drivers\npf.sys
21:36:37.0114 6084 npf - ok
21:36:37.0145 6084 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:36:37.0223 6084 Npfs - ok
21:36:37.0238 6084 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:36:37.0332 6084 nsi - ok
21:36:37.0348 6084 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:36:37.0426 6084 nsiproxy - ok
21:36:37.0472 6084 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:36:37.0535 6084 Ntfs - ok
21:36:37.0550 6084 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:36:37.0597 6084 Null - ok
21:36:37.0644 6084 [ 9C3024E48DB4C98E50AF7D8B72D0EF89 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
21:36:37.0691 6084 NVNET - ok
21:36:37.0722 6084 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
21:36:37.0753 6084 nvraid - ok
21:36:37.0769 6084 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
21:36:37.0784 6084 nvstor - ok
21:36:37.0800 6084 [ 6BA747B1A9297A6C0271700D12FDD495 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
21:36:37.0800 6084 nvstor64 - ok
21:36:37.0816 6084 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
21:36:37.0831 6084 nv_agp - ok
21:36:37.0972 6084 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:36:38.0003 6084 odserv - ok
21:36:38.0018 6084 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:36:38.0050 6084 ohci1394 - ok
21:36:38.0128 6084 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:36:38.0159 6084 ose - ok
21:36:38.0206 6084 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:36:38.0315 6084 p2pimsvc - ok
21:36:38.0346 6084 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:36:38.0393 6084 p2psvc - ok
21:36:38.0424 6084 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:36:38.0440 6084 Parport - ok
21:36:38.0486 6084 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:36:38.0533 6084 partmgr - ok
21:36:38.0611 6084 [ 54C6BD3C6C102396EB01A4877DF7B6E3 ] PcaSp50 C:\Windows\system32\Drivers\PcaSp50.sys
21:36:38.0658 6084 PcaSp50 - ok
21:36:38.0674 6084 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:36:38.0752 6084 PcaSvc - ok
21:36:38.0892 6084 [ 51209FBDB13A46E05C1B0077A9310264 ] PCDSRVC{F36B3A4C-F95654BD-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
21:36:39.0173 6084 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok
21:36:39.0220 6084 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
21:36:39.0298 6084 pci - ok
21:36:39.0329 6084 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:36:39.0360 6084 pciide - ok
21:36:39.0422 6084 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:36:39.0454 6084 pcmcia - ok
21:36:39.0485 6084 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:36:39.0500 6084 pcw - ok
21:36:39.0516 6084 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:36:39.0610 6084 PEAUTH - ok
21:36:39.0703 6084 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:36:39.0781 6084 PerfHost - ok
21:36:39.0875 6084 [ DD797B8B2B295AFBDCD9F35CF62B5DCC ] PID_0928 C:\Windows\system32\DRIVERS\LV561V64.SYS
21:36:39.0922 6084 PID_0928 - ok
21:36:40.0062 6084 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
21:36:40.0265 6084 pla - ok
21:36:40.0327 6084 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:36:40.0452 6084 PlugPlay - ok
21:36:40.0514 6084 PnkBstrA - ok
21:36:40.0546 6084 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:36:40.0608 6084 PNRPAutoReg - ok
21:36:40.0670 6084 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:36:40.0717 6084 PNRPsvc - ok
21:36:40.0795 6084 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:36:40.0889 6084 PolicyAgent - ok
21:36:40.0936 6084 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:36:40.0982 6084 Power - ok
21:36:41.0014 6084 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:36:41.0185 6084 PptpMiniport - ok
21:36:41.0216 6084 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:36:41.0388 6084 Processor - ok
21:36:41.0513 6084 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
21:36:41.0653 6084 ProfSvc - ok
21:36:41.0731 6084 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:36:41.0762 6084 ProtectedStorage - ok
21:36:41.0840 6084 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:36:42.0059 6084 Psched - ok
21:36:42.0230 6084 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:36:42.0262 6084 PSI_SVC_2 - ok
21:36:42.0308 6084 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:36:42.0371 6084 ql2300 - ok
21:36:42.0402 6084 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:36:42.0449 6084 ql40xx - ok
21:36:42.0464 6084 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:36:42.0480 6084 QWAVE - ok
21:36:42.0496 6084 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:36:42.0542 6084 QWAVEdrv - ok
21:36:42.0558 6084 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:36:42.0652 6084 RasAcd - ok
21:36:42.0730 6084 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:36:42.0792 6084 RasAgileVpn - ok
21:36:42.0823 6084 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:36:42.0886 6084 RasAuto - ok
21:36:42.0901 6084 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:36:42.0948 6084 Rasl2tp - ok
21:36:42.0964 6084 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
21:36:43.0010 6084 RasMan - ok
21:36:43.0026 6084 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:36:43.0073 6084 RasPppoe - ok
21:36:43.0088 6084 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:36:43.0151 6084 RasSstp - ok
21:36:43.0166 6084 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:36:43.0229 6084 rdbss - ok
21:36:43.0276 6084 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:36:43.0291 6084 rdpbus - ok
21:36:43.0307 6084 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:36:43.0338 6084 RDPCDD - ok
21:36:43.0369 6084 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:36:43.0447 6084 RDPENCDD - ok
21:36:43.0463 6084 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:36:43.0510 6084 RDPREFMP - ok
21:36:43.0541 6084 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:36:43.0619 6084 RDPWD - ok
21:36:43.0634 6084 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:36:43.0650 6084 rdyboost - ok
21:36:43.0728 6084 [ BBFCAC1C23B867AE5D7EF96DF40680C5 ] Realtek11nSU C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
21:36:43.0759 6084 Realtek11nSU ( UnsignedFile.Multi.Generic ) - warning
21:36:43.0759 6084 Realtek11nSU - detected UnsignedFile.Multi.Generic (1)
21:36:43.0806 6084 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:36:43.0900 6084 RemoteAccess - ok
21:36:43.0931 6084 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:36:43.0978 6084 RemoteRegistry - ok
21:36:43.0993 6084 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:36:44.0024 6084 RpcEptMapper - ok
21:36:44.0040 6084 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:36:44.0056 6084 RpcLocator - ok
21:36:44.0071 6084 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
21:36:44.0118 6084 RpcSs - ok
21:36:44.0118 6084 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:36:44.0180 6084 rspndr - ok
21:36:44.0227 6084 [ FC00C0DE6DC83DE1B2B01420E2195B21 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
21:36:44.0258 6084 RTL8192su - ok
21:36:44.0274 6084 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
21:36:44.0290 6084 SamSs - ok
21:36:44.0321 6084 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
21:36:44.0336 6084 sbp2port - ok
21:36:44.0414 6084 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:36:44.0586 6084 SCardSvr - ok
21:36:44.0633 6084 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:36:44.0726 6084 scfilter - ok
21:36:44.0804 6084 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
21:36:44.0882 6084 Schedule - ok
21:36:44.0914 6084 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:36:44.0945 6084 SCPolicySvc - ok
21:36:44.0960 6084 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:36:45.0007 6084 SDRSVC - ok
21:36:45.0085 6084 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
21:36:45.0116 6084 SeaPort - ok
21:36:45.0148 6084 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:36:45.0194 6084 secdrv - ok
21:36:45.0210 6084 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
21:36:45.0288 6084 seclogon - ok
21:36:45.0304 6084 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:36:45.0366 6084 SENS - ok
21:36:45.0397 6084 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:36:45.0491 6084 SensrSvc - ok
21:36:45.0522 6084 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:36:45.0569 6084 Serenum - ok
21:36:45.0569 6084 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:36:45.0600 6084 Serial - ok
21:36:45.0616 6084 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:36:45.0631 6084 sermouse - ok
21:36:45.0647 6084 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
21:36:45.0694 6084 SessionEnv - ok
21:36:45.0709 6084 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:36:45.0772 6084 sffdisk - ok
21:36:45.0803 6084 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:36:45.0865 6084 sffp_mmc - ok
21:36:45.0881 6084 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:36:45.0912 6084 sffp_sd - ok
21:36:45.0928 6084 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:36:45.0990 6084 sfloppy - ok
21:36:46.0037 6084 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:36:46.0130 6084 SharedAccess - ok
21:36:46.0162 6084 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:36:46.0177 6084 ShellHWDetection - ok
21:36:46.0193 6084 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:36:46.0208 6084 SiSRaid2 - ok
21:36:46.0224 6084 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:36:46.0240 6084 SiSRaid4 - ok
21:36:46.0318 6084 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:36:46.0349 6084 SkypeUpdate - ok
21:36:46.0396 6084 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:36:46.0458 6084 Smb - ok
21:36:46.0520 6084 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:36:46.0583 6084 SNMPTRAP - ok
21:36:46.0598 6084 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:36:46.0630 6084 spldr - ok
21:36:46.0676 6084 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
21:36:46.0770 6084 Spooler - ok
21:36:46.0879 6084 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
21:36:47.0020 6084 sppsvc - ok
21:36:47.0051 6084 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:36:47.0160 6084 sppuinotify - ok
21:36:47.0207 6084 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:36:47.0316 6084 srv - ok
21:36:47.0332 6084 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:36:47.0394 6084 srv2 - ok
21:36:47.0441 6084 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:36:47.0472 6084 srvnet - ok
21:36:47.0550 6084 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
21:36:47.0612 6084 ssadbus - ok
21:36:47.0659 6084 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
21:36:47.0737 6084 ssadmdfl - ok
21:36:47.0784 6084 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
21:36:47.0831 6084 ssadmdm - ok
21:36:47.0862 6084 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
21:36:47.0924 6084 ssadserd - ok
21:36:47.0971 6084 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
21:36:48.0002 6084 sscdbus - ok
21:36:48.0034 6084 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
21:36:48.0049 6084 sscdmdfl - ok
21:36:48.0080 6084 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
21:36:48.0096 6084 sscdmdm - ok
21:36:48.0143 6084 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:36:48.0205 6084 SSDPSRV - ok
21:36:48.0236 6084 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:36:48.0314 6084 SstpSvc - ok
21:36:48.0377 6084 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
21:36:48.0392 6084 StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:36:48.0392 6084 StarOpen - detected UnsignedFile.Multi.Generic (1)
21:36:48.0439 6084 Steam Client Service - ok
21:36:48.0470 6084 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:36:48.0502 6084 stexstor - ok
21:36:48.0580 6084 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
21:36:48.0689 6084 stisvc - ok
21:36:48.0720 6084 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:36:48.0736 6084 swenum - ok
21:36:48.0751 6084 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:36:48.0845 6084 swprv - ok
21:36:48.0907 6084 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
21:36:48.0985 6084 SysMain - ok
21:36:49.0016 6084 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:36:49.0032 6084 TabletInputService - ok
21:36:49.0048 6084 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
21:36:49.0110 6084 TapiSrv - ok
21:36:49.0141 6084 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:36:49.0172 6084 TBS - ok
21:36:49.0250 6084 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:36:49.0344 6084 Tcpip - ok
21:36:49.0391 6084 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:36:49.0422 6084 TCPIP6 - ok
21:36:49.0453 6084 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:36:49.0531 6084 tcpipreg - ok
21:36:49.0547 6084 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:36:49.0578 6084 TDPIPE - ok
21:36:49.0609 6084 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:36:49.0718 6084 TDTCP - ok
21:36:49.0734 6084 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:36:49.0828 6084 tdx - ok
21:36:50.0030 6084 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
21:36:50.0124 6084 TeamViewer7 - ok
21:36:50.0155 6084 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:36:50.0171 6084 TermDD - ok
21:36:50.0186 6084 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
21:36:50.0264 6084 TermService - ok
21:36:50.0280 6084 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:36:50.0342 6084 Themes - ok
21:36:50.0389 6084 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:36:50.0452 6084 THREADORDER - ok
21:36:50.0483 6084 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:36:50.0530 6084 TrkWks - ok
21:36:50.0561 6084 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:36:50.0608 6084 TrustedInstaller - ok
21:36:50.0639 6084 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:36:50.0732 6084 tssecsrv - ok
21:36:50.0764 6084 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:36:50.0826 6084 tunnel - ok
21:36:50.0873 6084 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:36:50.0904 6084 uagp35 - ok
21:36:50.0935 6084 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:36:50.0998 6084 udfs - ok
21:36:51.0029 6084 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:36:51.0091 6084 UI0Detect - ok
21:36:51.0122 6084 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
21:36:51.0138 6084 uliagpkx - ok
21:36:51.0154 6084 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:36:51.0185 6084 umbus - ok
21:36:51.0216 6084 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:36:51.0294 6084 UmPass - ok
21:36:51.0325 6084 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:36:51.0403 6084 upnphost - ok
21:36:51.0434 6084 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:36:51.0481 6084 usbaudio - ok
21:36:51.0528 6084 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:36:51.0590 6084 usbccgp - ok
21:36:51.0637 6084 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
21:36:51.0684 6084 usbcir - ok
21:36:51.0731 6084 [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:36:51.0809 6084 usbehci - ok
21:36:51.0840 6084 [ 372A91BC3C6603080A793880B0873785 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:36:51.0871 6084 usbhub - ok
21:36:51.0887 6084 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:36:51.0902 6084 usbohci - ok
21:36:51.0934 6084 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:36:51.0996 6084 usbprint - ok
21:36:52.0043 6084 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:36:52.0074 6084 usbscan - ok
21:36:52.0121 6084 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:36:52.0136 6084 USBSTOR - ok
21:36:52.0168 6084 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:36:52.0183 6084 usbuhci - ok
21:36:52.0230 6084 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:36:52.0292 6084 UxSms - ok
21:36:52.0308 6084 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
21:36:52.0324 6084 VaultSvc - ok
21:36:52.0339 6084 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
21:36:52.0355 6084 vdrvroot - ok
21:36:52.0402 6084 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
21:36:52.0495 6084 vds - ok
21:36:52.0526 6084 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:36:52.0558 6084 vga - ok
21:36:52.0573 6084 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:36:52.0651 6084 VgaSave - ok
21:36:52.0682 6084 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
21:36:52.0698 6084 vhdmp - ok
21:36:52.0729 6084 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
21:36:52.0745 6084 viaide - ok
21:36:52.0776 6084 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
21:36:52.0792 6084 volmgr - ok
21:36:52.0823 6084 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:36:52.0838 6084 volmgrx - ok
21:36:52.0901 6084 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:36:52.0948 6084 volsnap - ok
21:36:52.0963 6084 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:36:52.0979 6084 vsmraid - ok
21:36:53.0026 6084 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
21:36:53.0104 6084 VSS - ok
21:36:53.0135 6084 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:36:53.0197 6084 vwifibus - ok
21:36:53.0228 6084 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:36:53.0260 6084 vwififlt - ok
21:36:53.0291 6084 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:36:53.0322 6084 vwifimp - ok
21:36:53.0353 6084 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:36:53.0431 6084 W32Time - ok
21:36:53.0462 6084 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:36:53.0494 6084 WacomPen - ok
21:36:53.0540 6084 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:36:53.0634 6084 WANARP - ok
21:36:53.0665 6084 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:36:53.0712 6084 Wanarpv6 - ok
21:36:53.0790 6084 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:36:53.0868 6084 WatAdminSvc - ok
21:36:53.0899 6084 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
21:36:54.0040 6084 wbengine - ok
21:36:54.0055 6084 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:36:54.0102 6084 WbioSrvc - ok
21:36:54.0118 6084 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:36:54.0149 6084 wcncsvc - ok
21:36:54.0196 6084 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:36:54.0227 6084 WcsPlugInService - ok
21:36:54.0242 6084 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:36:54.0258 6084 Wd - ok
21:36:54.0289 6084 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:36:54.0320 6084 Wdf01000 - ok
21:36:54.0336 6084 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:36:54.0383 6084 WdiServiceHost - ok
21:36:54.0398 6084 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:36:54.0414 6084 WdiSystemHost - ok
21:36:54.0445 6084 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
21:36:54.0492 6084 WebClient - ok
21:36:54.0523 6084 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:36:54.0586 6084 Wecsvc - ok
21:36:54.0601 6084 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:36:54.0664 6084 wercplsupport - ok
21:36:54.0757 6084 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:36:54.0835 6084 WerSvc - ok
21:36:54.0944 6084 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:36:55.0007 6084 WfpLwf - ok
21:36:55.0022 6084 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:36:55.0038 6084 WIMMount - ok
21:36:55.0069 6084 WinDefend - ok
21:36:55.0069 6084 WinHttpAutoProxySvc - ok
21:36:55.0147 6084 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:36:55.0225 6084 Winmgmt - ok
21:36:55.0303 6084 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
21:36:55.0459 6084 WinRM - ok
21:36:55.0537 6084 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:36:55.0600 6084 Wlansvc - ok
21:36:55.0615 6084 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:36:55.0678 6084 WmiAcpi - ok
21:36:55.0724 6084 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:36:55.0802 6084 wmiApSrv - ok
21:36:55.0834 6084 WMPNetworkSvc - ok
21:36:55.0849 6084 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:36:55.0880 6084 WPCSvc - ok
21:36:55.0896 6084 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:36:55.0990 6084 WPDBusEnum - ok
21:36:56.0021 6084 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:36:56.0083 6084 ws2ifsl - ok
21:36:56.0114 6084 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:36:56.0161 6084 wscsvc - ok
21:36:56.0161 6084 WSearch - ok
21:36:56.0255 6084 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:36:56.0348 6084 wuauserv - ok
21:36:56.0364 6084 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:36:56.0426 6084 WudfPf - ok
21:36:56.0442 6084 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:36:56.0489 6084 WUDFRd - ok
21:36:56.0504 6084 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:36:56.0551 6084 wudfsvc - ok
21:36:56.0598 6084 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:36:56.0692 6084 WwanSvc - ok
21:36:56.0738 6084 ================ Scan global ===============================
21:36:56.0770 6084 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:36:56.0816 6084 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
21:36:56.0848 6084 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
21:36:56.0894 6084 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:36:56.0941 6084 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:36:56.0941 6084 [Global] - ok
21:36:56.0941 6084 ================ Scan MBR ==================================
21:36:56.0972 6084 [ EC0F615F5F54E2F620FC43D016E1565F ] \Device\Harddisk0\DR0
21:36:57.0238 6084 \Device\Harddisk0\DR0 - ok
21:36:57.0238 6084 ================ Scan VBR ==================================
21:36:57.0253 6084 [ CD7561EF7B848605F9233306A05F7210 ] \Device\Harddisk0\DR0\Partition1
21:36:57.0253 6084 \Device\Harddisk0\DR0\Partition1 - ok
21:36:57.0284 6084 [ 190955CD329A1ACD0BE88CF4DBE53531 ] \Device\Harddisk0\DR0\Partition2
21:36:57.0300 6084 \Device\Harddisk0\DR0\Partition2 - ok
21:36:57.0331 6084 [ 5EA32B53C47A03AC7B308CB67D66E23C ] \Device\Harddisk0\DR0\Partition3
21:36:57.0331 6084 \Device\Harddisk0\DR0\Partition3 - ok
21:36:57.0331 6084 ============================================================
21:36:57.0331 6084 Scan finished
21:36:57.0331 6084 ============================================================
21:36:57.0362 6212 Detected object count: 5
21:36:57.0362 6212 Actual detected object count: 5
21:38:12.0960 6212 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:38:12.0960 6212 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:38:12.0960 6212 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
21:38:12.0960 6212 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:38:12.0960 6212 mitsijm2011 ( UnsignedFile.Multi.Generic ) - skipped by user
21:38:12.0960 6212 mitsijm2011 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:38:12.0960 6212 Realtek11nSU ( UnsignedFile.Multi.Generic ) - skipped by user
21:38:12.0960 6212 Realtek11nSU ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:38:12.0960 6212 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:38:12.0960 6212 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:38:56.0373 3956 Deinitialize success
|
|
10.03.2013, 16:19
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HEUR:Exploit.Java.CVE-2012-0507.gen Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.03.2013, 18:51
| #29 |
| | HEUR:Exploit.Java.CVE-2012-0507.gen Guten Abend, hier der Gewünschte Log von Combofix. mfg Dr.Eps Code:
ATTFilter ComboFix 13-03-15.01 - Bathe Kai-Uwe 15.03.2013 16:25:49.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.4095.2905 [GMT 1:00]
ausgeführt von:: c:\users\Bathe Kai-Uwe\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bathe Kai-Uwe\AppData\Local\Savings Sidekick
c:\users\Bathe Kai-Uwe\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\users\BATHEK~1\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\IsUn0407.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-15 bis 2013-03-15 ))))))))))))))))))))))))))))))
.
.
2013-03-15 15:42 . 2013-03-15 15:42 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7628A0D-5623-40F0-83F8-CEE1DBC80D82}\offreg.dll
2013-03-15 15:40 . 2013-03-15 15:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-15 15:01 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7628A0D-5623-40F0-83F8-CEE1DBC80D82}\mpengine.dll
2013-03-15 02:04 . 2013-03-15 02:04 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-15 02:04 . 2013-03-15 02:04 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-06 17:05 . 2013-03-06 17:05 -------- d-----w- c:\users\Bathe Kai-Uwe\AppData\Local\Unity
2013-02-19 12:12 . 2013-02-19 12:12 -------- d-----w- c:\programdata\Malwarebytes
2013-02-18 13:09 . 2013-02-18 13:09 -------- d-----w- c:\users\Bathe Kai-Uwe\AppData\Roaming\LolClient
2013-02-17 14:30 . 2013-02-17 22:13 -------- d-----w- C:\Riot Games
2013-02-17 14:29 . 2013-02-17 14:29 -------- d-----w- c:\users\Bathe Kai-Uwe\.swt
2013-02-17 02:11 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-02-17 02:11 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-02-17 02:11 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-02-16 19:35 . 2013-03-15 14:49 -------- d-----w- c:\users\Bathe Kai-Uwe\AppData\Local\PMB Files
2013-02-16 19:35 . 2013-03-14 20:51 -------- d-----w- c:\programdata\PMB Files
2013-02-16 17:25 . 2013-02-16 17:25 -------- d-----w- c:\program files (x86)\Pando Networks
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-15 02:08 . 2010-01-02 23:41 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-14 12:34 . 2012-05-01 11:46 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-14 12:34 . 2011-05-17 12:38 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-17 00:28 . 2009-12-27 13:41 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:57 . 2013-02-12 22:46 5500776 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:02 . 2013-02-12 22:46 3957608 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:02 . 2013-02-12 22:46 3902312 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:41 . 2013-02-12 22:45 1893224 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 05:40 . 2013-02-12 22:45 287576 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-01-04 05:37 . 2013-02-12 22:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-04 05:37 . 2013-02-12 22:45 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-04 05:37 . 2013-02-12 22:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-01-04 05:36 . 2013-02-12 22:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 05:33 . 2013-02-12 22:45 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-01-04 05:30 . 2013-02-12 22:45 424960 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-04 05:30 . 2013-02-12 22:45 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-01-04 05:27 . 2013-02-12 22:45 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 05:27 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-04 05:26 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-04 04:51 . 2013-02-12 22:45 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:51 . 2013-02-12 22:45 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-01-04 04:43 . 2013-02-12 22:45 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-01-04 04:43 . 2013-02-12 22:45 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:22 . 2013-02-12 22:45 3150848 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 03:19 . 2013-02-12 22:45 338432 ----a-w- c:\windows\system32\conhost.exe
2013-01-04 02:48 . 2013-02-12 22:45 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:48 . 2013-02-12 22:45 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:48 . 2013-02-12 22:45 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-04 02:48 . 2013-02-12 22:45 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:43 . 2013-02-12 22:45 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43 . 2013-02-12 22:45 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43 . 2013-02-12 22:45 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43 . 2013-02-12 22:45 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-12-16 16:52 . 2012-12-21 02:01 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:40 . 2012-12-21 02:01 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:25 . 2012-12-21 02:01 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:25 . 2012-12-21 02:01 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-06 1519304]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}]
2012-07-09 00:09 263272 ----a-w- c:\program files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3AF255C7-8742-4B96-8971-1268EEE04974}]
2010-11-12 16:32 1368480 ----a-w- c:\program files (x86)\Online Games Downloader\SWFCatcher.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-06-06 19:33 1519304 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-06 1519304]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bathe Kai-Uwe\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bathe Kai-Uwe\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bathe Kai-Uwe\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Phoenix Backup"="c:\progra~2\SYDATEC\PHOENI~1\pbtray.exe" [2007-07-10 482304]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-07-16 975800]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-16 21432]
"Facebook Update"="c:\users\Bathe Kai-Uwe\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-09-04 138096]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-02-25 1602984]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-02-16 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-06-22 60464]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2009-12-21 39424]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"LogitechCommunicationsManager"="c:\program files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 488984]
"LogitechQuickCamRibbon"="c:\program files (x86)\Labtec\WebCam10\WebCam10.exe" [2007-03-06 1060376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-06 1564872]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-07-16 3524536]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-11-27 356376]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
.
c:\users\Bathe Kai-Uwe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bathe Kai-Uwe\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~3\browse~1\261125~1.80\{61d8b~1\browse~1.dll c:\progra~3\browse~1\261125~1.80\{61d8b~1\browsermngr.dll
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2010-10-03 14120]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-14 1436424]
R3 fwlanusb4;FRITZ!WLAN N/G;c:\windows\system32\DRIVERS\fwlanusb4.sys [2010-10-03 1293824]
R3 LVcKap64;Logitech AEC Driver;c:\windows\system32\DRIVERS\LVcKap64.sys [2007-03-06 1029024]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-03-07 58400]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-06-10 23536]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-02-26 676864]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-11 1255736]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-11-27 54104]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-05-15 203264]
S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.6.1125.80\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe [2013-03-06 2569168]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 mitsijm2011;Autodesk Moldflow Inventor Tool Suite Integration 2011 - Job-Manager;c:\program files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-23 673792]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-10-25 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-10-25 29528]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-14 18:23 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 12:34]
.
2013-03-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2771515313-2181166731-3815752651-1000Core.job
- c:\users\Bathe Kai-Uwe\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-04 21:46]
.
2013-03-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2771515313-2181166731-3815752651-1000UA.job
- c:\users\Bathe Kai-Uwe\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-04 21:46]
.
2013-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-10 19:32]
.
2013-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-10 19:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bathe Kai-Uwe\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bathe Kai-Uwe\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bathe Kai-Uwe\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bathe Kai-Uwe\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Presario&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Presario&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Video Converter... - c:\program files (x86)\Media Player Utilities 5.15\AVIConverter\grab.html
IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Bathe Kai-Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\jl0mzi20.default\
FF - prefs.js: browser.search.selectedEngine - Claro Search
FF - prefs.js: browser.startup.homepage - hxxp://www.claro-search.com/?affID=114508&tt=4112_8&babsrc=HP_clro&mntrId=2432ee6d000000000000001f1fcdc1d5
FF - prefs.js: keyword.URL - hxxp://www.claro-search.com/?affID=114508&tt=4112_8&babsrc=KW_clro&mntrId=2432ee6d000000000000001f1fcdc1d5&q=
FF - prefs.js: keyword.URL - hxxp://www.claro-search.com/?affID=114508&tt=4112_8&babsrc=KW_clro&mntrId=2432ee6d000000000000001f1fcdc1d5&q=
FF - prefs.js: keyword.URL - hxxp://www.claro-search.com/?affID=114508&tt=4112_8&babsrc=KW_clro&mntrId=2432ee6d000000000000001f1fcdc1d5&q=
FF - prefs.js: network.proxy.type - 2
FF - user.js: extensions.BabylonToolbar_i.id - 2432ee6d000000000000001f1fcdc1d5
FF - user.js: extensions.BabylonToolbar_i.hardId - 2432ee6d000000000000001f1fcdc1d5
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15386
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:58
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - tt=090212_ctrl
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.claro.id - 2432ee6d000000000000001f1fcdc1d5
FF - user.js: extensions.claro.instlDay - 15624
FF - user.js: extensions.claro.vrsn - 1.6.4.1
FF - user.js: extensions.claro.vrsni - 1.6.4.1
FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.119:50
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - claro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{0f369707-379f-46df-a5c5-d04390f3459b} - (no file)
Toolbar-{D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)
Wow6432Node-HKCU-Run-HPADVISOR - c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
WebBrowser-{0F369707-379F-46DF-A5C5-D04390F3459B} - (no file)
AddRemove-Clonk Planet - c:\windows\system32\GKSUI18.EXE
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-SAMSUNG CDMA Modem - c:\windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
AddRemove-SAMSUNG Mobile USB Modem 1.0 - c:\windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
AddRemove-Vodafone WCDMA Composite Device Drive - c:\windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2771515313-2181166731-3815752651-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d1,5e,b0,22,16,50,0e,82,0d,f6,ba,9b,77,38,6d,f8,54,6c,85,9d,72,ce,65,
67,e7,33,9a,d2,16,9f,19,f7,96,9e,3b,98,10,6e,05,fe,1a,04,b8,6e,52,3f,12,1a,\
"??"=hex:99,fe,01,4f,95,a4,82,ba,cc,d2,bf,f0,a1,31,4d,85
.
[HKEY_USERS\S-1-5-21-2771515313-2181166731-3815752651-1000\Software\SecuROM\License information*]
"datasecu"=hex:d6,ee,41,49,b1,38,b1,2f,5f,f4,9d,4a,be,c2,ed,a1,df,2e,a4,de,9e,
2b,cd,5f,73,04,af,2b,65,c8,dc,44,f1,cb,2e,18,ac,a0,f6,25,f0,8f,f7,bb,9a,6c,\
"rkeysecu"=hex:a9,45,97,dd,49,7f,d9,86,40,02,5c,23,3d,d0,e3,f5
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Edimax\11n USB Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\SYDATEC\Phoenix Backup Professional\pbtray.exe
c:\program files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-03-15 17:32:57 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-03-15 16:32
.
Vor Suchlauf: 16 Verzeichnis(se), 519.317.622.784 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 537.680.789.504 Bytes frei
.
- - End Of File - - 806722D97241CC5C7B307739E3FFFDA1
|
|
15.03.2013, 20:01
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HEUR:Exploit.Java.CVE-2012-0507.gen JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu HEUR:Exploit.Java.CVE-2012-0507.gen |
| abend, ahnung, antwort, compu, computer, computern, durchgeführt, erstell, forum, gefunde, google, guten, heur, heur:exploit.java.cve-2012-0507.gen, heute, hoffe, informieren, kaspersky, neues, programm, scan, thema, troja, trojaner, versuch, versucht, virenscan |
WARNUNG an die MITLESER: 
Linear-Darstellung
