| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Sicheres Entfernen von Trojan.Win32 Generic!BTWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.03.2013, 11:42
| #1 |
 |  Sicheres Entfernen von Trojan.Win32 Generic!BT Hallo zusammen, ich habe zum ersten mal Probleme mit einem Trojaner. Dieser wurde durch VIPRE identifiziert und in Quarantäne gestellt. Trojan.Win32Generic!BT C:\Users\ffff\AppData\Local\Temp\Temp1_Mahnung 26.03.2013 Rechnungsdaten.zip\Mahnung 26.03.2013 Rechnungsdaten.com Soll ich diesen jetzt mit VIPRE vom PC löschen oder besser einer anderen Anweisung folgen. Vielen Dank und Viele Grüße |
|
28.03.2013, 15:04
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Sicheres Entfernen von Trojan.Win32 Generic!BT Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
29.03.2013, 20:13
| #3 |
| | Sicheres Entfernen von Trojan.Win32 Generic!BT Hallo Cosinus,
__________________Vipre hatte mir 7 Risikoindizien angezeigt und in Quarantäne verschoben. Heut werden aber nur noch drei angezeigt. Ich kann diese aber leider nicht mit Doppelklick öffnen und auch nicht kopieren. Lediglich das markieren geht. Code:
ATTFilter C:\Users\ffff\AppData\Local\Temp\Temp1_Mahnung 26.03.2013 Rechnungsdaten.zip\Mahnung 26.03.2013 Rechnungsdaten.com
C:\USERS\FFFF\APPDATA\LOCAL\TEMP\pfycyfkfmk.pre
C:\USERS\FFFF\APPDATA\LOCAL\TEMP\vgurlgvrlp.pre
Ich habe aber am Mittwoch schon OTL laufen lassen. Gmer habe ich mehrmas versucht, ist aber jedes mal abgebrochen. Vielen dank schon ein mal. Hier nochmals die mir bekannten Details: Tiefenscan 27.03. Code:
ATTFilter Datei c:\Users\ffff\AppData\Roaming\Xmnpf\axmudvjmc.exe
Registry HKEY_USERS\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ULLRVJMC -1
Registry HKEY_USERS\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ullrvjmc 1
C:\Users\ffff\AppData\Local\Temp\dtotjtoxto.pre
C:\Users\ffff\AppData\Local\Temp\pfycyfkfmk.pre
C:Users\ffff\AppData\Local\Temp\gurlgvrlp.pre
Registry HKEY_USERS\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ullrvjmc 1
Code:
ATTFilter C:\USERS\FFFF\APPDATA\LOCAL\TEMP\dtotjtoxto.pre
C:\USERS\FFFF\APPDATA\LOCAL\TEMP\pfycyfkfmk.pre
C:\USERS\FFFF\APPDATA\LOCAL\TEMP\vgurlgvrlp.pre
|
|
30.03.2013, 01:38
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicheres Entfernen von Trojan.Win32 Generic!BT Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
30.03.2013, 11:54
| #5 |
| | Sicheres Entfernen von Trojan.Win32 Generic!BTCode:
ATTFilter OTL logfile created on: 30.03.2013 11:02:19 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ffff\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 55,88% Memory free 7,81 Gb Paging File | 5,79 Gb Available in Paging File | 74,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 394,66 Gb Total Space | 194,21 Gb Free Space | 49,21% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 40,51 Gb Free Space | 57,87% Space Free | Partition Type: NTFS Drive E: | 3,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: FFFF-PC | User Name: ffff | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\ffff\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe (Sunbelt Software) PRC - C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMUI.exe (Sunbelt Software) PRC - C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe (Sunbelt Software) PRC - C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe (Sunbelt Software) PRC - C:\Program Files (x86)\Launch Manager\WButton.exe (Wistron Corp.) PRC - C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.) PRC - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron) PRC - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Wistron Corp.) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Services (SafeList) ========== SRV:64bit: - (ZcfgSvc7) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe (Intel(R) Corporation) SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) SRV:64bit: - (EPSON_PM_RPCV4_05) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE (SEIKO EPSON CORPORATION) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (watchmi) -- C:\Program Files (x86)\watchmi\TvdService.exe () SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (SBAMSvc) -- C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe (Sunbelt Software) SRV - (SBPIMSvc) -- C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe (Sunbelt Software) SRV - (WisLMSvc) -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Wistron Corp.) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (CXCVBS) -- C:\Windows\SysNative\drivers\cxCVBS.sys (Conexant Systems, Inc.) DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (IT9135BDA) -- C:\Windows\SysNative\drivers\IT9135BDA.sys (ITE ) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation) DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation) DRV:64bit: - (tixhci) -- C:\Windows\SysNative\drivers\tixhci.sys (Texas Instruments Incorporated) DRV:64bit: - (tihub3) -- C:\Windows\SysNative\drivers\tihub3.sys (Texas Instruments Incorporated) DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (Sunbelt Software) DRV:64bit: - (SBRE) -- C:\Windows\SysNative\drivers\sbredrv.sys (Sunbelt Software) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (Sunbelt Software, Inc.) DRV:64bit: - (SbTis) -- C:\Windows\SysNative\drivers\sbtis.sys (Sunbelt Software, Inc.) DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (Sunbelt Software, Inc.) DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.) DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (SBRE) -- C:\Windows\SysWOW64\drivers\SBREDrv.sys (Sunbelt Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-461051042-3945811473-520214257-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com IE - HKU\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP22&ocid=UP22DHP&dt=112512 IE - HKU\S-1-5-21-461051042-3945811473-520214257-1001\..\SearchScopes,DefaultScope = {BF2779AF-98F6-4AE4-A0DA-B253FC8B6737} IE - HKU\S-1-5-21-461051042-3945811473-520214257-1001\..\SearchScopes\{0FF7A68A-C586-454E-BE67-52DF33686FBC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-461051042-3945811473-520214257-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=112512&q={searchTerms}&src=IE-SearchBox IE - HKU\S-1-5-21-461051042-3945811473-520214257-1001\..\SearchScopes\{BF2779AF-98F6-4AE4-A0DA-B253FC8B6737}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393 IE - HKU\S-1-5-21-461051042-3945811473-520214257-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing " FF - prefs.js..browser.search.defaultthis.engineName: "FLV Runner Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3201318&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.3: "Bing " FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=112512&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 21:16:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 21:16:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.28 10:10:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ffff\AppData\Roaming\mozilla\Extensions [2012.11.04 13:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ffff\AppData\Roaming\mozilla\Firefox\Profiles\3jdgmmj5.default\extensions [2012.11.25 16:34:48 | 000,002,402 | ---- | M] () -- C:\Users\ffff\AppData\Roaming\mozilla\firefox\profiles\3jdgmmj5.default\searchplugins\bingp.xml [2012.05.30 08:34:26 | 000,000,923 | ---- | M] () -- C:\Users\ffff\AppData\Roaming\mozilla\firefox\profiles\3jdgmmj5.default\searchplugins\conduit.xml [2013.03.08 21:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.08 21:16:41 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.01.14 17:27:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.14 17:27:49 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.01.14 17:27:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.01.14 17:27:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.01.14 17:27:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.01.14 17:27:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ffff\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\ffff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\ffff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\ffff\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\plugin/npUrlAdvisor.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\ffff\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\ffff\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\ CHR - Extension: Google Mail = C:\Users\ffff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) O3:64bit: - HKU\S-1-5-21-461051042-3945811473-520214257-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.) O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [HotkeyApp] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LMgrOSD] "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe" File not found O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.) O4 - HKLM..\Run: [SBAMTray] C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe (Sunbelt Software) O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Wbutton] C:\Program Files (x86)\Launch Manager\Wbutton.exe (Wistron Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-461051042-3945811473-520214257-1000..\Run: [Power2GoExpress] NA File not found O4 - HKU\S-1-5-21-461051042-3945811473-520214257-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-461051042-3945811473-520214257-1001..\Run: [AshSnap] C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe File not found O4 - HKU\S-1-5-21-461051042-3945811473-520214257-1001..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus Office BX535WD" /EF "HKCU" File not found O4 - HKU\S-1-5-21-461051042-3945811473-520214257-1001..\Run: [mixerdl] C:\Users\ffff\AppData\Roaming\mixerdl.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-461051042-3945811473-520214257-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\ffff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-461051042-3945811473-520214257-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F5DF9EE-DB20-4D5F-824A-44184399E846}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.27 20:47:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ffff\Desktop\OTL.exe [2013.03.27 09:32:55 | 000,000,000 | ---D | C] -- C:\Users\ffff\AppData\Roaming\Xmnpf [2013.03.21 21:29:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.03.15 17:01:19 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.15 17:01:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.15 17:01:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.03.15 17:01:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.03.15 17:01:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.15 17:01:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.15 17:01:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.15 17:01:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.15 17:01:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.15 17:01:02 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.15 17:01:01 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.03.15 17:00:58 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.03.15 17:00:50 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.03.15 17:00:49 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.15 17:00:48 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.03.15 17:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.03.15 16:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.03.15 16:58:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.03.15 13:18:51 | 000,000,000 | ---D | C] -- C:\Users\ffff\AppData\Local\{F4953630-5348-4BAE-9F26-1B7A806EF7FC} [2013.03.08 21:16:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.28 14:31:15 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.02.28 14:31:14 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.02.28 14:31:13 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.02.28 14:31:13 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.02.28 14:31:08 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.02.28 14:31:07 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.02.28 14:31:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.28 14:31:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.28 14:31:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.28 14:31:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.28 14:31:02 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.28 14:31:02 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.28 14:31:02 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.28 14:31:01 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.02.28 14:31:01 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.28 14:30:59 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.02.28 14:30:58 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.02.28 14:30:54 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.02.28 14:30:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.28 14:30:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.28 14:30:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.28 14:30:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.28 14:30:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.28 14:30:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.28 14:30:50 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.28 14:30:50 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.28 14:30:50 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.28 14:30:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.28 14:30:48 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.02.28 14:30:46 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.02.28 14:30:43 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.02.28 14:30:41 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.02.28 14:30:39 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.02.28 14:30:38 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.02.28 14:30:35 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.02.28 14:30:32 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.02.28 14:30:31 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.02.28 14:30:27 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.02.28 14:30:25 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.02.28 14:30:23 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.02.28 14:30:22 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.30 11:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.30 11:00:41 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.30 11:00:41 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.30 10:53:23 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.30 10:52:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.30 10:52:14 | 3147,198,464 | -HS- | M] () -- C:\hiberfil.sys [2013.03.29 21:29:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.29 19:36:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-461051042-3945811473-520214257-1006UA.job [2013.03.29 19:36:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-461051042-3945811473-520214257-1006Core.job [2013.03.29 18:07:17 | 000,034,687 | ---- | M] () -- C:\Users\ffff\ESt2012_Roenning_Bernd_und_Roenning_Kornelia.elfo [2013.03.27 23:19:07 | 004,459,618 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.03.27 23:19:07 | 000,695,108 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2013.03.27 23:19:07 | 000,689,786 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat [2013.03.27 23:19:07 | 000,654,844 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.03.27 23:19:07 | 000,632,858 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat [2013.03.27 23:19:07 | 000,616,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.03.27 23:19:07 | 000,462,850 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat [2013.03.27 23:19:07 | 000,148,730 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat [2013.03.27 23:19:07 | 000,130,560 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2013.03.27 23:19:07 | 000,130,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.03.27 23:19:07 | 000,127,564 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat [2013.03.27 23:19:07 | 000,106,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.03.27 23:19:07 | 000,080,224 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat [2013.03.27 22:29:25 | 000,377,856 | ---- | M] () -- C:\Users\ffff\Desktop\gmer_2.1.19155.exe [2013.03.27 20:56:14 | 000,000,000 | ---- | M] () -- C:\Users\ffff\defogger_reenable [2013.03.27 20:47:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ffff\Desktop\OTL.exe [2013.03.27 12:31:47 | 000,050,477 | ---- | M] () -- C:\Users\ffff\Desktop\Defogger.exe [2013.03.15 11:02:58 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.03.15 11:02:58 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.03.13 20:32:17 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.03.12 15:00:01 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000016E5.LCS [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.27 22:29:25 | 000,377,856 | ---- | C] () -- C:\Users\ffff\Desktop\gmer_2.1.19155.exe [2013.03.27 20:56:14 | 000,000,000 | ---- | C] () -- C:\Users\ffff\defogger_reenable [2013.03.27 12:31:47 | 000,050,477 | ---- | C] () -- C:\Users\ffff\Desktop\Defogger.exe [2013.01.13 18:00:55 | 000,034,687 | ---- | C] () -- C:\Users\ffff\ESt2012_Roenning_Bernd_und_Roenning_Kornelia.elfo [2012.12.13 21:42:34 | 000,000,056 | RHS- | C] () -- C:\Windows\SysWow64\88DE070AA1.sys [2012.12.13 21:42:30 | 000,005,642 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys [2012.12.13 11:55:22 | 000,001,345 | ---- | C] () -- C:\Users\ffff\Bildbestellung.html [2012.07.15 18:36:21 | 000,000,173 | ---- | C] () -- C:\Users\ffff\AppData\Local\msmathematics.qat.ffff [2012.01.31 22:09:48 | 000,000,680 | RHS- | C] () -- C:\Users\ffff\ntuser.pol [2012.01.31 20:01:29 | 004,518,224 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.28 10:16:47 | 000,017,408 | ---- | C] () -- C:\Users\ffff\AppData\Local\WebpageIcons.db [2011.10.17 14:18:10 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.10.17 14:18:08 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.10.17 14:18:06 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.10.17 14:18:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.10.17 14:18:02 | 013,903,360 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.10.17 03:36:08 | 000,322,880 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [1601.01.01 01:00:00 | 000,222,720 | ---- | C] () -- C:\Users\ffff\AppData\Roaming\mixerdl.exe ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.03.2013 11:02:19 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ffff\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 55,88% Memory free
7,81 Gb Paging File | 5,79 Gb Available in Paging File | 74,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 394,66 Gb Total Space | 194,21 Gb Free Space | 49,21% Space Free | Partition Type: NTFS
Drive D: | 70,00 Gb Total Space | 40,51 Gb Free Space | 57,87% Space Free | Partition Type: NTFS
Drive E: | 3,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: FFFF-PC | User Name: ffff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-461051042-3945811473-520214257-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04214237-EBA7-4955-B201-A40B01201EF6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{117E6B9C-314C-43F7-8F1F-3CF8FFBC59E0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{15C01EB6-1CD3-4DF6-87FA-A628366D1BF1}" = rport=138 | protocol=17 | dir=out | app=system |
"{15C4FD4A-5EE5-4DB5-8BAC-84110713DA4D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1B922430-42B9-4208-B5CF-5605A8BD1F83}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20401B52-0743-4AE4-895B-D98448DFC27C}" = rport=137 | protocol=17 | dir=out | app=system |
"{2147329F-F1B2-4CA0-966B-B90F9E5C3676}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3A3AE09E-14D3-4899-91D8-A6E0115DAD1B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3FF54B92-5611-4A65-97E1-9BE63487D070}" = lport=445 | protocol=6 | dir=in | app=system |
"{43997E73-9E34-455F-8F65-F4FDF404058C}" = rport=139 | protocol=6 | dir=out | app=system |
"{48F3CF36-17F1-4DAF-9439-13A25F4D20DA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{571CE6B8-6C97-4FA5-8160-BF84D0B247D5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5EF3A702-D879-4F2A-AAA8-1208AEB8EEB1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5FB9299D-9BB9-447E-9301-75C67A831DEC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{618E7AC7-1168-478D-A3EB-56F08A54C540}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73B2B3C2-48BE-4BBA-B370-0FFB90358142}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7F5E4D06-89DF-4B57-9C27-2959A9A671D1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8A61FD4D-957A-45B2-903D-6311D826C622}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5010F4A-DE59-47F9-BCD9-C3A779C83639}" = lport=139 | protocol=6 | dir=in | app=system |
"{AB0D16F7-CE76-415F-B618-B3C63F68606A}" = lport=137 | protocol=17 | dir=in | app=system |
"{BC8A14D4-4D19-47D4-A8EE-2ADFAE2AAAE8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D76C1548-2526-4759-A6E8-67CA9480EB6E}" = lport=138 | protocol=17 | dir=in | app=system |
"{E535C925-CA20-49AD-92BA-4D22E5FAFA20}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EDEBD37F-B595-4E7F-8CD4-A24BF94762E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F55AF8C6-289D-412E-A2D5-27BA3A4474CC}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C955C4-F9C2-4E53-B1CB-76C460B27497}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0164EE20-4782-4EC0-945D-3BEB2B8D9619}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{189DEBA2-F1A6-4BEC-966A-49AE66D8C66F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{485DDC45-9158-4D62-B8E2-50859BC1C488}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{558C6933-3BC3-4CD5-9A0F-DDFB99C6E5FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{585D20E6-9B34-4A1D-8656-5B8EF36B72BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{615D030F-A80F-4CBF-B091-81CC20F407DC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{61A8AFAB-D91F-461D-8FB9-5A6F099A6533}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8AF28321-B925-467F-A16C-ABC7C4835417}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8D91D971-A8C7-4D9F-832B-30290AFC1B88}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{950B1A65-2C00-40DD-A62D-8FF15CB374CD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9A282EA6-BC22-4F1D-BF19-9FC2FCFF4D36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C858DD2-89CF-4984-A0FC-15744A7D2F8C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6F64426-A549-4B7C-8FEE-82B9DD358775}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BB8F49E8-CD88-4EE6-A8B8-1A10D6EF824D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr9.exe |
"{D3AFBBBD-4693-4D08-B2B2-28CF2CF4ECE1}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{D5DD458C-E95C-473B-BBA2-14F78D66C934}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{D72B193E-DAA6-4947-B0DD-79B43E88826F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DBC7CDE1-E2F1-42A4-93B0-BF6E6CE71417}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DE0078ED-A17A-4250-819E-DBA38BF0E514}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E472E2B4-6ED6-4E22-A21A-2BF4EF01B194}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E7F13527-D9F4-4A36-80D3-90B213406DEE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F08D1E35-0EB2-4432-8816-0C518A674816}" = protocol=6 | dir=out | app=system |
"{F19A1D74-3E13-4F1E-A7C9-586FC136EB77}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2D1110E-ECCC-4A24-9DA2-3C4A666472A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416029FF}" = Java(TM) 6 Update 29 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{295AEB79-B53A-4F1B-860F-7800BB7E3681}" = Intel(R) PROSet/Wireless WiFi Software
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}" = Corel Graphics - Windows Shell Extension 64 Bit
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{69A90894-D54A-4657-8172-6B0FCE93414E}" = AMI VR-pulse OS Switcher
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}" = Microsoft Mathematics (64-Bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"EPSON BX535WD Series" = EPSON BX535WD Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VID_1F4D&PID_0102&MI_00" = USB2.0 Audio Capture
"VID_1F4D&PID_0102&MI_01" = USB2.0 Video Capture
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{08BE0A17-0AB8-4B0C-88E2-EB1B4977A511}" = Lernwerkstatt 8
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DF9878B-AFE5-4FE1-88FD-6CA04E1C5635}" = VIPRE Antivirus Premium
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema 10
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2F14F550-0FFC-4285-B673-880744D428A3}" = CorelDRAW Essentials X5 - Custom Data
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34809713-7886-4F6A-B9D5-CC74DBC1C77E}" = CorelDRAW Essentials X5 - Redist
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}" = CorelDRAW Essentials X5 - WT
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{409DC300-28AF-468F-9624-1F3309701881}" = watchmi
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{4433CEC6-DA32-4D7B-BA95-B47C68498287}" = CorelDRAW Essentials X5 - Connect
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"{5C677DD3-45D9-4B10-8591-5F8CEA76BAE0}" = TI USB3 Host Driver
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{666D7CED-12E0-4BA3-B594-5681961E7B02}" = CorelDRAW Essentials X5 - IPM
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}" = CorelDRAW Essentials X5 - DE
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}" = CorelDRAW Essentials X5 - IT
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{834F4E2F-E9DF-4FA9-8499-FF6B91012898}" = CorelDRAW Essentials X5
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{85E8F38F-0303-401E-A518-0302DF88EB07}" = CorelDRAW Essentials X5 - Draw
"{89BA6E81-B60A-49BC-B283-80560A9E60DF}" = CorelDRAW Essentials X5 - PHOTO-PAINT
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91EB0B20-08B0-4905-88FB-020952B9979F}" = Remote Control Input Device Registry Key
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.6) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer 5.5
"{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}" = VIPRE Antivirus Premium
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BEB150-2046-4F94-AE7B-EA76772592F6}" = CorelDRAW Essentials X5 - Common
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7E60152-6C65-4982-8840-B6D28BF881BD}" = CorelDRAW Essentials X5 - FR
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}" = Intel(R) WiDi
"{E4BE9367-168B-4B30-B198-EE37C99FB147}" = CorelDRAW Essentials X5 - Filters
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E728441A-7820-4B1C-87C9-DE7BE37B2953}" = Download Navigator
"{E7BE4D1A-B529-448B-8407-889705B65185}" = CorelDRAW Essentials X5 - ES
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5 - Setup Files
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6AF809-9A80-423A-A57A-C7D726A04E4C}" = CorelDRAW Essentials X5 - EN
"{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}" = Epson Event Manager
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FFF841F3-9A15-4F61-BD16-C19F132E5A27}" = Epson Easy Photo Print 2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALDI NORD Bestellsoftware" = ALDI NORD Bestellsoftware 4.12.2
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer
"ElsterFormular" = ElsterFormular
"EPSON BX535WD Series Netg" = Netzwerkhandbuch EPSON BX535WD Series
"EPSON BX535WD Series Useg" = Benutzerhandbuch EPSON BX535WD Series
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"InstallShield_{08BE0A17-0AB8-4B0C-88E2-EB1B4977A511}" = Lernwerkstatt 8
"InstallShield_{5C677DD3-45D9-4B10-8591-5F8CEA76BAE0}" = TI USB 3.0 Host Controller Driver
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = Medion Home Cinema 10
"IT9130 DriverInstaller_11.8.2.1" = IT9130 Driver v11.8.2.1
"lgx4.lgx.server" = G DATA Logox4 Speechengine
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"myMugle3.0.0.0" = myMugle
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PCSUITE_SHREDDER_PRO_is1" = PCSUITE SHREDDER
"ProInst" = Intel PROSet Wireless
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.10.2012 10:36:14 | Computer Name = ffff-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 08.10.2012 13:21:35 | Computer Name = ffff-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.10.2012 05:21:03 | Computer Name = ffff-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.10.2012 11:05:25 | Computer Name = ffff-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.10.2012 10:21:13 | Computer Name = ffff-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.10.2012 14:27:59 | Computer Name = ffff-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.10.2012 14:33:56 | Computer Name = ffff-PC | Source = WinMgmt | ID = 10
Description =
Error - 11.10.2012 10:33:03 | Computer Name = ffff-PC | Source = WinMgmt | ID = 10
Description =
Error - 11.10.2012 10:47:26 | Computer Name = ffff-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 12.10.2012 03:46:58 | Computer Name = ffff-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 15.03.2013 11:59:20 | Computer Name = ffff-PC | Source = MCUpdate | ID = 0
Description = 16:59:20 - Fehler beim Herstellen der Internetverbindung. 16:59:20
- Serververbindung konnte nicht hergestellt werden..
Error - 15.03.2013 12:00:07 | Computer Name = ffff-PC | Source = MCUpdate | ID = 0
Description = 16:59:26 - Fehler beim Herstellen der Internetverbindung. 16:59:26
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 15.03.2013 08:24:21 | Computer Name = ffff-PC | Source = DCOM | ID = 10010
Description =
Error - 15.03.2013 10:55:00 | Computer Name = ffff-PC | Source = DCOM | ID = 10010
Description =
Error - 16.03.2013 03:35:54 | Computer Name = ffff-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
watchmi service erreicht.
Error - 16.03.2013 03:35:54 | Computer Name = ffff-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 16.03.2013 12:09:34 | Computer Name = ffff-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
watchmi service erreicht.
Error - 16.03.2013 12:09:34 | Computer Name = ffff-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 17.03.2013 09:28:53 | Computer Name = ffff-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
watchmi service erreicht.
Error - 17.03.2013 09:28:53 | Computer Name = ffff-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 21.03.2013 16:18:56 | Computer Name = ffff-PC | Source = DCOM | ID = 10010
Description =
Error - 22.03.2013 11:35:10 | Computer Name = ffff-PC | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
30.03.2013, 15:50
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicheres Entfernen von Trojan.Win32 Generic!BT Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Sicheres Entfernen von Trojan.Win32 Generic!BT |
|
30.03.2013, 15:53
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicheres Entfernen von Trojan.Win32 Generic!BT Rootkitscan mit GMER Bitte lade dir GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.03.2013, 21:59
| #8 |
| | Sicheres Entfernen von Trojan.Win32 Generic!BTCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org
Database version: v2013.03.30.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ffff :: FFFF-PC [administrator]
30.03.2013 21:58:38
mbar-log-2013-03-30 (21-58-38).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 33167
Time elapsed: 1 hour(s), 32 minute(s), 11 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
30.03.2013, 22:16
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicheres Entfernen von Trojan.Win32 Generic!BT Was ist mit dem Log von gmer?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.03.2013, 07:36
| #10 |
| | Sicheres Entfernen von Trojan.Win32 Generic!BT Hatte ich ers,t wie geschriebe,n auf dem Desktop abgelegt. Code:
ATTFilter GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-30 18:19:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0003 465,76GB
Running: gmer_2.1.19155.exe; Driver: C:\Users\ffff\AppData\Local\Temp\pwldypob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4536] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4536] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\HotkeyApp.exe[4544] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Launch Manager\HotkeyApp.exe[4544] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\OSD.exe[4552] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Launch Manager\OSD.exe[4552] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\WButton.exe[4568] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Launch Manager\WButton.exe[4568] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\kernel32.dll!CreateProcessW 0000000074e3103d 5 bytes JMP 0000000100693dc4
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\ADVAPI32.dll!CreateProcessAsUserW 00000000747fc592 5 bytes JMP 0000000100693b6c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetCloseHandle 0000000075c5c664 5 bytes JMP 0000000100692b74
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpQueryInfoA 0000000075c5e13a 5 bytes JMP 0000000100692aa4
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetReadFile 0000000075c5f8d8 5 bytes JMP 000000010069192c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetQueryDataAvailable 0000000075c63184 5 bytes JMP 0000000100691400
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetOpenA 0000000075c6d5e0 5 bytes JMP 000000010068e16c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetConnectA 0000000075c8567e 5 bytes JMP 000000010068e3a0
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpOpenRequestA 0000000075c85761 5 bytes JMP 000000010068ed1c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpQueryInfoW 0000000075c85865 5 bytes JMP 0000000100692b0c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetConnectW 0000000075c85cfa 5 bytes JMP 000000010068e1c0
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpOpenRequestW 0000000075c85fef 5 bytes JMP 000000010068eac8
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpSendRequestW 0000000075c8632d 5 bytes JMP 00000001006904f8
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetReadFileExW 0000000075c8f9ee 5 bytes JMP 00000001006922dc
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetReadFileExA 0000000075c8fa49 5 bytes JMP 0000000100691b14
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpSendRequestA 0000000075cb525a 5 bytes JMP 000000010068fd80
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe[4748] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe[4748] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe[4812] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe[4812] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\svchost.exe [1856:5400] 000007fee8a32888
Thread C:\Windows\system32\svchost.exe [1856:4632] 000007fee8a32a40
Thread C:\Program Files (x86)\Internet Explorer\iexplore.exe [4624:4640] 0000000000699310
Thread C:\Program Files (x86)\Internet Explorer\iexplore.exe [4624:4668] 00000000006991e0
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac72898d10d4
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac72898d10d4 (not active ControlSet)
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Code:
ATTFilter GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-30 18:19:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0003 465,76GB
Running: gmer_2.1.19155.exe; Driver: C:\Users\ffff\AppData\Local\Temp\pwldypob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4536] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4536] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\HotkeyApp.exe[4544] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Launch Manager\HotkeyApp.exe[4544] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\OSD.exe[4552] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Launch Manager\OSD.exe[4552] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\WButton.exe[4568] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Launch Manager\WButton.exe[4568] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\kernel32.dll!CreateProcessW 0000000074e3103d 5 bytes JMP 0000000100693dc4
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\ADVAPI32.dll!CreateProcessAsUserW 00000000747fc592 5 bytes JMP 0000000100693b6c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetCloseHandle 0000000075c5c664 5 bytes JMP 0000000100692b74
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpQueryInfoA 0000000075c5e13a 5 bytes JMP 0000000100692aa4
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetReadFile 0000000075c5f8d8 5 bytes JMP 000000010069192c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetQueryDataAvailable 0000000075c63184 5 bytes JMP 0000000100691400
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetOpenA 0000000075c6d5e0 5 bytes JMP 000000010068e16c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetConnectA 0000000075c8567e 5 bytes JMP 000000010068e3a0
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpOpenRequestA 0000000075c85761 5 bytes JMP 000000010068ed1c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpQueryInfoW 0000000075c85865 5 bytes JMP 0000000100692b0c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetConnectW 0000000075c85cfa 5 bytes JMP 000000010068e1c0
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpOpenRequestW 0000000075c85fef 5 bytes JMP 000000010068eac8
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpSendRequestW 0000000075c8632d 5 bytes JMP 00000001006904f8
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetReadFileExW 0000000075c8f9ee 5 bytes JMP 00000001006922dc
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!InternetReadFileExA 0000000075c8fa49 5 bytes JMP 0000000100691b14
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\WININET.dll!HttpSendRequestA 0000000075cb525a 5 bytes JMP 000000010068fd80
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4624] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe[4748] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe[4748] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe[4812] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe[4812] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075fb1465 2 bytes [FB, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075fb14bb 2 bytes [FB, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\svchost.exe [1856:5400] 000007fee8a32888
Thread C:\Windows\system32\svchost.exe [1856:4632] 000007fee8a32a40
Thread C:\Program Files (x86)\Internet Explorer\iexplore.exe [4624:4640] 0000000000699310
Thread C:\Program Files (x86)\Internet Explorer\iexplore.exe [4624:4668] 00000000006991e0
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac72898d10d4
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac72898d10d4 (not active ControlSet)
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
|
01.04.2013, 12:28
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicheres Entfernen von Trojan.Win32 Generic!BT aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.04.2013, 21:06
| #12 |
| | Sicheres Entfernen von Trojan.Win32 Generic!BT Hallo Cosinus, der Scan aswMBR.exe ist abgebrochen und der Rechner abgestürzt. ich habe dann die Einstellung (none) ausgewählt. Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-01 21:25:55
-----------------------------
21:25:55.052 OS Version: Windows x64 6.1.7601 Service Pack 1
21:25:55.052 Number of processors: 4 586 0x2A07
21:25:55.052 ComputerName: FFFF-PC UserName: ffff
21:26:22.492 Initialze error C000010E - driver not loaded
21:26:22.633 write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
21:26:22.898 AVAST engine defs: 13040100
21:26:52.897 Service scanning
21:27:41.382 Modules scanning
21:27:41.382 Disk 0 trace - called modules:
21:27:41.397
21:27:41.397 Scan finished successfully
21:28:22.628 The log file has been saved successfully to "C:\Users\ffff\Desktop\aswMBR.txt"
Code:
ATTFilter 21:30:46.0073 3616 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:30:46.0198 3616 ============================================================
21:30:46.0198 3616 Current date / time: 2013/04/01 21:30:46.0198
21:30:46.0198 3616 SystemInfo:
21:30:46.0198 3616
21:30:46.0198 3616 OS Version: 6.1.7601 ServicePack: 1.0
21:30:46.0198 3616 Product type: Workstation
21:30:46.0198 3616 ComputerName: FFFF-PC
21:30:46.0198 3616 UserName: ffff
21:30:46.0198 3616 Windows directory: C:\Windows
21:30:46.0198 3616 System windows directory: C:\Windows
21:30:46.0198 3616 Running under WOW64
21:30:46.0198 3616 Processor architecture: Intel x64
21:30:46.0198 3616 Number of processors: 4
21:30:46.0198 3616 Page size: 0x1000
21:30:46.0198 3616 Boot type: Normal boot
21:30:46.0198 3616 ============================================================
21:30:47.0430 3616 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:30:47.0430 3616 ============================================================
21:30:47.0430 3616 \Device\Harddisk0\DR0:
21:30:47.0430 3616 MBR partitions:
21:30:47.0430 3616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:30:47.0430 3616 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x31553000
21:30:47.0430 3616 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x31585800, BlocksNum 0x8C00000
21:30:47.0430 3616 ============================================================
21:30:47.0539 3616 C: <-> \Device\Harddisk0\DR0\Partition2
21:30:48.0366 3616 D: <-> \Device\Harddisk0\DR0\Partition3
21:30:48.0366 3616 ============================================================
21:30:48.0366 3616 Initialize success
21:30:48.0366 3616 ============================================================
21:46:30.0951 5744 ============================================================
21:46:31.0013 5744 Scan started
21:46:31.0013 5744 Mode: Manual; SigCheck; TDLFS;
21:46:31.0013 5744 ============================================================
21:46:31.0684 5744 ================ Scan system memory ========================
21:46:31.0684 5744 System memory - ok
21:46:31.0684 5744 ================ Scan services =============================
21:46:32.0168 5744 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:46:32.0370 5744 1394ohci - ok
21:46:32.0433 5744 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:46:32.0464 5744 ACPI - ok
21:46:32.0495 5744 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:46:32.0620 5744 AcpiPmi - ok
21:46:32.0760 5744 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:46:32.0792 5744 AdobeARMservice - ok
21:46:33.0104 5744 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:46:33.0135 5744 AdobeFlashPlayerUpdateSvc - ok
21:46:33.0213 5744 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:46:33.0275 5744 adp94xx - ok
21:46:33.0322 5744 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:46:33.0369 5744 adpahci - ok
21:46:33.0416 5744 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:46:33.0447 5744 adpu320 - ok
21:46:33.0509 5744 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:46:33.0728 5744 AeLookupSvc - ok
21:46:33.0806 5744 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:46:33.0915 5744 AFD - ok
21:46:33.0977 5744 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:46:34.0008 5744 agp440 - ok
21:46:34.0055 5744 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:46:34.0118 5744 ALG - ok
21:46:34.0180 5744 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:46:34.0211 5744 aliide - ok
21:46:34.0227 5744 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:46:34.0258 5744 amdide - ok
21:46:34.0320 5744 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:46:34.0398 5744 AmdK8 - ok
21:46:34.0414 5744 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:46:34.0508 5744 AmdPPM - ok
21:46:34.0570 5744 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:46:34.0601 5744 amdsata - ok
21:46:34.0632 5744 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:46:34.0664 5744 amdsbs - ok
21:46:34.0679 5744 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:46:34.0710 5744 amdxata - ok
21:46:34.0773 5744 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
21:46:34.0835 5744 AMPPAL - ok
21:46:34.0866 5744 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
21:46:34.0898 5744 AMPPALP - ok
21:46:35.0022 5744 [ A47D7FEBD9381D34DDB4FF38B15A67FE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:46:35.0475 5744 AMPPALR3 - ok
21:46:35.0522 5744 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:46:35.0771 5744 AppID - ok
21:46:35.0787 5744 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:46:35.0912 5744 AppIDSvc - ok
21:46:35.0943 5744 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:46:36.0068 5744 Appinfo - ok
21:46:36.0130 5744 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:46:36.0161 5744 arc - ok
21:46:36.0192 5744 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:46:36.0239 5744 arcsas - ok
21:46:36.0270 5744 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:46:36.0395 5744 AsyncMac - ok
21:46:36.0442 5744 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:46:36.0458 5744 atapi - ok
21:46:36.0520 5744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:46:36.0676 5744 AudioEndpointBuilder - ok
21:46:36.0707 5744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:46:36.0832 5744 AudioSrv - ok
21:46:36.0879 5744 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:46:37.0004 5744 AxInstSV - ok
21:46:37.0066 5744 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:46:37.0128 5744 b06bdrv - ok
21:46:37.0175 5744 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:46:37.0238 5744 b57nd60a - ok
21:46:37.0284 5744 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:46:37.0331 5744 BDESVC - ok
21:46:37.0347 5744 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:46:37.0456 5744 Beep - ok
21:46:37.0518 5744 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:46:37.0674 5744 BFE - ok
21:46:37.0721 5744 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:46:37.0862 5744 BITS - ok
21:46:37.0908 5744 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:46:37.0971 5744 blbdrive - ok
21:46:38.0096 5744 [ 55B0C8441DE7D91A819A39D0351154A2 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:46:38.0142 5744 Bluetooth Device Monitor - ok
21:46:38.0205 5744 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:46:38.0283 5744 Bluetooth Media Service - ok
21:46:38.0345 5744 [ 8BF4B9956E13871A88A3810074E2E110 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:46:38.0408 5744 Bluetooth OBEX Service - ok
21:46:38.0454 5744 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:46:38.0532 5744 bowser - ok
21:46:38.0579 5744 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:46:38.0626 5744 BrFiltLo - ok
21:46:38.0642 5744 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:46:38.0704 5744 BrFiltUp - ok
21:46:38.0751 5744 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:46:38.0798 5744 Browser - ok
21:46:38.0844 5744 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:46:38.0922 5744 Brserid - ok
21:46:38.0954 5744 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:46:39.0016 5744 BrSerWdm - ok
21:46:39.0063 5744 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:46:39.0110 5744 BrUsbMdm - ok
21:46:39.0141 5744 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:46:39.0203 5744 BrUsbSer - ok
21:46:39.0250 5744 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:46:39.0312 5744 BthEnum - ok
21:46:39.0375 5744 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:46:39.0437 5744 BTHMODEM - ok
21:46:39.0484 5744 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:46:39.0546 5744 BthPan - ok
21:46:39.0624 5744 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:46:39.0702 5744 BTHPORT - ok
21:46:39.0734 5744 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:46:39.0843 5744 bthserv - ok
21:46:39.0890 5744 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:46:39.0921 5744 BTHSSecurityMgr - ok
21:46:39.0968 5744 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:46:40.0030 5744 BTHUSB - ok
21:46:40.0077 5744 [ 270FBA230E78E25726D065A924589A72 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
21:46:40.0124 5744 btmaux - ok
21:46:40.0170 5744 [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
21:46:40.0217 5744 btmhsf - ok
21:46:40.0280 5744 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:46:40.0404 5744 cdfs - ok
21:46:40.0467 5744 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:46:40.0514 5744 cdrom - ok
21:46:40.0576 5744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:46:40.0748 5744 CertPropSvc - ok
21:46:40.0779 5744 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:46:40.0841 5744 circlass - ok
21:46:40.0888 5744 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:46:40.0935 5744 CLFS - ok
21:46:41.0060 5744 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:46:41.0091 5744 clr_optimization_v2.0.50727_32 - ok
21:46:41.0184 5744 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:46:41.0216 5744 clr_optimization_v2.0.50727_64 - ok
21:46:41.0418 5744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:46:41.0450 5744 clr_optimization_v4.0.30319_32 - ok
21:46:41.0621 5744 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:46:41.0652 5744 clr_optimization_v4.0.30319_64 - ok
21:46:41.0699 5744 [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
21:46:41.0730 5744 CLVirtualDrive - ok
21:46:41.0762 5744 clwvd - ok
21:46:41.0793 5744 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:46:41.0855 5744 CmBatt - ok
21:46:41.0871 5744 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:46:41.0902 5744 cmdide - ok
21:46:41.0964 5744 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:46:42.0027 5744 CNG - ok
21:46:42.0074 5744 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:46:42.0089 5744 Compbatt - ok
21:46:42.0120 5744 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:46:42.0183 5744 CompositeBus - ok
21:46:42.0214 5744 COMSysApp - ok
21:46:42.0245 5744 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:46:42.0276 5744 crcdisk - ok
21:46:42.0323 5744 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:46:42.0401 5744 CryptSvc - ok
21:46:42.0526 5744 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:46:42.0588 5744 cvhsvc - ok
21:46:42.0666 5744 [ D01F45283E943D00FF0EEF0EB27D6141 ] CXCVBS C:\Windows\system32\drivers\cxCVBS.sys
21:46:42.0729 5744 CXCVBS - ok
21:46:42.0807 5744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:46:42.0947 5744 DcomLaunch - ok
21:46:42.0994 5744 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:46:43.0119 5744 defragsvc - ok
21:46:43.0166 5744 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:46:43.0275 5744 DfsC - ok
21:46:43.0337 5744 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:46:43.0400 5744 Dhcp - ok
21:46:43.0400 5744 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:46:43.0524 5744 discache - ok
21:46:43.0556 5744 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:46:43.0587 5744 Disk - ok
21:46:43.0618 5744 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:46:43.0680 5744 Dnscache - ok
21:46:43.0727 5744 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:46:43.0852 5744 dot3svc - ok
21:46:43.0883 5744 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:46:43.0992 5744 DPS - ok
21:46:44.0055 5744 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:46:44.0117 5744 drmkaud - ok
21:46:44.0180 5744 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:46:44.0242 5744 DXGKrnl - ok
21:46:44.0273 5744 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:46:44.0382 5744 EapHost - ok
21:46:44.0538 5744 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:46:44.0694 5744 ebdrv - ok
21:46:44.0726 5744 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:46:44.0788 5744 EFS - ok
21:46:44.0928 5744 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:46:45.0022 5744 ehRecvr - ok
21:46:45.0069 5744 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:46:45.0131 5744 ehSched - ok
21:46:45.0178 5744 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:46:45.0225 5744 elxstor - ok
21:46:45.0287 5744 [ DFEB7EE15BA8BA03E722C375F7E6A379 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
21:46:45.0334 5744 EPSON_PM_RPCV4_05 - ok
21:46:45.0381 5744 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:46:45.0428 5744 ErrDev - ok
21:46:45.0490 5744 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:46:45.0646 5744 EventSystem - ok
21:46:45.0771 5744 [ B20A788579E443F768AAB1A24F705D0A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:46:45.0896 5744 EvtEng - ok
21:46:45.0942 5744 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:46:46.0052 5744 exfat - ok
21:46:46.0052 5744 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:46:46.0176 5744 fastfat - ok
21:46:46.0239 5744 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:46:46.0317 5744 Fax - ok
21:46:46.0348 5744 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:46:46.0395 5744 fdc - ok
21:46:46.0457 5744 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:46:46.0566 5744 fdPHost - ok
21:46:46.0582 5744 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:46:46.0676 5744 FDResPub - ok
21:46:46.0722 5744 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:46:46.0738 5744 FileInfo - ok
21:46:46.0754 5744 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:46:46.0878 5744 Filetrace - ok
21:46:46.0910 5744 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:46:46.0941 5744 flpydisk - ok
21:46:46.0956 5744 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:46:47.0003 5744 FltMgr - ok
21:46:47.0081 5744 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:46:47.0175 5744 FontCache - ok
21:46:47.0222 5744 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:46:47.0237 5744 FontCache3.0.0.0 - ok
21:46:47.0268 5744 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:46:47.0284 5744 FsDepends - ok
21:46:47.0331 5744 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:46:47.0362 5744 Fs_Rec - ok
21:46:47.0393 5744 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:46:47.0440 5744 fvevol - ok
21:46:47.0456 5744 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:46:47.0487 5744 gagp30kx - ok
21:46:47.0534 5744 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:46:47.0674 5744 gpsvc - ok
21:46:47.0768 5744 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:46:47.0799 5744 gupdate - ok
21:46:47.0830 5744 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:46:47.0846 5744 gupdatem - ok
21:46:47.0892 5744 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:46:47.0924 5744 gusvc - ok
21:46:47.0970 5744 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:46:48.0017 5744 hcw85cir - ok
21:46:48.0080 5744 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:46:48.0158 5744 HdAudAddService - ok
21:46:48.0189 5744 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:46:48.0251 5744 HDAudBus - ok
21:46:48.0282 5744 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:46:48.0345 5744 HidBatt - ok
21:46:48.0376 5744 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:46:48.0438 5744 HidBth - ok
21:46:48.0454 5744 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:46:48.0501 5744 HidIr - ok
21:46:48.0532 5744 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:46:48.0657 5744 hidserv - ok
21:46:48.0688 5744 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:46:48.0735 5744 HidUsb - ok
21:46:48.0750 5744 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:46:48.0875 5744 hkmsvc - ok
21:46:48.0906 5744 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:46:48.0984 5744 HomeGroupListener - ok
21:46:49.0031 5744 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:46:49.0078 5744 HomeGroupProvider - ok
21:46:49.0125 5744 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:46:49.0172 5744 HpSAMD - ok
21:46:49.0203 5744 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:46:49.0343 5744 HTTP - ok
21:46:49.0359 5744 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:46:49.0374 5744 hwpolicy - ok
21:46:49.0421 5744 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:46:49.0452 5744 i8042prt - ok
21:46:49.0515 5744 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
21:46:49.0546 5744 iaStor - ok
21:46:49.0624 5744 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:46:49.0655 5744 IAStorDataMgrSvc - ok
21:46:49.0686 5744 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:46:49.0733 5744 iaStorV - ok
21:46:49.0764 5744 [ DE9E40BAEE2E48FD1E3EB423074C014C ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
21:46:49.0827 5744 iBtFltCoex - ok
21:46:49.0889 5744 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:46:49.0967 5744 idsvc - ok
21:46:50.0357 5744 [ 978D876A581D57E0DE6437674EB0014D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:46:50.0841 5744 igfx - ok
21:46:50.0856 5744 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:46:50.0888 5744 iirsp - ok
21:46:50.0934 5744 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:46:51.0075 5744 IKEEXT - ok
21:46:51.0122 5744 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:46:51.0153 5744 intaud_WaveExtensible - ok
21:46:51.0246 5744 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:46:51.0402 5744 IntcAzAudAddService - ok
21:46:51.0465 5744 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:46:51.0527 5744 IntcDAud - ok
21:46:51.0543 5744 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:46:51.0574 5744 intelide - ok
21:46:51.0636 5744 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:46:51.0683 5744 intelppm - ok
21:46:51.0730 5744 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:46:51.0824 5744 IPBusEnum - ok
21:46:51.0855 5744 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:46:51.0980 5744 IpFilterDriver - ok
21:46:52.0026 5744 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:46:52.0104 5744 iphlpsvc - ok
21:46:52.0136 5744 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:46:52.0182 5744 IPMIDRV - ok
21:46:52.0229 5744 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:46:52.0354 5744 IPNAT - ok
21:46:52.0370 5744 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:46:52.0416 5744 IRENUM - ok
21:46:52.0448 5744 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:46:52.0479 5744 isapnp - ok
21:46:52.0526 5744 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:46:52.0557 5744 iScsiPrt - ok
21:46:52.0604 5744 [ 00CB3B7A1B166B425F9A330CA51E3568 ] IT9135BDA C:\Windows\system32\Drivers\IT9135BDA.sys
21:46:52.0682 5744 IT9135BDA - ok
21:46:52.0713 5744 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys
21:46:52.0744 5744 iwdbus - ok
21:46:52.0775 5744 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:46:52.0806 5744 kbdclass - ok
21:46:52.0822 5744 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:46:52.0884 5744 kbdhid - ok
21:46:52.0931 5744 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:46:52.0962 5744 KeyIso - ok
21:46:52.0994 5744 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:46:53.0025 5744 KSecDD - ok
21:46:53.0056 5744 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:46:53.0087 5744 KSecPkg - ok
21:46:53.0103 5744 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:46:53.0228 5744 ksthunk - ok
21:46:53.0274 5744 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:46:53.0399 5744 KtmRm - ok
21:46:53.0462 5744 [ 6DD5383C9413AAE3113FAF89E345663D ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:46:53.0493 5744 L1C - ok
21:46:53.0540 5744 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:46:53.0680 5744 LanmanServer - ok
21:46:53.0727 5744 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:46:53.0852 5744 LanmanWorkstation - ok
21:46:53.0898 5744 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:46:54.0008 5744 lltdio - ok
21:46:54.0054 5744 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:46:54.0179 5744 lltdsvc - ok
21:46:54.0179 5744 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:46:54.0288 5744 lmhosts - ok
21:46:54.0366 5744 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:46:54.0398 5744 LMS - ok
21:46:54.0429 5744 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:46:54.0460 5744 LSI_FC - ok
21:46:54.0491 5744 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:46:54.0522 5744 LSI_SAS - ok
21:46:54.0538 5744 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:46:54.0569 5744 LSI_SAS2 - ok
21:46:54.0616 5744 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:46:54.0647 5744 LSI_SCSI - ok
21:46:54.0694 5744 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:46:54.0803 5744 luafv - ok
21:46:54.0850 5744 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:46:54.0912 5744 Mcx2Svc - ok
21:46:54.0959 5744 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:46:54.0990 5744 megasas - ok
21:46:55.0006 5744 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:46:55.0053 5744 MegaSR - ok
21:46:55.0084 5744 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
21:46:55.0115 5744 MEIx64 - ok
21:46:55.0162 5744 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:46:55.0287 5744 MMCSS - ok
21:46:55.0334 5744 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:46:55.0458 5744 Modem - ok
21:46:55.0458 5744 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:46:55.0521 5744 monitor - ok
21:46:55.0552 5744 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:46:55.0599 5744 mouclass - ok
21:46:55.0630 5744 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:46:55.0692 5744 mouhid - ok
21:46:55.0739 5744 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:46:55.0770 5744 mountmgr - ok
21:46:55.0848 5744 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:46:55.0895 5744 MozillaMaintenance - ok
21:46:55.0926 5744 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:46:55.0958 5744 mpio - ok
21:46:55.0989 5744 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:46:56.0114 5744 mpsdrv - ok
21:46:56.0176 5744 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:46:56.0316 5744 MpsSvc - ok
21:46:56.0332 5744 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:46:56.0394 5744 MRxDAV - ok
21:46:56.0426 5744 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:46:56.0519 5744 mrxsmb - ok
21:46:56.0550 5744 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:46:56.0613 5744 mrxsmb10 - ok
21:46:56.0660 5744 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:46:56.0738 5744 mrxsmb20 - ok
21:46:56.0769 5744 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:46:56.0800 5744 msahci - ok
21:46:56.0847 5744 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:46:56.0878 5744 msdsm - ok
21:46:56.0894 5744 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:46:56.0972 5744 MSDTC - ok
21:46:57.0018 5744 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:46:57.0128 5744 Msfs - ok
21:46:57.0143 5744 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:46:57.0252 5744 mshidkmdf - ok
21:46:57.0284 5744 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:46:57.0315 5744 msisadrv - ok
21:46:57.0346 5744 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:46:57.0455 5744 MSiSCSI - ok
21:46:57.0455 5744 msiserver - ok
21:46:57.0502 5744 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:46:57.0627 5744 MSKSSRV - ok
21:46:57.0627 5744 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:46:57.0736 5744 MSPCLOCK - ok
21:46:57.0736 5744 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:46:57.0845 5744 MSPQM - ok
21:46:57.0861 5744 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:46:57.0908 5744 MsRPC - ok
21:46:57.0954 5744 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:46:57.0970 5744 mssmbios - ok
21:46:58.0017 5744 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:46:58.0142 5744 MSTEE - ok
21:46:58.0173 5744 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:46:58.0251 5744 MTConfig - ok
21:46:58.0282 5744 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:46:58.0313 5744 Mup - ok
21:46:58.0376 5744 [ F217D7718FD7577AF331E89910B2D21E ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:46:58.0422 5744 MyWiFiDHCPDNS - ok
21:46:58.0469 5744 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:46:58.0594 5744 napagent - ok
21:46:58.0641 5744 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:46:58.0719 5744 NativeWifiP - ok
21:46:58.0812 5744 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:46:58.0875 5744 NDIS - ok
21:46:58.0906 5744 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:46:59.0015 5744 NdisCap - ok
21:46:59.0046 5744 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:46:59.0156 5744 NdisTapi - ok
21:46:59.0156 5744 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:46:59.0280 5744 Ndisuio - ok
21:46:59.0296 5744 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:46:59.0390 5744 NdisWan - ok
21:46:59.0405 5744 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:46:59.0499 5744 NDProxy - ok
21:46:59.0530 5744 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:46:59.0639 5744 NetBIOS - ok
21:46:59.0670 5744 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:46:59.0795 5744 NetBT - ok
21:46:59.0842 5744 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:46:59.0873 5744 Netlogon - ok
21:46:59.0920 5744 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:47:00.0060 5744 Netman - ok
21:47:00.0092 5744 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:47:00.0216 5744 netprofm - ok
21:47:00.0263 5744 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:47:00.0294 5744 NetTcpPortSharing - ok
21:47:00.0560 5744 [ 9FD1BE1881446D954FF77244AE58FBCB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
21:47:00.0981 5744 NETwNs64 - ok
21:47:01.0012 5744 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:47:01.0043 5744 nfrd960 - ok
21:47:01.0106 5744 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:47:01.0168 5744 NlaSvc - ok
21:47:01.0215 5744 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:47:01.0324 5744 Npfs - ok
21:47:01.0371 5744 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:47:01.0480 5744 nsi - ok
21:47:01.0496 5744 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:47:01.0605 5744 nsiproxy - ok
21:47:01.0714 5744 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:47:01.0808 5744 Ntfs - ok
21:47:01.0839 5744 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:47:01.0932 5744 Null - ok
21:47:02.0322 5744 [ E97E8C80793EF12C994607CA5645799A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:47:02.0978 5744 nvlddmkm - ok
21:47:03.0056 5744 [ 50612BD6943B9CB20008E9E241DC8B7D ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
21:47:03.0071 5744 nvpciflt - ok
21:47:03.0102 5744 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:47:03.0118 5744 nvraid - ok
21:47:03.0149 5744 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:47:03.0180 5744 nvstor - ok
21:47:03.0274 5744 [ F355C26FDE46EDB911E3E3D749E985AE ] nvsvc C:\Windows\system32\nvvsvc.exe
21:47:03.0368 5744 nvsvc - ok
21:47:03.0477 5744 [ 03AA7307C0D92D38D7AF90E181736B8D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:47:03.0586 5744 nvUpdatusService - ok
21:47:03.0633 5744 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:47:03.0664 5744 nv_agp - ok
21:47:03.0695 5744 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:47:03.0726 5744 ohci1394 - ok
21:47:03.0804 5744 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:47:03.0836 5744 ose - ok
21:47:04.0007 5744 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:47:04.0304 5744 osppsvc - ok
21:47:04.0335 5744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:47:04.0413 5744 p2pimsvc - ok
21:47:04.0444 5744 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:47:04.0491 5744 p2psvc - ok
21:47:04.0506 5744 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:47:04.0553 5744 Parport - ok
21:47:04.0600 5744 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:47:04.0616 5744 partmgr - ok
21:47:04.0631 5744 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:47:04.0709 5744 PcaSvc - ok
21:47:04.0740 5744 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:47:04.0772 5744 pci - ok
21:47:04.0787 5744 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:47:04.0818 5744 pciide - ok
21:47:04.0865 5744 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:47:04.0896 5744 pcmcia - ok
21:47:04.0928 5744 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:47:04.0959 5744 pcw - ok
21:47:04.0974 5744 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:47:05.0115 5744 PEAUTH - ok
21:47:05.0364 5744 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:47:05.0411 5744 PerfHost - ok
21:47:05.0505 5744 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:47:05.0661 5744 pla - ok
21:47:05.0739 5744 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:47:05.0817 5744 PlugPlay - ok
21:47:05.0832 5744 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:47:05.0895 5744 PNRPAutoReg - ok
21:47:05.0910 5744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:47:05.0957 5744 PNRPsvc - ok
21:47:06.0020 5744 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:47:06.0144 5744 PolicyAgent - ok
21:47:06.0191 5744 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:47:06.0332 5744 Power - ok
21:47:06.0378 5744 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:47:06.0488 5744 PptpMiniport - ok
21:47:06.0519 5744 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:47:06.0581 5744 Processor - ok
21:47:06.0628 5744 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:47:06.0675 5744 ProfSvc - ok
21:47:06.0706 5744 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:47:06.0737 5744 ProtectedStorage - ok
21:47:06.0800 5744 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:47:06.0909 5744 Psched - ok
21:47:06.0940 5744 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:47:06.0971 5744 PSI_SVC_2 - ok
21:47:07.0049 5744 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:47:07.0143 5744 ql2300 - ok
21:47:07.0190 5744 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:47:07.0221 5744 ql40xx - ok
21:47:07.0252 5744 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:47:07.0314 5744 QWAVE - ok
21:47:07.0330 5744 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:47:07.0408 5744 QWAVEdrv - ok
21:47:07.0424 5744 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:47:07.0533 5744 RasAcd - ok
21:47:07.0564 5744 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:47:07.0673 5744 RasAgileVpn - ok
21:47:07.0704 5744 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:47:07.0814 5744 RasAuto - ok
21:47:07.0845 5744 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:47:07.0954 5744 Rasl2tp - ok
21:47:08.0016 5744 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:47:08.0126 5744 RasMan - ok
21:47:08.0141 5744 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:47:08.0250 5744 RasPppoe - ok
21:47:08.0297 5744 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:47:08.0391 5744 RasSstp - ok
21:47:08.0422 5744 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:47:08.0531 5744 rdbss - ok
21:47:08.0547 5744 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:47:08.0594 5744 rdpbus - ok
21:47:08.0609 5744 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:47:08.0718 5744 RDPCDD - ok
21:47:08.0734 5744 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:47:08.0859 5744 RDPENCDD - ok
21:47:08.0874 5744 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:47:08.0968 5744 RDPREFMP - ok
21:47:09.0015 5744 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:47:09.0077 5744 RDPWD - ok
21:47:09.0140 5744 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:47:09.0171 5744 rdyboost - ok
21:47:09.0249 5744 [ B9A0810D16EA7935B10A5499ABA61DC3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:47:09.0296 5744 RegSrvc - ok
21:47:09.0327 5744 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:47:09.0452 5744 RemoteAccess - ok
21:47:09.0498 5744 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:47:09.0592 5744 RemoteRegistry - ok
21:47:09.0639 5744 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:47:09.0701 5744 RFCOMM - ok
21:47:09.0935 5744 [ 7728B6AEDC83BC0DEFD0A53371D4613B ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:47:09.0982 5744 RichVideo - ok
21:47:10.0013 5744 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:47:10.0122 5744 RpcEptMapper - ok
21:47:10.0169 5744 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:47:10.0216 5744 RpcLocator - ok
21:47:10.0263 5744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:47:10.0356 5744 RpcSs - ok
21:47:10.0419 5744 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:47:10.0528 5744 rspndr - ok
21:47:10.0606 5744 [ CE0A1D8A59410E698140821E4E69DA0D ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
21:47:10.0637 5744 RSUSBVSTOR - ok
21:47:10.0637 5744 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:47:10.0684 5744 SamSs - ok
21:47:10.0856 5744 [ E15AD7EAA6F6B22AD603339DAC7CBA74 ] SBAMSvc C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe
21:47:10.0996 5744 SBAMSvc - ok
21:47:11.0058 5744 [ CD50FFB4C803C06D21CE3569489B7929 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
21:47:11.0090 5744 sbapifs - ok
21:47:11.0136 5744 [ CDB954C736D51DC5FA712C039AF4F683 ] SbFw C:\Windows\system32\drivers\SbFw.sys
21:47:11.0168 5744 SbFw - ok
21:47:11.0214 5744 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys
21:47:11.0230 5744 SBFWIMCL - ok
21:47:11.0261 5744 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys
21:47:11.0277 5744 SBFWIMCLMP - ok
21:47:11.0292 5744 [ A5BC45F8C2F30350E7566799C86B2F5D ] sbhips C:\Windows\system32\drivers\sbhips.sys
21:47:11.0308 5744 sbhips - ok
21:47:11.0355 5744 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:47:11.0386 5744 sbp2port - ok
21:47:11.0448 5744 [ FB01A1137A8ABDF636DF41FC0F1AFE53 ] SBPIMSvc C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe
21:47:11.0495 5744 SBPIMSvc - ok
21:47:11.0542 5744 [ 2F58125AD1BB90959F9634C7AC36D230 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
21:47:11.0558 5744 SBRE - ok
21:47:11.0604 5744 [ F9955774A6BF0A5CA696F591C7B80A79 ] SbTis C:\Windows\system32\drivers\sbtis.sys
21:47:11.0636 5744 SbTis - ok
21:47:11.0651 5744 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:47:11.0760 5744 SCardSvr - ok
21:47:11.0776 5744 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:47:11.0885 5744 scfilter - ok
21:47:11.0948 5744 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:47:12.0119 5744 Schedule - ok
21:47:12.0166 5744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:47:12.0260 5744 SCPolicySvc - ok
21:47:12.0275 5744 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:47:12.0338 5744 SDRSVC - ok
21:47:12.0384 5744 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:47:12.0494 5744 secdrv - ok
21:47:12.0525 5744 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:47:12.0650 5744 seclogon - ok
21:47:12.0681 5744 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:47:12.0806 5744 SENS - ok
21:47:12.0837 5744 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:47:12.0899 5744 SensrSvc - ok
21:47:12.0946 5744 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:47:12.0993 5744 Serenum - ok
21:47:13.0040 5744 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:47:13.0086 5744 Serial - ok
21:47:13.0133 5744 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:47:13.0180 5744 sermouse - ok
21:47:13.0242 5744 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:47:13.0336 5744 SessionEnv - ok
21:47:13.0367 5744 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:47:13.0414 5744 sffdisk - ok
21:47:13.0414 5744 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:47:13.0476 5744 sffp_mmc - ok
21:47:13.0492 5744 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:47:13.0554 5744 sffp_sd - ok
21:47:13.0586 5744 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:47:13.0617 5744 sfloppy - ok
21:47:13.0695 5744 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
21:47:13.0742 5744 Sftfs - ok
21:47:13.0835 5744 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:47:13.0898 5744 sftlist - ok
21:47:13.0944 5744 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:47:13.0976 5744 Sftplay - ok
21:47:14.0022 5744 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:47:14.0038 5744 Sftredir - ok
21:47:14.0085 5744 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
21:47:14.0100 5744 Sftvol - ok
21:47:14.0147 5744 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:47:14.0178 5744 sftvsa - ok
21:47:14.0225 5744 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:47:14.0366 5744 SharedAccess - ok
21:47:14.0412 5744 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:47:14.0537 5744 ShellHWDetection - ok
21:47:14.0584 5744 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:47:14.0615 5744 SiSRaid2 - ok
21:47:14.0646 5744 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:47:14.0678 5744 SiSRaid4 - ok
21:47:14.0709 5744 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:47:14.0818 5744 Smb - ok
21:47:14.0880 5744 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:47:14.0943 5744 SNMPTRAP - ok
21:47:14.0990 5744 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:47:15.0005 5744 spldr - ok
21:47:15.0052 5744 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:47:15.0130 5744 Spooler - ok
21:47:15.0255 5744 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:47:15.0473 5744 sppsvc - ok
21:47:15.0489 5744 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:47:15.0598 5744 sppuinotify - ok
21:47:15.0660 5744 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:47:15.0738 5744 srv - ok
21:47:15.0770 5744 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:47:15.0832 5744 srv2 - ok
21:47:15.0863 5744 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:47:15.0910 5744 srvnet - ok
21:47:15.0972 5744 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:47:16.0082 5744 SSDPSRV - ok
21:47:16.0097 5744 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:47:16.0206 5744 SstpSvc - ok
21:47:16.0284 5744 [ B7368B1BF6C20922DFEDF0A35F69EEEF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:47:16.0347 5744 Stereo Service - ok
21:47:16.0378 5744 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:47:16.0409 5744 stexstor - ok
21:47:16.0472 5744 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:47:16.0550 5744 stisvc - ok
21:47:16.0581 5744 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:47:16.0596 5744 swenum - ok
21:47:16.0643 5744 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:47:16.0784 5744 swprv - ok
21:47:16.0862 5744 [ B3AD15FA10EBEAFC1275F34050E4E230 ] SynTP C:\Windows\system32\drivers\SynTP.sys
21:47:16.0940 5744 SynTP - ok
21:47:17.0033 5744 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:47:17.0142 5744 SysMain - ok
21:47:17.0189 5744 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:47:17.0252 5744 TabletInputService - ok
21:47:17.0283 5744 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:47:17.0408 5744 TapiSrv - ok
21:47:17.0439 5744 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:47:17.0532 5744 TBS - ok
21:47:17.0642 5744 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:47:17.0735 5744 Tcpip - ok
21:47:17.0845 5744 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:47:17.0938 5744 TCPIP6 - ok
21:47:17.0985 5744 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:47:18.0016 5744 tcpipreg - ok
21:47:18.0063 5744 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:47:18.0110 5744 TDPIPE - ok
21:47:18.0157 5744 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:47:18.0188 5744 TDTCP - ok
21:47:18.0203 5744 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:47:18.0328 5744 tdx - ok
21:47:18.0359 5744 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:47:18.0391 5744 TermDD - ok
21:47:18.0437 5744 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:47:18.0562 5744 TermService - ok
21:47:18.0593 5744 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:47:18.0656 5744 Themes - ok
21:47:18.0687 5744 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:47:18.0781 5744 THREADORDER - ok
21:47:18.0827 5744 [ DA632FAE7B5629032B2C24E1BE29168B ] tihub3 C:\Windows\system32\drivers\tihub3.sys
21:47:18.0859 5744 tihub3 - ok
21:47:18.0890 5744 [ 6AAD465F69632931B6D8D61B287E6DE9 ] tixhci C:\Windows\system32\drivers\tixhci.sys
21:47:18.0921 5744 tixhci - ok
21:47:18.0968 5744 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:47:19.0093 5744 TrkWks - ok
21:47:19.0155 5744 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:47:19.0264 5744 TrustedInstaller - ok
21:47:19.0280 5744 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:47:19.0389 5744 tssecsrv - ok
21:47:19.0420 5744 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:47:19.0467 5744 TsUsbFlt - ok
21:47:19.0514 5744 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:47:19.0561 5744 TsUsbGD - ok
21:47:19.0607 5744 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:47:19.0701 5744 tunnel - ok
21:47:19.0732 5744 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:47:19.0748 5744 uagp35 - ok
21:47:19.0763 5744 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:47:19.0904 5744 udfs - ok
21:47:19.0935 5744 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:47:19.0982 5744 UI0Detect - ok
21:47:20.0029 5744 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:47:20.0060 5744 uliagpkx - ok
21:47:20.0091 5744 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:47:20.0153 5744 umbus - ok
21:47:20.0185 5744 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:47:20.0247 5744 UmPass - ok
21:47:20.0387 5744 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:47:20.0512 5744 UNS - ok
21:47:20.0543 5744 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:47:20.0684 5744 upnphost - ok
21:47:20.0715 5744 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:47:20.0762 5744 usbccgp - ok
21:47:20.0824 5744 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:47:20.0887 5744 usbcir - ok
21:47:20.0902 5744 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:47:20.0965 5744 usbehci - ok
21:47:21.0011 5744 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
21:47:21.0074 5744 usbhub - ok
21:47:21.0105 5744 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:47:21.0136 5744 usbohci - ok
21:47:21.0183 5744 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:47:21.0245 5744 usbprint - ok
21:47:21.0277 5744 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:47:21.0323 5744 usbscan - ok
21:47:21.0339 5744 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:47:21.0401 5744 USBSTOR - ok
21:47:21.0433 5744 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:47:21.0479 5744 usbuhci - ok
21:47:21.0526 5744 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:47:21.0604 5744 usbvideo - ok
21:47:21.0667 5744 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:47:21.0791 5744 UxSms - ok
21:47:21.0807 5744 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:47:21.0854 5744 VaultSvc - ok
21:47:21.0885 5744 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:47:21.0916 5744 vdrvroot - ok
21:47:21.0947 5744 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:47:22.0088 5744 vds - ok
21:47:22.0119 5744 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:47:22.0166 5744 vga - ok
21:47:22.0181 5744 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:47:22.0306 5744 VgaSave - ok
21:47:22.0353 5744 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:47:22.0384 5744 vhdmp - ok
21:47:22.0447 5744 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:47:22.0478 5744 viaide - ok
21:47:22.0540 5744 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:47:22.0571 5744 volmgr - ok
21:47:22.0634 5744 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:47:22.0681 5744 volmgrx - ok
21:47:22.0727 5744 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:47:22.0774 5744 volsnap - ok
21:47:22.0805 5744 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:47:22.0852 5744 vsmraid - ok
21:47:22.0915 5744 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:47:23.0071 5744 VSS - ok
21:47:23.0117 5744 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:47:23.0195 5744 vwifibus - ok
21:47:23.0211 5744 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:47:23.0273 5744 vwififlt - ok
21:47:23.0289 5744 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:47:23.0351 5744 vwifimp - ok
21:47:23.0398 5744 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:47:23.0523 5744 W32Time - ok
21:47:23.0554 5744 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:47:23.0617 5744 WacomPen - ok
21:47:23.0679 5744 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:47:23.0788 5744 WANARP - ok
21:47:23.0819 5744 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:47:23.0913 5744 Wanarpv6 - ok
21:47:23.0960 5744 [ 261A725F8ACEDDA695C7FFF6D6EDE6B5 ] watchmi C:\Program Files (x86)\watchmi\TvdService.exe
21:47:24.0007 5744 watchmi ( UnsignedFile.Multi.Generic ) - warning
21:47:24.0007 5744 watchmi - detected UnsignedFile.Multi.Generic (1)
21:47:24.0085 5744 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:47:24.0194 5744 wbengine - ok
21:47:24.0194 5744 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:47:24.0256 5744 WbioSrvc - ok
21:47:24.0272 5744 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:47:24.0350 5744 wcncsvc - ok
21:47:24.0381 5744 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:47:24.0428 5744 WcsPlugInService - ok
21:47:24.0475 5744 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:47:24.0506 5744 Wd - ok
21:47:24.0553 5744 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:47:24.0615 5744 Wdf01000 - ok
21:47:24.0646 5744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:47:24.0724 5744 WdiServiceHost - ok
21:47:24.0755 5744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:47:24.0818 5744 WdiSystemHost - ok
21:47:24.0849 5744 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:47:24.0927 5744 WebClient - ok
21:47:24.0958 5744 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:47:25.0083 5744 Wecsvc - ok
21:47:25.0114 5744 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:47:25.0223 5744 wercplsupport - ok
21:47:25.0255 5744 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:47:25.0364 5744 WerSvc - ok
21:47:25.0426 5744 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:47:25.0520 5744 WfpLwf - ok
21:47:25.0535 5744 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:47:25.0567 5744 WIMMount - ok
21:47:25.0598 5744 WinDefend - ok
21:47:25.0598 5744 WinHttpAutoProxySvc - ok
21:47:25.0723 5744 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:47:25.0832 5744 Winmgmt - ok
21:47:25.0925 5744 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:47:26.0097 5744 WinRM - ok
21:47:26.0191 5744 [ 4C69A8E2E159C1C59BC4B688E9DD7F8C ] WisLMSvc C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
21:47:26.0222 5744 WisLMSvc - ok
21:47:26.0284 5744 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:47:26.0378 5744 Wlansvc - ok
21:47:26.0440 5744 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:47:26.0471 5744 wlcrasvc - ok
21:47:26.0596 5744 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:47:26.0752 5744 wlidsvc - ok
21:47:26.0799 5744 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:47:26.0846 5744 WmiAcpi - ok
21:47:26.0877 5744 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:47:26.0955 5744 wmiApSrv - ok
21:47:27.0002 5744 WMPNetworkSvc - ok
21:47:27.0033 5744 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:47:27.0064 5744 WPCSvc - ok
21:47:27.0080 5744 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:47:27.0111 5744 WPDBusEnum - ok
21:47:27.0127 5744 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:47:27.0236 5744 ws2ifsl - ok
21:47:27.0251 5744 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:47:27.0329 5744 wscsvc - ok
21:47:27.0329 5744 WSearch - ok
21:47:27.0454 5744 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:47:27.0579 5744 wuauserv - ok
21:47:27.0626 5744 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:47:27.0673 5744 WudfPf - ok
21:47:27.0719 5744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:47:27.0782 5744 WUDFRd - ok
21:47:27.0829 5744 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:47:27.0875 5744 wudfsvc - ok
21:47:27.0907 5744 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:47:27.0985 5744 WwanSvc - ok
21:47:28.0094 5744 [ 7EB06617A7F2F280D58CF62776FDDDC2 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
21:47:28.0187 5744 ZcfgSvc7 - ok
21:47:28.0219 5744 ================ Scan global ===============================
21:47:28.0250 5744 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:47:28.0297 5744 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:47:28.0328 5744 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:47:28.0375 5744 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:47:28.0390 5744 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:47:28.0406 5744 [Global] - ok
21:47:28.0406 5744 ================ Scan MBR ==================================
21:47:28.0437 5744 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
21:47:33.0850 5744 \Device\Harddisk0\DR0 - ok
21:47:33.0866 5744 ================ Scan VBR ==================================
21:47:33.0866 5744 [ B7740442E779657AE97BF54ABB0015C7 ] \Device\Harddisk0\DR0\Partition1
21:47:33.0866 5744 \Device\Harddisk0\DR0\Partition1 - ok
21:47:33.0897 5744 [ 34A42C0DB10592B56DABA82B83D05696 ] \Device\Harddisk0\DR0\Partition2
21:47:33.0913 5744 \Device\Harddisk0\DR0\Partition2 - ok
21:47:33.0928 5744 [ 44A1A062C90E4C06B60942525CB5811B ] \Device\Harddisk0\DR0\Partition3
21:47:33.0944 5744 \Device\Harddisk0\DR0\Partition3 - ok
21:47:33.0944 5744 ============================================================
21:47:33.0944 5744 Scan finished
21:47:33.0944 5744 ============================================================
21:47:33.0959 3820 Detected object count: 1
21:47:33.0959 3820 Actual detected object count: 1
21:47:47.0313 3820 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user
21:47:47.0313 3820 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:47:54.0832 4988 ============================================================
21:47:54.0832 4988 Scan started
21:47:54.0832 4988 Mode: Manual; SigCheck; TDLFS;
21:47:54.0832 4988 ============================================================
21:47:55.0378 4988 ================ Scan system memory ========================
21:47:55.0378 4988 System memory - ok
21:47:55.0378 4988 ================ Scan services =============================
21:47:55.0846 4988 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:47:55.0893 4988 1394ohci - ok
21:47:55.0955 4988 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:47:55.0987 4988 ACPI - ok
21:47:56.0018 4988 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:47:56.0049 4988 AcpiPmi - ok
21:47:56.0158 4988 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:47:56.0189 4988 AdobeARMservice - ok
21:47:56.0470 4988 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:47:56.0501 4988 AdobeFlashPlayerUpdateSvc - ok
21:47:56.0564 4988 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:47:56.0611 4988 adp94xx - ok
21:47:56.0657 4988 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:47:56.0704 4988 adpahci - ok
21:47:56.0751 4988 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:47:56.0782 4988 adpu320 - ok
21:47:56.0829 4988 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:47:56.0923 4988 AeLookupSvc - ok
21:47:56.0969 4988 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:47:57.0016 4988 AFD - ok
21:47:57.0047 4988 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:47:57.0079 4988 agp440 - ok
21:47:57.0094 4988 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:47:57.0125 4988 ALG - ok
21:47:57.0172 4988 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:47:57.0203 4988 aliide - ok
21:47:57.0219 4988 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:47:57.0250 4988 amdide - ok
21:47:57.0266 4988 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:47:57.0313 4988 AmdK8 - ok
21:47:57.0328 4988 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:47:57.0359 4988 AmdPPM - ok
21:47:57.0406 4988 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:47:57.0437 4988 amdsata - ok
21:47:57.0469 4988 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:47:57.0500 4988 amdsbs - ok
21:47:57.0515 4988 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:47:57.0547 4988 amdxata - ok
21:47:57.0578 4988 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
21:47:57.0609 4988 AMPPAL - ok
21:47:57.0640 4988 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
21:47:57.0671 4988 AMPPALP - ok
21:47:57.0796 4988 [ A47D7FEBD9381D34DDB4FF38B15A67FE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:47:57.0874 4988 AMPPALR3 - ok
21:47:57.0905 4988 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:47:57.0999 4988 AppID - ok
21:47:58.0015 4988 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:47:58.0124 4988 AppIDSvc - ok
21:47:58.0124 4988 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:47:58.0217 4988 Appinfo - ok
21:47:58.0264 4988 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:47:58.0295 4988 arc - ok
21:47:58.0342 4988 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:47:58.0373 4988 arcsas - ok
21:47:58.0373 4988 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:47:58.0483 4988 AsyncMac - ok
21:47:58.0514 4988 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:47:58.0529 4988 atapi - ok
21:47:58.0592 4988 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:47:58.0701 4988 AudioEndpointBuilder - ok
21:47:58.0732 4988 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:47:58.0841 4988 AudioSrv - ok
21:47:58.0873 4988 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:47:58.0919 4988 AxInstSV - ok
21:47:58.0966 4988 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:47:59.0013 4988 b06bdrv - ok
21:47:59.0044 4988 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:47:59.0091 4988 b57nd60a - ok
21:47:59.0107 4988 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:47:59.0153 4988 BDESVC - ok
21:47:59.0153 4988 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:47:59.0263 4988 Beep - ok
21:47:59.0278 4988 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:47:59.0403 4988 BFE - ok
21:47:59.0450 4988 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:47:59.0559 4988 BITS - ok
21:47:59.0590 4988 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:47:59.0621 4988 blbdrive - ok
21:47:59.0731 4988 [ 55B0C8441DE7D91A819A39D0351154A2 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:47:59.0777 4988 Bluetooth Device Monitor - ok
21:47:59.0840 4988 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:47:59.0918 4988 Bluetooth Media Service - ok
21:47:59.0965 4988 [ 8BF4B9956E13871A88A3810074E2E110 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:48:00.0027 4988 Bluetooth OBEX Service - ok
21:48:00.0074 4988 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:48:00.0105 4988 bowser - ok
21:48:00.0152 4988 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:48:00.0183 4988 BrFiltLo - ok
21:48:00.0199 4988 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:48:00.0245 4988 BrFiltUp - ok
21:48:00.0277 4988 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:48:00.0308 4988 Browser - ok
21:48:00.0355 4988 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:48:00.0386 4988 Brserid - ok
21:48:00.0417 4988 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:48:00.0464 4988 BrSerWdm - ok
21:48:00.0495 4988 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:48:00.0542 4988 BrUsbMdm - ok
21:48:00.0557 4988 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:48:00.0589 4988 BrUsbSer - ok
21:48:00.0620 4988 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:48:00.0651 4988 BthEnum - ok
21:48:00.0698 4988 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:48:00.0729 4988 BTHMODEM - ok
21:48:00.0760 4988 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:48:00.0807 4988 BthPan - ok
21:48:00.0854 4988 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:48:00.0901 4988 BTHPORT - ok
21:48:00.0947 4988 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:48:01.0041 4988 bthserv - ok
21:48:01.0072 4988 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:48:01.0103 4988 BTHSSecurityMgr - ok
21:48:01.0135 4988 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:48:01.0166 4988 BTHUSB - ok
21:48:01.0197 4988 [ 270FBA230E78E25726D065A924589A72 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
21:48:01.0228 4988 btmaux - ok
21:48:01.0259 4988 [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
21:48:01.0291 4988 btmhsf - ok
21:48:01.0337 4988 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:48:01.0431 4988 cdfs - ok
21:48:01.0462 4988 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:48:01.0509 4988 cdrom - ok
21:48:01.0525 4988 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:48:01.0618 4988 CertPropSvc - ok
21:48:01.0649 4988 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:48:01.0681 4988 circlass - ok
21:48:01.0696 4988 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:48:01.0743 4988 CLFS - ok
21:48:01.0868 4988 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:48:01.0899 4988 clr_optimization_v2.0.50727_32 - ok
21:48:02.0008 4988 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:48:02.0039 4988 clr_optimization_v2.0.50727_64 - ok
21:48:02.0180 4988 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:48:02.0195 4988 clr_optimization_v4.0.30319_32 - ok
21:48:02.0367 4988 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:48:02.0398 4988 clr_optimization_v4.0.30319_64 - ok
21:48:02.0429 4988 [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
21:48:02.0461 4988 CLVirtualDrive - ok
21:48:02.0461 4988 clwvd - ok
21:48:02.0492 4988 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:48:02.0539 4988 CmBatt - ok
21:48:02.0554 4988 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:48:02.0585 4988 cmdide - ok
21:48:02.0648 4988 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:48:02.0695 4988 CNG - ok
21:48:02.0741 4988 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:48:02.0773 4988 Compbatt - ok
21:48:02.0788 4988 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:48:02.0835 4988 CompositeBus - ok
21:48:02.0835 4988 COMSysApp - ok
21:48:02.0882 4988 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:48:02.0897 4988 crcdisk - ok
21:48:02.0944 4988 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:48:02.0975 4988 CryptSvc - ok
21:48:03.0085 4988 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:48:03.0147 4988 cvhsvc - ok
21:48:03.0194 4988 [ D01F45283E943D00FF0EEF0EB27D6141 ] CXCVBS C:\Windows\system32\drivers\cxCVBS.sys
21:48:03.0225 4988 CXCVBS - ok
21:48:03.0272 4988 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:48:03.0381 4988 DcomLaunch - ok
21:48:03.0412 4988 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:48:03.0521 4988 defragsvc - ok
21:48:03.0553 4988 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:48:03.0646 4988 DfsC - ok
21:48:03.0662 4988 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:48:03.0709 4988 Dhcp - ok
21:48:03.0724 4988 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:48:03.0818 4988 discache - ok
21:48:03.0833 4988 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:48:03.0865 4988 Disk - ok
21:48:03.0896 4988 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:48:03.0943 4988 Dnscache - ok
21:48:03.0958 4988 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:48:04.0067 4988 dot3svc - ok
21:48:04.0083 4988 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:48:04.0192 4988 DPS - ok
21:48:04.0223 4988 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:48:04.0270 4988 drmkaud - ok
21:48:04.0317 4988 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:48:04.0379 4988 DXGKrnl - ok
21:48:04.0411 4988 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:48:04.0504 4988 EapHost - ok
21:48:04.0613 4988 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:48:04.0754 4988 ebdrv - ok
21:48:04.0785 4988 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:48:04.0816 4988 EFS - ok
21:48:04.0941 4988 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:48:05.0003 4988 ehRecvr - ok
21:48:05.0019 4988 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:48:05.0066 4988 ehSched - ok
21:48:05.0097 4988 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:48:05.0144 4988 elxstor - ok
21:48:05.0191 4988 [ DFEB7EE15BA8BA03E722C375F7E6A379 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
21:48:05.0222 4988 EPSON_PM_RPCV4_05 - ok
21:48:05.0253 4988 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:48:05.0284 4988 ErrDev - ok
21:48:05.0331 4988 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:48:05.0440 4988 EventSystem - ok
21:48:05.0534 4988 [ B20A788579E443F768AAB1A24F705D0A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:48:05.0627 4988 EvtEng - ok
21:48:05.0659 4988 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:48:05.0768 4988 exfat - ok
21:48:05.0783 4988 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:48:05.0877 4988 fastfat - ok
21:48:05.0939 4988 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:48:05.0986 4988 Fax - ok
21:48:06.0017 4988 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:48:06.0049 4988 fdc - ok
21:48:06.0064 4988 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:48:06.0173 4988 fdPHost - ok
21:48:06.0173 4988 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:48:06.0283 4988 FDResPub - ok
21:48:06.0283 4988 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:48:06.0314 4988 FileInfo - ok
21:48:06.0329 4988 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:48:06.0423 4988 Filetrace - ok
21:48:06.0454 4988 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:48:06.0485 4988 flpydisk - ok
21:48:06.0501 4988 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:48:06.0548 4988 FltMgr - ok
21:48:06.0610 4988 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:48:06.0673 4988 FontCache - ok
21:48:06.0719 4988 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:48:06.0735 4988 FontCache3.0.0.0 - ok
21:48:06.0766 4988 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:48:06.0782 4988 FsDepends - ok
21:48:06.0813 4988 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:48:06.0844 4988 Fs_Rec - ok
21:48:06.0891 4988 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:48:06.0922 4988 fvevol - ok
21:48:06.0953 4988 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:48:06.0985 4988 gagp30kx - ok
21:48:07.0031 4988 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:48:07.0156 4988 gpsvc - ok
21:48:07.0219 4988 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:48:07.0234 4988 gupdate - ok
21:48:07.0265 4988 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:48:07.0281 4988 gupdatem - ok
21:48:07.0328 4988 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:48:07.0359 4988 gusvc - ok
21:48:07.0390 4988 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:48:07.0421 4988 hcw85cir - ok
21:48:07.0468 4988 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:48:07.0515 4988 HdAudAddService - ok
21:48:07.0531 4988 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:48:07.0577 4988 HDAudBus - ok
21:48:07.0609 4988 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:48:07.0640 4988 HidBatt - ok
21:48:07.0671 4988 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:48:07.0718 4988 HidBth - ok
21:48:07.0733 4988 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:48:07.0780 4988 HidIr - ok
21:48:07.0796 4988 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:48:07.0905 4988 hidserv - ok
21:48:07.0936 4988 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:48:07.0967 4988 HidUsb - ok
21:48:07.0983 4988 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:48:08.0092 4988 hkmsvc - ok
21:48:08.0108 4988 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:48:08.0155 4988 HomeGroupListener - ok
21:48:08.0186 4988 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:48:08.0217 4988 HomeGroupProvider - ok
21:48:08.0248 4988 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:48:08.0295 4988 HpSAMD - ok
21:48:08.0326 4988 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:48:08.0451 4988 HTTP - ok
21:48:08.0451 4988 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:48:08.0482 4988 hwpolicy - ok
21:48:08.0513 4988 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:48:08.0545 4988 i8042prt - ok
21:48:08.0591 4988 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
21:48:08.0638 4988 iaStor - ok
21:48:08.0701 4988 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:48:08.0732 4988 IAStorDataMgrSvc - ok
21:48:08.0763 4988 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:48:08.0810 4988 iaStorV - ok
21:48:08.0841 4988 [ DE9E40BAEE2E48FD1E3EB423074C014C ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
21:48:08.0872 4988 iBtFltCoex - ok
21:48:08.0935 4988 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:48:08.0997 4988 idsvc - ok
21:48:09.0356 4988 [ 978D876A581D57E0DE6437674EB0014D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:48:09.0730 4988 igfx - ok
21:48:09.0808 4988 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:48:09.0824 4988 iirsp - ok
21:48:09.0902 4988 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:48:10.0011 4988 IKEEXT - ok
21:48:10.0058 4988 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:48:10.0073 4988 intaud_WaveExtensible - ok
21:48:10.0183 4988 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:48:10.0339 4988 IntcAzAudAddService - ok
21:48:10.0370 4988 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:48:10.0401 4988 IntcDAud - ok
21:48:10.0432 4988 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:48:10.0463 4988 intelide - ok
21:48:10.0495 4988 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:48:10.0526 4988 intelppm - ok
21:48:10.0557 4988 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:48:10.0651 4988 IPBusEnum - ok
21:48:10.0682 4988 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:48:10.0775 4988 IpFilterDriver - ok
21:48:10.0822 4988 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:48:10.0885 4988 iphlpsvc - ok
21:48:10.0916 4988 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:48:10.0947 4988 IPMIDRV - ok
21:48:10.0963 4988 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:48:11.0056 4988 IPNAT - ok
21:48:11.0072 4988 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:48:11.0119 4988 IRENUM - ok
21:48:11.0134 4988 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:48:11.0165 4988 isapnp - ok
21:48:11.0212 4988 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:48:11.0243 4988 iScsiPrt - ok
21:48:11.0275 4988 [ 00CB3B7A1B166B425F9A330CA51E3568 ] IT9135BDA C:\Windows\system32\Drivers\IT9135BDA.sys
21:48:11.0306 4988 IT9135BDA - ok
21:48:11.0321 4988 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys
21:48:11.0353 4988 iwdbus - ok
21:48:11.0368 4988 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:48:11.0399 4988 kbdclass - ok
21:48:11.0415 4988 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:48:11.0446 4988 kbdhid - ok
21:48:11.0477 4988 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:48:11.0509 4988 KeyIso - ok
21:48:11.0555 4988 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:48:11.0587 4988 KSecDD - ok
21:48:11.0618 4988 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:48:11.0649 4988 KSecPkg - ok
21:48:11.0665 4988 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:48:11.0774 4988 ksthunk - ok
21:48:11.0805 4988 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:48:11.0914 4988 KtmRm - ok
21:48:11.0945 4988 [ 6DD5383C9413AAE3113FAF89E345663D ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:48:11.0977 4988 L1C - ok
21:48:12.0008 4988 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:48:12.0117 4988 LanmanServer - ok
21:48:12.0133 4988 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:48:12.0242 4988 LanmanWorkstation - ok
21:48:12.0257 4988 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:48:12.0351 4988 lltdio - ok
21:48:12.0398 4988 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:48:12.0507 4988 lltdsvc - ok
21:48:12.0507 4988 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:48:12.0601 4988 lmhosts - ok
21:48:12.0647 4988 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:48:12.0679 4988 LMS - ok
21:48:12.0725 4988 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:48:12.0757 4988 LSI_FC - ok
21:48:12.0772 4988 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:48:12.0803 4988 LSI_SAS - ok
21:48:12.0819 4988 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:48:12.0850 4988 LSI_SAS2 - ok
21:48:12.0913 4988 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:48:12.0944 4988 LSI_SCSI - ok
21:48:12.0975 4988 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:48:13.0069 4988 luafv - ok
21:48:13.0115 4988 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:48:13.0162 4988 Mcx2Svc - ok
21:48:13.0178 4988 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:48:13.0209 4988 megasas - ok
21:48:13.0240 4988 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:48:13.0287 4988 MegaSR - ok
21:48:13.0318 4988 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
21:48:13.0349 4988 MEIx64 - ok
21:48:13.0381 4988 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:48:13.0474 4988 MMCSS - ok
21:48:13.0505 4988 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:48:13.0599 4988 Modem - ok
21:48:13.0615 4988 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:48:13.0646 4988 monitor - ok
21:48:13.0661 4988 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:48:13.0693 4988 mouclass - ok
21:48:13.0739 4988 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:48:13.0771 4988 mouhid - ok
21:48:13.0786 4988 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:48:13.0817 4988 mountmgr - ok
21:48:13.0849 4988 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:48:13.0880 4988 MozillaMaintenance - ok
21:48:13.0927 4988 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:48:13.0958 4988 mpio - ok
21:48:13.0989 4988 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:48:14.0098 4988 mpsdrv - ok
21:48:14.0145 4988 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:48:14.0254 4988 MpsSvc - ok
21:48:14.0270 4988 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:48:14.0317 4988 MRxDAV - ok
21:48:14.0348 4988 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:48:14.0395 4988 mrxsmb - ok
21:48:14.0426 4988 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:48:14.0473 4988 mrxsmb10 - ok
21:48:14.0488 4988 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:48:14.0535 4988 mrxsmb20 - ok
21:48:14.0551 4988 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:48:14.0566 4988 msahci - ok
21:48:14.0613 4988 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:48:14.0644 4988 msdsm - ok
21:48:14.0675 4988 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:48:14.0707 4988 MSDTC - ok
21:48:14.0738 4988 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:48:14.0831 4988 Msfs - ok
21:48:14.0847 4988 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:48:14.0941 4988 mshidkmdf - ok
21:48:14.0972 4988 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:48:15.0003 4988 msisadrv - ok
21:48:15.0034 4988 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:48:15.0128 4988 MSiSCSI - ok
21:48:15.0143 4988 msiserver - ok
21:48:15.0159 4988 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:48:15.0253 4988 MSKSSRV - ok
21:48:15.0253 4988 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:48:15.0362 4988 MSPCLOCK - ok
21:48:15.0362 4988 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:48:15.0455 4988 MSPQM - ok
21:48:15.0487 4988 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:48:15.0533 4988 MsRPC - ok
21:48:15.0565 4988 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:48:15.0596 4988 mssmbios - ok
21:48:15.0596 4988 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:48:15.0689 4988 MSTEE - ok
21:48:15.0721 4988 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:48:15.0752 4988 MTConfig - ok
21:48:15.0767 4988 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:48:15.0799 4988 Mup - ok
21:48:15.0830 4988 [ F217D7718FD7577AF331E89910B2D21E ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:48:15.0877 4988 MyWiFiDHCPDNS - ok
21:48:15.0908 4988 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:48:16.0017 4988 napagent - ok
21:48:16.0048 4988 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:48:16.0095 4988 NativeWifiP - ok
21:48:16.0157 4988 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:48:16.0220 4988 NDIS - ok
21:48:16.0251 4988 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:48:16.0360 4988 NdisCap - ok
21:48:16.0360 4988 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:48:16.0469 4988 NdisTapi - ok
21:48:16.0469 4988 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:48:16.0563 4988 Ndisuio - ok
21:48:16.0579 4988 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:48:16.0672 4988 NdisWan - ok
21:48:16.0672 4988 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:48:16.0766 4988 NDProxy - ok
21:48:16.0781 4988 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:48:16.0875 4988 NetBIOS - ok
21:48:16.0891 4988 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:48:16.0984 4988 NetBT - ok
21:48:17.0015 4988 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:48:17.0047 4988 Netlogon - ok
21:48:17.0093 4988 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:48:17.0187 4988 Netman - ok
21:48:17.0218 4988 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:48:17.0327 4988 netprofm - ok
21:48:17.0343 4988 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:48:17.0374 4988 NetTcpPortSharing - ok
21:48:17.0639 4988 [ 9FD1BE1881446D954FF77244AE58FBCB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
21:48:17.0873 4988 NETwNs64 - ok
21:48:18.0029 4988 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:48:18.0061 4988 nfrd960 - ok
21:48:18.0107 4988 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:48:18.0139 4988 NlaSvc - ok
21:48:18.0170 4988 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:48:18.0263 4988 Npfs - ok
21:48:18.0295 4988 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:48:18.0404 4988 nsi - ok
21:48:18.0404 4988 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:48:18.0513 4988 nsiproxy - ok
21:48:18.0607 4988 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:48:18.0716 4988 Ntfs - ok
21:48:18.0747 4988 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:48:18.0841 4988 Null - ok
21:48:19.0215 4988 [ E97E8C80793EF12C994607CA5645799A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:48:19.0761 4988 nvlddmkm - ok
21:48:19.0777 4988 [ 50612BD6943B9CB20008E9E241DC8B7D ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
21:48:19.0808 4988 nvpciflt - ok
21:48:19.0886 4988 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:48:19.0917 4988 nvraid - ok
21:48:19.0964 4988 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:48:19.0995 4988 nvstor - ok
21:48:20.0057 4988 [ F355C26FDE46EDB911E3E3D749E985AE ] nvsvc C:\Windows\system32\nvvsvc.exe
21:48:20.0151 4988 nvsvc - ok
21:48:20.0276 4988 [ 03AA7307C0D92D38D7AF90E181736B8D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:48:20.0401 4988 nvUpdatusService - ok
21:48:20.0432 4988 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:48:20.0463 4988 nv_agp - ok
21:48:20.0494 4988 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:48:20.0525 4988 ohci1394 - ok
21:48:20.0557 4988 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:48:20.0588 4988 ose - ok
21:48:20.0759 4988 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:48:20.0993 4988 osppsvc - ok
21:48:21.0025 4988 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:48:21.0056 4988 p2pimsvc - ok
21:48:21.0087 4988 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:48:21.0118 4988 p2psvc - ok
21:48:21.0149 4988 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:48:21.0181 4988 Parport - ok
21:48:21.0212 4988 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:48:21.0243 4988 partmgr - ok
21:48:21.0259 4988 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:48:21.0290 4988 PcaSvc - ok
21:48:21.0337 4988 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:48:21.0352 4988 pci - ok
21:48:21.0368 4988 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:48:21.0399 4988 pciide - ok
21:48:21.0446 4988 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:48:21.0477 4988 pcmcia - ok
21:48:21.0508 4988 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:48:21.0539 4988 pcw - ok
21:48:21.0555 4988 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:48:21.0680 4988 PEAUTH - ok
21:48:21.0914 4988 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:48:21.0961 4988 PerfHost - ok
21:48:22.0023 4988 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:48:22.0163 4988 pla - ok
21:48:22.0210 4988 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:48:22.0257 4988 PlugPlay - ok
21:48:22.0273 4988 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:48:22.0319 4988 PNRPAutoReg - ok
21:48:22.0335 4988 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:48:22.0382 4988 PNRPsvc - ok
21:48:22.0413 4988 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:48:22.0522 4988 PolicyAgent - ok
21:48:22.0569 4988 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:48:22.0678 4988 Power - ok
21:48:22.0709 4988 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:48:22.0803 4988 PptpMiniport - ok
21:48:22.0834 4988 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:48:22.0865 4988 Processor - ok
21:48:22.0912 4988 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:48:22.0943 4988 ProfSvc - ok
21:48:22.0959 4988 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:48:23.0006 4988 ProtectedStorage - ok
21:48:23.0037 4988 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:48:23.0131 4988 Psched - ok
21:48:23.0177 4988 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:48:23.0209 4988 PSI_SVC_2 - ok
21:48:23.0287 4988 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:48:23.0365 4988 ql2300 - ok
21:48:23.0396 4988 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:48:23.0427 4988 ql40xx - ok
21:48:23.0458 4988 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:48:23.0521 4988 QWAVE - ok
21:48:23.0552 4988 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:48:23.0599 4988 QWAVEdrv - ok
21:48:23.0614 4988 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:48:23.0708 4988 RasAcd - ok
21:48:23.0723 4988 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:48:23.0833 4988 RasAgileVpn - ok
21:48:23.0848 4988 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:48:23.0957 4988 RasAuto - ok
21:48:23.0957 4988 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:48:24.0035 4988 Rasl2tp - ok
21:48:24.0067 4988 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:48:24.0145 4988 RasMan - ok
21:48:24.0160 4988 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:48:24.0238 4988 RasPppoe - ok
21:48:24.0238 4988 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:48:24.0316 4988 RasSstp - ok
21:48:24.0332 4988 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:48:24.0410 4988 rdbss - ok
21:48:24.0441 4988 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:48:24.0472 4988 rdpbus - ok
21:48:24.0472 4988 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:48:24.0566 4988 RDPCDD - ok
21:48:24.0566 4988 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:48:24.0644 4988 RDPENCDD - ok
21:48:24.0659 4988 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:48:24.0737 4988 RDPREFMP - ok
21:48:24.0769 4988 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:48:24.0800 4988 RDPWD - ok
21:48:24.0815 4988 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:48:24.0847 4988 rdyboost - ok
21:48:24.0909 4988 [ B9A0810D16EA7935B10A5499ABA61DC3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:48:24.0940 4988 RegSrvc - ok
21:48:24.0971 4988 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:48:25.0049 4988 RemoteAccess - ok
21:48:25.0081 4988 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:48:25.0159 4988 RemoteRegistry - ok
21:48:25.0190 4988 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:48:25.0237 4988 RFCOMM - ok
21:48:25.0361 4988 [ 7728B6AEDC83BC0DEFD0A53371D4613B ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:48:25.0393 4988 RichVideo - ok
21:48:25.0439 4988 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:48:25.0533 4988 RpcEptMapper - ok
21:48:25.0564 4988 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:48:25.0611 4988 RpcLocator - ok
21:48:25.0642 4988 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:48:25.0751 4988 RpcSs - ok
21:48:25.0783 4988 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:48:25.0892 4988 rspndr - ok
21:48:25.0923 4988 [ CE0A1D8A59410E698140821E4E69DA0D ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
21:48:25.0954 4988 RSUSBVSTOR - ok
21:48:25.0985 4988 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:48:26.0017 4988 SamSs - ok
21:48:26.0173 4988 [ E15AD7EAA6F6B22AD603339DAC7CBA74 ] SBAMSvc C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe
21:48:26.0313 4988 SBAMSvc - ok
21:48:26.0344 4988 [ CD50FFB4C803C06D21CE3569489B7929 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
21:48:26.0375 4988 sbapifs - ok
21:48:26.0422 4988 [ CDB954C736D51DC5FA712C039AF4F683 ] SbFw C:\Windows\system32\drivers\SbFw.sys
21:48:26.0453 4988 SbFw - ok
21:48:26.0469 4988 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys
21:48:26.0500 4988 SBFWIMCL - ok
21:48:26.0516 4988 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys
21:48:26.0531 4988 SBFWIMCLMP - ok
21:48:26.0547 4988 [ A5BC45F8C2F30350E7566799C86B2F5D ] sbhips C:\Windows\system32\drivers\sbhips.sys
21:48:26.0563 4988 sbhips - ok
21:48:26.0609 4988 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:48:26.0641 4988 sbp2port - ok
21:48:26.0672 4988 [ FB01A1137A8ABDF636DF41FC0F1AFE53 ] SBPIMSvc C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe
21:48:26.0703 4988 SBPIMSvc - ok
21:48:26.0734 4988 [ 2F58125AD1BB90959F9634C7AC36D230 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
21:48:26.0765 4988 SBRE - ok
21:48:26.0781 4988 [ F9955774A6BF0A5CA696F591C7B80A79 ] SbTis C:\Windows\system32\drivers\sbtis.sys
21:48:26.0797 4988 SbTis - ok
21:48:26.0843 4988 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:48:26.0953 4988 SCardSvr - ok
21:48:26.0968 4988 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:48:27.0046 4988 scfilter - ok
21:48:27.0109 4988 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:48:27.0233 4988 Schedule - ok
21:48:27.0265 4988 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:48:27.0358 4988 SCPolicySvc - ok
21:48:27.0374 4988 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:48:27.0405 4988 SDRSVC - ok
21:48:27.0421 4988 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:48:27.0514 4988 secdrv - ok
21:48:27.0530 4988 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:48:27.0623 4988 seclogon - ok
21:48:27.0639 4988 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:48:27.0748 4988 SENS - ok
21:48:27.0764 4988 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:48:27.0811 4988 SensrSvc - ok
21:48:27.0842 4988 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:48:27.0873 4988 Serenum - ok
21:48:27.0889 4988 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:48:27.0920 4988 Serial - ok
21:48:27.0951 4988 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:48:27.0982 4988 sermouse - ok
21:48:28.0029 4988 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:48:28.0123 4988 SessionEnv - ok
21:48:28.0154 4988 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:48:28.0201 4988 sffdisk - ok
Geändert von briller (01.04.2013 um 21:13 Uhr) |
|
01.04.2013, 21:12
| #13 |
| | Sicheres Entfernen von Trojan.Win32 Generic!BTCode:
ATTFilter 21:48:28.0247 4988 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:48:28.0279 4988 sffp_mmc - ok
21:48:28.0310 4988 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:48:28.0357 4988 sffp_sd - ok
21:48:28.0372 4988 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:48:28.0403 4988 sfloppy - ok
21:48:28.0466 4988 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
21:48:28.0513 4988 Sftfs - ok
21:48:28.0591 4988 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:48:28.0637 4988 sftlist - ok
21:48:28.0669 4988 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:48:28.0700 4988 Sftplay - ok
21:48:28.0731 4988 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:48:28.0747 4988 Sftredir - ok
21:48:28.0793 4988 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
21:48:28.0809 4988 Sftvol - ok
21:48:28.0840 4988 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:48:28.0871 4988 sftvsa - ok
21:48:28.0918 4988 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:48:29.0027 4988 SharedAccess - ok
21:48:29.0074 4988 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:48:29.0168 4988 ShellHWDetection - ok
21:48:29.0215 4988 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:48:29.0230 4988 SiSRaid2 - ok
21:48:29.0277 4988 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:48:29.0293 4988 SiSRaid4 - ok
21:48:29.0324 4988 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:48:29.0417 4988 Smb - ok
21:48:29.0449 4988 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:48:29.0495 4988 SNMPTRAP - ok
21:48:29.0495 4988 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:48:29.0527 4988 spldr - ok
21:48:29.0573 4988 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:48:29.0620 4988 Spooler - ok
21:48:29.0745 4988 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:48:29.0948 4988 sppsvc - ok
21:48:29.0963 4988 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:48:30.0041 4988 sppuinotify - ok
21:48:30.0073 4988 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:48:30.0104 4988 srv - ok
21:48:30.0135 4988 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:48:30.0166 4988 srv2 - ok
21:48:30.0182 4988 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:48:30.0213 4988 srvnet - ok
21:48:30.0244 4988 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:48:30.0322 4988 SSDPSRV - ok
21:48:30.0338 4988 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:48:30.0416 4988 SstpSvc - ok
21:48:30.0463 4988 [ B7368B1BF6C20922DFEDF0A35F69EEEF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:48:30.0509 4988 Stereo Service - ok
21:48:30.0541 4988 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:48:30.0556 4988 stexstor - ok
21:48:30.0603 4988 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:48:30.0650 4988 stisvc - ok
21:48:30.0665 4988 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:48:30.0697 4988 swenum - ok
21:48:30.0728 4988 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:48:30.0837 4988 swprv - ok
21:48:30.0899 4988 [ B3AD15FA10EBEAFC1275F34050E4E230 ] SynTP C:\Windows\system32\drivers\SynTP.sys
21:48:30.0962 4988 SynTP - ok
21:48:31.0040 4988 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:48:31.0133 4988 SysMain - ok
21:48:31.0149 4988 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:48:31.0211 4988 TabletInputService - ok
21:48:31.0243 4988 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:48:31.0336 4988 TapiSrv - ok
21:48:31.0352 4988 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:48:31.0461 4988 TBS - ok
21:48:31.0539 4988 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:48:31.0648 4988 Tcpip - ok
21:48:31.0711 4988 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:48:31.0804 4988 TCPIP6 - ok
21:48:31.0867 4988 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:48:31.0898 4988 tcpipreg - ok
21:48:31.0929 4988 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:48:31.0960 4988 TDPIPE - ok
21:48:31.0991 4988 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:48:32.0023 4988 TDTCP - ok
21:48:32.0038 4988 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:48:32.0132 4988 tdx - ok
21:48:32.0163 4988 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:48:32.0179 4988 TermDD - ok
21:48:32.0225 4988 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:48:32.0350 4988 TermService - ok
21:48:32.0366 4988 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:48:32.0413 4988 Themes - ok
21:48:32.0444 4988 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:48:32.0553 4988 THREADORDER - ok
21:48:32.0569 4988 [ DA632FAE7B5629032B2C24E1BE29168B ] tihub3 C:\Windows\system32\drivers\tihub3.sys
21:48:32.0600 4988 tihub3 - ok
21:48:32.0631 4988 [ 6AAD465F69632931B6D8D61B287E6DE9 ] tixhci C:\Windows\system32\drivers\tixhci.sys
21:48:32.0662 4988 tixhci - ok
21:48:32.0709 4988 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:48:32.0818 4988 TrkWks - ok
21:48:32.0865 4988 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:48:32.0959 4988 TrustedInstaller - ok
21:48:32.0974 4988 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:48:33.0068 4988 tssecsrv - ok
21:48:33.0083 4988 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:48:33.0115 4988 TsUsbFlt - ok
21:48:33.0146 4988 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:48:33.0177 4988 TsUsbGD - ok
21:48:33.0177 4988 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:48:33.0286 4988 tunnel - ok
21:48:33.0302 4988 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:48:33.0333 4988 uagp35 - ok
21:48:33.0349 4988 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:48:33.0458 4988 udfs - ok
21:48:33.0489 4988 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:48:33.0536 4988 UI0Detect - ok
21:48:33.0551 4988 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:48:33.0583 4988 uliagpkx - ok
21:48:33.0614 4988 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:48:33.0645 4988 umbus - ok
21:48:33.0676 4988 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:48:33.0707 4988 UmPass - ok
21:48:33.0848 4988 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:48:33.0973 4988 UNS - ok
21:48:34.0004 4988 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:48:34.0113 4988 upnphost - ok
21:48:34.0144 4988 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:48:34.0175 4988 usbccgp - ok
21:48:34.0207 4988 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:48:34.0253 4988 usbcir - ok
21:48:34.0269 4988 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:48:34.0300 4988 usbehci - ok
21:48:34.0331 4988 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
21:48:34.0363 4988 usbhub - ok
21:48:34.0394 4988 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:48:34.0425 4988 usbohci - ok
21:48:34.0456 4988 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:48:34.0503 4988 usbprint - ok
21:48:34.0519 4988 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:48:34.0550 4988 usbscan - ok
21:48:34.0597 4988 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:48:34.0628 4988 USBSTOR - ok
21:48:34.0643 4988 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:48:34.0690 4988 usbuhci - ok
21:48:34.0721 4988 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:48:34.0768 4988 usbvideo - ok
21:48:34.0799 4988 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:48:34.0893 4988 UxSms - ok
21:48:34.0909 4988 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:48:34.0955 4988 VaultSvc - ok
21:48:34.0971 4988 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:48:35.0002 4988 vdrvroot - ok
21:48:35.0033 4988 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:48:35.0158 4988 vds - ok
21:48:35.0174 4988 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:48:35.0221 4988 vga - ok
21:48:35.0252 4988 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:48:35.0345 4988 VgaSave - ok
21:48:35.0377 4988 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:48:35.0423 4988 vhdmp - ok
21:48:35.0455 4988 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:48:35.0470 4988 viaide - ok
21:48:35.0501 4988 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:48:35.0533 4988 volmgr - ok
21:48:35.0564 4988 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:48:35.0611 4988 volmgrx - ok
21:48:35.0642 4988 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:48:35.0689 4988 volsnap - ok
21:48:35.0735 4988 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:48:35.0767 4988 vsmraid - ok
21:48:35.0845 4988 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:48:35.0985 4988 VSS - ok
21:48:36.0016 4988 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:48:36.0063 4988 vwifibus - ok
21:48:36.0063 4988 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:48:36.0125 4988 vwififlt - ok
21:48:36.0125 4988 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:48:36.0188 4988 vwifimp - ok
21:48:36.0203 4988 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:48:36.0313 4988 W32Time - ok
21:48:36.0328 4988 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:48:36.0375 4988 WacomPen - ok
21:48:36.0375 4988 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:48:36.0484 4988 WANARP - ok
21:48:36.0484 4988 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:48:36.0578 4988 Wanarpv6 - ok
21:48:36.0625 4988 [ 261A725F8ACEDDA695C7FFF6D6EDE6B5 ] watchmi C:\Program Files (x86)\watchmi\TvdService.exe
21:48:36.0640 4988 watchmi ( UnsignedFile.Multi.Generic ) - warning
21:48:36.0640 4988 watchmi - detected UnsignedFile.Multi.Generic (1)
21:48:36.0718 4988 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:48:36.0796 4988 wbengine - ok
21:48:36.0812 4988 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:48:36.0874 4988 WbioSrvc - ok
21:48:36.0890 4988 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:48:36.0952 4988 wcncsvc - ok
21:48:36.0968 4988 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:48:37.0015 4988 WcsPlugInService - ok
21:48:37.0046 4988 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:48:37.0077 4988 Wd - ok
21:48:37.0124 4988 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:48:37.0186 4988 Wdf01000 - ok
21:48:37.0217 4988 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:48:37.0280 4988 WdiServiceHost - ok
21:48:37.0295 4988 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:48:37.0358 4988 WdiSystemHost - ok
21:48:37.0389 4988 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:48:37.0451 4988 WebClient - ok
21:48:37.0467 4988 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:48:37.0576 4988 Wecsvc - ok
21:48:37.0592 4988 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:48:37.0685 4988 wercplsupport - ok
21:48:37.0701 4988 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:48:37.0795 4988 WerSvc - ok
21:48:37.0826 4988 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:48:37.0904 4988 WfpLwf - ok
21:48:37.0904 4988 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:48:37.0935 4988 WIMMount - ok
21:48:37.0966 4988 WinDefend - ok
21:48:37.0966 4988 WinHttpAutoProxySvc - ok
21:48:38.0091 4988 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:48:38.0185 4988 Winmgmt - ok
21:48:38.0263 4988 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:48:38.0419 4988 WinRM - ok
21:48:38.0481 4988 [ 4C69A8E2E159C1C59BC4B688E9DD7F8C ] WisLMSvc C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
21:48:38.0497 4988 WisLMSvc - ok
21:48:38.0559 4988 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:48:38.0637 4988 Wlansvc - ok
21:48:38.0684 4988 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:48:38.0715 4988 wlcrasvc - ok
21:48:38.0824 4988 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:48:38.0949 4988 wlidsvc - ok
21:48:38.0980 4988 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:48:39.0027 4988 WmiAcpi - ok
21:48:39.0058 4988 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:48:39.0105 4988 wmiApSrv - ok
21:48:39.0121 4988 WMPNetworkSvc - ok
21:48:39.0152 4988 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:48:39.0183 4988 WPCSvc - ok
21:48:39.0199 4988 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:48:39.0245 4988 WPDBusEnum - ok
21:48:39.0261 4988 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:48:39.0355 4988 ws2ifsl - ok
21:48:39.0370 4988 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:48:39.0433 4988 wscsvc - ok
21:48:39.0433 4988 WSearch - ok
21:48:39.0557 4988 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:48:39.0682 4988 wuauserv - ok
21:48:39.0729 4988 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:48:39.0760 4988 WudfPf - ok
21:48:39.0807 4988 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:48:39.0854 4988 WUDFRd - ok
21:48:39.0885 4988 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:48:39.0932 4988 wudfsvc - ok
21:48:39.0963 4988 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:48:40.0025 4988 WwanSvc - ok
21:48:40.0119 4988 [ 7EB06617A7F2F280D58CF62776FDDDC2 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
21:48:40.0181 4988 ZcfgSvc7 - ok
21:48:40.0213 4988 ================ Scan global ===============================
21:48:40.0244 4988 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:48:40.0291 4988 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:48:40.0322 4988 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:48:40.0353 4988 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:48:40.0384 4988 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:48:40.0400 4988 [Global] - ok
21:48:40.0400 4988 ================ Scan MBR ==================================
21:48:40.0415 4988 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
21:48:46.0531 4988 \Device\Harddisk0\DR0 - ok
21:48:46.0531 4988 ================ Scan VBR ==================================
21:48:46.0531 4988 [ B7740442E779657AE97BF54ABB0015C7 ] \Device\Harddisk0\DR0\Partition1
21:48:46.0546 4988 \Device\Harddisk0\DR0\Partition1 - ok
21:48:46.0577 4988 [ 34A42C0DB10592B56DABA82B83D05696 ] \Device\Harddisk0\DR0\Partition2
21:48:46.0577 4988 \Device\Harddisk0\DR0\Partition2 - ok
21:48:46.0609 4988 [ 44A1A062C90E4C06B60942525CB5811B ] \Device\Harddisk0\DR0\Partition3
21:48:46.0609 4988 \Device\Harddisk0\DR0\Partition3 - ok
21:48:46.0609 4988 ============================================================
21:48:46.0609 4988 Scan finished
21:48:46.0609 4988 ============================================================
21:48:46.0624 5832 Detected object count: 1
21:48:46.0624 5832 Actual detected object count: 1
21:49:10.0352 5832 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user
21:49:10.0352 5832 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:49:18.0948 4256 ============================================================
21:49:18.0948 4256 Scan started
21:49:18.0948 4256 Mode: Manual; SigCheck; TDLFS;
21:49:18.0948 4256 ============================================================
21:49:19.0400 4256 ================ Scan system memory ========================
21:49:19.0400 4256 System memory - ok
21:49:19.0400 4256 ================ Scan services =============================
21:49:19.0868 4256 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:49:19.0899 4256 1394ohci - ok
21:49:19.0962 4256 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:49:19.0993 4256 ACPI - ok
21:49:20.0024 4256 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:49:20.0071 4256 AcpiPmi - ok
21:49:20.0180 4256 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:49:20.0211 4256 AdobeARMservice - ok
21:49:20.0476 4256 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:49:20.0508 4256 AdobeFlashPlayerUpdateSvc - ok
21:49:20.0539 4256 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:49:20.0601 4256 adp94xx - ok
21:49:20.0648 4256 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:49:20.0679 4256 adpahci - ok
21:49:20.0726 4256 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:49:20.0757 4256 adpu320 - ok
21:49:20.0804 4256 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:49:20.0898 4256 AeLookupSvc - ok
21:49:20.0929 4256 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:49:20.0976 4256 AFD - ok
21:49:21.0022 4256 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:49:21.0054 4256 agp440 - ok
21:49:21.0054 4256 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:49:21.0100 4256 ALG - ok
21:49:21.0132 4256 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:49:21.0147 4256 aliide - ok
21:49:21.0178 4256 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:49:21.0210 4256 amdide - ok
21:49:21.0225 4256 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:49:21.0256 4256 AmdK8 - ok
21:49:21.0288 4256 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:49:21.0319 4256 AmdPPM - ok
21:49:21.0350 4256 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:49:21.0397 4256 amdsata - ok
21:49:21.0412 4256 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:49:21.0444 4256 amdsbs - ok
21:49:21.0459 4256 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:49:21.0490 4256 amdxata - ok
21:49:21.0522 4256 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
21:49:21.0553 4256 AMPPAL - ok
21:49:21.0584 4256 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
21:49:21.0615 4256 AMPPALP - ok
21:49:21.0740 4256 [ A47D7FEBD9381D34DDB4FF38B15A67FE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:49:21.0818 4256 AMPPALR3 - ok
21:49:21.0849 4256 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:49:21.0943 4256 AppID - ok
21:49:21.0958 4256 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:49:22.0068 4256 AppIDSvc - ok
21:49:22.0068 4256 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:49:22.0161 4256 Appinfo - ok
21:49:22.0208 4256 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:49:22.0239 4256 arc - ok
21:49:22.0286 4256 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:49:22.0317 4256 arcsas - ok
21:49:22.0317 4256 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:49:22.0426 4256 AsyncMac - ok
21:49:22.0458 4256 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:49:22.0489 4256 atapi - ok
21:49:22.0536 4256 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:49:22.0645 4256 AudioEndpointBuilder - ok
21:49:22.0676 4256 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:49:22.0785 4256 AudioSrv - ok
21:49:22.0801 4256 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:49:22.0863 4256 AxInstSV - ok
21:49:22.0894 4256 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:49:22.0941 4256 b06bdrv - ok
21:49:22.0988 4256 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:49:23.0019 4256 b57nd60a - ok
21:49:23.0050 4256 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:49:23.0082 4256 BDESVC - ok
21:49:23.0097 4256 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:49:23.0206 4256 Beep - ok
21:49:23.0238 4256 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:49:23.0347 4256 BFE - ok
21:49:23.0394 4256 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:49:23.0503 4256 BITS - ok
21:49:23.0534 4256 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:49:23.0565 4256 blbdrive - ok
21:49:23.0674 4256 [ 55B0C8441DE7D91A819A39D0351154A2 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:49:23.0721 4256 Bluetooth Device Monitor - ok
21:49:23.0784 4256 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:49:23.0862 4256 Bluetooth Media Service - ok
21:49:23.0893 4256 [ 8BF4B9956E13871A88A3810074E2E110 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:49:23.0955 4256 Bluetooth OBEX Service - ok
21:49:24.0002 4256 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:49:24.0033 4256 bowser - ok
21:49:24.0064 4256 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:49:24.0096 4256 BrFiltLo - ok
21:49:24.0127 4256 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:49:24.0158 4256 BrFiltUp - ok
21:49:24.0205 4256 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:49:24.0236 4256 Browser - ok
21:49:24.0283 4256 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:49:24.0330 4256 Brserid - ok
21:49:24.0361 4256 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:49:24.0392 4256 BrSerWdm - ok
21:49:24.0439 4256 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:49:24.0486 4256 BrUsbMdm - ok
21:49:24.0501 4256 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:49:24.0532 4256 BrUsbSer - ok
21:49:24.0564 4256 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:49:24.0595 4256 BthEnum - ok
21:49:24.0642 4256 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:49:24.0673 4256 BTHMODEM - ok
21:49:24.0720 4256 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:49:24.0751 4256 BthPan - ok
21:49:24.0798 4256 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:49:24.0844 4256 BTHPORT - ok
21:49:24.0876 4256 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:49:24.0985 4256 bthserv - ok
21:49:25.0016 4256 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:49:25.0032 4256 BTHSSecurityMgr - ok
21:49:25.0078 4256 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:49:25.0110 4256 BTHUSB - ok
21:49:25.0156 4256 [ 270FBA230E78E25726D065A924589A72 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
21:49:25.0188 4256 btmaux - ok
21:49:25.0219 4256 [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
21:49:25.0250 4256 btmhsf - ok
21:49:25.0281 4256 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:49:25.0390 4256 cdfs - ok
21:49:25.0422 4256 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:49:25.0453 4256 cdrom - ok
21:49:25.0484 4256 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:49:25.0578 4256 CertPropSvc - ok
21:49:25.0593 4256 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:49:25.0640 4256 circlass - ok
21:49:25.0656 4256 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:49:25.0702 4256 CLFS - ok
21:49:25.0843 4256 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:49:25.0874 4256 clr_optimization_v2.0.50727_32 - ok
21:49:25.0983 4256 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:49:26.0014 4256 clr_optimization_v2.0.50727_64 - ok
21:49:26.0155 4256 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:49:26.0186 4256 clr_optimization_v4.0.30319_32 - ok
21:49:26.0326 4256 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:49:26.0358 4256 clr_optimization_v4.0.30319_64 - ok
21:49:26.0404 4256 [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
21:49:26.0420 4256 CLVirtualDrive - ok
21:49:26.0436 4256 clwvd - ok
21:49:26.0451 4256 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:49:26.0498 4256 CmBatt - ok
21:49:26.0514 4256 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:49:26.0529 4256 cmdide - ok
21:49:26.0592 4256 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:49:26.0638 4256 CNG - ok
21:49:26.0685 4256 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:49:26.0716 4256 Compbatt - ok
21:49:26.0748 4256 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:49:26.0779 4256 CompositeBus - ok
21:49:26.0779 4256 COMSysApp - ok
21:49:26.0826 4256 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:49:26.0841 4256 crcdisk - ok
21:49:26.0888 4256 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:49:26.0919 4256 CryptSvc - ok
21:49:27.0013 4256 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:49:27.0075 4256 cvhsvc - ok
21:49:27.0122 4256 [ D01F45283E943D00FF0EEF0EB27D6141 ] CXCVBS C:\Windows\system32\drivers\cxCVBS.sys
21:49:27.0169 4256 CXCVBS - ok
21:49:27.0216 4256 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:49:27.0325 4256 DcomLaunch - ok
21:49:27.0356 4256 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:49:27.0465 4256 defragsvc - ok
21:49:27.0481 4256 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:49:27.0574 4256 DfsC - ok
21:49:27.0606 4256 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:49:27.0652 4256 Dhcp - ok
21:49:27.0652 4256 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:49:27.0746 4256 discache - ok
21:49:27.0777 4256 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:49:27.0793 4256 Disk - ok
21:49:27.0840 4256 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:49:27.0871 4256 Dnscache - ok
21:49:27.0918 4256 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:49:28.0027 4256 dot3svc - ok
21:49:28.0042 4256 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:49:28.0152 4256 DPS - ok
21:49:28.0183 4256 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:49:28.0230 4256 drmkaud - ok
21:49:28.0276 4256 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:49:28.0339 4256 DXGKrnl - ok
21:49:28.0370 4256 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:49:28.0479 4256 EapHost - ok
21:49:28.0588 4256 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:49:28.0713 4256 ebdrv - ok
21:49:28.0760 4256 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:49:28.0791 4256 EFS - ok
21:49:28.0916 4256 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:49:28.0978 4256 ehRecvr - ok
21:49:28.0994 4256 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:49:29.0025 4256 ehSched - ok
21:49:29.0072 4256 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:49:29.0119 4256 elxstor - ok
21:49:29.0166 4256 [ DFEB7EE15BA8BA03E722C375F7E6A379 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
21:49:29.0197 4256 EPSON_PM_RPCV4_05 - ok
21:49:29.0228 4256 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:49:29.0259 4256 ErrDev - ok
21:49:29.0306 4256 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:49:29.0415 4256 EventSystem - ok
21:49:29.0524 4256 [ B20A788579E443F768AAB1A24F705D0A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:49:29.0602 4256 EvtEng - ok
21:49:29.0649 4256 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:49:29.0743 4256 exfat - ok
21:49:29.0758 4256 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:49:29.0852 4256 fastfat - ok
21:49:29.0899 4256 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:49:29.0946 4256 Fax - ok
21:49:29.0977 4256 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:49:30.0008 4256 fdc - ok
21:49:30.0039 4256 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:49:30.0133 4256 fdPHost - ok
21:49:30.0148 4256 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:49:30.0242 4256 FDResPub - ok
21:49:30.0273 4256 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:49:30.0289 4256 FileInfo - ok
21:49:30.0304 4256 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:49:30.0398 4256 Filetrace - ok
21:49:30.0445 4256 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:49:30.0476 4256 flpydisk - ok
21:49:30.0492 4256 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:49:30.0538 4256 FltMgr - ok
21:49:30.0601 4256 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:49:30.0663 4256 FontCache - ok
21:49:30.0710 4256 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:49:30.0726 4256 FontCache3.0.0.0 - ok
21:49:30.0757 4256 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:49:30.0772 4256 FsDepends - ok
21:49:30.0804 4256 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:49:30.0835 4256 Fs_Rec - ok
21:49:30.0866 4256 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:49:30.0913 4256 fvevol - ok
21:49:30.0928 4256 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:49:30.0960 4256 gagp30kx - ok
21:49:31.0006 4256 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:49:31.0131 4256 gpsvc - ok
21:49:31.0194 4256 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:49:31.0209 4256 gupdate - ok
21:49:31.0240 4256 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:49:31.0256 4256 gupdatem - ok
21:49:31.0303 4256 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:49:31.0334 4256 gusvc - ok
21:49:31.0365 4256 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:49:31.0412 4256 hcw85cir - ok
21:49:31.0459 4256 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:49:31.0506 4256 HdAudAddService - ok
21:49:31.0521 4256 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:49:31.0568 4256 HDAudBus - ok
21:49:31.0599 4256 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:49:31.0630 4256 HidBatt - ok
21:49:31.0677 4256 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:49:31.0724 4256 HidBth - ok
21:49:31.0740 4256 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:49:31.0786 4256 HidIr - ok
21:49:31.0818 4256 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:49:31.0911 4256 hidserv - ok
21:49:31.0942 4256 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:49:31.0974 4256 HidUsb - ok
21:49:32.0005 4256 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:49:32.0098 4256 hkmsvc - ok
21:49:32.0114 4256 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:49:32.0161 4256 HomeGroupListener - ok
21:49:32.0192 4256 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:49:32.0239 4256 HomeGroupProvider - ok
21:49:32.0270 4256 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:49:32.0301 4256 HpSAMD - ok
21:49:32.0348 4256 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:49:32.0457 4256 HTTP - ok
21:49:32.0473 4256 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:49:32.0488 4256 hwpolicy - ok
21:49:32.0520 4256 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:49:32.0551 4256 i8042prt - ok
21:49:32.0613 4256 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
21:49:32.0660 4256 iaStor - ok
21:49:32.0707 4256 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:49:32.0738 4256 IAStorDataMgrSvc - ok
21:49:32.0769 4256 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:49:32.0816 4256 iaStorV - ok
21:49:32.0847 4256 [ DE9E40BAEE2E48FD1E3EB423074C014C ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
21:49:32.0878 4256 iBtFltCoex - ok
21:49:32.0941 4256 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:49:33.0003 4256 idsvc - ok
21:49:33.0362 4256 [ 978D876A581D57E0DE6437674EB0014D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:49:33.0736 4256 igfx - ok
21:49:33.0799 4256 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:49:33.0830 4256 iirsp - ok
21:49:33.0877 4256 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:49:33.0970 4256 IKEEXT - ok
21:49:34.0002 4256 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:49:34.0017 4256 intaud_WaveExtensible - ok
21:49:34.0111 4256 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:49:34.0236 4256 IntcAzAudAddService - ok
21:49:34.0267 4256 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:49:34.0298 4256 IntcDAud - ok
21:49:34.0314 4256 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:49:34.0345 4256 intelide - ok
21:49:34.0376 4256 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:49:34.0407 4256 intelppm - ok
21:49:34.0438 4256 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:49:34.0516 4256 IPBusEnum - ok
21:49:34.0548 4256 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:49:34.0626 4256 IpFilterDriver - ok
21:49:34.0688 4256 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:49:34.0735 4256 iphlpsvc - ok
21:49:34.0766 4256 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:49:34.0813 4256 IPMIDRV - ok
21:49:34.0828 4256 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:49:34.0922 4256 IPNAT - ok
21:49:34.0922 4256 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:49:34.0969 4256 IRENUM - ok
21:49:34.0984 4256 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:49:35.0016 4256 isapnp - ok
21:49:35.0062 4256 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:49:35.0109 4256 iScsiPrt - ok
21:49:35.0125 4256 [ 00CB3B7A1B166B425F9A330CA51E3568 ] IT9135BDA C:\Windows\system32\Drivers\IT9135BDA.sys
21:49:35.0156 4256 IT9135BDA - ok
21:49:35.0172 4256 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys
21:49:35.0546 4256 iwdbus - ok
21:49:35.0562 4256 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:49:35.0593 4256 kbdclass - ok
21:49:35.0608 4256 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:49:35.0655 4256 kbdhid - ok
21:49:35.0671 4256 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:49:35.0702 4256 KeyIso - ok
21:49:35.0733 4256 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:49:35.0764 4256 KSecDD - ok
21:49:35.0780 4256 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:49:35.0827 4256 KSecPkg - ok
21:49:35.0842 4256 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:49:35.0952 4256 ksthunk - ok
21:49:35.0983 4256 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:49:36.0092 4256 KtmRm - ok
21:49:36.0123 4256 [ 6DD5383C9413AAE3113FAF89E345663D ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:49:36.0154 4256 L1C - ok
21:49:36.0186 4256 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:49:36.0295 4256 LanmanServer - ok
21:49:36.0326 4256 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:49:36.0435 4256 LanmanWorkstation - ok
21:49:36.0451 4256 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:49:36.0544 4256 lltdio - ok
21:49:36.0591 4256 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:49:36.0700 4256 lltdsvc - ok
21:49:36.0700 4256 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:49:36.0810 4256 lmhosts - ok
21:49:36.0841 4256 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:49:36.0888 4256 LMS - ok
21:49:36.0903 4256 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:49:36.0934 4256 LSI_FC - ok
21:49:36.0966 4256 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:49:36.0997 4256 LSI_SAS - ok
21:49:37.0012 4256 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:49:37.0044 4256 LSI_SAS2 - ok
21:49:37.0090 4256 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:49:37.0122 4256 LSI_SCSI - ok
21:49:37.0153 4256 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:49:37.0246 4256 luafv - ok
21:49:37.0293 4256 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:49:37.0324 4256 Mcx2Svc - ok
21:49:37.0356 4256 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:49:37.0387 4256 megasas - ok
21:49:37.0418 4256 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:49:37.0465 4256 MegaSR - ok
21:49:37.0496 4256 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
21:49:37.0527 4256 MEIx64 - ok
21:49:37.0543 4256 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:49:37.0636 4256 MMCSS - ok
21:49:37.0668 4256 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:49:37.0761 4256 Modem - ok
21:49:37.0777 4256 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:49:37.0808 4256 monitor - ok
21:49:37.0839 4256 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:49:37.0870 4256 mouclass - ok
21:49:37.0886 4256 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:49:37.0933 4256 mouhid - ok
21:49:37.0933 4256 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:49:37.0964 4256 mountmgr - ok
21:49:38.0011 4256 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:49:38.0042 4256 MozillaMaintenance - ok
21:49:38.0089 4256 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:49:38.0120 4256 mpio - ok
21:49:38.0151 4256 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:49:38.0245 4256 mpsdrv - ok
21:49:38.0292 4256 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:49:38.0416 4256 MpsSvc - ok
21:49:38.0416 4256 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:49:38.0479 4256 MRxDAV - ok
21:49:38.0510 4256 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:49:38.0541 4256 mrxsmb - ok
21:49:38.0588 4256 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:49:38.0619 4256 mrxsmb10 - ok
21:49:38.0650 4256 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:49:38.0682 4256 mrxsmb20 - ok
21:49:38.0697 4256 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:49:38.0728 4256 msahci - ok
21:49:38.0775 4256 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:49:38.0806 4256 msdsm - ok
21:49:38.0822 4256 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:49:38.0869 4256 MSDTC - ok
21:49:38.0900 4256 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:49:38.0994 4256 Msfs - ok
21:49:39.0009 4256 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:49:39.0103 4256 mshidkmdf - ok
21:49:39.0134 4256 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:49:39.0165 4256 msisadrv - ok
21:49:39.0196 4256 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:49:39.0306 4256 MSiSCSI - ok
21:49:39.0306 4256 msiserver - ok
21:49:39.0321 4256 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:49:39.0415 4256 MSKSSRV - ok
21:49:39.0430 4256 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:49:39.0524 4256 MSPCLOCK - ok
21:49:39.0524 4256 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:49:39.0602 4256 MSPQM - ok
21:49:39.0633 4256 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:49:39.0664 4256 MsRPC - ok
21:49:39.0696 4256 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:49:39.0711 4256 mssmbios - ok
21:49:39.0727 4256 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:49:39.0805 4256 MSTEE - ok
21:49:39.0820 4256 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:49:39.0852 4256 MTConfig - ok
21:49:39.0867 4256 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:49:39.0883 4256 Mup - ok
21:49:39.0930 4256 [ F217D7718FD7577AF331E89910B2D21E ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:49:39.0961 4256 MyWiFiDHCPDNS - ok
21:49:40.0008 4256 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:49:40.0086 4256 napagent - ok
21:49:40.0117 4256 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:49:40.0164 4256 NativeWifiP - ok
21:49:40.0226 4256 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:49:40.0273 4256 NDIS - ok
21:49:40.0304 4256 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:49:40.0382 4256 NdisCap - ok
21:49:40.0382 4256 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:49:40.0460 4256 NdisTapi - ok
21:49:40.0476 4256 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:49:40.0554 4256 Ndisuio - ok
21:49:40.0554 4256 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:49:40.0632 4256 NdisWan - ok
21:49:40.0647 4256 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:49:40.0710 4256 NDProxy - ok
21:49:40.0725 4256 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:49:40.0803 4256 NetBIOS - ok
21:49:40.0819 4256 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:49:40.0897 4256 NetBT - ok
21:49:40.0912 4256 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:49:40.0944 4256 Netlogon - ok
21:49:40.0990 4256 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:49:41.0053 4256 Netman - ok
21:49:41.0084 4256 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:49:41.0146 4256 netprofm - ok
21:49:41.0178 4256 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:49:41.0209 4256 NetTcpPortSharing - ok
21:49:41.0458 4256 [ 9FD1BE1881446D954FF77244AE58FBCB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
21:49:41.0724 4256 NETwNs64 - ok
21:49:41.0755 4256 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:49:41.0802 4256 nfrd960 - ok
21:49:41.0848 4256 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:49:41.0895 4256 NlaSvc - ok
21:49:41.0926 4256 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:49:42.0020 4256 Npfs - ok
21:49:42.0051 4256 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:49:42.0145 4256 nsi - ok
21:49:42.0160 4256 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:49:42.0254 4256 nsiproxy - ok
21:49:42.0363 4256 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:49:42.0457 4256 Ntfs - ok
21:49:42.0472 4256 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:49:42.0566 4256 Null - ok
21:49:42.0940 4256 [ E97E8C80793EF12C994607CA5645799A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:49:43.0377 4256 nvlddmkm - ok
21:49:43.0393 4256 [ 50612BD6943B9CB20008E9E241DC8B7D ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
21:49:43.0424 4256 nvpciflt - ok
21:49:43.0440 4256 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:49:43.0471 4256 nvraid - ok
21:49:43.0502 4256 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:49:43.0533 4256 nvstor - ok
21:49:43.0596 4256 [ F355C26FDE46EDB911E3E3D749E985AE ] nvsvc C:\Windows\system32\nvvsvc.exe
21:49:43.0689 4256 nvsvc - ok
21:49:43.0798 4256 [ 03AA7307C0D92D38D7AF90E181736B8D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:49:43.0908 4256 nvUpdatusService - ok
21:49:43.0939 4256 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:49:43.0970 4256 nv_agp - ok
21:49:44.0001 4256 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:49:44.0032 4256 ohci1394 - ok
21:49:44.0079 4256 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:49:44.0095 4256 ose - ok
21:49:44.0282 4256 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:49:44.0500 4256 osppsvc - ok
21:49:44.0547 4256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:49:44.0594 4256 p2pimsvc - ok
21:49:44.0625 4256 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:49:44.0672 4256 p2psvc - ok
21:49:44.0703 4256 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:49:44.0734 4256 Parport - ok
21:49:44.0781 4256 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:49:44.0812 4256 partmgr - ok
21:49:44.0844 4256 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:49:44.0906 4256 PcaSvc - ok
21:49:44.0937 4256 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:49:44.0968 4256 pci - ok
21:49:45.0015 4256 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:49:45.0046 4256 pciide - ok
21:49:45.0078 4256 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:49:45.0109 4256 pcmcia - ok
21:49:45.0140 4256 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:49:45.0171 4256 pcw - ok
21:49:45.0187 4256 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:49:45.0312 4256 PEAUTH - ok
21:49:45.0546 4256 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:49:45.0577 4256 PerfHost - ok
21:49:45.0670 4256 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:49:45.0811 4256 pla - ok
21:49:45.0858 4256 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:49:45.0904 4256 PlugPlay - ok
21:49:45.0920 4256 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:49:45.0967 4256 PNRPAutoReg - ok
21:49:45.0982 4256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:49:46.0029 4256 PNRPsvc - ok
21:49:46.0076 4256 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:49:46.0185 4256 PolicyAgent - ok
21:49:46.0216 4256 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:49:46.0326 4256 Power - ok
21:49:46.0357 4256 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:49:46.0466 4256 PptpMiniport - ok
21:49:46.0482 4256 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:49:46.0528 4256 Processor - ok
21:49:46.0560 4256 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:49:46.0606 4256 ProfSvc - ok
21:49:46.0622 4256 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:49:46.0669 4256 ProtectedStorage - ok
21:49:46.0700 4256 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:49:46.0794 4256 Psched - ok
21:49:46.0825 4256 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:49:46.0856 4256 PSI_SVC_2 - ok
21:49:46.0950 4256 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:49:47.0028 4256 ql2300 - ok
21:49:47.0043 4256 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:49:47.0090 4256 ql40xx - ok
21:49:47.0121 4256 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:49:47.0168 4256 QWAVE - ok
21:49:47.0215 4256 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:49:47.0262 4256 QWAVEdrv - ok
21:49:47.0262 4256 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:49:47.0371 4256 RasAcd - ok
21:49:47.0386 4256 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:49:47.0480 4256 RasAgileVpn - ok
21:49:47.0496 4256 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:49:47.0605 4256 RasAuto - ok
21:49:47.0620 4256 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:49:47.0714 4256 Rasl2tp - ok
21:49:47.0745 4256 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:49:47.0854 4256 RasMan - ok
21:49:47.0854 4256 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:49:47.0964 4256 RasPppoe - ok
21:49:47.0964 4256 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:49:48.0073 4256 RasSstp - ok
21:49:48.0073 4256 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:49:48.0182 4256 rdbss - ok
21:49:48.0213 4256 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:49:48.0260 4256 rdpbus - ok
21:49:48.0291 4256 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:49:48.0385 4256 RDPCDD - ok
21:49:48.0400 4256 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:49:48.0494 4256 RDPENCDD - ok
21:49:48.0510 4256 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:49:48.0603 4256 RDPREFMP - ok
21:49:48.0634 4256 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:49:48.0681 4256 RDPWD - ok
21:49:48.0697 4256 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:49:48.0728 4256 rdyboost - ok
21:49:48.0790 4256 [ B9A0810D16EA7935B10A5499ABA61DC3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:49:48.0853 4256 RegSrvc - ok
21:49:48.0884 4256 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:49:48.0978 4256 RemoteAccess - ok
21:49:49.0009 4256 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:49:49.0118 4256 RemoteRegistry - ok
21:49:49.0149 4256 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:49:49.0196 4256 RFCOMM - ok
21:49:49.0321 4256 [ 7728B6AEDC83BC0DEFD0A53371D4613B ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:49:49.0352 4256 RichVideo - ok
21:49:49.0383 4256 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:49:49.0492 4256 RpcEptMapper - ok
21:49:49.0524 4256 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:49:49.0555 4256 RpcLocator - ok
21:49:49.0602 4256 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:49:49.0695 4256 RpcSs - ok
21:49:49.0742 4256 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:49:49.0836 4256 rspndr - ok
21:49:49.0867 4256 [ CE0A1D8A59410E698140821E4E69DA0D ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
21:49:49.0898 4256 RSUSBVSTOR - ok
21:49:49.0929 4256 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:49:49.0960 4256 SamSs - ok
21:49:50.0116 4256 [ E15AD7EAA6F6B22AD603339DAC7CBA74 ] SBAMSvc C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe
21:49:50.0257 4256 SBAMSvc - ok
21:49:50.0288 4256 [ CD50FFB4C803C06D21CE3569489B7929 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
21:49:50.0319 4256 sbapifs - ok
21:49:50.0366 4256 [ CDB954C736D51DC5FA712C039AF4F683 ] SbFw C:\Windows\system32\drivers\SbFw.sys
21:49:50.0397 4256 SbFw - ok
21:49:50.0413 4256 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys
21:49:50.0444 4256 SBFWIMCL - ok
21:49:50.0460 4256 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys
21:49:50.0475 4256 SBFWIMCLMP - ok
21:49:50.0491 4256 [ A5BC45F8C2F30350E7566799C86B2F5D ] sbhips C:\Windows\system32\drivers\sbhips.sys
21:49:50.0522 4256 sbhips - ok
21:49:50.0553 4256 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:49:50.0584 4256 sbp2port - ok
21:49:50.0616 4256 [ FB01A1137A8ABDF636DF41FC0F1AFE53 ] SBPIMSvc C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe
21:49:50.0647 4256 SBPIMSvc - ok
21:49:50.0678 4256 [ 2F58125AD1BB90959F9634C7AC36D230 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
21:49:50.0709 4256 SBRE - ok
21:49:50.0740 4256 [ F9955774A6BF0A5CA696F591C7B80A79 ] SbTis C:\Windows\system32\drivers\sbtis.sys
21:49:50.0756 4256 SbTis - ok
21:49:50.0803 4256 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:49:50.0912 4256 SCardSvr - ok
21:49:50.0928 4256 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:49:51.0021 4256 scfilter - ok
21:49:51.0052 4256 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:49:51.0177 4256 Schedule - ok
21:49:51.0208 4256 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:49:51.0286 4256 SCPolicySvc - ok
21:49:51.0302 4256 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:49:51.0333 4256 SDRSVC - ok
21:49:51.0349 4256 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:49:51.0411 4256 secdrv - ok
21:49:51.0427 4256 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:49:51.0505 4256 seclogon - ok
21:49:51.0520 4256 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:49:51.0598 4256 SENS - ok
21:49:51.0630 4256 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:49:51.0661 4256 SensrSvc - ok
21:49:51.0676 4256 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:49:51.0708 4256 Serenum - ok
21:49:51.0754 4256 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:49:51.0786 4256 Serial - ok
21:49:51.0801 4256 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:49:51.0832 4256 sermouse - ok
21:49:51.0864 4256 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:49:51.0973 4256 SessionEnv - ok
21:49:52.0004 4256 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:49:52.0035 4256 sffdisk - ok
21:49:52.0082 4256 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:49:52.0113 4256 sffp_mmc - ok
21:49:52.0144 4256 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:49:52.0176 4256 sffp_sd - ok
21:49:52.0207 4256 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:49:52.0238 4256 sfloppy - ok
21:49:52.0300 4256 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
21:49:52.0347 4256 Sftfs - ok
21:49:52.0425 4256 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:49:52.0472 4256 sftlist - ok
21:49:52.0519 4256 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:49:52.0550 4256 Sftplay - ok
21:49:52.0581 4256 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:49:52.0597 4256 Sftredir - ok
21:49:52.0644 4256 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
21:49:52.0659 4256 Sftvol - ok
21:49:52.0690 4256 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:49:52.0722 4256 sftvsa - ok
21:49:52.0768 4256 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:49:52.0878 4256 SharedAccess - ok
21:49:52.0924 4256 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:49:53.0034 4256 ShellHWDetection - ok
21:49:53.0065 4256 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:49:53.0096 4256 SiSRaid2 - ok
21:49:53.0127 4256 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:49:53.0158 4256 SiSRaid4 - ok
21:49:53.0174 4256 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:49:53.0268 4256 Smb - ok
21:49:53.0314 4256 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:49:53.0346 4256 SNMPTRAP - ok
21:49:53.0361 4256 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:49:53.0392 4256 spldr - ok
21:49:53.0424 4256 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:49:53.0486 4256 Spooler - ok
21:49:53.0611 4256 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:49:53.0798 4256 sppsvc - ok
21:49:53.0814 4256 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:49:53.0907 4256 sppuinotify - ok
21:49:53.0970 4256 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:49:54.0016 4256 srv - ok
21:49:54.0048 4256 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:49:54.0079 4256 srv2 - ok
21:49:54.0110 4256 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:49:54.0141 4256 srvnet - ok
21:49:54.0188 4256 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:49:54.0282 4256 SSDPSRV - ok
21:49:54.0297 4256 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:49:54.0391 4256 SstpSvc - ok
21:49:54.0453 4256 [ B7368B1BF6C20922DFEDF0A35F69EEEF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:49:54.0500 4256 Stereo Service - ok
21:49:54.0531 4256 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:49:54.0562 4256 stexstor - ok
21:49:54.0609 4256 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:49:54.0672 4256 stisvc - ok
21:49:54.0687 4256 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:49:54.0718 4256 swenum - ok
21:49:54.0765 4256 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:49:54.0874 4256 swprv - ok
21:49:54.0937 4256 [ B3AD15FA10EBEAFC1275F34050E4E230 ] SynTP C:\Windows\system32\drivers\SynTP.sys
21:49:55.0015 4256 SynTP - ok
21:49:55.0077 4256 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:49:55.0186 4256 SysMain - ok
21:49:55.0202 4256 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:49:55.0249 4256 TabletInputService - ok
21:49:55.0280 4256 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:49:55.0389 4256 TapiSrv - ok
21:49:55.0405 4256 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:49:55.0498 4256 TBS - ok
21:49:55.0608 4256 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:49:55.0701 4256 Tcpip - ok
21:49:55.0764 4256 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:49:55.0873 4256 TCPIP6 - ok
21:49:55.0904 4256 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:49:55.0935 4256 tcpipreg - ok
21:49:55.0982 4256 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:49:55.0998 4256 TDPIPE - ok
21:49:56.0044 4256 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:49:56.0076 4256 TDTCP - ok
21:49:56.0076 4256 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:49:56.0169 4256 tdx - ok
21:49:56.0200 4256 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:49:56.0232 4256 TermDD - ok
21:49:56.0278 4256 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:49:56.0388 4256 TermService - ok
21:49:56.0403 4256 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:49:56.0466 4256 Themes - ok
21:49:56.0497 4256 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:49:56.0590 4256 THREADORDER - ok
21:49:56.0622 4256 [ DA632FAE7B5629032B2C24E1BE29168B ] tihub3 C:\Windows\system32\drivers\tihub3.sys
21:49:56.0653 4256 tihub3 - ok
21:49:56.0684 4256 [ 6AAD465F69632931B6D8D61B287E6DE9 ] tixhci C:\Windows\system32\drivers\tixhci.sys
21:49:56.0731 4256 tixhci - ok
21:49:56.0762 4256 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:49:56.0856 4256 TrkWks - ok
21:49:56.0918 4256 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:49:57.0012 4256 TrustedInstaller - ok
21:49:57.0043 4256 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:49:57.0121 4256 tssecsrv - ok
21:49:57.0152 4256 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:49:57.0183 4256 TsUsbFlt - ok
21:49:57.0199 4256 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:49:57.0230 4256 TsUsbGD - ok
21:49:57.0246 4256 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:49:57.0339 4256 tunnel - ok
21:49:57.0355 4256 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:49:57.0386 4256 uagp35 - ok
21:49:57.0402 4256 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:49:57.0511 4256 udfs - ok
21:49:57.0542 4256 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:49:57.0589 4256 UI0Detect - ok
21:49:57.0604 4256 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:49:57.0636 4256 uliagpkx - ok
21:49:57.0667 4256 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:49:57.0698 4256 umbus - ok
21:49:57.0729 4256 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:49:57.0760 4256 UmPass - ok
21:49:57.0885 4256 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:49:58.0010 4256 UNS - ok
21:49:58.0041 4256 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:49:58.0150 4256 upnphost - ok
21:49:58.0228 4256 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:49:58.0244 4256 usbccgp - ok
21:49:58.0291 4256 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:49:58.0322 4256 usbcir - ok
21:49:58.0353 4256 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:49:58.0384 4256 usbehci - ok
21:49:58.0416 4256 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
21:49:58.0462 4256 usbhub - ok
21:49:58.0494 4256 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:49:58.0525 4256 usbohci - ok
21:49:58.0556 4256 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:49:58.0603 4256 usbprint - ok
21:49:58.0618 4256 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:49:58.0650 4256 usbscan - ok
21:49:58.0681 4256 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:49:58.0712 4256 USBSTOR - ok
21:49:58.0743 4256 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:49:58.0774 4256 usbuhci - ok
21:49:58.0806 4256 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:49:58.0852 4256 usbvideo - ok
21:49:58.0884 4256 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:49:58.0993 4256 UxSms - ok
21:49:59.0008 4256 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:49:59.0040 4256 VaultSvc - ok
21:49:59.0055 4256 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:49:59.0086 4256 vdrvroot - ok
21:49:59.0133 4256 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:49:59.0242 4256 vds - ok
21:49:59.0274 4256 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:49:59.0320 4256 vga - ok
21:49:59.0336 4256 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:49:59.0430 4256 VgaSave - ok
21:49:59.0461 4256 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:49:59.0508 4256 vhdmp - ok
21:49:59.0539 4256 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:49:59.0570 4256 viaide - ok
21:49:59.0586 4256 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:49:59.0632 4256 volmgr - ok
21:49:59.0664 4256 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:49:59.0695 4256 volmgrx - ok
21:49:59.0726 4256 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:49:59.0773 4256 volsnap - ok
21:49:59.0820 4256 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:49:59.0851 4256 vsmraid - ok
21:49:59.0913 4256 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:50:00.0069 4256 VSS - ok
21:50:00.0100 4256 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:50:00.0132 4256 vwifibus - ok
21:50:00.0147 4256 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:50:00.0194 4256 vwififlt - ok
21:50:00.0194 4256 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:50:00.0241 4256 vwifimp - ok
21:50:00.0256 4256 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:50:00.0334 4256 W32Time - ok
21:50:00.0366 4256 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:50:00.0397 4256 WacomPen - ok
21:50:00.0412 4256 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:50:00.0490 4256 WANARP - ok
21:50:00.0490 4256 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:50:00.0568 4256 Wanarpv6 - ok
21:50:00.0600 4256 [ 261A725F8ACEDDA695C7FFF6D6EDE6B5 ] watchmi C:\Program Files (x86)\watchmi\TvdService.exe
21:50:00.0615 4256 watchmi ( UnsignedFile.Multi.Generic ) - warning
21:50:00.0615 4256 watchmi - detected UnsignedFile.Multi.Generic (1)
21:50:00.0693 4256 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:50:00.0756 4256 wbengine - ok
21:50:00.0771 4256 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:50:00.0818 4256 WbioSrvc - ok
21:50:00.0818 4256 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:50:00.0880 4256 wcncsvc - ok
21:50:00.0896 4256 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:50:00.0927 4256 WcsPlugInService - ok
21:50:00.0958 4256 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:50:00.0974 4256 Wd - ok
21:50:01.0021 4256 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:50:01.0083 4256 Wdf01000 - ok
21:50:01.0099 4256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:50:01.0146 4256 WdiServiceHost - ok
21:50:01.0161 4256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:50:01.0208 4256 WdiSystemHost - ok
21:50:01.0239 4256 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:50:01.0286 4256 WebClient - ok
21:50:01.0317 4256 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:50:01.0395 4256 Wecsvc - ok
21:50:01.0426 4256 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:50:01.0504 4256 wercplsupport - ok
21:50:01.0504 4256 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:50:01.0582 4256 WerSvc - ok
21:50:01.0614 4256 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:50:01.0692 4256 WfpLwf - ok
21:50:01.0707 4256 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:50:01.0723 4256 WIMMount - ok
21:50:01.0754 4256 WinDefend - ok
21:50:01.0754 4256 WinHttpAutoProxySvc - ok
21:50:01.0894 4256 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:50:01.0972 4256 Winmgmt - ok
21:50:02.0050 4256 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:50:02.0206 4256 WinRM - ok
21:50:02.0284 4256 [ 4C69A8E2E159C1C59BC4B688E9DD7F8C ] WisLMSvc C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
21:50:02.0316 4256 WisLMSvc - ok
21:50:02.0378 4256 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:50:02.0456 4256 Wlansvc - ok
21:50:02.0487 4256 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:50:02.0518 4256 wlcrasvc - ok
21:50:02.0643 4256 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:50:02.0768 4256 wlidsvc - ok
21:50:02.0799 4256 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:50:02.0830 4256 WmiAcpi - ok
21:50:02.0877 4256 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:50:02.0924 4256 wmiApSrv - ok
21:50:02.0940 4256 WMPNetworkSvc - ok
21:50:02.0955 4256 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:50:03.0002 4256 WPCSvc - ok
21:50:03.0018 4256 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:50:03.0049 4256 WPDBusEnum - ok
21:50:03.0064 4256 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:50:03.0174 4256 ws2ifsl - ok
21:50:03.0189 4256 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:50:03.0236 4256 wscsvc - ok
21:50:03.0252 4256 WSearch - ok
21:50:03.0361 4256 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:50:03.0470 4256 wuauserv - ok
21:50:03.0532 4256 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:50:03.0564 4256 WudfPf - ok
21:50:03.0610 4256 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:50:03.0657 4256 WUDFRd - ok
21:50:03.0688 4256 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:50:03.0735 4256 wudfsvc - ok
21:50:03.0766 4256 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:50:03.0829 4256 WwanSvc - ok
21:50:03.0922 4256 [ 7EB06617A7F2F280D58CF62776FDDDC2 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
21:50:03.0985 4256 ZcfgSvc7 - ok
21:50:04.0000 4256 ================ Scan global ===============================
21:50:04.0032 4256 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:50:04.0078 4256 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:50:04.0110 4256 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:50:04.0156 4256 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:50:04.0188 4256 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:50:04.0203 4256 [Global] - ok
21:50:04.0203 4256 ================ Scan MBR ==================================
21:50:04.0219 4256 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
21:50:09.0850 4256 \Device\Harddisk0\DR0 - ok
21:50:09.0850 4256 ================ Scan VBR ==================================
21:50:09.0850 4256 [ B7740442E779657AE97BF54ABB0015C7 ] \Device\Harddisk0\DR0\Partition1
21:50:09.0850 4256 \Device\Harddisk0\DR0\Partition1 - ok
21:50:09.0897 4256 [ 34A42C0DB10592B56DABA82B83D05696 ] \Device\Harddisk0\DR0\Partition2
21:50:09.0897 4256 \Device\Harddisk0\DR0\Partition2 - ok
21:50:09.0928 4256 [ 44A1A062C90E4C06B60942525CB5811B ] \Device\Harddisk0\DR0\Partition3
21:50:09.0928 4256 \Device\Harddisk0\DR0\Partition3 - ok
21:50:09.0928 4256 ============================================================
21:50:09.0928 4256 Scan finished
21:50:09.0928 4256 ============================================================
21:50:09.0944 3360 Detected object count: 1
21:50:09.0944 3360 Actual detected object count: 1
21:51:03.0608 3360 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user
21:51:03.0608 3360 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:41.0538 6008 Deinitialize success
|
|
01.04.2013, 23:23
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicheres Entfernen von Trojan.Win32 Generic!BT Das Log von aswMBR ist unbrauchbar, bitte den Scan damit wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.04.2013, 11:06
| #15 |
| | Sicheres Entfernen von Trojan.Win32 Generic!BTCode:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-02 10:36:42
-----------------------------
10:36:42.642 OS Version: Windows x64 6.1.7601 Service Pack 1
10:36:42.642 Number of processors: 4 586 0x2A07
10:36:42.642 ComputerName: FFFF-PC UserName: ffff
10:36:44.748 Initialize success
10:37:04.451 AVAST engine defs: 13040100
10:37:34.778 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:37:34.793 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3
10:37:34.934 Disk 0 MBR read successfully
10:37:34.934 Disk 0 MBR scan
10:37:34.949 Disk 0 unknown MBR code
10:37:34.996 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:37:35.012 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 404134 MB offset 206848
10:37:35.043 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 71680 MB offset 827873280
10:37:35.074 Disk 0 Partition 4 00 12 Compaq diag NTFS 1024 MB offset 974673920
10:37:35.292 Disk 0 scanning C:\Windows\system32\drivers
10:38:04.043 Service scanning
10:38:55.149 Modules scanning
10:38:55.165 Disk 0 trace - called modules:
10:38:55.196 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:38:55.196 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006cb9060]
10:38:55.211 3 CLASSPNP.SYS[fffff88000dcd43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005a60050]
10:38:56.537 AVAST engine scan C:\Windows
10:39:00.001 AVAST engine scan C:\Windows\system32
10:44:52.468 AVAST engine scan C:\Windows\system32\drivers
10:45:24.557 AVAST engine scan C:\Users\ffff
11:52:02.923 AVAST engine scan C:\ProgramData
12:01:19.906 Scan finished successfully
12:02:08.048 Disk 0 MBR has been saved successfully to "C:\Users\ffff\Desktop\MBR.dat"
12:02:08.079 The log file has been saved successfully to "C:\Users\ffff\Desktop\aswMBR.txt"
|
|
| Themen zu Sicheres Entfernen von Trojan.Win32 Generic!BT |
| .com, andere, anderen, anweisung, appdata, besser, entferne, entfernen, folge, generic, hallo zusammen, ide, local, löschen, mahnung, probleme, quarantäne, sicheres, temp, troja, trojan.win32, users, zusammen |
Linear-Darstellung
