Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: ClickCompare hat sich auch bei mir eingefunden!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.03.2013, 00:46   #1
slice
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



Hallo zusammen und schön, dass es euch gibt.
Auch bei mir ist der ClickCompare-Plagegeist auf dem Rechner und ich wäre ihn gerne wieder los. Hoffe, dass ihr auch mir helfen könnt.

Da ich gelesen habe, dass die "Behandlung" immer individuell ist, werde ich mal nichts unternehmen, bis ich genauere Anweisungen bekomme.

Im Voraus schonmal vielen Dank.

Alt 06.03.2013, 13:00   #2
markusg
/// Malware-holic
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 06.03.2013, 15:24   #3
slice
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



Danke für deine Antwort.
Habe die Anweisungen befolgt, aber OTL hängt sich irgendwann immer auf und meldet "out of memory".
__________________

Alt 06.03.2013, 17:22   #4
markusg
/// Malware-holic
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



hi versuchs mal bitte ohne mein Script.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.03.2013, 18:10   #5
slice
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 06.03.2013 18:03:58 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sven\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 63,99% Memory free
7,99 Gb Paging File | 6,58 Gb Available in Paging File | 82,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 371,94 Gb Free Space | 79,86% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 109,51 Gb Free Space | 47,03% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 465,13 Gb Free Space | 99,87% Space Free | Partition Type: NTFS
 
Computer Name: SVEN-PC | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.03.06 00:17:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sven\Desktop\OTL.exe
PRC - [2013.02.28 09:36:01 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.02.28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.12.29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.11.23 23:38:30 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.09.23 23:36:30 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2012.01.18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.09.20 09:17:44 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
PRC - [2011.09.16 13:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010.05.07 17:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
PRC - [2010.02.03 15:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.09.30 04:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009.03.25 15:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009.03.19 21:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009.03.19 21:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009.01.15 13:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.07.28 03:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013.02.28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.02.27 14:36:16 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.27 13:20:18 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.29 11:34:47 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.12.29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.11.23 23:38:30 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.09.23 23:36:30 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012.09.23 23:36:26 | 000,230,920 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Programme\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8)
SRV - [2012.04.05 17:03:00 | 003,969,336 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012.01.18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.05.07 17:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.02.28 09:36:34 | 000,177,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.02.28 09:36:34 | 000,068,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.02.28 09:36:33 | 001,025,880 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.02.28 09:36:33 | 000,377,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.02.28 09:36:33 | 000,071,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.02.28 09:36:33 | 000,065,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.02.28 09:36:32 | 000,080,888 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.02.28 09:36:31 | 000,033,472 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.07.28 05:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.07.28 02:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.05.14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.05.10 15:33:56 | 000,217,600 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2012.05.10 15:33:54 | 000,097,792 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.06.02 09:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.06.02 09:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.20 04:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 04:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 04:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 02:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.07.27 09:14:24 | 006,465,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2010.07.27 09:12:16 | 000,339,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010.07.27 09:11:38 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2010.05.07 17:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 17:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.08.23 23:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=441ae1b7000000000000c8600057f9a4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 97 DA CD 79 A6 AB CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=441ae1b7000000000000c8600057f9a4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.80.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.02 15:51:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.05 12:08:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.02.20 15:17:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.02.20 15:17:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.09.29 22:26:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Extensions
[2013.03.06 00:24:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\1zjwpu57.default\extensions
[2012.11.22 18:28:47 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\1zjwpu57.default\extensions\battlefieldplay4free@ea.com
[2013.02.14 21:30:51 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\firefox\profiles\1zjwpu57.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.15 20:19:03 | 000,001,294 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\mozilla\firefox\profiles\1zjwpu57.default\searchplugins\delta.xml
[2013.03.05 12:08:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.16 01:34:54 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 05:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.15 20:18:56 | 000,006,484 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013.02.16 05:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.16 05:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.16 05:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.16 05:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.16 05:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe (Renesas Electronics Corporation)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{707AF35F-3697-4BD4-9665-442F193EFDB7}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.06 00:17:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sven\Desktop\OTL.exe
[2013.03.05 12:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.02.27 22:52:13 | 000,000,000 | ---D | C] -- C:\Users\Sven\Documents\Video deluxe 2013
[2013.02.27 22:52:13 | 000,000,000 | ---D | C] -- C:\Users\Sven\Documents\MAGIX
[2013.02.27 22:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2013.02.27 22:51:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX
[2013.02.27 22:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013.02.27 13:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.20 15:17:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.02.15 20:18:48 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\Babylon
[2013.02.15 20:18:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.02.15 20:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.02.15 20:18:37 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV
[2013.02.15 20:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSHunter.TV
[2013.02.11 16:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
[2013.02.11 16:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free PDF to Word Doc Converter
[2013.02.11 16:27:05 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\WordToPDF
[2013.02.11 16:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordToPDF
[2013.02.11 16:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WordToPDF
[2013.02.11 16:26:48 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\Programs
[2013.02.06 17:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox.bak
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.06 17:36:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.06 11:24:30 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.06 11:24:30 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.06 11:17:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.06 11:17:04 | 3219,742,720 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.06 00:17:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sven\Desktop\OTL.exe
[2013.03.05 12:08:19 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.02 15:51:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.03.01 19:57:52 | 000,001,112 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2013.02.28 12:39:28 | 000,527,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.28 09:36:34 | 000,177,672 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.02.28 09:36:34 | 000,068,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.02.28 09:36:33 | 001,025,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.02.28 09:36:33 | 000,377,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.02.28 09:36:33 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.02.28 09:36:33 | 000,065,408 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.02.28 09:36:32 | 000,080,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.02.28 09:36:31 | 000,033,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.02.28 09:36:07 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.02.28 09:35:43 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.02.27 22:51:31 | 000,120,200 | ---- | M] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2013.02.27 22:51:25 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013.lnk
[2013.02.25 11:57:06 | 000,004,876 | ---- | M] () -- C:\Users\Sven\Desktop\ESt2011_Prosek_Svenkopie.elfo
[2013.02.11 16:30:50 | 000,001,057 | ---- | M] () -- C:\Users\Sven\Desktop\Free PDF to Word Doc Converter.lnk
[2013.02.11 16:27:03 | 000,001,023 | ---- | M] () -- C:\Users\Sven\Desktop\WordToPDF.lnk
[2013.02.11 16:19:41 | 000,024,438 | ---- | M] () -- C:\Users\Sven\Desktop\detektivausweis.pdf
[2013.02.08 13:27:02 | 000,001,076 | ---- | M] () -- C:\Users\Sven\Desktop\tiptoi.lnk
 
========== Files Created - No Company Name ==========
 
[2013.03.05 12:08:19 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.05 12:08:19 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.02 15:51:31 | 000,177,672 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.03.02 15:51:30 | 000,065,408 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.02.27 22:51:25 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013.lnk
[2013.02.25 11:56:54 | 000,004,876 | ---- | C] () -- C:\Users\Sven\Desktop\ESt2011_Prosek_Svenkopie.elfo
[2013.02.15 13:06:16 | 000,001,112 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2013.02.11 16:30:50 | 000,001,057 | ---- | C] () -- C:\Users\Sven\Desktop\Free PDF to Word Doc Converter.lnk
[2013.02.11 16:27:03 | 000,001,023 | ---- | C] () -- C:\Users\Sven\Desktop\WordToPDF.lnk
[2013.02.11 16:19:51 | 000,024,438 | ---- | C] () -- C:\Users\Sven\Desktop\detektivausweis.pdf
[2012.12.05 21:13:01 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\Hidhlp.dll
[2012.12.05 21:13:01 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\iFT25B2.dll
[2012.11.22 18:49:39 | 000,282,104 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.22 18:49:36 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.10.22 13:32:04 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2012.10.12 08:14:58 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.10.12 08:14:58 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.10.12 08:14:57 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.09.29 22:16:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.29 21:56:57 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012.09.29 21:56:57 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.09.29 21:56:54 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.09.29 21:56:53 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.09.29 21:42:46 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.09.29 21:42:42 | 000,034,198 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.02.15 20:18:48 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Babylon
[2012.10.01 07:56:28 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Downloaded Installations
[2012.11.19 13:17:44 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\elsterformular
[2012.10.01 07:58:29 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\FileOpen
[2012.10.21 20:22:22 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Leadertech
[2013.02.27 22:52:15 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\MAGIX
[2012.10.01 13:51:13 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Nitro
[2012.10.08 14:49:55 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Nitro PDF
[2012.12.05 17:34:03 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Origin
[2013.01.06 11:14:28 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\RavensburgerTipToi
[2012.09.29 22:27:22 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Thunderbird
[2013.02.11 16:27:08 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\WordToPDF
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---


Eine extra.txt hat er mir nicht ausgespuckt!


Alt 06.03.2013, 18:35   #6
markusg
/// Malware-holic
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



Hi,


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O8:64bit: - Extra context menu item: An OneNote senden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote senden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
--> ClickCompare hat sich auch bei mir eingefunden!

Alt 06.03.2013, 18:46   #7
slice
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



All processes killed
========== OTL ==========
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\An OneNote senden\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft Excel exportieren\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\An OneNote senden\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft Excel exportieren\ not found.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Sven
->Temp folder emptied: 1112187737 bytes
->Temporary Internet Files folder emptied: 1136396777 bytes
->FireFox cache emptied: 452904893 bytes
->Flash cache emptied: 21714 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36788493 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50568 bytes
RecycleBin emptied: 215080 bytes

Total Files Cleaned = 2.612,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03062013_184222

Files\Folders moved on Reboot...
C:\Users\Sven\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Alt 06.03.2013, 19:05   #8
markusg
/// Malware-holic
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.03.2013, 19:22   #9
slice
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



19:19:42.0568 4904 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:19:42.0708 4904 ============================================================
19:19:42.0708 4904 Current date / time: 2013/03/06 19:19:42.0708
19:19:42.0708 4904 SystemInfo:
19:19:42.0708 4904
19:19:42.0708 4904 OS Version: 6.1.7601 ServicePack: 1.0
19:19:42.0708 4904 Product type: Workstation
19:19:42.0708 4904 ComputerName: SVEN-PC
19:19:42.0708 4904 UserName: Sven
19:19:42.0708 4904 Windows directory: C:\Windows
19:19:42.0708 4904 System windows directory: C:\Windows
19:19:42.0708 4904 Running under WOW64
19:19:42.0708 4904 Processor architecture: Intel x64
19:19:42.0708 4904 Number of processors: 4
19:19:42.0708 4904 Page size: 0x1000
19:19:42.0708 4904 Boot type: Normal boot
19:19:42.0708 4904 ============================================================
19:19:43.0722 4904 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:43.0722 4904 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:43.0769 4904 ============================================================
19:19:43.0769 4904 \Device\Harddisk1\DR1:
19:19:43.0769 4904 MBR partitions:
19:19:43.0769 4904 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
19:19:43.0769 4904 \Device\Harddisk0\DR0:
19:19:43.0769 4904 MBR partitions:
19:19:43.0769 4904 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A382000
19:19:43.0769 4904 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A382800, BlocksNum 0x3A383800
19:19:43.0769 4904 ============================================================
19:19:43.0785 4904 C: <-> \Device\Harddisk0\DR0\Partition1
19:19:43.0785 4904 D: <-> \Device\Harddisk1\DR1\Partition1
19:19:43.0816 4904 E: <-> \Device\Harddisk0\DR0\Partition2
19:19:43.0816 4904 ============================================================
19:19:43.0816 4904 Initialize success
19:19:43.0816 4904 ============================================================
19:19:47.0388 1792 ============================================================
19:19:47.0388 1792 Scan started
19:19:47.0388 1792 Mode: Manual;
19:19:47.0388 1792 ============================================================
19:19:48.0168 1792 ================ Scan system memory ========================
19:19:48.0168 1792 System memory - ok
19:19:48.0168 1792 ================ Scan services =============================
19:19:48.0340 1792 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:19:48.0356 1792 1394ohci - ok
19:19:48.0402 1792 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:19:48.0402 1792 ACPI - ok
19:19:48.0418 1792 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:19:48.0418 1792 AcpiPmi - ok
19:19:48.0574 1792 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:19:48.0590 1792 AdobeFlashPlayerUpdateSvc - ok
19:19:48.0636 1792 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:19:48.0636 1792 adp94xx - ok
19:19:48.0668 1792 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:19:48.0683 1792 adpahci - ok
19:19:48.0699 1792 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:19:48.0699 1792 adpu320 - ok
19:19:48.0746 1792 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:19:48.0746 1792 AeLookupSvc - ok
19:19:48.0824 1792 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:19:48.0839 1792 AFD - ok
19:19:48.0855 1792 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:19:48.0855 1792 agp440 - ok
19:19:48.0870 1792 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:19:48.0870 1792 ALG - ok
19:19:48.0886 1792 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:19:48.0886 1792 aliide - ok
19:19:48.0948 1792 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:19:48.0948 1792 AMD External Events Utility - ok
19:19:48.0964 1792 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:19:48.0964 1792 amdide - ok
19:19:48.0995 1792 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
19:19:48.0995 1792 amdiox64 - ok
19:19:48.0995 1792 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:19:48.0995 1792 AmdK8 - ok
19:19:49.0182 1792 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:19:49.0276 1792 amdkmdag - ok
19:19:49.0292 1792 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:19:49.0292 1792 amdkmdap - ok
19:19:49.0307 1792 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:19:49.0307 1792 AmdPPM - ok
19:19:49.0370 1792 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:19:49.0370 1792 amdsata - ok
19:19:49.0401 1792 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:19:49.0401 1792 amdsbs - ok
19:19:49.0416 1792 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:19:49.0416 1792 amdxata - ok
19:19:49.0448 1792 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:19:49.0448 1792 AppID - ok
19:19:49.0479 1792 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:19:49.0479 1792 AppIDSvc - ok
19:19:49.0494 1792 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:19:49.0494 1792 Appinfo - ok
19:19:49.0510 1792 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:19:49.0510 1792 arc - ok
19:19:49.0526 1792 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:19:49.0526 1792 arcsas - ok
19:19:49.0604 1792 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:19:49.0604 1792 AsIO - ok
19:19:49.0619 1792 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
19:19:49.0619 1792 asmthub3 - ok
19:19:49.0650 1792 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
19:19:49.0650 1792 asmtxhci - ok
19:19:49.0697 1792 [ 4CA8E3A70263C3029935551204586701 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:19:49.0697 1792 aswFsBlk - ok
19:19:49.0728 1792 [ CF6A24076F978BF9C1FE61EE8595DB66 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:19:49.0728 1792 aswMonFlt - ok
19:19:49.0744 1792 [ 24EB5B96B8D215BAC4FC280D39B73049 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:19:49.0744 1792 aswRdr - ok
19:19:49.0838 1792 [ 76A2BD420185B468B6DE89AED1EEAE40 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:19:49.0853 1792 aswRvrt - ok
19:19:49.0884 1792 [ 5EB2FC36BD4639097A2F9BB68C825604 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:19:49.0900 1792 aswSnx - ok
19:19:49.0916 1792 [ AB1403AF5CC781D5148096216DA3A2A3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:19:49.0916 1792 aswSP - ok
19:19:49.0931 1792 [ 6A2D4BB9DDAA7D74839936403BB31F06 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:19:49.0931 1792 aswTdi - ok
19:19:49.0947 1792 [ 0A83FFF1AEF6113EF8DCBB32D5014AB1 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:19:49.0947 1792 aswVmm - ok
19:19:49.0962 1792 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:49.0962 1792 AsyncMac - ok
19:19:49.0994 1792 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:19:49.0994 1792 atapi - ok
19:19:50.0040 1792 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:19:50.0040 1792 AtiHDAudioService - ok
19:19:50.0072 1792 [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:19:50.0072 1792 AtiPcie - ok
19:19:50.0134 1792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:19:50.0150 1792 AudioEndpointBuilder - ok
19:19:50.0165 1792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:19:50.0165 1792 AudioSrv - ok
19:19:50.0259 1792 [ AEF6E1DE647339C4990586D1DE427BBB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:19:50.0274 1792 avast! Antivirus - ok
19:19:50.0306 1792 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:19:50.0306 1792 AxInstSV - ok
19:19:50.0352 1792 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:19:50.0368 1792 b06bdrv - ok
19:19:50.0399 1792 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:19:50.0415 1792 b57nd60a - ok
19:19:50.0462 1792 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:19:50.0462 1792 BDESVC - ok
19:19:50.0493 1792 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:19:50.0493 1792 Beep - ok
19:19:50.0540 1792 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:19:50.0555 1792 BFE - ok
19:19:50.0618 1792 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:19:50.0649 1792 BITS - ok
19:19:50.0664 1792 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:19:50.0664 1792 blbdrive - ok
19:19:50.0711 1792 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:19:50.0711 1792 bowser - ok
19:19:50.0742 1792 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:19:50.0742 1792 BrFiltLo - ok
19:19:50.0758 1792 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:19:50.0758 1792 BrFiltUp - ok
19:19:50.0789 1792 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:19:50.0789 1792 Browser - ok
19:19:50.0820 1792 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:19:50.0820 1792 Brserid - ok
19:19:50.0852 1792 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:19:50.0852 1792 BrSerWdm - ok
19:19:50.0883 1792 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:19:50.0883 1792 BrUsbMdm - ok
19:19:50.0883 1792 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:19:50.0883 1792 BrUsbSer - ok
19:19:50.0914 1792 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:19:50.0914 1792 BTHMODEM - ok
19:19:50.0914 1792 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:19:50.0914 1792 bthserv - ok
19:19:50.0930 1792 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:19:50.0930 1792 cdfs - ok
19:19:50.0961 1792 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:19:50.0961 1792 cdrom - ok
19:19:50.0976 1792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:19:50.0976 1792 CertPropSvc - ok
19:19:50.0992 1792 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:19:50.0992 1792 circlass - ok
19:19:51.0008 1792 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:19:51.0008 1792 CLFS - ok
19:19:51.0086 1792 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:51.0101 1792 clr_optimization_v2.0.50727_32 - ok
19:19:51.0179 1792 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:19:51.0179 1792 clr_optimization_v2.0.50727_64 - ok
19:19:51.0195 1792 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:19:51.0195 1792 CmBatt - ok
19:19:51.0210 1792 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:19:51.0210 1792 cmdide - ok
19:19:51.0257 1792 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:19:51.0257 1792 CNG - ok
19:19:51.0288 1792 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:19:51.0288 1792 Compbatt - ok
19:19:51.0304 1792 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:19:51.0304 1792 CompositeBus - ok
19:19:51.0304 1792 COMSysApp - ok
19:19:51.0320 1792 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:19:51.0320 1792 crcdisk - ok
19:19:51.0351 1792 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:19:51.0351 1792 CryptSvc - ok
19:19:51.0413 1792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:19:51.0429 1792 DcomLaunch - ok
19:19:51.0460 1792 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:19:51.0476 1792 defragsvc - ok
19:19:51.0491 1792 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:19:51.0491 1792 DfsC - ok
19:19:51.0522 1792 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:19:51.0538 1792 Dhcp - ok
19:19:51.0554 1792 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:19:51.0554 1792 discache - ok
19:19:51.0569 1792 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:19:51.0569 1792 Disk - ok
19:19:51.0616 1792 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:19:51.0616 1792 Dnscache - ok
19:19:51.0663 1792 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:19:51.0678 1792 dot3svc - ok
19:19:51.0710 1792 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:19:51.0710 1792 DPS - ok
19:19:51.0741 1792 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:19:51.0741 1792 drmkaud - ok
19:19:51.0772 1792 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:19:51.0788 1792 DXGKrnl - ok
19:19:51.0803 1792 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:19:51.0803 1792 EapHost - ok
19:19:51.0881 1792 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:19:51.0912 1792 ebdrv - ok
19:19:51.0944 1792 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:19:51.0944 1792 EFS - ok
19:19:52.0006 1792 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:19:52.0022 1792 ehRecvr - ok
19:19:52.0068 1792 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:19:52.0068 1792 ehSched - ok
19:19:52.0100 1792 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:19:52.0115 1792 elxstor - ok
19:19:52.0131 1792 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:19:52.0131 1792 ErrDev - ok
19:19:52.0146 1792 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:19:52.0162 1792 EventSystem - ok
19:19:52.0178 1792 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:19:52.0178 1792 exfat - ok
19:19:52.0271 1792 Fabs - ok
19:19:52.0302 1792 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:19:52.0302 1792 fastfat - ok
19:19:52.0365 1792 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:19:52.0380 1792 Fax - ok
19:19:52.0396 1792 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:19:52.0396 1792 fdc - ok
19:19:52.0412 1792 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:19:52.0412 1792 fdPHost - ok
19:19:52.0427 1792 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:19:52.0427 1792 FDResPub - ok
19:19:52.0443 1792 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:19:52.0443 1792 FileInfo - ok
19:19:52.0458 1792 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:19:52.0458 1792 Filetrace - ok
19:19:52.0552 1792 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:19:52.0583 1792 FirebirdServerMAGIXInstance - ok
19:19:52.0599 1792 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:19:52.0599 1792 flpydisk - ok
19:19:52.0630 1792 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:19:52.0630 1792 FltMgr - ok
19:19:52.0692 1792 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
19:19:52.0724 1792 FontCache - ok
19:19:52.0770 1792 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:19:52.0770 1792 FontCache3.0.0.0 - ok
19:19:52.0802 1792 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:19:52.0802 1792 FsDepends - ok
19:19:52.0848 1792 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:19:52.0848 1792 Fs_Rec - ok
19:19:52.0864 1792 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:19:52.0880 1792 fvevol - ok
19:19:52.0895 1792 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:19:52.0895 1792 gagp30kx - ok
19:19:52.0973 1792 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:19:53.0004 1792 gpsvc - ok
19:19:53.0020 1792 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:19:53.0020 1792 hcw85cir - ok
19:19:53.0067 1792 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:19:53.0067 1792 HdAudAddService - ok
19:19:53.0098 1792 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:19:53.0098 1792 HDAudBus - ok
19:19:53.0098 1792 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:19:53.0098 1792 HidBatt - ok
19:19:53.0129 1792 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:19:53.0145 1792 HidBth - ok
19:19:53.0160 1792 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:19:53.0160 1792 HidIr - ok
19:19:53.0207 1792 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:19:53.0223 1792 hidserv - ok
19:19:53.0254 1792 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:19:53.0254 1792 HidUsb - ok
19:19:53.0285 1792 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:19:53.0285 1792 hkmsvc - ok
19:19:53.0348 1792 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:19:53.0348 1792 HomeGroupListener - ok
19:19:53.0394 1792 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:19:53.0410 1792 HomeGroupProvider - ok
19:19:53.0441 1792 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:19:53.0441 1792 HpSAMD - ok
19:19:53.0504 1792 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:19:53.0519 1792 HTTP - ok
19:19:53.0535 1792 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:19:53.0535 1792 hwpolicy - ok
19:19:53.0566 1792 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:19:53.0566 1792 i8042prt - ok
19:19:53.0597 1792 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:19:53.0613 1792 iaStorV - ok
19:19:53.0660 1792 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:19:53.0675 1792 idsvc - ok
19:19:53.0691 1792 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:19:53.0691 1792 iirsp - ok
19:19:53.0738 1792 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:19:53.0753 1792 IKEEXT - ok
19:19:53.0894 1792 [ EB5FA493A4B6EA290200AE39EBA2FBC6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:19:53.0909 1792 IntcAzAudAddService - ok
19:19:53.0925 1792 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:19:53.0925 1792 intelide - ok
19:19:53.0940 1792 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:19:53.0940 1792 intelppm - ok
19:19:53.0956 1792 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:19:53.0956 1792 IPBusEnum - ok
19:19:53.0972 1792 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:19:53.0972 1792 IpFilterDriver - ok
19:19:54.0003 1792 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:19:54.0018 1792 iphlpsvc - ok
19:19:54.0034 1792 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:19:54.0034 1792 IPMIDRV - ok
19:19:54.0050 1792 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:19:54.0050 1792 IPNAT - ok
19:19:54.0081 1792 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:19:54.0081 1792 IRENUM - ok
19:19:54.0112 1792 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:19:54.0112 1792 isapnp - ok
19:19:54.0128 1792 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:19:54.0143 1792 iScsiPrt - ok
19:19:54.0143 1792 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:19:54.0143 1792 kbdclass - ok
19:19:54.0159 1792 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:19:54.0159 1792 kbdhid - ok
19:19:54.0174 1792 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:19:54.0174 1792 KeyIso - ok
19:19:54.0206 1792 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:19:54.0206 1792 KSecDD - ok
19:19:54.0237 1792 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:19:54.0237 1792 KSecPkg - ok
19:19:54.0284 1792 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:19:54.0284 1792 ksthunk - ok
19:19:54.0330 1792 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:19:54.0330 1792 KtmRm - ok
19:19:54.0377 1792 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:19:54.0393 1792 LanmanServer - ok
19:19:54.0440 1792 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:19:54.0440 1792 LanmanWorkstation - ok
19:19:54.0486 1792 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:19:54.0486 1792 lltdio - ok
19:19:54.0533 1792 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:19:54.0549 1792 lltdsvc - ok
19:19:54.0564 1792 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:19:54.0564 1792 lmhosts - ok
19:19:54.0596 1792 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:19:54.0596 1792 LSI_FC - ok
19:19:54.0596 1792 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:19:54.0611 1792 LSI_SAS - ok
19:19:54.0611 1792 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:19:54.0611 1792 LSI_SAS2 - ok
19:19:54.0627 1792 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:19:54.0627 1792 LSI_SCSI - ok
19:19:54.0642 1792 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:19:54.0642 1792 luafv - ok
19:19:54.0705 1792 [ C586CC39820B6E7FE3657FED8329D300 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
19:19:54.0705 1792 lvpopf64 - ok
19:19:54.0752 1792 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:19:54.0752 1792 LVPr2M64 - ok
19:19:54.0783 1792 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:19:54.0783 1792 LVPr2Mon - ok
19:19:54.0861 1792 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
19:19:54.0861 1792 LVPrcS64 - ok
19:19:54.0876 1792 [ 224AB3850F573A419F921C41A15D7F5B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:19:54.0892 1792 LVRS64 - ok
19:19:54.0986 1792 [ BFBA84B8A9C233AE42B11CF7BDFC6C01 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:19:55.0032 1792 LVUVC64 - ok
19:19:55.0064 1792 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:19:55.0064 1792 Mcx2Svc - ok
19:19:55.0079 1792 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:19:55.0095 1792 megasas - ok
19:19:55.0110 1792 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:19:55.0110 1792 MegaSR - ok
19:19:55.0173 1792 Microsoft SharePoint Workspace Audit Service - ok
19:19:55.0204 1792 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:19:55.0204 1792 MMCSS - ok
19:19:55.0220 1792 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:19:55.0220 1792 Modem - ok
19:19:55.0266 1792 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:19:55.0266 1792 monitor - ok
19:19:55.0313 1792 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:19:55.0313 1792 mouclass - ok
19:19:55.0329 1792 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:19:55.0329 1792 mouhid - ok
19:19:55.0376 1792 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:19:55.0376 1792 mountmgr - ok
19:19:55.0407 1792 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:19:55.0407 1792 MozillaMaintenance - ok
19:19:55.0438 1792 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:19:55.0438 1792 mpio - ok
19:19:55.0454 1792 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:19:55.0454 1792 mpsdrv - ok
19:19:55.0500 1792 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:19:55.0500 1792 MpsSvc - ok
19:19:55.0516 1792 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:19:55.0516 1792 MRxDAV - ok
19:19:55.0547 1792 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:19:55.0547 1792 mrxsmb - ok
19:19:55.0578 1792 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:19:55.0594 1792 mrxsmb10 - ok
19:19:55.0610 1792 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:19:55.0610 1792 mrxsmb20 - ok
19:19:55.0625 1792 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:19:55.0625 1792 msahci - ok
19:19:55.0656 1792 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:19:55.0656 1792 msdsm - ok
19:19:55.0688 1792 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:19:55.0688 1792 MSDTC - ok
19:19:55.0703 1792 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:19:55.0703 1792 Msfs - ok
19:19:55.0719 1792 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:19:55.0719 1792 mshidkmdf - ok
19:19:55.0734 1792 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:19:55.0734 1792 msisadrv - ok
19:19:55.0766 1792 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:19:55.0766 1792 MSiSCSI - ok
19:19:55.0781 1792 msiserver - ok
19:19:55.0812 1792 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:19:55.0828 1792 MSKSSRV - ok
19:19:55.0844 1792 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:19:55.0844 1792 MSPCLOCK - ok
19:19:55.0844 1792 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:19:55.0859 1792 MSPQM - ok
19:19:55.0890 1792 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:19:55.0890 1792 MsRPC - ok
19:19:55.0906 1792 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:19:55.0906 1792 mssmbios - ok
19:19:55.0922 1792 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:19:55.0922 1792 MSTEE - ok
19:19:55.0937 1792 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:19:55.0937 1792 MTConfig - ok
19:19:55.0968 1792 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:19:55.0968 1792 MTsensor - ok
19:19:55.0984 1792 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:19:56.0000 1792 Mup - ok
19:19:56.0046 1792 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:19:56.0062 1792 napagent - ok
19:19:56.0078 1792 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:19:56.0078 1792 NativeWifiP - ok
19:19:56.0109 1792 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:19:56.0156 1792 NDIS - ok
19:19:56.0202 1792 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:19:56.0218 1792 NdisCap - ok
19:19:56.0249 1792 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:19:56.0249 1792 NdisTapi - ok
19:19:56.0265 1792 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:19:56.0265 1792 Ndisuio - ok
19:19:56.0280 1792 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:19:56.0280 1792 NdisWan - ok
19:19:56.0327 1792 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:19:56.0327 1792 NDProxy - ok
19:19:56.0343 1792 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:19:56.0343 1792 NetBIOS - ok
19:19:56.0374 1792 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:19:56.0374 1792 NetBT - ok
19:19:56.0390 1792 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:19:56.0390 1792 Netlogon - ok
19:19:56.0421 1792 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:19:56.0436 1792 Netman - ok
19:19:56.0452 1792 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:19:56.0468 1792 netprofm - ok
19:19:56.0499 1792 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:19:56.0499 1792 NetTcpPortSharing - ok
19:19:56.0514 1792 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:19:56.0514 1792 nfrd960 - ok
19:19:56.0608 1792 [ 053AEB862E7B058FB83091B4B61D4C12 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
19:19:56.0608 1792 NitroDriverReadSpool8 - ok
19:19:56.0655 1792 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:19:56.0670 1792 NlaSvc - ok
19:19:56.0748 1792 [ B84E65767848FC91631CBE0E57D9CCDF ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
19:19:56.0748 1792 nlsX86cc - ok
19:19:56.0764 1792 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:19:56.0780 1792 Npfs - ok
19:19:56.0795 1792 npggsvc - ok
19:19:56.0826 1792 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:19:56.0842 1792 nsi - ok
19:19:56.0858 1792 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:19:56.0858 1792 nsiproxy - ok
19:19:56.0920 1792 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:19:56.0951 1792 Ntfs - ok
19:19:56.0967 1792 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:19:56.0967 1792 Null - ok
19:19:57.0014 1792 [ 69FCDECD0215195261EC5362AB4A1520 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
19:19:57.0014 1792 nusb3hub - ok
19:19:57.0045 1792 [ F813EA99DA158FB4079622D882873D63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:19:57.0060 1792 nusb3xhc - ok
19:19:57.0107 1792 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:19:57.0107 1792 NVHDA - ok
19:19:57.0341 1792 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:19:57.0388 1792 nvlddmkm - ok
19:19:57.0450 1792 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:19:57.0450 1792 nvraid - ok
19:19:57.0466 1792 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:19:57.0466 1792 nvstor - ok
19:19:57.0497 1792 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:19:57.0513 1792 nvsvc - ok
19:19:57.0591 1792 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:19:57.0606 1792 nvUpdatusService - ok
19:19:57.0622 1792 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:19:57.0638 1792 nv_agp - ok
19:19:57.0638 1792 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:19:57.0638 1792 ohci1394 - ok
19:19:57.0716 1792 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:19:57.0731 1792 ose - ok
19:19:57.0872 1792 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:19:57.0918 1792 osppsvc - ok
19:19:57.0950 1792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:19:57.0950 1792 p2pimsvc - ok
19:19:57.0996 1792 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:19:58.0012 1792 p2psvc - ok
19:19:58.0059 1792 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:19:58.0059 1792 Parport - ok
19:19:58.0090 1792 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:19:58.0090 1792 partmgr - ok
19:19:58.0106 1792 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:19:58.0121 1792 PcaSvc - ok
19:19:58.0152 1792 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:19:58.0152 1792 pci - ok
19:19:58.0184 1792 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:19:58.0184 1792 pciide - ok
19:19:58.0215 1792 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:19:58.0215 1792 pcmcia - ok
19:19:58.0230 1792 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:19:58.0230 1792 pcw - ok
19:19:58.0262 1792 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:19:58.0262 1792 PEAUTH - ok
19:19:58.0293 1792 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:19:58.0293 1792 PerfHost - ok
19:19:58.0386 1792 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:19:58.0402 1792 pla - ok
19:19:58.0449 1792 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:19:58.0464 1792 PlugPlay - ok
19:19:58.0480 1792 PnkBstrA - ok
19:19:58.0496 1792 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:19:58.0496 1792 PNRPAutoReg - ok
19:19:58.0511 1792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:19:58.0511 1792 PNRPsvc - ok
19:19:58.0542 1792 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:19:58.0542 1792 PolicyAgent - ok
19:19:58.0589 1792 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:19:58.0589 1792 Power - ok
19:19:58.0620 1792 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:19:58.0620 1792 PptpMiniport - ok
19:19:58.0636 1792 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:19:58.0636 1792 Processor - ok
19:19:58.0652 1792 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
19:19:58.0667 1792 ProfSvc - ok
19:19:58.0683 1792 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:19:58.0683 1792 ProtectedStorage - ok
19:19:58.0698 1792 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:19:58.0714 1792 Psched - ok
19:19:58.0745 1792 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:19:58.0761 1792 ql2300 - ok
19:19:58.0776 1792 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:19:58.0776 1792 ql40xx - ok
19:19:58.0792 1792 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:19:58.0792 1792 QWAVE - ok
19:19:58.0808 1792 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:19:58.0808 1792 QWAVEdrv - ok
19:19:58.0823 1792 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:19:58.0823 1792 RasAcd - ok
19:19:58.0854 1792 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:19:58.0854 1792 RasAgileVpn - ok
19:19:58.0886 1792 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:19:58.0901 1792 RasAuto - ok
19:19:58.0932 1792 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:19:58.0948 1792 Rasl2tp - ok
19:19:58.0964 1792 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:19:58.0979 1792 RasMan - ok
19:19:58.0995 1792 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:19:58.0995 1792 RasPppoe - ok
19:19:59.0010 1792 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:19:59.0010 1792 RasSstp - ok
19:19:59.0042 1792 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:19:59.0042 1792 rdbss - ok
19:19:59.0057 1792 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:19:59.0057 1792 rdpbus - ok
19:19:59.0073 1792 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:19:59.0073 1792 RDPCDD - ok
19:19:59.0088 1792 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:19:59.0088 1792 RDPENCDD - ok
19:19:59.0104 1792 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:19:59.0104 1792 RDPREFMP - ok
19:19:59.0135 1792 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:19:59.0135 1792 RDPWD - ok
19:19:59.0182 1792 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:19:59.0182 1792 rdyboost - ok
19:19:59.0213 1792 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:19:59.0213 1792 RemoteAccess - ok
19:19:59.0260 1792 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:19:59.0260 1792 RemoteRegistry - ok
19:19:59.0291 1792 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:19:59.0291 1792 RpcEptMapper - ok
19:19:59.0322 1792 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:19:59.0338 1792 RpcLocator - ok
19:19:59.0354 1792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:19:59.0369 1792 RpcSs - ok
19:19:59.0369 1792 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:19:59.0369 1792 rspndr - ok
19:19:59.0416 1792 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:19:59.0416 1792 RTL8167 - ok
19:19:59.0432 1792 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:19:59.0432 1792 SamSs - ok
19:19:59.0463 1792 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:19:59.0463 1792 sbp2port - ok
19:19:59.0478 1792 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:19:59.0494 1792 SCardSvr - ok
19:19:59.0525 1792 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:19:59.0525 1792 scfilter - ok
19:19:59.0556 1792 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:19:59.0572 1792 Schedule - ok
19:19:59.0603 1792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:19:59.0603 1792 SCPolicySvc - ok
19:19:59.0666 1792 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:19:59.0666 1792 SDRSVC - ok
19:19:59.0697 1792 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:19:59.0697 1792 secdrv - ok
19:19:59.0712 1792 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:19:59.0728 1792 seclogon - ok
19:19:59.0744 1792 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:19:59.0744 1792 SENS - ok
19:19:59.0759 1792 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:19:59.0759 1792 SensrSvc - ok
19:19:59.0790 1792 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:19:59.0790 1792 Serenum - ok
19:19:59.0806 1792 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:19:59.0806 1792 Serial - ok
19:19:59.0822 1792 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:19:59.0822 1792 sermouse - ok
19:19:59.0853 1792 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:19:59.0868 1792 SessionEnv - ok
19:19:59.0884 1792 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:19:59.0884 1792 sffdisk - ok
19:19:59.0900 1792 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:19:59.0900 1792 sffp_mmc - ok
19:19:59.0900 1792 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:19:59.0900 1792 sffp_sd - ok
19:19:59.0915 1792 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:19:59.0915 1792 sfloppy - ok
19:19:59.0962 1792 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:19:59.0978 1792 SharedAccess - ok
19:20:00.0024 1792 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:20:00.0040 1792 ShellHWDetection - ok
19:20:00.0040 1792 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:20:00.0040 1792 SiSRaid2 - ok
19:20:00.0056 1792 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:20:00.0056 1792 SiSRaid4 - ok
19:20:00.0118 1792 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:20:00.0118 1792 SkypeUpdate - ok
19:20:00.0149 1792 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:20:00.0149 1792 Smb - ok
19:20:00.0180 1792 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:20:00.0180 1792 SNMPTRAP - ok
19:20:00.0227 1792 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:20:00.0227 1792 spldr - ok
19:20:00.0274 1792 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
19:20:00.0290 1792 Spooler - ok
19:20:00.0368 1792 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:20:00.0399 1792 sppsvc - ok
19:20:00.0414 1792 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:20:00.0414 1792 sppuinotify - ok
19:20:00.0446 1792 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:20:00.0461 1792 srv - ok
19:20:00.0477 1792 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:20:00.0492 1792 srv2 - ok
19:20:00.0492 1792 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:20:00.0508 1792 srvnet - ok
19:20:00.0524 1792 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:20:00.0524 1792 SSDPSRV - ok
19:20:00.0539 1792 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:20:00.0539 1792 SstpSvc - ok
19:20:00.0617 1792 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:20:00.0633 1792 Stereo Service - ok
19:20:00.0648 1792 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:20:00.0648 1792 stexstor - ok
19:20:00.0695 1792 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:20:00.0711 1792 stisvc - ok
19:20:00.0742 1792 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:20:00.0742 1792 swenum - ok
19:20:00.0773 1792 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:20:00.0773 1792 swprv - ok
19:20:00.0804 1792 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:20:00.0836 1792 SysMain - ok
19:20:00.0851 1792 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:20:00.0851 1792 TabletInputService - ok
19:20:00.0882 1792 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:20:00.0882 1792 TapiSrv - ok
19:20:00.0914 1792 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:20:00.0914 1792 TBS - ok
19:20:00.0992 1792 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:20:01.0023 1792 Tcpip - ok
19:20:01.0054 1792 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:20:01.0070 1792 TCPIP6 - ok
19:20:01.0101 1792 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:20:01.0101 1792 tcpipreg - ok
19:20:01.0116 1792 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:20:01.0116 1792 TDPIPE - ok
19:20:01.0148 1792 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:20:01.0148 1792 TDTCP - ok
19:20:01.0210 1792 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:20:01.0210 1792 tdx - ok
19:20:01.0226 1792 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:20:01.0241 1792 TermDD - ok
19:20:01.0335 1792 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:20:01.0366 1792 TermService - ok
19:20:01.0382 1792 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:20:01.0397 1792 Themes - ok
19:20:01.0428 1792 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:20:01.0428 1792 THREADORDER - ok
19:20:01.0460 1792 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:20:01.0460 1792 TrkWks - ok
19:20:01.0491 1792 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:20:01.0506 1792 TrustedInstaller - ok
19:20:01.0522 1792 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:20:01.0522 1792 tssecsrv - ok
19:20:01.0569 1792 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:20:01.0569 1792 TsUsbFlt - ok
19:20:01.0616 1792 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:20:01.0631 1792 tunnel - ok
19:20:01.0647 1792 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:20:01.0647 1792 uagp35 - ok
19:20:01.0694 1792 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:20:01.0694 1792 udfs - ok
19:20:01.0740 1792 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:20:01.0756 1792 UI0Detect - ok
19:20:01.0787 1792 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:20:01.0787 1792 uliagpkx - ok
19:20:01.0803 1792 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:20:01.0803 1792 umbus - ok
19:20:01.0834 1792 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:20:01.0834 1792 UmPass - ok
19:20:01.0865 1792 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:20:01.0881 1792 UMVPFSrv - ok
19:20:01.0912 1792 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:20:01.0912 1792 upnphost - ok
19:20:01.0943 1792 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:20:01.0943 1792 usbaudio - ok
19:20:01.0959 1792 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:20:01.0959 1792 usbccgp - ok
19:20:02.0021 1792 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:20:02.0021 1792 usbcir - ok
19:20:02.0037 1792 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:20:02.0052 1792 usbehci - ok
19:20:02.0068 1792 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:20:02.0084 1792 usbhub - ok
19:20:02.0084 1792 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:20:02.0084 1792 usbohci - ok
19:20:02.0115 1792 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:20:02.0115 1792 usbprint - ok
19:20:02.0130 1792 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:20:02.0130 1792 USBSTOR - ok
19:20:02.0162 1792 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:20:02.0162 1792 usbuhci - ok
19:20:02.0177 1792 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:20:02.0177 1792 usbvideo - ok
19:20:02.0208 1792 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:20:02.0208 1792 UxSms - ok
19:20:02.0224 1792 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:20:02.0224 1792 VaultSvc - ok
19:20:02.0240 1792 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:20:02.0240 1792 vdrvroot - ok
19:20:02.0271 1792 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:20:02.0286 1792 vds - ok
19:20:02.0302 1792 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:20:02.0302 1792 vga - ok
19:20:02.0302 1792 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:20:02.0302 1792 VgaSave - ok
19:20:02.0364 1792 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:20:02.0364 1792 vhdmp - ok
19:20:02.0380 1792 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:20:02.0380 1792 viaide - ok
19:20:02.0396 1792 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:20:02.0396 1792 volmgr - ok
19:20:02.0411 1792 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:20:02.0427 1792 volmgrx - ok
19:20:02.0427 1792 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:20:02.0442 1792 volsnap - ok
19:20:02.0442 1792 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:20:02.0442 1792 vsmraid - ok
19:20:02.0505 1792 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:20:02.0520 1792 VSS - ok
19:20:02.0536 1792 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:20:02.0536 1792 vwifibus - ok
19:20:02.0552 1792 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:20:02.0552 1792 W32Time - ok
19:20:02.0583 1792 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:20:02.0583 1792 WacomPen - ok
19:20:02.0645 1792 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:20:02.0645 1792 WANARP - ok
19:20:02.0661 1792 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:20:02.0661 1792 Wanarpv6 - ok
19:20:02.0723 1792 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:20:02.0754 1792 wbengine - ok
19:20:02.0770 1792 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:20:02.0770 1792 WbioSrvc - ok
19:20:02.0801 1792 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:20:02.0817 1792 wcncsvc - ok
19:20:02.0848 1792 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:20:02.0848 1792 WcsPlugInService - ok
19:20:02.0864 1792 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:20:02.0864 1792 Wd - ok
19:20:02.0879 1792 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:20:02.0895 1792 Wdf01000 - ok
19:20:02.0895 1792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:20:02.0910 1792 WdiServiceHost - ok
19:20:02.0910 1792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:20:02.0910 1792 WdiSystemHost - ok
19:20:02.0942 1792 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:20:02.0942 1792 WebClient - ok
19:20:02.0957 1792 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:20:02.0957 1792 Wecsvc - ok
19:20:02.0973 1792 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:20:02.0973 1792 wercplsupport - ok
19:20:03.0020 1792 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:20:03.0020 1792 WerSvc - ok
19:20:03.0035 1792 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:20:03.0035 1792 WfpLwf - ok
19:20:03.0051 1792 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:20:03.0066 1792 WIMMount - ok
19:20:03.0066 1792 WinDefend - ok
19:20:03.0082 1792 WinHttpAutoProxySvc - ok
19:20:03.0113 1792 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:20:03.0129 1792 Winmgmt - ok
19:20:03.0191 1792 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:20:03.0222 1792 WinRM - ok
19:20:03.0285 1792 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:20:03.0285 1792 WinUsb - ok
19:20:03.0332 1792 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:20:03.0347 1792 Wlansvc - ok
19:20:03.0378 1792 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:20:03.0378 1792 WmiAcpi - ok
19:20:03.0394 1792 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:20:03.0394 1792 wmiApSrv - ok
19:20:03.0410 1792 WMPNetworkSvc - ok
19:20:03.0425 1792 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:20:03.0425 1792 WPCSvc - ok
19:20:03.0456 1792 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:20:03.0456 1792 WPDBusEnum - ok
19:20:03.0488 1792 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:20:03.0488 1792 ws2ifsl - ok
19:20:03.0503 1792 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:20:03.0519 1792 wscsvc - ok
19:20:03.0519 1792 WSearch - ok
19:20:03.0581 1792 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:20:03.0597 1792 wuauserv - ok
19:20:03.0628 1792 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:20:03.0628 1792 WudfPf - ok
19:20:03.0659 1792 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:20:03.0659 1792 WUDFRd - ok
19:20:03.0675 1792 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:20:03.0690 1792 wudfsvc - ok
19:20:03.0706 1792 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:20:03.0722 1792 WwanSvc - ok
19:20:03.0722 1792 ================ Scan global ===============================
19:20:03.0753 1792 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:20:03.0815 1792 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:20:03.0831 1792 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:20:03.0878 1792 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:20:03.0909 1792 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:20:03.0909 1792 [Global] - ok
19:20:03.0909 1792 ================ Scan MBR ==================================
19:20:03.0924 1792 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
19:20:03.0956 1792 \Device\Harddisk1\DR1 - ok
19:20:03.0971 1792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:20:04.0143 1792 \Device\Harddisk0\DR0 - ok
19:20:04.0143 1792 ================ Scan VBR ==================================
19:20:04.0143 1792 [ 76D30F6F6D5277B81865921D97F502FF ] \Device\Harddisk1\DR1\Partition1
19:20:04.0143 1792 \Device\Harddisk1\DR1\Partition1 - ok
19:20:04.0143 1792 [ 87444EE456407727E963B77B32954D34 ] \Device\Harddisk0\DR0\Partition1
19:20:04.0158 1792 \Device\Harddisk0\DR0\Partition1 - ok
19:20:04.0174 1792 [ A75029E7A710195BA56173E0DA254C63 ] \Device\Harddisk0\DR0\Partition2
19:20:04.0174 1792 \Device\Harddisk0\DR0\Partition2 - ok
19:20:04.0174 1792 ============================================================
19:20:04.0174 1792 Scan finished
19:20:04.0174 1792 ============================================================
19:20:04.0174 1180 Detected object count: 0
19:20:04.0174 1180 Actual detected object count: 0

Alt 08.03.2013, 21:10   #10
markusg
/// Malware-holic
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



lies bitte noch mal die Anleitung, du hast den tdsskiller nicht richtig konfiguriert
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.03.2013, 00:08   #11
slice
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



Ja, tatsächlich!
Sorry und danke für den Hinweise bzw. das Feedback!

00:05:21.0982 1512 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:05:22.0076 1512 ============================================================
00:05:22.0076 1512 Current date / time: 2013/03/09 00:05:22.0076
00:05:22.0076 1512 SystemInfo:
00:05:22.0076 1512
00:05:22.0076 1512 OS Version: 6.1.7601 ServicePack: 1.0
00:05:22.0076 1512 Product type: Workstation
00:05:22.0076 1512 ComputerName: SVEN-PC
00:05:22.0076 1512 UserName: Sven
00:05:22.0076 1512 Windows directory: C:\Windows
00:05:22.0076 1512 System windows directory: C:\Windows
00:05:22.0076 1512 Running under WOW64
00:05:22.0076 1512 Processor architecture: Intel x64
00:05:22.0076 1512 Number of processors: 4
00:05:22.0076 1512 Page size: 0x1000
00:05:22.0076 1512 Boot type: Normal boot
00:05:22.0076 1512 ============================================================
00:05:22.0887 1512 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:05:22.0903 1512 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:05:22.0950 1512 ============================================================
00:05:22.0950 1512 \Device\Harddisk0\DR0:
00:05:22.0950 1512 MBR partitions:
00:05:22.0950 1512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
00:05:22.0950 1512 \Device\Harddisk1\DR1:
00:05:22.0950 1512 MBR partitions:
00:05:22.0950 1512 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A382000
00:05:22.0950 1512 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3A382800, BlocksNum 0x3A383800
00:05:22.0950 1512 ============================================================
00:05:22.0965 1512 C: <-> \Device\Harddisk1\DR1\Partition1
00:05:22.0965 1512 D: <-> \Device\Harddisk0\DR0\Partition1
00:05:23.0012 1512 E: <-> \Device\Harddisk1\DR1\Partition2
00:05:23.0012 1512 ============================================================
00:05:23.0012 1512 Initialize success
00:05:23.0012 1512 ============================================================
00:05:30.0141 2308 ============================================================
00:05:30.0141 2308 Scan started
00:05:30.0141 2308 Mode: Manual; SigCheck; TDLFS;
00:05:30.0141 2308 ============================================================
00:05:30.0531 2308 ================ Scan system memory ========================
00:05:30.0531 2308 System memory - ok
00:05:30.0531 2308 ================ Scan services =============================
00:05:30.0703 2308 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:05:30.0765 2308 1394ohci - ok
00:05:30.0781 2308 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:05:30.0796 2308 ACPI - ok
00:05:30.0812 2308 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:05:30.0859 2308 AcpiPmi - ok
00:05:30.0999 2308 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:05:31.0030 2308 AdobeFlashPlayerUpdateSvc - ok
00:05:31.0062 2308 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:05:31.0093 2308 adp94xx - ok
00:05:31.0108 2308 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:05:31.0124 2308 adpahci - ok
00:05:31.0140 2308 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:05:31.0155 2308 adpu320 - ok
00:05:31.0186 2308 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:05:31.0249 2308 AeLookupSvc - ok
00:05:31.0296 2308 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:05:31.0342 2308 AFD - ok
00:05:31.0374 2308 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:05:31.0374 2308 agp440 - ok
00:05:31.0389 2308 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:05:31.0420 2308 ALG - ok
00:05:31.0436 2308 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:05:31.0436 2308 aliide - ok
00:05:31.0483 2308 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:05:31.0561 2308 AMD External Events Utility - ok
00:05:31.0561 2308 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:05:31.0576 2308 amdide - ok
00:05:31.0608 2308 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
00:05:31.0654 2308 amdiox64 - ok
00:05:31.0654 2308 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:05:31.0686 2308 AmdK8 - ok
00:05:31.0873 2308 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:05:32.0044 2308 amdkmdag - ok
00:05:32.0060 2308 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
00:05:32.0091 2308 amdkmdap - ok
00:05:32.0107 2308 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:05:32.0107 2308 AmdPPM - ok
00:05:32.0154 2308 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:05:32.0154 2308 amdsata - ok
00:05:32.0169 2308 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:05:32.0185 2308 amdsbs - ok
00:05:32.0200 2308 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:05:32.0200 2308 amdxata - ok
00:05:32.0247 2308 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:05:32.0325 2308 AppID - ok
00:05:32.0356 2308 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:05:32.0419 2308 AppIDSvc - ok
00:05:32.0434 2308 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:05:32.0466 2308 Appinfo - ok
00:05:32.0481 2308 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
00:05:32.0497 2308 arc - ok
00:05:32.0512 2308 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:05:32.0528 2308 arcsas - ok
00:05:32.0575 2308 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
00:05:32.0590 2308 AsIO - ok
00:05:32.0622 2308 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
00:05:32.0668 2308 asmthub3 - ok
00:05:32.0684 2308 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
00:05:32.0715 2308 asmtxhci - ok
00:05:32.0746 2308 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
00:05:32.0762 2308 aswFsBlk - ok
00:05:32.0793 2308 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
00:05:32.0809 2308 aswMonFlt - ok
00:05:32.0809 2308 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
00:05:32.0824 2308 aswRdr - ok
00:05:32.0887 2308 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
00:05:32.0918 2308 aswRvrt - ok
00:05:32.0949 2308 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
00:05:32.0996 2308 aswSnx - ok
00:05:33.0012 2308 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
00:05:33.0027 2308 aswSP - ok
00:05:33.0027 2308 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
00:05:33.0043 2308 aswTdi - ok
00:05:33.0058 2308 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
00:05:33.0074 2308 aswVmm - ok
00:05:33.0074 2308 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:05:33.0121 2308 AsyncMac - ok
00:05:33.0136 2308 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:05:33.0168 2308 atapi - ok
00:05:33.0199 2308 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
00:05:33.0214 2308 AtiHDAudioService - ok
00:05:33.0230 2308 [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
00:05:33.0246 2308 AtiPcie - ok
00:05:33.0277 2308 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:05:33.0339 2308 AudioEndpointBuilder - ok
00:05:33.0355 2308 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:05:33.0386 2308 AudioSrv - ok
00:05:33.0464 2308 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:05:33.0495 2308 avast! Antivirus - ok
00:05:33.0526 2308 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:05:33.0604 2308 AxInstSV - ok
00:05:33.0636 2308 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:05:33.0667 2308 b06bdrv - ok
00:05:33.0682 2308 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:05:33.0729 2308 b57nd60a - ok
00:05:33.0776 2308 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:05:33.0792 2308 BDESVC - ok
00:05:33.0807 2308 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:05:33.0885 2308 Beep - ok
00:05:33.0932 2308 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
00:05:34.0010 2308 BFE - ok
00:05:34.0041 2308 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
00:05:34.0088 2308 BITS - ok
00:05:34.0119 2308 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:05:34.0150 2308 blbdrive - ok
00:05:34.0182 2308 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:05:34.0213 2308 bowser - ok
00:05:34.0228 2308 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:05:34.0244 2308 BrFiltLo - ok
00:05:34.0275 2308 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:05:34.0291 2308 BrFiltUp - ok
00:05:34.0306 2308 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:05:34.0322 2308 Browser - ok
00:05:34.0353 2308 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:05:34.0384 2308 Brserid - ok
00:05:34.0400 2308 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:05:34.0416 2308 BrSerWdm - ok
00:05:34.0431 2308 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:05:34.0447 2308 BrUsbMdm - ok
00:05:34.0462 2308 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:05:34.0478 2308 BrUsbSer - ok
00:05:34.0509 2308 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:05:34.0572 2308 BTHMODEM - ok
00:05:34.0618 2308 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:05:34.0743 2308 bthserv - ok
00:05:34.0743 2308 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:05:34.0774 2308 cdfs - ok
00:05:34.0806 2308 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
00:05:34.0837 2308 cdrom - ok
00:05:34.0852 2308 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:05:34.0946 2308 CertPropSvc - ok
00:05:34.0962 2308 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:05:34.0977 2308 circlass - ok
00:05:34.0993 2308 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:05:35.0008 2308 CLFS - ok
00:05:35.0071 2308 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:05:35.0102 2308 clr_optimization_v2.0.50727_32 - ok
00:05:35.0133 2308 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:05:35.0149 2308 clr_optimization_v2.0.50727_64 - ok
00:05:35.0164 2308 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:05:35.0180 2308 CmBatt - ok
00:05:35.0211 2308 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:05:35.0242 2308 cmdide - ok
00:05:35.0289 2308 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
00:05:35.0336 2308 CNG - ok
00:05:35.0367 2308 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:05:35.0367 2308 Compbatt - ok
00:05:35.0398 2308 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:05:35.0445 2308 CompositeBus - ok
00:05:35.0461 2308 COMSysApp - ok
00:05:35.0476 2308 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:05:35.0476 2308 crcdisk - ok
00:05:35.0508 2308 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:05:35.0570 2308 CryptSvc - ok
00:05:35.0601 2308 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:05:35.0664 2308 DcomLaunch - ok
00:05:35.0710 2308 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:05:35.0773 2308 defragsvc - ok
00:05:35.0788 2308 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:05:35.0820 2308 DfsC - ok
00:05:35.0851 2308 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:05:35.0882 2308 Dhcp - ok
00:05:35.0913 2308 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:05:35.0960 2308 discache - ok
00:05:35.0976 2308 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:05:35.0991 2308 Disk - ok
00:05:36.0022 2308 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:05:36.0038 2308 Dnscache - ok
00:05:36.0069 2308 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:05:36.0116 2308 dot3svc - ok
00:05:36.0132 2308 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:05:36.0163 2308 DPS - ok
00:05:36.0178 2308 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:05:36.0225 2308 drmkaud - ok
00:05:36.0272 2308 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:05:36.0319 2308 DXGKrnl - ok
00:05:36.0334 2308 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:05:36.0366 2308 EapHost - ok
00:05:36.0412 2308 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:05:36.0475 2308 ebdrv - ok
00:05:36.0506 2308 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:05:36.0537 2308 EFS - ok
00:05:36.0615 2308 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:05:36.0678 2308 ehRecvr - ok
00:05:36.0709 2308 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:05:36.0724 2308 ehSched - ok
00:05:36.0756 2308 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:05:36.0787 2308 elxstor - ok
00:05:36.0787 2308 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:05:36.0834 2308 ErrDev - ok
00:05:36.0865 2308 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:05:36.0912 2308 EventSystem - ok
00:05:36.0912 2308 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:05:36.0943 2308 exfat - ok
00:05:37.0021 2308 Fabs - ok
00:05:37.0052 2308 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:05:37.0114 2308 fastfat - ok
00:05:37.0146 2308 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:05:37.0208 2308 Fax - ok
00:05:37.0224 2308 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:05:37.0239 2308 fdc - ok
00:05:37.0255 2308 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:05:37.0317 2308 fdPHost - ok
00:05:37.0333 2308 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:05:37.0364 2308 FDResPub - ok
00:05:37.0364 2308 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:05:37.0380 2308 FileInfo - ok
00:05:37.0380 2308 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:05:37.0426 2308 Filetrace - ok
00:05:37.0489 2308 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
00:05:37.0551 2308 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
00:05:37.0551 2308 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
00:05:37.0567 2308 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:05:37.0582 2308 flpydisk - ok
00:05:37.0598 2308 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:05:37.0614 2308 FltMgr - ok
00:05:37.0645 2308 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
00:05:37.0692 2308 FontCache - ok
00:05:37.0723 2308 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:05:37.0738 2308 FontCache3.0.0.0 - ok
00:05:37.0738 2308 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:05:37.0754 2308 FsDepends - ok
00:05:37.0785 2308 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:05:37.0785 2308 Fs_Rec - ok
00:05:37.0801 2308 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:05:37.0816 2308 fvevol - ok
00:05:37.0832 2308 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:05:37.0832 2308 gagp30kx - ok
00:05:37.0879 2308 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:05:37.0926 2308 gpsvc - ok
00:05:37.0941 2308 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:05:38.0004 2308 hcw85cir - ok
00:05:38.0050 2308 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:05:38.0097 2308 HdAudAddService - ok
00:05:38.0128 2308 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:05:38.0160 2308 HDAudBus - ok
00:05:38.0160 2308 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:05:38.0191 2308 HidBatt - ok
00:05:38.0206 2308 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:05:38.0238 2308 HidBth - ok
00:05:38.0238 2308 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:05:38.0269 2308 HidIr - ok
00:05:38.0300 2308 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:05:38.0362 2308 hidserv - ok
00:05:38.0394 2308 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:05:38.0409 2308 HidUsb - ok
00:05:38.0440 2308 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:05:38.0472 2308 hkmsvc - ok
00:05:38.0503 2308 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:05:38.0518 2308 HomeGroupListener - ok
00:05:38.0550 2308 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:05:38.0596 2308 HomeGroupProvider - ok
00:05:38.0612 2308 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:05:38.0628 2308 HpSAMD - ok
00:05:38.0659 2308 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:05:38.0721 2308 HTTP - ok
00:05:38.0737 2308 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:05:38.0752 2308 hwpolicy - ok
00:05:38.0768 2308 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:05:38.0768 2308 i8042prt - ok
00:05:38.0784 2308 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:05:38.0799 2308 iaStorV - ok
00:05:38.0846 2308 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:05:38.0862 2308 idsvc - ok
00:05:38.0877 2308 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:05:38.0877 2308 iirsp - ok
00:05:38.0908 2308 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:05:38.0986 2308 IKEEXT - ok
00:05:39.0080 2308 [ EB5FA493A4B6EA290200AE39EBA2FBC6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:05:39.0158 2308 IntcAzAudAddService - ok
00:05:39.0174 2308 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:05:39.0174 2308 intelide - ok
00:05:39.0205 2308 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:05:39.0252 2308 intelppm - ok
00:05:39.0283 2308 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:05:39.0330 2308 IPBusEnum - ok
00:05:39.0345 2308 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:05:39.0376 2308 IpFilterDriver - ok
00:05:39.0408 2308 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:05:39.0501 2308 iphlpsvc - ok
00:05:39.0532 2308 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:05:39.0564 2308 IPMIDRV - ok
00:05:39.0579 2308 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:05:39.0673 2308 IPNAT - ok
00:05:39.0704 2308 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:05:39.0735 2308 IRENUM - ok
00:05:39.0766 2308 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:05:39.0782 2308 isapnp - ok
00:05:39.0798 2308 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:05:39.0813 2308 iScsiPrt - ok
00:05:39.0813 2308 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:05:39.0829 2308 kbdclass - ok
00:05:39.0844 2308 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:05:39.0891 2308 kbdhid - ok
00:05:39.0907 2308 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:05:39.0922 2308 KeyIso - ok
00:05:39.0954 2308 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:05:39.0985 2308 KSecDD - ok
00:05:40.0000 2308 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:05:40.0016 2308 KSecPkg - ok
00:05:40.0032 2308 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:05:40.0094 2308 ksthunk - ok
00:05:40.0110 2308 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:05:40.0172 2308 KtmRm - ok
00:05:40.0219 2308 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:05:40.0250 2308 LanmanServer - ok
00:05:40.0266 2308 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:05:40.0297 2308 LanmanWorkstation - ok
00:05:40.0312 2308 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:05:40.0359 2308 lltdio - ok
00:05:40.0375 2308 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:05:40.0406 2308 lltdsvc - ok
00:05:40.0422 2308 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:05:40.0453 2308 lmhosts - ok
00:05:40.0484 2308 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:05:40.0484 2308 LSI_FC - ok
00:05:40.0500 2308 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:05:40.0500 2308 LSI_SAS - ok
00:05:40.0515 2308 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:05:40.0515 2308 LSI_SAS2 - ok
00:05:40.0531 2308 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:05:40.0546 2308 LSI_SCSI - ok
00:05:40.0562 2308 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:05:40.0593 2308 luafv - ok
00:05:40.0640 2308 [ C586CC39820B6E7FE3657FED8329D300 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
00:05:40.0671 2308 lvpopf64 - ok
00:05:40.0718 2308 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
00:05:40.0734 2308 LVPr2M64 - ok
00:05:40.0765 2308 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
00:05:40.0796 2308 LVPr2Mon - ok
00:05:40.0874 2308 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
00:05:40.0890 2308 LVPrcS64 - ok
00:05:40.0921 2308 [ 224AB3850F573A419F921C41A15D7F5B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
00:05:40.0936 2308 LVRS64 - ok
00:05:41.0061 2308 [ BFBA84B8A9C233AE42B11CF7BDFC6C01 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
00:05:41.0170 2308 LVUVC64 - ok
00:05:41.0186 2308 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:05:41.0217 2308 Mcx2Svc - ok
00:05:41.0233 2308 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:05:41.0233 2308 megasas - ok
00:05:41.0248 2308 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:05:41.0264 2308 MegaSR - ok
00:05:41.0295 2308 Microsoft SharePoint Workspace Audit Service - ok
00:05:41.0326 2308 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:05:41.0420 2308 MMCSS - ok
00:05:41.0436 2308 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:05:41.0467 2308 Modem - ok
00:05:41.0498 2308 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:05:41.0514 2308 monitor - ok
00:05:41.0560 2308 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
00:05:41.0592 2308 mouclass - ok
00:05:41.0607 2308 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:05:41.0623 2308 mouhid - ok
00:05:41.0654 2308 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:05:41.0670 2308 mountmgr - ok
00:05:41.0685 2308 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:05:41.0701 2308 MozillaMaintenance - ok
00:05:41.0701 2308 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:05:41.0716 2308 mpio - ok
00:05:41.0716 2308 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:05:41.0748 2308 mpsdrv - ok
00:05:41.0779 2308 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:05:41.0872 2308 MpsSvc - ok
00:05:41.0888 2308 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:05:41.0919 2308 MRxDAV - ok
00:05:41.0935 2308 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:05:41.0966 2308 mrxsmb - ok
00:05:41.0982 2308 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:05:41.0997 2308 mrxsmb10 - ok
00:05:42.0013 2308 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:05:42.0028 2308 mrxsmb20 - ok
00:05:42.0044 2308 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:05:42.0060 2308 msahci - ok
00:05:42.0060 2308 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:05:42.0075 2308 msdsm - ok
00:05:42.0091 2308 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:05:42.0106 2308 MSDTC - ok
00:05:42.0122 2308 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:05:42.0153 2308 Msfs - ok
00:05:42.0169 2308 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:05:42.0200 2308 mshidkmdf - ok
00:05:42.0216 2308 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:05:42.0216 2308 msisadrv - ok
00:05:42.0247 2308 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:05:42.0278 2308 MSiSCSI - ok
00:05:42.0278 2308 msiserver - ok
00:05:42.0294 2308 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:05:42.0340 2308 MSKSSRV - ok
00:05:42.0356 2308 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:05:42.0387 2308 MSPCLOCK - ok
00:05:42.0387 2308 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:05:42.0434 2308 MSPQM - ok
00:05:42.0450 2308 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:05:42.0465 2308 MsRPC - ok
00:05:42.0481 2308 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:05:42.0496 2308 mssmbios - ok
00:05:42.0496 2308 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:05:42.0543 2308 MSTEE - ok
00:05:42.0559 2308 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:05:42.0574 2308 MTConfig - ok
00:05:42.0606 2308 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
00:05:42.0621 2308 MTsensor - ok
00:05:42.0637 2308 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:05:42.0652 2308 Mup - ok
00:05:42.0684 2308 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:05:42.0715 2308 napagent - ok
00:05:42.0762 2308 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:05:42.0808 2308 NativeWifiP - ok
00:05:42.0855 2308 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
00:05:42.0918 2308 NDIS - ok
00:05:42.0918 2308 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:05:42.0949 2308 NdisCap - ok
00:05:42.0964 2308 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:05:42.0996 2308 NdisTapi - ok
00:05:43.0011 2308 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:05:43.0027 2308 Ndisuio - ok
00:05:43.0042 2308 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:05:43.0089 2308 NdisWan - ok
00:05:43.0105 2308 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:05:43.0136 2308 NDProxy - ok
00:05:43.0167 2308 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:05:43.0230 2308 NetBIOS - ok
00:05:43.0261 2308 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:05:43.0354 2308 NetBT - ok
00:05:43.0354 2308 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:05:43.0370 2308 Netlogon - ok
00:05:43.0401 2308 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:05:43.0448 2308 Netman - ok
00:05:43.0479 2308 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:05:43.0510 2308 netprofm - ok
00:05:43.0542 2308 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:05:43.0542 2308 NetTcpPortSharing - ok
00:05:43.0557 2308 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:05:43.0573 2308 nfrd960 - ok
00:05:43.0635 2308 [ 053AEB862E7B058FB83091B4B61D4C12 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
00:05:43.0666 2308 NitroDriverReadSpool8 - ok
00:05:43.0698 2308 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:05:43.0760 2308 NlaSvc - ok
00:05:43.0854 2308 [ B84E65767848FC91631CBE0E57D9CCDF ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
00:05:43.0885 2308 nlsX86cc - ok
00:05:43.0900 2308 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:05:43.0932 2308 Npfs - ok
00:05:43.0947 2308 npggsvc - ok
00:05:43.0963 2308 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:05:44.0025 2308 nsi - ok
00:05:44.0041 2308 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:05:44.0119 2308 nsiproxy - ok
00:05:44.0166 2308 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:05:44.0228 2308 Ntfs - ok
00:05:44.0228 2308 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:05:44.0259 2308 Null - ok
00:05:44.0290 2308 [ 69FCDECD0215195261EC5362AB4A1520 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:05:44.0290 2308 nusb3hub - ok
00:05:44.0322 2308 [ F813EA99DA158FB4079622D882873D63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:05:44.0337 2308 nusb3xhc - ok
00:05:44.0368 2308 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
00:05:44.0384 2308 NVHDA - ok
00:05:44.0587 2308 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:05:44.0821 2308 nvlddmkm - ok
00:05:44.0852 2308 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:05:44.0868 2308 nvraid - ok
00:05:44.0868 2308 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:05:44.0883 2308 nvstor - ok
00:05:44.0914 2308 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe
00:05:44.0930 2308 nvsvc - ok
00:05:44.0992 2308 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:05:45.0024 2308 nvUpdatusService - ok
00:05:45.0039 2308 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:05:45.0055 2308 nv_agp - ok
00:05:45.0070 2308 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:05:45.0086 2308 ohci1394 - ok
00:05:45.0148 2308 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:05:45.0164 2308 ose - ok
00:05:45.0336 2308 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:05:45.0445 2308 osppsvc - ok
00:05:45.0476 2308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:05:45.0492 2308 p2pimsvc - ok
00:05:45.0507 2308 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:05:45.0523 2308 p2psvc - ok
00:05:45.0554 2308 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:05:45.0570 2308 Parport - ok
00:05:45.0585 2308 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:05:45.0601 2308 partmgr - ok
00:05:45.0616 2308 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:05:45.0648 2308 PcaSvc - ok
00:05:45.0663 2308 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:05:45.0679 2308 pci - ok
00:05:45.0694 2308 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:05:45.0694 2308 pciide - ok
00:05:45.0710 2308 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:05:45.0726 2308 pcmcia - ok
00:05:45.0726 2308 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:05:45.0741 2308 pcw - ok
00:05:45.0757 2308 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:05:45.0804 2308 PEAUTH - ok
00:05:45.0835 2308 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:05:45.0866 2308 PerfHost - ok
00:05:45.0928 2308 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:05:45.0991 2308 pla - ok
00:05:46.0022 2308 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:05:46.0038 2308 PlugPlay - ok
00:05:46.0053 2308 PnkBstrA - ok
00:05:46.0069 2308 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:05:46.0100 2308 PNRPAutoReg - ok
00:05:46.0100 2308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:05:46.0116 2308 PNRPsvc - ok
00:05:46.0147 2308 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:05:46.0194 2308 PolicyAgent - ok
00:05:46.0225 2308 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:05:46.0256 2308 Power - ok
00:05:46.0287 2308 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:05:46.0365 2308 PptpMiniport - ok
00:05:46.0381 2308 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:05:46.0396 2308 Processor - ok
00:05:46.0428 2308 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
00:05:46.0459 2308 ProfSvc - ok
00:05:46.0474 2308 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:05:46.0490 2308 ProtectedStorage - ok
00:05:46.0506 2308 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:05:46.0537 2308 Psched - ok
00:05:46.0568 2308 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:05:46.0615 2308 ql2300 - ok
00:05:46.0630 2308 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:05:46.0646 2308 ql40xx - ok
00:05:46.0662 2308 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:05:46.0693 2308 QWAVE - ok
00:05:46.0693 2308 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:05:46.0724 2308 QWAVEdrv - ok
00:05:46.0740 2308 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:05:46.0771 2308 RasAcd - ok
00:05:46.0802 2308 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:05:46.0818 2308 RasAgileVpn - ok
00:05:46.0833 2308 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:05:46.0880 2308 RasAuto - ok
00:05:46.0896 2308 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:05:46.0927 2308 Rasl2tp - ok
00:05:46.0942 2308 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:05:46.0989 2308 RasMan - ok
00:05:47.0005 2308 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:05:47.0036 2308 RasPppoe - ok
00:05:47.0052 2308 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:05:47.0083 2308 RasSstp - ok
00:05:47.0098 2308 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:05:47.0130 2308 rdbss - ok
00:05:47.0145 2308 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:05:47.0161 2308 rdpbus - ok
00:05:47.0176 2308 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:05:47.0208 2308 RDPCDD - ok
00:05:47.0223 2308 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:05:47.0301 2308 RDPENCDD - ok
00:05:47.0317 2308 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:05:47.0348 2308 RDPREFMP - ok
00:05:47.0379 2308 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:05:47.0395 2308 RDPWD - ok
00:05:47.0442 2308 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:05:47.0473 2308 rdyboost - ok
00:05:47.0504 2308 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:05:47.0566 2308 RemoteAccess - ok
00:05:47.0582 2308 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:05:47.0613 2308 RemoteRegistry - ok
00:05:47.0644 2308 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:05:47.0722 2308 RpcEptMapper - ok
00:05:47.0738 2308 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:05:47.0769 2308 RpcLocator - ok
00:05:47.0800 2308 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:05:47.0878 2308 RpcSs - ok
00:05:47.0894 2308 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:05:47.0925 2308 rspndr - ok
00:05:47.0956 2308 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:05:47.0972 2308 RTL8167 - ok
00:05:47.0988 2308 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:05:48.0003 2308 SamSs - ok
00:05:48.0019 2308 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:05:48.0034 2308 sbp2port - ok
00:05:48.0034 2308 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:05:48.0081 2308 SCardSvr - ok
00:05:48.0097 2308 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:05:48.0128 2308 scfilter - ok
00:05:48.0144 2308 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:05:48.0190 2308 Schedule - ok
00:05:48.0222 2308 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:05:48.0237 2308 SCPolicySvc - ok
00:05:48.0253 2308 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:05:48.0284 2308 SDRSVC - ok
00:05:48.0300 2308 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:05:48.0393 2308 secdrv - ok
00:05:48.0409 2308 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:05:48.0471 2308 seclogon - ok
00:05:48.0502 2308 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:05:48.0518 2308 SENS - ok
00:05:48.0534 2308 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:05:48.0565 2308 SensrSvc - ok
00:05:48.0596 2308 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:05:48.0596 2308 Serenum - ok
00:05:48.0612 2308 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:05:48.0627 2308 Serial - ok
00:05:48.0643 2308 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:05:48.0658 2308 sermouse - ok
00:05:48.0690 2308 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:05:48.0752 2308 SessionEnv - ok
00:05:48.0768 2308 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:05:48.0783 2308 sffdisk - ok
00:05:48.0799 2308 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:05:48.0814 2308 sffp_mmc - ok
00:05:48.0830 2308 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:05:48.0861 2308 sffp_sd - ok
00:05:48.0877 2308 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:05:48.0892 2308 sfloppy - ok
00:05:48.0924 2308 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:05:48.0955 2308 SharedAccess - ok
00:05:48.0986 2308 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:05:49.0017 2308 ShellHWDetection - ok
00:05:49.0017 2308 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:05:49.0033 2308 SiSRaid2 - ok
00:05:49.0048 2308 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:05:49.0048 2308 SiSRaid4 - ok
00:05:49.0095 2308 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:05:49.0126 2308 SkypeUpdate - ok
00:05:49.0158 2308 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:05:49.0220 2308 Smb - ok
00:05:49.0251 2308 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:05:49.0267 2308 SNMPTRAP - ok
00:05:49.0267 2308 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:05:49.0282 2308 spldr - ok
00:05:49.0314 2308 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
00:05:49.0345 2308 Spooler - ok
00:05:49.0423 2308 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:05:49.0501 2308 sppsvc - ok
00:05:49.0516 2308 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:05:49.0548 2308 sppuinotify - ok
00:05:49.0579 2308 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:05:49.0626 2308 srv - ok
00:05:49.0626 2308 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:05:49.0657 2308 srv2 - ok
00:05:49.0657 2308 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:05:49.0688 2308 srvnet - ok
00:05:49.0735 2308 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:05:49.0797 2308 SSDPSRV - ok
00:05:49.0813 2308 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:05:49.0844 2308 SstpSvc - ok
00:05:49.0922 2308 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:05:49.0953 2308 Stereo Service - ok
00:05:49.0969 2308 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:05:49.0984 2308 stexstor - ok
00:05:50.0031 2308 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:05:50.0062 2308 stisvc - ok
00:05:50.0094 2308 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
00:05:50.0094 2308 swenum - ok
00:05:50.0109 2308 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:05:50.0156 2308 swprv - ok
00:05:50.0187 2308 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:05:50.0234 2308 SysMain - ok
00:05:50.0250 2308 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:05:50.0265 2308 TabletInputService - ok
00:05:50.0296 2308 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:05:50.0328 2308 TapiSrv - ok
00:05:50.0359 2308 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:05:50.0390 2308 TBS - ok
00:05:50.0452 2308 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:05:50.0515 2308 Tcpip - ok
00:05:50.0546 2308 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:05:50.0562 2308 TCPIP6 - ok
00:05:50.0593 2308 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:05:50.0655 2308 tcpipreg - ok
00:05:50.0686 2308 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:05:50.0702 2308 TDPIPE - ok
00:05:50.0718 2308 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:05:50.0764 2308 TDTCP - ok
00:05:50.0811 2308 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:05:50.0874 2308 tdx - ok
00:05:50.0889 2308 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:05:50.0889 2308 TermDD - ok
00:05:50.0920 2308 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:05:50.0967 2308 TermService - ok
00:05:50.0983 2308 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:05:51.0030 2308 Themes - ok
00:05:51.0061 2308 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:05:51.0092 2308 THREADORDER - ok
00:05:51.0108 2308 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:05:51.0154 2308 TrkWks - ok
00:05:51.0186 2308 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:05:51.0232 2308 TrustedInstaller - ok
00:05:51.0248 2308 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:05:51.0264 2308 tssecsrv - ok
00:05:51.0295 2308 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:05:51.0326 2308 TsUsbFlt - ok
00:05:51.0357 2308 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:05:51.0404 2308 tunnel - ok
00:05:51.0420 2308 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:05:51.0420 2308 uagp35 - ok
00:05:51.0435 2308 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:05:51.0482 2308 udfs - ok
00:05:51.0513 2308 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:05:51.0529 2308 UI0Detect - ok
00:05:51.0545 2308 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:05:51.0560 2308 uliagpkx - ok
00:05:51.0591 2308 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
00:05:51.0623 2308 umbus - ok
00:05:51.0654 2308 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:05:51.0669 2308 UmPass - ok
00:05:51.0701 2308 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
00:05:51.0732 2308 UMVPFSrv - ok
00:05:51.0747 2308 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:05:51.0779 2308 upnphost - ok
00:05:51.0794 2308 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:05:51.0794 2308 usbaudio - ok
00:05:51.0810 2308 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:05:51.0841 2308 usbccgp - ok
00:05:51.0857 2308 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:05:51.0872 2308 usbcir - ok
00:05:51.0872 2308 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:05:51.0903 2308 usbehci - ok
00:05:51.0935 2308 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
00:05:51.0966 2308 usbhub - ok
00:05:51.0981 2308 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:05:51.0981 2308 usbohci - ok
00:05:52.0013 2308 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:05:52.0044 2308 usbprint - ok
00:05:52.0075 2308 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:05:52.0091 2308 USBSTOR - ok
00:05:52.0106 2308 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
00:05:52.0137 2308 usbuhci - ok
00:05:52.0153 2308 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:05:52.0184 2308 usbvideo - ok
00:05:52.0215 2308 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:05:52.0247 2308 UxSms - ok
00:05:52.0262 2308 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:05:52.0278 2308 VaultSvc - ok
00:05:52.0278 2308 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:05:52.0293 2308 vdrvroot - ok
00:05:52.0325 2308 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:05:52.0356 2308 vds - ok
00:05:52.0356 2308 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:05:52.0387 2308 vga - ok
00:05:52.0403 2308 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:05:52.0434 2308 VgaSave - ok
00:05:52.0465 2308 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:05:52.0481 2308 vhdmp - ok
00:05:52.0496 2308 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:05:52.0512 2308 viaide - ok
00:05:52.0512 2308 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:05:52.0527 2308 volmgr - ok
00:05:52.0543 2308 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:05:52.0559 2308 volmgrx - ok
00:05:52.0559 2308 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:05:52.0574 2308 volsnap - ok
00:05:52.0590 2308 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:05:52.0590 2308 vsmraid - ok
00:05:52.0637 2308 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:05:52.0683 2308 VSS - ok
00:05:52.0699 2308 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:05:52.0730 2308 vwifibus - ok
00:05:52.0761 2308 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:05:52.0808 2308 W32Time - ok
00:05:52.0824 2308 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:05:52.0855 2308 WacomPen - ok
00:05:52.0902 2308 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:05:52.0980 2308 WANARP - ok
00:05:52.0980 2308 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:05:52.0995 2308 Wanarpv6 - ok
00:05:53.0058 2308 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:05:53.0120 2308 wbengine - ok
00:05:53.0151 2308 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:05:53.0167 2308 WbioSrvc - ok
00:05:53.0183 2308 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:05:53.0214 2308 wcncsvc - ok
00:05:53.0229 2308 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:05:53.0245 2308 WcsPlugInService - ok
00:05:53.0261 2308 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:05:53.0276 2308 Wd - ok
00:05:53.0292 2308 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:05:53.0307 2308 Wdf01000 - ok
00:05:53.0307 2308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:05:53.0339 2308 WdiServiceHost - ok
00:05:53.0354 2308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:05:53.0370 2308 WdiSystemHost - ok
00:05:53.0385 2308 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:05:53.0417 2308 WebClient - ok
00:05:53.0432 2308 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:05:53.0479 2308 Wecsvc - ok
00:05:53.0495 2308 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:05:53.0526 2308 wercplsupport - ok
00:05:53.0541 2308 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:05:53.0573 2308 WerSvc - ok
00:05:53.0588 2308 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:05:53.0604 2308 WfpLwf - ok
00:05:53.0619 2308 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:05:53.0635 2308 WIMMount - ok
00:05:53.0651 2308 WinDefend - ok
00:05:53.0651 2308 WinHttpAutoProxySvc - ok
00:05:53.0697 2308 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:05:53.0729 2308 Winmgmt - ok
00:05:53.0791 2308 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:05:53.0853 2308 WinRM - ok
00:05:53.0885 2308 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:05:53.0931 2308 WinUsb - ok
00:05:53.0963 2308 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:05:54.0009 2308 Wlansvc - ok
00:05:54.0025 2308 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:05:54.0041 2308 WmiAcpi - ok
00:05:54.0056 2308 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:05:54.0072 2308 wmiApSrv - ok
00:05:54.0087 2308 WMPNetworkSvc - ok
00:05:54.0103 2308 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:05:54.0119 2308 WPCSvc - ok
00:05:54.0134 2308 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:05:54.0181 2308 WPDBusEnum - ok
00:05:54.0181 2308 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:05:54.0243 2308 ws2ifsl - ok
00:05:54.0259 2308 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
00:05:54.0275 2308 wscsvc - ok
00:05:54.0290 2308 WSearch - ok
00:05:54.0353 2308 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
00:05:54.0415 2308 wuauserv - ok
00:05:54.0431 2308 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:05:54.0509 2308 WudfPf - ok
00:05:54.0540 2308 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:05:54.0571 2308 WUDFRd - ok
00:05:54.0587 2308 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:05:54.0618 2308 wudfsvc - ok
00:05:54.0633 2308 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:05:54.0649 2308 WwanSvc - ok
00:05:54.0665 2308 ================ Scan global ===============================
00:05:54.0680 2308 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:05:54.0711 2308 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:05:54.0711 2308 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:05:54.0743 2308 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:05:54.0774 2308 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:05:54.0789 2308 [Global] - ok
00:05:54.0789 2308 ================ Scan MBR ==================================
00:05:54.0789 2308 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
00:05:54.0899 2308 \Device\Harddisk0\DR0 - ok
00:05:54.0930 2308 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
00:05:55.0242 2308 \Device\Harddisk1\DR1 - ok
00:05:55.0242 2308 ================ Scan VBR ==================================
00:05:55.0242 2308 [ 76D30F6F6D5277B81865921D97F502FF ] \Device\Harddisk0\DR0\Partition1
00:05:55.0242 2308 \Device\Harddisk0\DR0\Partition1 - ok
00:05:55.0257 2308 [ 87444EE456407727E963B77B32954D34 ] \Device\Harddisk1\DR1\Partition1
00:05:55.0257 2308 \Device\Harddisk1\DR1\Partition1 - ok
00:05:55.0289 2308 [ A75029E7A710195BA56173E0DA254C63 ] \Device\Harddisk1\DR1\Partition2
00:05:55.0289 2308 \Device\Harddisk1\DR1\Partition2 - ok
00:05:55.0289 2308 ============================================================
00:05:55.0289 2308 Scan finished
00:05:55.0289 2308 ============================================================
00:05:55.0304 1700 Detected object count: 1
00:05:55.0304 1700 Actual detected object count: 1
00:06:58.0672 1700 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:58.0672 1700 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 11.03.2013, 18:29   #12
markusg
/// Malware-holic
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.03.2013, 01:09   #13
slice
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



Code:
ATTFilter
ComboFix 13-03-11.01 - Sven 12.03.2013   0:14.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4094.2809 [GMT 1:00]
ausgeführt von:: c:\users\Sven\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-02-11 bis 2013-03-11  ))))))))))))))))))))))))))))))
.
.
2013-03-11 23:24 . 2013-03-11 23:24	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-03-11 23:24 . 2013-03-11 23:24	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-11 23:19 . 2013-03-11 23:19	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1F91C644-C1A2-423E-B983-00204CF08EEE}\offreg.dll
2013-03-08 18:12 . 2013-02-19 02:57	9162192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1F91C644-C1A2-423E-B983-00204CF08EEE}\mpengine.dll
2013-03-07 18:53 . 2013-03-07 18:53	310688	----a-w-	c:\windows\system32\javaws.exe
2013-03-07 18:53 . 2013-03-07 18:53	188832	----a-w-	c:\windows\system32\javaw.exe
2013-03-07 18:53 . 2013-03-07 18:53	188320	----a-w-	c:\windows\system32\java.exe
2013-03-07 18:53 . 2013-03-07 18:53	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-03-07 18:53 . 2013-03-07 18:53	--------	d-----w-	c:\program files\Java
2013-03-06 17:42 . 2013-03-06 17:42	--------	d-----w-	C:\_OTL
2013-03-05 10:55 . 2004-02-26 23:00	962612	----a-w-	c:\windows\SysWow64\mfc42d.dll
2013-03-05 10:55 . 2004-02-16 23:00	434252	----a-w-	c:\windows\SysWow64\MSVCRTD.DLL
2013-03-04 15:44 . 2013-02-04 21:49	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-03-04 15:28 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2013-03-04 15:28 . 2011-04-09 05:56	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2013-03-02 14:51 . 2013-03-06 23:33	178624	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-03-02 14:51 . 2013-03-06 23:33	65336	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-02-27 21:51 . 2013-02-27 21:51	--------	d-----w-	c:\program files (x86)\Common Files\MAGIX Shared
2013-02-27 21:50 . 2013-02-27 21:50	--------	d-----w-	c:\program files (x86)\MSXML 4.0
2013-02-20 14:17 . 2013-02-20 22:44	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2013-02-15 19:18 . 2013-02-15 19:18	--------	d-----w-	c:\users\Sven\AppData\Roaming\Babylon
2013-02-15 19:18 . 2013-02-15 19:18	--------	d-----w-	c:\programdata\Babylon
2013-02-15 19:18 . 2013-02-26 10:13	--------	d-----w-	c:\programdata\Tarma Installer
2013-02-15 19:18 . 2013-02-15 19:21	--------	d-----w-	c:\program files (x86)\LSHunter.TV
2013-02-11 15:30 . 2013-02-11 15:30	--------	d-----w-	c:\program files (x86)\Free PDF to Word Doc Converter
2013-02-11 15:27 . 2013-02-11 15:27	--------	d-----w-	c:\users\Sven\AppData\Roaming\WordToPDF
2013-02-11 15:27 . 2013-02-11 15:27	--------	d-----w-	c:\program files (x86)\WordToPDF
2013-02-11 15:26 . 2013-02-11 15:26	--------	d-----w-	c:\users\Sven\AppData\Local\Programs
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-07 18:53 . 2012-10-22 14:17	963488	----a-w-	c:\windows\system32\deployJava1.dll
2013-03-07 18:53 . 2012-10-22 14:17	1085344	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-03-06 23:33 . 2012-09-29 21:23	377920	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-09-29 21:22	70992	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2012-09-29 21:22	68920	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-09-29 21:22	1025808	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-09-29 21:23	33400	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2012-09-29 21:22	80816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2012-09-29 21:22	41664	----a-w-	c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-09-29 21:22	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-02-27 21:51 . 2012-10-22 12:32	120200	----a-w-	c:\windows\SysWow64\DLLDEV32i.dll
2013-02-27 13:36 . 2012-09-29 21:18	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 13:36 . 2012-09-29 21:18	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-17 00:28 . 2012-09-29 21:34	273840	------w-	c:\windows\system32\MpSigStub.exe
2012-12-29 10:34 . 2013-01-06 17:33	958272	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2012-12-29 10:34 . 2013-01-06 17:33	9389888	----a-w-	c:\windows\system32\nvcuda.dll
2012-12-29 10:34 . 2013-01-06 17:33	7931896	----a-w-	c:\windows\SysWow64\nvcuda.dll
2012-12-29 10:34 . 2013-01-06 17:33	7565240	----a-w-	c:\windows\system32\nvopencl.dll
2012-12-29 10:34 . 2013-01-06 17:33	6263784	----a-w-	c:\windows\SysWow64\nvopencl.dll
2012-12-29 10:34 . 2013-01-06 17:33	420280	----a-w-	c:\windows\system32\nvEncodeAPI64.dll
2012-12-29 10:34 . 2013-01-06 17:33	364984	----a-w-	c:\windows\SysWow64\nvEncodeAPI.dll
2012-12-29 10:34 . 2013-01-06 17:33	2904504	----a-w-	c:\windows\system32\nvcuvid.dll
2012-12-29 10:34 . 2013-01-06 17:33	2720696	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2012-12-29 10:34 . 2013-01-06 17:33	26931128	----a-w-	c:\windows\system32\nvoglv64.dll
2012-12-29 10:34 . 2013-01-06 17:33	25256376	----a-w-	c:\windows\system32\nvcompiler.dll
2012-12-29 10:34 . 2013-01-06 17:33	246024	----a-w-	c:\windows\system32\nvinitx.dll
2012-12-29 10:34 . 2013-01-06 17:33	2344888	----a-w-	c:\windows\system32\nvcuvenc.dll
2012-12-29 10:34 . 2013-01-06 17:33	20450232	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2012-12-29 10:34 . 2013-01-06 17:33	201728	----a-w-	c:\windows\SysWow64\nvinit.dll
2012-12-29 10:34 . 2013-01-06 17:33	1985976	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2012-12-29 10:34 . 2013-01-06 17:33	18054312	----a-w-	c:\windows\system32\nvd3dumx.dll
2012-12-29 10:34 . 2013-01-06 17:33	17560504	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2012-12-29 10:34 . 2013-01-06 17:33	15129064	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2012-12-29 10:34 . 2013-01-06 17:33	10997176	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2012-12-29 10:34 . 2012-10-22 14:23	2824656	----a-w-	c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-22 14:23	2504248	----a-w-	c:\windows\SysWow64\nvapi.dll
2012-12-29 10:34 . 2012-10-22 14:23	1813432	----a-w-	c:\windows\system32\nvdispco64.dll
2012-12-29 10:34 . 2012-10-22 14:23	1504696	----a-w-	c:\windows\system32\nvdispgenco64.dll
2012-12-29 10:34 . 2012-10-22 14:23	1107592	----a-w-	c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-10-22 14:23	15052368	----a-w-	c:\windows\system32\nvwgf2umx.dll
2012-12-29 10:34 . 2012-10-22 14:23	12641120	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2012-12-29 08:40 . 2012-10-22 14:23	6382008	----a-w-	c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2012-10-22 14:23	3455416	----a-w-	c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-10-22 14:23	2923201	----a-w-	c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2012-10-22 14:23	884152	----a-w-	c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2012-10-22 14:23	63928	----a-w-	c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2012-10-22 14:23	2558392	----a-w-	c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2012-10-22 14:23	118712	----a-w-	c:\windows\system32\nvmctray.dll
2012-12-29 01:54 . 2012-12-29 01:54	550328	----a-w-	c:\windows\SysWow64\nvStreaming.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"RUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
.
c:\users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Produktregistrierung.lnk - c:\program files (x86)\Logitech\Ereg\eReg.exe [2009-11-16 517384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2010-07-27 271712]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-09-23 230920]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-09-23 69640]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
S3 aswVmm;aswVmm; [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2010-07-27 339040]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2010-07-27 6465632]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2012-05-10 97792]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2012-05-10 217600]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 13:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-28 11905128]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=441ae1b7000000000000c8600057f9a4
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\1zjwpu57.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 441ae1b7000000000000c8600057f9a4
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15751
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.020:19
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-12  00:37:44
ComboFix-quarantined-files.txt  2013-03-11 23:37
.
Vor Suchlauf: 11 Verzeichnis(se), 401.613.127.680 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 401.410.486.272 Bytes frei
.
- - End Of File - - 15D5DA156060536184FEE0BD2F77F5BE
         

Alt 12.03.2013, 19:34   #14
markusg
/// Malware-holic
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.03.2013, 11:42   #15
slice
 
ClickCompare hat sich auch bei mir eingefunden! - Standard

ClickCompare hat sich auch bei mir eingefunden!



Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.13.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sven :: SVEN-PC [Administrator]

13.03.2013 08:58:42
mbam-log-2013-03-13 (08-58-42).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 510443
Laufzeit: 1 Stunde(n), 5 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
D:\backup2\Sven\Downloads\SoftonicDownloader_fuer_mycam.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Antwort

Themen zu ClickCompare hat sich auch bei mir eingefunden!
behandlung, clickcompare, gefunde, hallo zusammen, hoffe, nichts, rechner, schonmal, schön, unternehmen, zusammen




Ähnliche Themen: ClickCompare hat sich auch bei mir eingefunden!


  1. Problem mit Clickcompare
    Plagegeister aller Art und deren Bekämpfung - 22.03.2014 (13)
  2. Clickcompare Virus
    Plagegeister aller Art und deren Bekämpfung - 25.01.2014 (13)
  3. clickcompare in firefox bei win7
    Log-Analyse und Auswertung - 03.01.2014 (7)
  4. ClickCompare Malware auf Win 8 x64
    Log-Analyse und Auswertung - 15.08.2013 (15)
  5. ClickCompare und Cupondropdown
    Plagegeister aller Art und deren Bekämpfung - 01.07.2013 (9)
  6. Verlinkungen zu Clickcompare
    Log-Analyse und Auswertung - 01.06.2013 (20)
  7. clickcompare Trojaner (?)
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (4)
  8. clickcompare und dealply Probleme
    Log-Analyse und Auswertung - 09.05.2013 (7)
  9. Clickcompare hat wohl nun auch meinen PC erwischt...
    Log-Analyse und Auswertung - 20.04.2013 (16)
  10. Clickcompare Virus
    Plagegeister aller Art und deren Bekämpfung - 18.04.2013 (5)
  11. Clickcompare Trojaner
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (4)
  12. Willkürliche Links zu clickcompare.info und sich willkürlich öffnende Werbetabs
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (11)
  13. clickcompare trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.04.2013 (8)
  14. Clickcompare Virus
    Plagegeister aller Art und deren Bekämpfung - 14.02.2013 (5)
  15. Clickcompare in Internetforen
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (17)
  16. Personal Shield Pro - Anti-Malware beendet sich und lässt sich nicht mehr starten-auch nicht mit OTH
    Log-Analyse und Auswertung - 18.08.2011 (1)
  17. TR/Shutdowner.fft bei mir auch Hilfe kopiert sich auch auf jede SDkarte mit ?
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (6)

Zum Thema ClickCompare hat sich auch bei mir eingefunden! - Hallo zusammen und schön, dass es euch gibt. Auch bei mir ist der ClickCompare-Plagegeist auf dem Rechner und ich wäre ihn gerne wieder los. Hoffe, dass ihr auch mir helfen - ClickCompare hat sich auch bei mir eingefunden!...
Archiv
Du betrachtest: ClickCompare hat sich auch bei mir eingefunden! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.