| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner DomaIQWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.04.2013, 21:04
| #1 |
| |  Trojaner DomaIQ Hallo Als ich gestern einen Film übers Internet schauen wollte, wurde, von mir erst unbemerkt, ein Download gestartet. Möglicherweise habe ich die Datei installiert, glaube aber nicht dran. Neben diesem waren in der Liste der installierten Programme einige weitere (Namen wie Yontoo, Tugluu oder delta-search, außerdem zwei, die mit "microsoft .Net framework" begannen) aufgeführt. Ich habe alle, bis auf eins, das sich nicht löschen ließ, entfernt. Trotzdem habe ich immernoch den delta-search-Browser und mehrere fehlgeschlagene systemwiederherstullungen, dazu beim Hochfahren heute die Meldung, mein Touchpad funktioniere nicht, es geht trotzdem. Außerdem waren die Windows-Version nicht aktuell (ich bin recht sicher, dass meine vorher ktuell war), die -Firewall deaktiviert (vielleicht meine Schuld), mein Antivirusprogramm und Fireewall deaktiviert (sind normalerweise immer an) und beim anschließenden Scan wurde ein Virus namens Trojan.JS.Iframe.gem gefunden. Seitdem suche ich nach Tipps, wie ich meinen Pc wieder in unbefallenen Zustand bekomme. Wenn die Systemwiederherstellung nicht funktioniert, hilft dann das Zurücksetzen auf die Werkseinstellungen auch nicht? Oder ist mein Pc schon sauber? Ich habe die Programme, die ihr in der Anleitun zum Posten nennt, benutzt und folgende Reports erhalten: OTL: OTL logfile created on: 16.04.2013 18:58:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Schneiderlein\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,95 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,72% Memory free 7,90 Gb Paging File | 5,90 Gb Available in Paging File | 74,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 445,25 Gb Total Space | 295,70 Gb Free Space | 66,41% Space Free | Partition Type: NTFS Drive D: | 16,35 Gb Total Space | 1,77 Gb Free Space | 10,84% Space Free | Partition Type: NTFS Drive E: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,32% Space Free | Partition Type: FAT32 Computer Name: KLATSCHE | User Name: Schneiderlein | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.16 18:57:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Schneiderlein\Desktop\OTL.exe PRC - [2013.03.23 15:19:04 | 004,270,640 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2013.01.29 22:08:04 | 002,447,888 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe PRC - [2013.01.29 21:35:36 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe PRC - [2012.09.06 11:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2012.06.11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe PRC - [2011.06.28 10:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe PRC - [2011.06.15 17:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe PRC - [2011.05.05 23:06:46 | 000,263,496 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe PRC - [2011.05.05 23:06:28 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe PRC - [2011.05.05 23:06:02 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe PRC - [2011.04.30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011.04.30 00:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2011.04.08 12:01:16 | 000,586,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe PRC - [2011.04.08 12:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe PRC - [2011.02.24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe PRC - [2011.02.01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011.02.01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2011.01.27 12:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe ========== Modules (No Company Name) ========== MOD - [2013.03.26 11:04:33 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll MOD - [2013.03.26 11:04:24 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013.03.26 11:04:19 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll MOD - [2013.03.25 18:54:57 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6fd278018f0cf369362fc810f8aefcb5\IAStorCommon.ni.dll MOD - [2013.03.25 18:54:56 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4cae4b1b6c8423f80d1f86eae7fd8203\IAStorUtil.ni.dll MOD - [2013.03.25 18:43:47 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.03.25 18:43:36 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll MOD - [2013.03.25 18:43:32 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.03.25 18:43:29 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll MOD - [2013.03.25 18:43:28 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.03.25 18:43:24 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2013.03.23 15:19:04 | 004,270,640 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe MOD - [2011.07.16 06:06:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ========== Services (SafeList) ========== SRV:64bit: - [2011.05.08 12:25:40 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.01.29 22:08:04 | 002,447,888 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2012.11.22 16:35:22 | 000,828,072 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc) SRV - [2012.09.27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service) SRV - [2012.09.06 11:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2012.06.11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate) SRV - [2012.06.11 17:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc) SRV - [2011.06.08 00:21:54 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV) SRV - [2011.05.05 23:06:46 | 000,263,496 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService) SRV - [2011.04.30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011.04.08 12:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC) SRV - [2011.02.24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) SRV - [2011.02.19 00:37:00 | 002,372,096 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2011.02.16 22:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto) SRV - [2011.02.01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011.02.01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010.10.11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc) SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.13 12:49:42 | 000,450,136 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant) DRV:64bit: - [2012.11.15 22:06:08 | 000,611,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.07.16 06:16:26 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.07.16 06:16:26 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.06.10 04:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011.06.08 00:21:58 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2011.05.08 12:58:06 | 009,259,520 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.05.08 11:50:14 | 000,301,568 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.04.26 11:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011.04.19 11:32:50 | 001,488,448 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:64bit: - [2011.04.15 21:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2011.02.15 21:37:00 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2011.01.27 07:35:26 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.10.15 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010.07.28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2012.11.22 16:35:36 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{3BC70585-04B1-4BF3-BD1B-E829876E5EDA}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE - HKLM\..\SearchScopes\{3BC70585-04B1-4BF3-BD1B-E829876E5EDA}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?affID=120519&babsrc=HP_ss&mntrId=B40DE4D53D398878 IE - HKCU\..\SearchScopes,DefaultScope = {23301432-1DCB-4575-80D1-CB6AC447C53E} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=120519&babsrc=SP_ss&mntrId=B40DE4D53D398878 IE - HKCU\..\SearchScopes\{23301432-1DCB-4575-80D1-CB6AC447C53E}: "URL" = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=ebee460e37d84dfbaecea929235e68db&tu=10G90007D1B000v&sku=&tstsId=&ver=&&r=823 IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE - HKCU\..\SearchScopes\{3BC70585-04B1-4BF3-BD1B-E829876E5EDA}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013.03.23 14:48:25 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{77BEC163-D389-42c1-91A4-C758846296A5}: C:\PROGRAM FILES\VIDEO DOWNLOADER\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013.03.23 14:48:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{77BEC163-D389-42c1-91A4-C758846296A5}: C:\Program Files\Video downloader\Firefox [2013.03.23 14:44:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = hxxp://www1.delta-search.com/?q={searchTerms}&affID=120519&babsrc=SP_ss&mntrId=B40DE4D53D398878 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter} CHR - homepage: hxxp://www1.delta-search.com/?affID=120519&babsrc=HP_ss&mntrId=B40DE4D53D398878 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll CHR - Extension: Google Docs = C:\Users\Schneiderlein\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Schneiderlein\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Schneiderlein\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google Search = C:\Users\Schneiderlein\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Website Logon = C:\Users\Schneiderlein\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhihajbmafmgilcciomnamcjfkdhikl\1.0_0\ CHR - Extension: Gmail = C:\Users\Schneiderlein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP) O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll (Montera Technologeis LTD) O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SetDefault] C:\Programme\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEC40818-AAD7-44BB-A706-39D4809E9697}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1 [2013.04.16 18:57:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Schneiderlein\Desktop\OTL.exe [2013.04.15 20:59:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.04.15 20:55:24 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\player [2013.04.15 20:55:19 | 000,000,000 | ---D | C] -- C:\Windows\IswTmp [2013.04.15 20:48:53 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Programs [2013.04.15 20:48:50 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\SwvUpdater [2013.04.15 20:48:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2013.04.15 20:48:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions [2013.04.15 20:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013.04.15 20:48:06 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Babylon [2013.04.15 20:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013.04.02 20:39:30 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Adobe [2013.04.02 20:39:04 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\Desktop\Aktuelles [2013.04.01 22:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} [2013.04.01 22:36:03 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Diagnostics [2013.03.23 17:04:16 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\LolClient [2013.03.23 16:39:00 | 000,000,000 | ---D | C] -- C:\Riot Games [2013.03.23 16:17:31 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\Desktop\Temporäres [2013.03.23 16:13:01 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\Desktop\Anwendungen [2013.03.23 15:19:11 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\PMB Files [2013.03.23 15:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2013.03.23 15:18:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2013.03.23 15:18:41 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\.swt [2013.03.23 15:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arasan 14.1 [2013.03.23 15:17:19 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BabasChess [2013.03.23 15:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\°Eigene Programme [2013.03.23 15:14:05 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Skype [2013.03.23 15:14:01 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.03.23 15:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.03.23 15:14:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.03.23 15:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.03.23 15:10:40 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\vlc [2013.03.23 15:10:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.03.23 14:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.03.23 14:55:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.03.23 14:55:19 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Google [2013.03.23 14:54:39 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Apps [2013.03.23 14:54:37 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Deployment [2013.03.23 14:52:12 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\CrashDumps [2013.03.23 14:48:28 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\Documents\ForceField Shared Files [2013.03.23 14:48:27 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\CheckPoint [2013.03.23 14:48:23 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2013.03.23 14:48:15 | 000,611,160 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2013.03.23 14:48:15 | 000,089,432 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys [2013.03.23 14:48:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2013.03.23 14:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [2013.03.23 14:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\°Eigene Programme [2013.03.23 14:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.03.23 14:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD [2013.03.23 14:44:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint [2013.03.23 14:43:55 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2013.03.23 14:35:52 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Macromedia [2013.03.23 14:34:35 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Adobe [2013.03.23 14:25:38 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\ATI [2013.03.23 14:25:38 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\ATI [2013.03.23 14:24:38 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Intel Corporation [2013.03.23 14:24:36 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Synaptics [2013.03.23 14:24:36 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\hpqLog [2013.03.23 14:24:24 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.03.23 14:24:24 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Searches [2013.03.23 14:24:24 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.03.23 14:24:17 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Identities [2013.03.23 14:24:15 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Contacts [2013.03.23 14:24:14 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\VirtualStore [2013.03.23 14:23:52 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\RemEngine [2013.03.23 14:21:11 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Hewlett-Packard [2013.03.23 14:21:09 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Hewlett-Packard [2013.03.23 14:21:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\%COREALLUSERPATH% [2013.03.23 14:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services [2013.03.23 14:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos [2013.03.23 14:20:55 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Hewlett-Packard_Company [2013.03.23 14:20:54 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\AuthenTec [2013.03.23 14:20:22 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Symantec [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Vorlagen [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\AppData\Local\Verlauf [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\AppData\Local\Temporary Internet Files [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Startmenü [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\SendTo [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Recent [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Netzwerkumgebung [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Lokale Einstellungen [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Documents\Eigene Videos [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Documents\Eigene Musik [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Eigene Dateien [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Documents\Eigene Bilder [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Druckumgebung [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Cookies [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\AppData\Local\Anwendungsdaten [2013.03.23 14:19:57 | 000,000,000 | -HSD | C] -- C:\Users\Schneiderlein\Anwendungsdaten [2013.03.23 14:19:56 | 000,000,000 | --SD | C] -- C:\Users\Schneiderlein\AppData\Roaming\Microsoft [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Videos [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Saved Games [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Pictures [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Music [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Links [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Favorites [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Downloads [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Documents [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\Desktop [2013.03.23 14:19:56 | 000,000,000 | R--D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.03.23 14:19:56 | 000,000,000 | -H-D | C] -- C:\Users\Schneiderlein\AppData [2013.03.23 14:19:56 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Temp [2013.03.23 14:19:56 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Local\Microsoft [2013.03.23 14:19:56 | 000,000,000 | ---D | C] -- C:\Users\Schneiderlein\AppData\Roaming\Media Center Programs [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\Programme [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.03.23 14:19:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.03.23 13:15:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2013.04.16 19:00:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.16 18:57:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Schneiderlein\Desktop\OTL.exe [2013.04.16 18:55:52 | 000,000,000 | ---- | M] () -- C:\Users\Schneiderlein\defogger_reenable [2013.04.16 18:54:44 | 000,050,477 | ---- | M] () -- C:\Users\Schneiderlein\Desktop\Defogger.exe [2013.04.16 18:29:51 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.16 18:29:51 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.16 18:21:33 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.16 18:20:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.16 18:20:51 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys [2013.04.15 21:10:09 | 000,641,712 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.15 21:10:09 | 000,605,342 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.15 21:10:09 | 000,125,408 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.15 21:10:09 | 000,102,582 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.15 20:55:00 | 001,589,182 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.04.15 20:54:56 | 001,589,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.15 20:50:49 | 000,012,329 | -H-- | M] () -- C:\Windows\SysWow64\BTImages.dat [2013.04.14 15:16:09 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSchneiderlein.job [2013.04.11 12:57:15 | 000,271,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.10 17:00:33 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.04.07 13:17:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.04.01 22:49:22 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2013.03.29 08:53:29 | 000,007,579 | ---- | M] () -- C:\Windows\SysWow64\SystemData.xml [2013.03.24 02:24:29 | 000,007,599 | ---- | M] () -- C:\Users\Schneiderlein\AppData\Local\Resmon.ResmonCfg [2013.03.23 15:10:35 | 000,001,040 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.03.23 14:53:25 | 000,417,507 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2013.03.23 14:19:01 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat [2013.03.23 13:18:20 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013.03.23 13:18:20 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf ========== Files Created - No Company Name ========== [2013.04.16 18:55:52 | 000,000,000 | ---- | C] () -- C:\Users\Schneiderlein\defogger_reenable [2013.04.16 18:54:42 | 000,050,477 | ---- | C] () -- C:\Users\Schneiderlein\Desktop\Defogger.exe [2013.04.15 20:54:59 | 001,589,182 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.04.07 13:17:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.04.01 22:49:22 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2013.04.01 22:45:25 | 000,000,364 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForSchneiderlein.job [2013.03.29 08:53:29 | 000,007,579 | ---- | C] () -- C:\Windows\SysWow64\SystemData.xml [2013.03.24 15:09:53 | 000,012,329 | -H-- | C] () -- C:\Windows\SysWow64\BTImages.dat [2013.03.24 02:24:29 | 000,007,599 | ---- | C] () -- C:\Users\Schneiderlein\AppData\Local\Resmon.ResmonCfg [2013.03.23 15:10:35 | 000,001,040 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.03.23 14:56:22 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.03.23 14:55:32 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.23 14:55:29 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.23 14:48:31 | 000,417,507 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2013.03.23 14:24:32 | 000,001,405 | ---- | C] () -- C:\Users\Schneiderlein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2013.03.23 14:24:28 | 000,001,439 | ---- | C] () -- C:\Users\Schneiderlein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.03.23 14:20:57 | 000,002,211 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk [2013.03.23 13:15:13 | 3180,220,416 | -HS- | C] () -- C:\hiberfil.sys [2011.09.23 01:45:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.09.23 01:41:15 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat [2011.09.23 01:37:47 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2011.09.23 01:34:00 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.07.15 20:46:03 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2011.06.10 04:17:36 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.05.13 07:33:18 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.04.15 20:48:06 | 000,000,000 | ---D | M] -- C:\Users\Schneiderlein\AppData\Roaming\Babylon [2013.03.23 14:48:27 | 000,000,000 | ---D | M] -- C:\Users\Schneiderlein\AppData\Roaming\CheckPoint [2013.03.23 17:04:16 | 000,000,000 | ---D | M] -- C:\Users\Schneiderlein\AppData\Roaming\LolClient [2013.04.15 21:07:09 | 000,000,000 | ---D | M] -- C:\Users\Schneiderlein\AppData\Roaming\player [2013.03.23 14:24:36 | 000,000,000 | ---D | M] -- C:\Users\Schneiderlein\AppData\Roaming\Synaptics ========== Purity Check ========== < End of report > ----------------------------------------------------------------------------------------- Extras: OTL Extras logfile created on: 16.04.2013 18:58:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Schneiderlein\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,95 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,72% Memory free 7,90 Gb Paging File | 5,90 Gb Available in Paging File | 74,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 445,25 Gb Total Space | 295,70 Gb Free Space | 66,41% Space Free | Partition Type: NTFS Drive D: | 16,35 Gb Total Space | 1,77 Gb Free Space | 10,84% Space Free | Partition Type: NTFS Drive E: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,32% Space Free | Partition Type: FAT32 Computer Name: KLATSCHE | User Name: Schneiderlein | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\°Eigene Programme\Tools\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\°Eigene Programme\Tools\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\°Eigene Programme\Tools\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\°Eigene Programme\Tools\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0D77A5F3-BC87-4D99-BA52-02FA68CEAAF3}" = lport=137 | protocol=17 | dir=in | app=system | "{0ECCC20E-DCDE-4A81-B363-A1A1C341C277}" = rport=445 | protocol=6 | dir=out | app=system | "{11DCDD18-CCD2-4E58-9287-DCABFDD74681}" = rport=138 | protocol=17 | dir=out | app=system | "{1782DBB2-1CE5-44D2-8D43-A12EEDB812AD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{252CE338-AB86-4FD9-9931-BDB917ED7986}" = rport=139 | protocol=6 | dir=out | app=system | "{2F5A32ED-3420-45E2-B3AD-A4C64A494163}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3BE79BF6-6945-4EDB-B3A8-5BEBE920A842}" = lport=138 | protocol=17 | dir=in | app=system | "{5DF49249-70A1-46A7-8809-3F23755FA5A6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{70253C24-8EDF-428A-AF3F-75AF34F43894}" = lport=2869 | protocol=6 | dir=in | app=system | "{89D3609C-CBC2-4C3D-A45C-64FFA2A567C1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8C020207-E5D3-43E5-919C-3A4FE41575C0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8C72E176-E8D5-4722-A552-AF7BAB24EE8E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{928EC54F-4A40-478E-962C-67AD55AD7F18}" = lport=10243 | protocol=6 | dir=in | app=system | "{9988E0D3-2AC4-47DA-AC48-8E975C15312E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9C15B58D-9603-472A-A97E-ADF96F62FFD9}" = rport=10243 | protocol=6 | dir=out | app=system | "{A24678A7-172B-4E0E-A4CB-EB17EA132D7C}" = lport=139 | protocol=6 | dir=in | app=system | "{B13CBD55-0E13-4318-AB58-11845F69797D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{BE63F1F7-825E-49B3-A9B1-14612D26DD92}" = rport=137 | protocol=17 | dir=out | app=system | "{C4A2DABF-FBF1-4787-ABC3-D5438723E707}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{CA89098C-8438-486F-ABCB-11019F1C49CF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CD3191E5-88E7-4407-85FC-57D35B8F7CE0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DEB84920-4BEB-4D93-9FF4-38E32EC77841}" = lport=445 | protocol=6 | dir=in | app=system | "{FBAFC778-A297-4D06-B15E-FFCCD55E93CE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{FF2CC679-939A-447A-80AC-900482C79D75}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework64\v3.0\windows communication foundation\smsvchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{008F03CD-8D9B-40F8-844D-0E000A73A848}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{02DCF5F4-EDCB-414E-82BF-E39E6DB26B7F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{0A8F0BFD-AC43-46EF-B88F-86A2068DF10A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{0D139159-CB1C-4E4B-9A43-995215D4BCA0}" = protocol=58 | dir=in | app=system | "{0D17EB02-460A-4B20-8387-7BCE9FD46090}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{13BD873A-EEDF-4E45-BE22-186A9E7B5C6C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{2C545E73-E8C0-4CDF-B065-BA02BF594D31}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{2E27061F-99C0-4A53-8EAB-7BCAC38F5F5A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{36E5983C-F972-41EF-A32E-A1F8486423BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{386016D5-5282-43FC-9A34-C6812AEE515B}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe | "{46B1D476-1F52-4F27-9746-1E6AFA2A1ABB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{5295AE6D-6767-436B-8E6A-48575A38F832}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{554AF29F-1C49-4DAE-B155-29BEEDBD4A4F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{56120E1D-6B07-40D6-93E2-3A4F85C169D9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{69F4F9ED-FEC7-42C0-B0AC-EB8C125D3A46}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{753D08BD-7233-47F7-A077-6604FC1D9897}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{76D5DDE5-52B2-4FF6-A5B3-A51C9D2A756D}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{80A255A3-6CF8-49E0-B714-47FF9EBE607F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{85428D9F-85EC-43FA-8D26-EB50FE262318}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AD1CFE31-809C-4E2B-9E48-C1770875DB60}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{AD5D445D-6A3F-4B0A-A788-23C8904D4B88}" = protocol=6 | dir=out | app=system | "{B1DEEE37-DDC7-4079-832E-6E5A93EB7E60}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B322C05E-F736-4AE7-AF2B-CC5F36951451}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe | "{C085AFF1-5246-4058-A211-DF6F84A35EC4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C333D32F-F851-4243-9D19-8CDDFAE04629}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{C6FC53F9-E248-4E2A-BBDF-6BDF8CD14C8C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C8B25757-ECB4-4AFC-BEFE-1D6647A2C9E6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D3D89D8F-2944-48B8-8F76-3E59A847EC2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D45DAC73-9DAB-4C50-BBEE-FB3C39198687}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{F3EC1711-6A72-40A8-A899-17F1024ED190}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{F8B0423C-9153-47AD-9110-DD98F4F744F6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{FD51A5BC-54CD-4261-971E-52D4E6E82C43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4F1190CB-24CC-29DC-3C85-CD8CFDDE045F}" = ccc-utility64 "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}" = HP Launch Box "{B066BF95-890E-A532-A58F-D13E0805DC04}" = ATI Catalyst Install Manager "{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "SynTPDeinstKey" = Synaptics TouchPad Driver "ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{03A3841B-038A-ADE1-A06A-158EAFF68A9E}" = Catalyst Control Center Profiles Mobile "{04A92BE5-E791-E374-01CB-B88CBFC1E8D1}" = PX Profile Update "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{09D5AC17-7B7A-D201-7CA6-3F16D99828FB}" = CCC Help Hungarian "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C4C413A-9751-48BE-78DC-80248F8B306F}" = CCC Help Japanese "{0F68E4AE-E8BA-1E4F-0CCA-B8678477A5CC}" = Catalyst Control Center "{16456401-9621-4F3D-836A-59EA425C471D}" = ZoneAlarm Security "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar "{1CFC5FB4-2ACB-870F-043A-638919624D4E}" = CCC Help English "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{24507E82-750C-3658-7C50-D5B7A1E27CCC}" = CCC Help Russian "{24ADC5BE-8B82-426F-8779-2308B54B00EE}" = ZoneAlarm Antivirus "{28448C64-6562-6D8C-2F76-8DF399956955}" = Catalyst Control Center Localization All "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2942CAF8-0934-96C2-5FC0-2ED331D0530A}" = CCC Help Italian "{2F2CA8CC-814B-67C1-CF19-A8A1A2A503C5}" = CCC Help Korean "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{31CEFF4E-B6D1-46A5-9169-7C67570E7FFA}" = HP SimplePass PE 2011 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33F88EFD-5661-7FA7-C638-FD6496A0BF2E}" = CCC Help Swedish "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{5036764A-435D-40C9-869C-31085A3D741D}" = HP Setup "{510446D7-2344-B59F-4CA5-66F5381D09FC}" = CCC Help Polish "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1 "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games) "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{737B13C5-990B-4339-8A4D-0FFEBBC3DB17}" = ZoneAlarm Firewall "{73FBB960-1893-0F86-8EC1-DD0527D3ABCA}" = CCC Help Turkish "{7F969F54-1D7F-5DA1-A9E2-59FC0A5F0FE0}" = Catalyst Control Center Graphics Previews Common "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B52057C-15DB-433E-957C-E279BC7D07E3}" = HP QuickWeb "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390 802.11b/g/n WiFi Adapter "{909DC555-322F-8A35-2550-6FC2E2EDFA23}" = CCC Help Finnish "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93CF9FA6-2A5E-4F8E-923E-F7D8741CB312}" = BabasChess "{949D6B51-10E8-4CD4-A81E-064E38240415}" = Catalyst Control Center - Branding "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95E5798A-9827-92AD-5201-1E9B25819886}" = CCC Help Chinese Traditional "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}" = HP On Screen Display "{9CDE574D-5471-24A1-07DC-0B0F06810E11}" = CCC Help Thai "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAA79CA2-D65D-966B-48C2-D6C16433482C}" = Catalyst Control Center InstallProxy "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{ABEF00D0-FCAE-4E47-8D4E-D4AE5FD72B15}" = HP Quick Launch "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B479B52B-4DE8-23FC-93CA-186D600F4A52}" = CCC Help Norwegian "{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0 "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C1A2F65D-720B-82A0-10F6-4FEE797880BB}" = CCC Help German "{C1BF14DC-3A45-8E0B-41C6-30E6D30F9968}" = CCC Help Chinese Standard "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C7861B58-149A-4546-AD1D-798865EF36CF}" = CCC Help Portuguese "{CBA9A6BF-1837-F0A4-79B6-15936EDC68AA}" = CCC Help Spanish "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}" = HP Software Framework "{D2FFFA5E-FEA5-073B-C371-3B3628D9A453}" = CCC Help French "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager "{DD75B28A-94C3-97C2-C389-EA6BF1C809B7}" = CCC Help Danish "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE15C5EC-7C30-44BF-ACEB-03960FC5601D}" = HP Documentation "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DFFB2B20-5D76-335C-2C24-CEF3791B30B8}" = CCC Help Dutch "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E7160D4F-B709-DFE4-9BF2-BB1C38598CF9}" = CCC Help Greek "{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver "{F70B153C-55D6-550A-7F50-6E09D99B1D7A}" = CCC Help Czech "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3 "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Arasan_is1" = Arasan 14.1 "EasyBits Magic Desktop" = Magic Desktop "Google Chrome" = Google Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "VIP Access SDK" = VIP Access SDK (1.0.1.2) "VLC media player" = VLC media player 1.1.9 "WildTangent hp Master Uninstall" = HP Games "WinLiveSuite" = Windows Live Essentials "WTA-005af271-c143-42fa-8974-58f7ee67917a" = Mah Jong Medley "WTA-129bdf76-a0c9-4dce-ba02-c90317142feb" = Mystery of Mortlake Mansion "WTA-140c8940-43ee-4237-a075-dbd2f5f9ac7e" = Chronicles of Albian "WTA-1539e007-aca6-4ccc-aa47-dfc0dbe73469" = Slingo Deluxe "WTA-202790ae-36ca-46e4-9c62-3e0a8ec8da10" = Farm Frenzy "WTA-2392d1da-ebfd-4a23-8f6e-24122084c906" = Cradle of Rome 2 "WTA-4eaf005f-ef42-48df-83f8-e6e2c18d804d" = Agatha Christie - Peril at End House "WTA-6d79f6c5-94ac-434a-896a-70a262f57885" = Cake Mania "WTA-75a129e6-3d18-4e24-9198-edad03db57a1" = Bejeweled 3 "WTA-7e641ae8-9930-4497-a366-80fa6fae93b6" = Zuma Deluxe "WTA-87e08b22-a9d3-4a1c-b1e0-547308059480" = Jewel Quest: The Sleepless Star - Collector's Edition "WTA-8cdc521f-1814-4469-a0c0-0c4ee3092449" = Plants vs. Zombies - Game of the Year "WTA-a70f4aaa-e209-4855-adc6-ecbe426fb291" = Jewel Quest Solitaire "WTA-ad36f2e7-3eb3-449c-863f-481e89978b6a" = FATE "WTA-aee88314-5d63-454b-8e12-be6dfd78bab4" = Vacation Quest - The Hawaiian Islands "WTA-d4819468-1ddf-4a7f-abeb-0d353a780e19" = Penguins! "WTA-d5c296e2-ecaf-4011-983d-d5eb0264fa9e" = Polar Bowler "WTA-dba1fe26-675e-4a18-8561-b8a52f1d2c02" = Virtual Villagers - The Secret City "WTA-e58473be-a898-4b08-a9dc-ad2a2f34351d" = Blasterball 3 "WTA-eeacb5c5-3051-403e-a905-b2f07a5e64cf" = Bounce Symphony "WTA-f3ef00d6-9d43-4dac-b514-c1e703bf9a4b" = Chuzzle Deluxe "WTA-fc6ac1c3-5feb-4f02-8b0f-afa10d55e100" = Governor of Poker 2 Premium Edition "WTA-fdb9e171-f605-483b-9e60-4b78b576aba3" = Namco All-Stars: PAC-MAN "ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall "ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 28.03.2013 11:52:32 | Computer Name = Klatsche | Source = WinMgmt | ID = 10 Description = Error - 29.03.2013 02:53:04 | Computer Name = Klatsche | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 29.03.2013 02:53:04 | Computer Name = Klatsche | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 29.03.2013 02:53:04 | Computer Name = Klatsche | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 29.03.2013 02:53:04 | Computer Name = Klatsche | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 29.03.2013 06:28:20 | Computer Name = Klatsche | Source = WinMgmt | ID = 10 Description = Error - 29.03.2013 08:53:42 | Computer Name = Klatsche | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 01.04.2013 16:32:49 | Computer Name = Klatsche | Source = WinMgmt | ID = 10 Description = Error - 01.04.2013 16:53:49 | Computer Name = Klatsche | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 01.04.2013 16:55:03 | Computer Name = Klatsche | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 27.03.2013 15:12:28 | Computer Name = Klatsche | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR7 gefunden. Error - 27.03.2013 15:12:29 | Computer Name = Klatsche | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR7 gefunden. Error - 27.03.2013 15:12:29 | Computer Name = Klatsche | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR7 gefunden. Error - 27.03.2013 15:53:15 | Computer Name = Klatsche | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AMD External Events Utility erreicht. Error - 27.03.2013 18:39:40 | Computer Name = Klatsche | Source = DCOM | ID = 10010 Description = Error - 06.04.2013 16:00:31 | Computer Name = Klatsche | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HPWMISVC erreicht. Error - 10.04.2013 13:51:57 | Computer Name = Klatsche | Source = DCOM | ID = 10016 Description = Error - 10.04.2013 13:51:57 | Computer Name = Klatsche | Source = DCOM | ID = 10016 Description = Error - 10.04.2013 13:51:58 | Computer Name = Klatsche | Source = DCOM | ID = 10016 Description = Error - 10.04.2013 13:51:58 | Computer Name = Klatsche | Source = DCOM | ID = 10016 Description = < End of report > Ich würde außerdem gerne wissen, wie ich den Text in ein kleines Fenster bekomme   fürs Lesen, bis dann |
|
17.04.2013, 14:49
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Trojaner DomaIQ Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Ist dein Virenscanner jemals fündig geworden? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
17.04.2013, 17:02
| #3 |
| | Trojaner DomaIQ Hallo Cosinus, danke,
__________________ich habe noch einen weiteren Log, das von GMER habe ich gestern vergessen. hier: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-17 17:48:01
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0005 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\SCHNEI~1\AppData\Local\Temp\kwtyqpow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a81465 2 bytes [A8, 77]
.text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a814bb 2 bytes [A8, 77]
.text ... * 2
.text C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe[2020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a81465 2 bytes [A8, 77]
.text C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe[2020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a814bb 2 bytes [A8, 77]
.text ... * 2
.text C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe[1484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a81465 2 bytes [A8, 77]
.text C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe[1484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a814bb 2 bytes [A8, 77]
.text ... * 2
.text C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[4148] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000762187b1 5 bytes [33, C0, C2, 04, 00]
.text C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a81465 2 bytes [A8, 77]
.text C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a814bb 2 bytes [A8, 77]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4472] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a81465 2 bytes [A8, 77]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4472] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a814bb 2 bytes [A8, 77]
.text ... * 2
.text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a81465 2 bytes [A8, 77]
.text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a814bb 2 bytes [A8, 77]
.text ... * 2
.text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a81465 2 bytes [A8, 77]
.text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[3784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a814bb 2 bytes [A8, 77]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [1208:3308] 000007fef5129688
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2324:1220] 000007fefc392a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2324:2504] 000007fef40dd618
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2324:3456] 000007fef4079730
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2324:3460] 000007fef40dd618
---- EOF - GMER 2.1 ----
Ich habe meinen Pc vor ein paar Wochen auf seine Werkseinstellungen zurückgesetzt, seitedem hatte ich keine Meldung von Zonealarm. Falls vor der Zurücksetzung irgendwann mal unerwünscht etwas bei mir gelandet ist, dann in der Quarantäne. Das war's an Logs und Info, mehr habe ich nicht. |
|
17.04.2013, 22:58
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner DomaIQZitat:
Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.04.2013, 16:38
| #5 |
| | Trojaner DomaIQ mbar: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.04.18.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Schneiderlein :: KLATSCHE [administrator]
18.04.2013 16:14:22
mbar-log-2013-04-18 (16-14-22).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28602
Time elapsed: 8 minute(s), 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 5
c:\$Recycle.Bin\S-1-5-21-531040736-1700715746-4256683230-1000\$R2MI6EQ.exe (Adware.DomaIQ) -> Delete on reboot.
c:\$Recycle.Bin\S-1-5-21-531040736-1700715746-4256683230-1000\$R3FICB0.exe (Adware.DomaIQ) -> Delete on reboot.
c:\$Recycle.Bin\S-1-5-21-531040736-1700715746-4256683230-1000\$RB33F0M.exe (Adware.DomaIQ) -> Delete on reboot.
c:\$Recycle.Bin\S-1-5-21-531040736-1700715746-4256683230-1000\$RM324O7.exe (Adware.DomaIQ) -> Delete on reboot.
c:\$Recycle.Bin\S-1-5-21-531040736-1700715746-4256683230-1000\$RYTQJZU.exe (Adware.DomaIQ) -> Delete on reboot.
(end)
aswMBR (Bei diesem Scan ist mein Pc abgestürzt, nach Neustart hat es aber funktioniert): Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-18 16:41:22
-----------------------------
16:41:22.662 OS Version: Windows x64 6.1.7601 Service Pack 1
16:41:22.662 Number of processors: 4 586 0x2A07
16:41:22.663 ComputerName: KLATSCHE UserName:
16:41:24.953 Initialize success
16:46:10.451 AVAST engine defs: 13041800
16:46:27.730 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:46:27.737 Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 3
16:46:27.916 Disk 0 MBR read successfully
16:46:27.921 Disk 0 MBR scan
16:46:27.932 Disk 0 Windows 7 default MBR code
16:46:27.948 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
16:46:27.955 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 455932 MB offset 409600
16:46:27.991 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16744 MB offset 934158336
16:46:28.016 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 968450048
16:46:28.172 Disk 0 scanning C:\Windows\system32\drivers
16:46:38.168 Service scanning
16:47:01.478 Modules scanning
16:47:01.497 Disk 0 trace - called modules:
16:47:01.579 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:47:01.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800758f060]
16:47:01.603 3 CLASSPNP.SYS[fffff88000dc343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004cd4050]
16:47:03.256 AVAST engine scan C:\Windows
16:47:05.878 AVAST engine scan C:\Windows\system32
16:49:58.066 AVAST engine scan C:\Windows\system32\drivers
16:50:10.350 AVAST engine scan C:\Users\Schneiderlein
16:56:18.142 Disk 0 MBR has been saved successfully to "C:\Users\Schneiderlein\Desktop\MBR.dat"
16:56:18.188 The log file has been saved successfully to "C:\Users\Schneiderlein\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-18 17:07:35
-----------------------------
17:07:35.986 OS Version: Windows x64 6.1.7601 Service Pack 1
17:07:35.986 Number of processors: 4 586 0x2A07
17:07:35.986 ComputerName: KLATSCHE UserName:
17:07:38.474 Initialize success
17:07:51.031 AVAST engine defs: 13041800
17:07:53.737 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:07:53.752 Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 3
17:07:53.908 Disk 0 MBR read successfully
17:07:53.908 Disk 0 MBR scan
17:07:53.924 Disk 0 Windows 7 default MBR code
17:07:53.939 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
17:07:53.955 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 455932 MB offset 409600
17:07:54.002 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16744 MB offset 934158336
17:07:54.064 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 968450048
17:07:54.329 Disk 0 scanning C:\Windows\system32\drivers
17:08:07.842 Service scanning
17:08:42.666 Modules scanning
17:08:42.666 Disk 0 trace - called modules:
17:08:43.197 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:08:43.197 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007593060]
17:08:43.212 3 CLASSPNP.SYS[fffff880015c943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004d07050]
17:08:45.833 AVAST engine scan C:\Windows
17:09:05.820 AVAST engine scan C:\Windows\system32
17:11:59.197 AVAST engine scan C:\Windows\system32\drivers
17:12:26.151 AVAST engine scan C:\Users\Schneiderlein
17:22:12.541 AVAST engine scan C:\ProgramData
17:24:16.854 Scan finished successfully
17:25:58.711 Disk 0 MBR has been saved successfully to "C:\Users\Schneiderlein\Desktop\MBR.dat"
17:25:58.711 The log file has been saved successfully to "C:\Users\Schneiderlein\Desktop\aswMBR.txt"
tdsskiller: muss ich anhängen, ist zu lang. Danke |
|
19.04.2013, 00:04
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner DomaIQ Wo ist der Anhang?
__________________ --> Trojaner DomaIQ |
|
22.04.2013, 17:03
| #7 |
| | Trojaner DomaIQ Habe ich vergessen, hier kommt's aber zweigeteilt: Code:
ATTFilter 17:27:54.0841 3968 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:27:55.0065 3968 ============================================================
17:27:55.0065 3968 Current date / time: 2013/04/18 17:27:55.0065
17:27:55.0065 3968 SystemInfo:
17:27:55.0065 3968
17:27:55.0065 3968 OS Version: 6.1.7601 ServicePack: 1.0
17:27:55.0065 3968 Product type: Workstation
17:27:55.0065 3968 ComputerName: KLATSCHE
17:27:55.0065 3968 UserName: Schneiderlein
17:27:55.0065 3968 Windows directory: C:\Windows
17:27:55.0065 3968 System windows directory: C:\Windows
17:27:55.0065 3968 Running under WOW64
17:27:55.0065 3968 Processor architecture: Intel x64
17:27:55.0065 3968 Number of processors: 4
17:27:55.0065 3968 Page size: 0x1000
17:27:55.0065 3968 Boot type: Normal boot
17:27:55.0065 3968 ============================================================
17:27:55.0820 3968 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:27:55.0828 3968 ============================================================
17:27:55.0828 3968 \Device\Harddisk0\DR0:
17:27:55.0829 3968 MBR partitions:
17:27:55.0829 3968 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:27:55.0829 3968 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37A7E000
17:27:55.0829 3968 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37AE2000, BlocksNum 0x20B4000
17:27:55.0829 3968 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
17:27:55.0829 3968 ============================================================
17:27:55.0874 3968 C: <-> \Device\Harddisk0\DR0\Partition2
17:27:56.0078 3968 D: <-> \Device\Harddisk0\DR0\Partition3
17:27:56.0130 3968 E: <-> \Device\Harddisk0\DR0\Partition4
17:27:56.0130 3968 ============================================================
17:27:56.0130 3968 Initialize success
17:27:56.0130 3968 ============================================================
17:28:14.0179 1240 ============================================================
17:28:14.0179 1240 Scan started
17:28:14.0180 1240 Mode: Manual;
17:28:14.0180 1240 ============================================================
17:28:14.0944 1240 ================ Scan system memory ========================
17:28:14.0944 1240 System memory - ok
17:28:14.0946 1240 ================ Scan services =============================
17:28:15.0124 1240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:28:15.0130 1240 1394ohci - ok
17:28:15.0169 1240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:28:15.0179 1240 ACPI - ok
17:28:15.0211 1240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:28:15.0212 1240 AcpiPmi - ok
17:28:15.0241 1240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:28:15.0264 1240 adp94xx - ok
17:28:15.0297 1240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:28:15.0306 1240 adpahci - ok
17:28:15.0320 1240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:28:15.0325 1240 adpu320 - ok
17:28:15.0361 1240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:28:15.0364 1240 AeLookupSvc - ok
17:28:15.0408 1240 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:28:15.0416 1240 AFD - ok
17:28:15.0447 1240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:28:15.0448 1240 agp440 - ok
17:28:15.0483 1240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:28:15.0486 1240 ALG - ok
17:28:15.0521 1240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:28:15.0523 1240 aliide - ok
17:28:15.0569 1240 [ 46052887A640397A834CFA61D607BFC5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:28:15.0573 1240 AMD External Events Utility - ok
17:28:15.0602 1240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:28:15.0604 1240 amdide - ok
17:28:15.0641 1240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:28:15.0642 1240 AmdK8 - ok
17:28:15.0853 1240 [ F419E5CC07DECDAB85E4E6ADAB1DBB49 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:28:16.0075 1240 amdkmdag - ok
17:28:16.0115 1240 [ A2F3F99349169D53E91A953A6F539635 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:28:16.0121 1240 amdkmdap - ok
17:28:16.0146 1240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:28:16.0147 1240 AmdPPM - ok
17:28:16.0171 1240 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:28:16.0175 1240 amdsata - ok
17:28:16.0219 1240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:28:16.0222 1240 amdsbs - ok
17:28:16.0242 1240 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:28:16.0246 1240 amdxata - ok
17:28:16.0271 1240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:28:16.0272 1240 AppID - ok
17:28:16.0293 1240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:28:16.0295 1240 AppIDSvc - ok
17:28:16.0307 1240 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:28:16.0310 1240 Appinfo - ok
17:28:16.0331 1240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:28:16.0334 1240 arc - ok
17:28:16.0344 1240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:28:16.0347 1240 arcsas - ok
17:28:16.0373 1240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:28:16.0374 1240 AsyncMac - ok
17:28:16.0400 1240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:28:16.0401 1240 atapi - ok
17:28:16.0472 1240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:28:16.0500 1240 AudioEndpointBuilder - ok
17:28:16.0532 1240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:28:16.0544 1240 AudioSrv - ok
17:28:16.0577 1240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:28:16.0580 1240 AxInstSV - ok
17:28:16.0621 1240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:28:16.0637 1240 b06bdrv - ok
17:28:16.0697 1240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:28:16.0705 1240 b57nd60a - ok
17:28:16.0906 1240 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
17:28:16.0908 1240 BBSvc - ok
17:28:16.0943 1240 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
17:28:16.0945 1240 BBUpdate - ok
17:28:16.0994 1240 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:28:17.0028 1240 BCM43XX - ok
17:28:17.0079 1240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:28:17.0081 1240 BDESVC - ok
17:28:17.0099 1240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:28:17.0100 1240 Beep - ok
17:28:17.0152 1240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:28:17.0175 1240 BFE - ok
17:28:17.0221 1240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:28:17.0243 1240 BITS - ok
17:28:17.0316 1240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:28:17.0318 1240 blbdrive - ok
17:28:17.0353 1240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:28:17.0354 1240 bowser - ok
17:28:17.0372 1240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:28:17.0373 1240 BrFiltLo - ok
17:28:17.0386 1240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:28:17.0386 1240 BrFiltUp - ok
17:28:17.0415 1240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:28:17.0418 1240 Browser - ok
17:28:17.0444 1240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:28:17.0447 1240 Brserid - ok
17:28:17.0523 1240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:28:17.0525 1240 BrSerWdm - ok
17:28:17.0538 1240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:28:17.0544 1240 BrUsbMdm - ok
17:28:17.0576 1240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:28:17.0581 1240 BrUsbSer - ok
17:28:17.0596 1240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:28:17.0599 1240 BTHMODEM - ok
17:28:17.0706 1240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:28:17.0710 1240 bthserv - ok
17:28:17.0757 1240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:28:17.0763 1240 cdfs - ok
17:28:17.0863 1240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:28:17.0866 1240 cdrom - ok
17:28:17.0975 1240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:28:17.0980 1240 CertPropSvc - ok
17:28:18.0053 1240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:28:18.0060 1240 circlass - ok
17:28:18.0149 1240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:28:18.0155 1240 CLFS - ok
17:28:18.0404 1240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:28:18.0434 1240 clr_optimization_v2.0.50727_32 - ok
17:28:18.0631 1240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:28:18.0641 1240 clr_optimization_v2.0.50727_64 - ok
17:28:18.0857 1240 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:28:18.0870 1240 clwvd - ok
17:28:19.0038 1240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:28:19.0039 1240 CmBatt - ok
17:28:19.0071 1240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:28:19.0072 1240 cmdide - ok
17:28:19.0181 1240 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:28:19.0220 1240 CNG - ok
17:28:19.0262 1240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:28:19.0269 1240 Compbatt - ok
17:28:19.0335 1240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:28:19.0337 1240 CompositeBus - ok
17:28:19.0373 1240 COMSysApp - ok
17:28:19.0401 1240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:28:19.0402 1240 crcdisk - ok
17:28:19.0505 1240 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:28:19.0511 1240 CryptSvc - ok
17:28:19.0684 1240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:28:19.0692 1240 DcomLaunch - ok
17:28:19.0734 1240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:28:19.0739 1240 defragsvc - ok
17:28:19.0772 1240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:28:19.0774 1240 DfsC - ok
17:28:19.0798 1240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:28:19.0803 1240 Dhcp - ok
17:28:19.0810 1240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:28:19.0811 1240 discache - ok
17:28:19.0851 1240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:28:19.0853 1240 Disk - ok
17:28:19.0875 1240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:28:19.0878 1240 Dnscache - ok
17:28:19.0898 1240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:28:19.0902 1240 dot3svc - ok
17:28:19.0912 1240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:28:19.0916 1240 DPS - ok
17:28:19.0949 1240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:28:19.0949 1240 drmkaud - ok
17:28:19.0978 1240 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:28:20.0001 1240 DXGKrnl - ok
17:28:20.0022 1240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:28:20.0025 1240 EapHost - ok
17:28:20.0100 1240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:28:20.0178 1240 ebdrv - ok
17:28:20.0205 1240 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:28:20.0206 1240 EFS - ok
17:28:20.0287 1240 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:28:20.0316 1240 ehRecvr - ok
17:28:20.0338 1240 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:28:20.0344 1240 ehSched - ok
17:28:20.0388 1240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:28:20.0411 1240 elxstor - ok
17:28:20.0431 1240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:28:20.0433 1240 ErrDev - ok
17:28:20.0490 1240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:28:20.0513 1240 EventSystem - ok
17:28:20.0542 1240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:28:20.0547 1240 exfat - ok
17:28:20.0574 1240 ezSharedSvc - ok
17:28:20.0601 1240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:28:20.0611 1240 fastfat - ok
17:28:20.0887 1240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:28:20.0921 1240 Fax - ok
17:28:20.0940 1240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:28:20.0941 1240 fdc - ok
17:28:20.0964 1240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:28:20.0966 1240 fdPHost - ok
17:28:20.0981 1240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:28:20.0984 1240 FDResPub - ok
17:28:21.0015 1240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:28:21.0018 1240 FileInfo - ok
17:28:21.0022 1240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:28:21.0023 1240 Filetrace - ok
17:28:21.0038 1240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:28:21.0039 1240 flpydisk - ok
17:28:21.0065 1240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:28:21.0071 1240 FltMgr - ok
17:28:21.0128 1240 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:28:21.0165 1240 FontCache - ok
17:28:21.0211 1240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:28:21.0212 1240 FontCache3.0.0.0 - ok
17:28:21.0279 1240 [ 26065327BB2AA358140381FC76520908 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
17:28:21.0284 1240 FPLService - ok
17:28:21.0295 1240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:28:21.0296 1240 FsDepends - ok
17:28:21.0335 1240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:28:21.0337 1240 Fs_Rec - ok
17:28:21.0368 1240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:28:21.0372 1240 fvevol - ok
17:28:21.0407 1240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:28:21.0410 1240 gagp30kx - ok
17:28:21.0502 1240 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:28:21.0509 1240 GamesAppService - ok
17:28:21.0570 1240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:28:21.0604 1240 gpsvc - ok
17:28:21.0651 1240 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:28:21.0654 1240 gupdate - ok
17:28:21.0663 1240 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:28:21.0665 1240 gupdatem - ok
17:28:21.0700 1240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:28:21.0702 1240 hcw85cir - ok
17:28:21.0743 1240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:28:21.0752 1240 HdAudAddService - ok
17:28:21.0777 1240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:28:21.0782 1240 HDAudBus - ok
17:28:21.0798 1240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:28:21.0800 1240 HidBatt - ok
17:28:21.0808 1240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:28:21.0809 1240 HidBth - ok
17:28:21.0826 1240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:28:21.0827 1240 HidIr - ok
17:28:21.0848 1240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:28:21.0851 1240 hidserv - ok
17:28:21.0879 1240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:28:21.0882 1240 HidUsb - ok
17:28:21.0917 1240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:28:21.0923 1240 hkmsvc - ok
17:28:21.0947 1240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:28:21.0956 1240 HomeGroupListener - ok
17:28:21.0976 1240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:28:21.0982 1240 HomeGroupProvider - ok
17:28:22.0056 1240 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:28:22.0059 1240 HP Support Assistant Service - ok
17:28:22.0136 1240 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
17:28:22.0145 1240 HPAuto - ok
17:28:22.0165 1240 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:28:22.0167 1240 HPClientSvc - ok
17:28:22.0231 1240 [ 9BFDA0BC109EB6D16F2CB862BB85E28C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:28:22.0235 1240 HPDrvMntSvc.exe - ok
17:28:22.0283 1240 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:28:22.0289 1240 hpqwmiex - ok
17:28:22.0316 1240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:28:22.0319 1240 HpSAMD - ok
17:28:22.0380 1240 [ 28E15C3D39DCD27A79251BA0BF216A11 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:28:22.0382 1240 HPWMISVC - ok
17:28:22.0410 1240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:28:22.0432 1240 HTTP - ok
17:28:22.0445 1240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:28:22.0446 1240 hwpolicy - ok
17:28:22.0468 1240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:28:22.0471 1240 i8042prt - ok
17:28:22.0508 1240 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:28:22.0514 1240 iaStor - ok
17:28:22.0556 1240 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:28:22.0557 1240 IAStorDataMgrSvc - ok
17:28:22.0590 1240 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:28:22.0601 1240 iaStorV - ok
17:28:23.0071 1240 [ D22D82D74FD1B6C77E7556DBDC3EA9D2 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:28:23.0098 1240 IconMan_R - ok
17:28:23.0179 1240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:28:23.0200 1240 idsvc - ok
17:28:23.0235 1240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:28:23.0235 1240 iirsp - ok
17:28:23.0272 1240 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:28:23.0295 1240 IKEEXT - ok
17:28:23.0344 1240 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:28:23.0352 1240 IntcDAud - ok
17:28:23.0380 1240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:28:23.0381 1240 intelide - ok
17:28:23.0647 1240 [ 6383899C5F964D71B0F96B81FBE59BB8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
17:28:23.0913 1240 intelkmd - ok
17:28:23.0970 1240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:28:23.0972 1240 intelppm - ok
17:28:23.0995 1240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:28:23.0998 1240 IPBusEnum - ok
17:28:24.0018 1240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:28:24.0019 1240 IpFilterDriver - ok
17:28:24.0040 1240 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:28:24.0049 1240 iphlpsvc - ok
17:28:24.0063 1240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:28:24.0064 1240 IPMIDRV - ok
17:28:24.0068 1240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:28:24.0069 1240 IPNAT - ok
17:28:24.0081 1240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:28:24.0082 1240 IRENUM - ok
17:28:24.0103 1240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:28:24.0105 1240 isapnp - ok
17:28:24.0123 1240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:28:24.0125 1240 iScsiPrt - ok
17:28:24.0190 1240 [ BE72D2B3A99615F84E270C80F0A18448 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
17:28:24.0192 1240 ISWKL - ok
17:28:24.0233 1240 [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
17:28:24.0237 1240 IswSvc - ok
17:28:24.0297 1240 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
17:28:24.0301 1240 jhi_service - ok
17:28:24.0335 1240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:28:24.0338 1240 kbdclass - ok
17:28:24.0364 1240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:28:24.0368 1240 kbdhid - ok
17:28:24.0387 1240 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:28:24.0389 1240 KeyIso - ok
17:28:24.0470 1240 [ BDCDA87DD466867A8A7C405D52DD9260 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
17:28:24.0492 1240 KLIF - ok
17:28:24.0514 1240 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:28:24.0517 1240 KSecDD - ok
17:28:24.0538 1240 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:28:24.0543 1240 KSecPkg - ok
17:28:24.0571 1240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:28:24.0572 1240 ksthunk - ok
17:28:24.0616 1240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:28:24.0626 1240 KtmRm - ok
17:28:24.0770 1240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:28:24.0779 1240 LanmanServer - ok
17:28:24.0830 1240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:28:24.0837 1240 LanmanWorkstation - ok
17:28:24.0873 1240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:28:24.0875 1240 lltdio - ok
17:28:24.0911 1240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:28:24.0920 1240 lltdsvc - ok
17:28:24.0940 1240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:28:24.0945 1240 lmhosts - ok
17:28:25.0002 1240 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:28:25.0007 1240 LMS - ok
17:28:25.0053 1240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:28:25.0055 1240 LSI_FC - ok
17:28:25.0063 1240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:28:25.0066 1240 LSI_SAS - ok
17:28:25.0074 1240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:28:25.0075 1240 LSI_SAS2 - ok
17:28:25.0081 1240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:28:25.0084 1240 LSI_SCSI - ok
17:28:25.0101 1240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:28:25.0104 1240 luafv - ok
17:28:25.0129 1240 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:28:25.0134 1240 Mcx2Svc - ok
17:28:25.0154 1240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:28:25.0155 1240 megasas - ok
17:28:25.0189 1240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:28:25.0195 1240 MegaSR - ok
17:28:25.0238 1240 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:28:25.0240 1240 MEIx64 - ok
17:28:25.0254 1240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:28:25.0257 1240 MMCSS - ok
17:28:25.0281 1240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:28:25.0282 1240 Modem - ok
17:28:25.0299 1240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:28:25.0300 1240 monitor - ok
17:28:25.0319 1240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:28:25.0321 1240 mouclass - ok
17:28:25.0335 1240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:28:25.0336 1240 mouhid - ok
17:28:25.0355 1240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:28:25.0358 1240 mountmgr - ok
17:28:25.0381 1240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:28:25.0385 1240 mpio - ok
17:28:25.0407 1240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:28:25.0408 1240 mpsdrv - ok
17:28:25.0448 1240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:28:25.0470 1240 MpsSvc - ok
17:28:25.0494 1240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:28:25.0497 1240 MRxDAV - ok
17:28:25.0520 1240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:28:25.0523 1240 mrxsmb - ok
17:28:25.0556 1240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:28:25.0564 1240 mrxsmb10 - ok
17:28:25.0596 1240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:28:25.0598 1240 mrxsmb20 - ok
17:28:25.0623 1240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:28:25.0625 1240 msahci - ok
17:28:25.0647 1240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:28:25.0649 1240 msdsm - ok
17:28:25.0665 1240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:28:25.0671 1240 MSDTC - ok
17:28:25.0677 1240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:28:25.0679 1240 Msfs - ok
17:28:25.0706 1240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:28:25.0707 1240 mshidkmdf - ok
17:28:25.0711 1240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:28:25.0713 1240 msisadrv - ok
17:28:25.0739 1240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:28:25.0744 1240 MSiSCSI - ok
17:28:25.0748 1240 msiserver - ok
17:28:25.0769 1240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:28:25.0770 1240 MSKSSRV - ok
17:28:25.0802 1240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:28:25.0803 1240 MSPCLOCK - ok
17:28:25.0822 1240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:28:25.0823 1240 MSPQM - ok
17:28:25.0850 1240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:28:25.0855 1240 MsRPC - ok
17:28:25.0862 1240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:28:25.0863 1240 mssmbios - ok
17:28:25.0879 1240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:28:25.0881 1240 MSTEE - ok
17:28:25.0892 1240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:28:25.0893 1240 MTConfig - ok
17:28:25.0897 1240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:28:25.0898 1240 Mup - ok
17:28:25.0935 1240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:28:25.0943 1240 napagent - ok
17:28:25.0980 1240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:28:25.0988 1240 NativeWifiP - ok
17:28:26.0035 1240 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:28:26.0069 1240 NDIS - ok
17:28:26.0102 1240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:28:26.0103 1240 NdisCap - ok
17:28:26.0145 1240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:28:26.0148 1240 NdisTapi - ok
17:28:26.0166 1240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:28:26.0169 1240 Ndisuio - ok
17:28:26.0181 1240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:28:26.0187 1240 NdisWan - ok
17:28:26.0192 1240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:28:26.0195 1240 NDProxy - ok
17:28:26.0207 1240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:28:26.0209 1240 NetBIOS - ok
17:28:26.0230 1240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:28:26.0255 1240 NetBT - ok
17:28:26.0280 1240 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:28:26.0284 1240 Netlogon - ok
17:28:26.0327 1240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:28:26.0350 1240 Netman - ok
17:28:26.0393 1240 [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:28:26.0398 1240 NetMsmqActivator - ok
17:28:26.0405 1240 [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:28:26.0407 1240 NetPipeActivator - ok
17:28:26.0434 1240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:28:26.0443 1240 netprofm - ok
17:28:26.0514 1240 [ 5758FD37BF31E759F8610311E4D08ECA ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
17:28:26.0580 1240 netr28x - ok
17:28:26.0624 1240 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:28:26.0627 1240 NetTcpActivator - ok
17:28:26.0634 1240 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:28:26.0638 1240 NetTcpPortSharing - ok
17:28:26.0807 1240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:28:26.0809 1240 nfrd960 - ok
17:28:26.0854 1240 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:28:26.0866 1240 NlaSvc - ok
17:28:26.0883 1240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:28:26.0884 1240 Npfs - ok
17:28:26.0890 1240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:28:26.0893 1240 nsi - ok
17:28:26.0903 1240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:28:26.0904 1240 nsiproxy - ok
17:28:26.0955 1240 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:28:26.0995 1240 Ntfs - ok
17:28:27.0078 1240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:28:27.0080 1240 Null - ok
17:28:27.0148 1240 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
17:28:27.0158 1240 NVENETFD - ok
17:28:27.0195 1240 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:28:27.0199 1240 nvraid - ok
17:28:27.0210 1240 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:28:27.0214 1240 nvstor - ok
17:28:27.0226 1240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:28:27.0229 1240 nv_agp - ok
17:28:27.0262 1240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:28:27.0264 1240 ohci1394 - ok
17:28:27.0297 1240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:28:27.0305 1240 p2pimsvc - ok
17:28:27.0323 1240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:28:27.0331 1240 p2psvc - ok
17:28:27.0353 1240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:28:27.0356 1240 Parport - ok
17:28:27.0374 1240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:28:27.0377 1240 partmgr - ok
17:28:27.0391 1240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:28:27.0396 1240 PcaSvc - ok
17:28:27.0406 1240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:28:27.0410 1240 pci - ok
17:28:27.0423 1240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:28:27.0424 1240 pciide - ok
17:28:27.0439 1240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:28:27.0442 1240 pcmcia - ok
17:28:27.0463 1240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:28:27.0465 1240 pcw - ok
17:28:27.0485 1240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:28:27.0493 1240 PEAUTH - ok
17:28:27.0562 1240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:28:27.0566 1240 PerfHost - ok
17:28:27.0631 1240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:28:27.0665 1240 pla - ok
17:28:27.0712 1240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:28:27.0721 1240 PlugPlay - ok
17:28:27.0731 1240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:28:27.0735 1240 PNRPAutoReg - ok
17:28:27.0758 1240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:28:27.0761 1240 PNRPsvc - ok
17:28:27.0795 1240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:28:27.0803 1240 PolicyAgent - ok
17:28:27.0823 1240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:28:27.0827 1240 Power - ok
17:28:27.0855 1240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:28:27.0856 1240 PptpMiniport - ok
17:28:27.0872 1240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:28:27.0874 1240 Processor - ok
17:28:27.0912 1240 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
17:28:27.0917 1240 ProfSvc - ok
17:28:27.0930 1240 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:28:27.0932 1240 ProtectedStorage - ok
17:28:27.0954 1240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:28:27.0956 1240 Psched - ok
17:28:28.0055 1240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:28:28.0098 1240 ql2300 - ok
17:28:28.0118 1240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:28:28.0123 1240 ql40xx - ok
17:28:28.0150 1240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:28:28.0154 1240 QWAVE - ok
17:28:28.0215 1240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:28:28.0221 1240 QWAVEdrv - ok
17:28:28.0249 1240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:28:28.0255 1240 RasAcd - ok
17:28:28.0329 1240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:28:28.0329 1240 RasAgileVpn - ok
17:28:28.0364 1240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:28:28.0366 1240 RasAuto - ok
17:28:28.0393 1240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:28:28.0394 1240 Rasl2tp - ok
17:28:28.0430 1240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:28:28.0449 1240 RasMan - ok
17:28:28.0456 1240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:28:28.0457 1240 RasPppoe - ok
17:28:28.0490 1240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:28:28.0491 1240 RasSstp - ok
17:28:28.0497 1240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:28:28.0501 1240 rdbss - ok
17:28:28.0516 1240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:28:28.0517 1240 rdpbus - ok
17:28:28.0594 1240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:28:28.0595 1240 RDPCDD - ok
17:28:28.0651 1240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:28:28.0653 1240 RDPENCDD - ok
17:28:28.0746 1240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:28:28.0748 1240 RDPREFMP - ok
17:28:28.0780 1240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:28:28.0786 1240 RDPWD - ok
17:28:28.0824 1240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:28:28.0831 1240 rdyboost - ok
17:28:28.0863 1240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:28:28.0870 1240 RemoteAccess - ok
17:28:28.0888 1240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:28:28.0896 1240 RemoteRegistry - ok
17:28:28.0907 1240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:28:28.0913 1240 RpcEptMapper - ok
17:28:28.0926 1240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:28:28.0929 1240 RpcLocator - ok
17:28:28.0952 1240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:28:28.0960 1240 RpcSs - ok
17:28:28.0991 1240 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
17:28:28.0996 1240 RSPCIESTOR - ok
17:28:29.0018 1240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:28:29.0019 1240 rspndr - ok
17:28:29.0057 1240 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:28:29.0063 1240 RTL8167 - ok
17:28:29.0076 1240 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:28:29.0077 1240 SamSs - ok
17:28:29.0091 1240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:28:29.0092 1240 sbp2port - ok
17:28:29.0118 1240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:28:29.0123 1240 SCardSvr - ok
17:28:29.0140 1240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:28:29.0141 1240 scfilter - ok
17:28:29.0173 1240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:28:29.0199 1240 Schedule - ok
17:28:29.0223 1240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:28:29.0224 1240 SCPolicySvc - ok
17:28:29.0263 1240 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:28:29.0266 1240 sdbus - ok
17:28:29.0296 1240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:28:29.0304 1240 SDRSVC - ok
17:28:29.0335 1240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:28:29.0336 1240 secdrv - ok
17:28:29.0351 1240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:28:29.0355 1240 seclogon - ok
17:28:29.0373 1240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:28:29.0377 1240 SENS - ok
17:28:29.0389 1240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:28:29.0392 1240 SensrSvc - ok
17:28:29.0405 1240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:28:29.0406 1240 Serenum - ok
17:28:29.0441 1240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:28:29.0443 1240 Serial - ok
17:28:29.0478 1240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:28:29.0480 1240 sermouse - ok
17:28:29.0532 1240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:28:29.0536 1240 SessionEnv - ok
17:28:29.0560 1240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:28:29.0562 1240 sffdisk - ok
17:28:29.0579 1240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:28:29.0580 1240 sffp_mmc - ok
17:28:29.0590 1240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:28:29.0592 1240 sffp_sd - ok
17:28:29.0607 1240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:28:29.0609 1240 sfloppy - ok
17:28:29.0629 1240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:28:29.0637 1240 SharedAccess - ok
17:28:29.0662 1240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:28:29.0670 1240 ShellHWDetection - ok
17:28:29.0711 1240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:28:29.0713 1240 SiSRaid2 - ok
17:28:29.0729 1240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:28:29.0732 1240 SiSRaid4 - ok
17:28:29.0767 1240 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:28:29.0769 1240 SkypeUpdate - ok
17:28:29.0875 1240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:28:29.0878 1240 Smb - ok
17:28:29.0914 1240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:28:29.0918 1240 SNMPTRAP - ok
17:28:29.0933 1240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:28:29.0935 1240 spldr - ok
17:28:29.0958 1240 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
17:28:29.0966 1240 Spooler - ok
17:28:30.0074 1240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:28:30.0104 1240 sppsvc - ok
17:28:30.0129 1240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:28:30.0131 1240 sppuinotify - ok
17:28:30.0151 1240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:28:30.0160 1240 srv - ok
17:28:30.0173 1240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:28:30.0180 1240 srv2 - ok
17:28:30.0238 1240 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:28:30.0245 1240 SrvHsfHDA - ok
17:28:30.0287 1240 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:28:30.0322 1240 SrvHsfV92 - ok
17:28:30.0348 1240 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:28:30.0370 1240 SrvHsfWinac - ok
17:28:30.0395 1240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:28:30.0400 1240 srvnet - ok
17:28:30.0437 1240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:28:30.0444 1240 SSDPSRV - ok
17:28:30.0450 1240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:28:30.0454 1240 SstpSvc - ok
17:28:30.0511 1240 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:28:30.0517 1240 STacSV - ok
17:28:30.0548 1240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:28:30.0551 1240 stexstor - ok
17:28:30.0600 1240 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:28:30.0613 1240 STHDA - ok
17:28:30.0949 1240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:28:30.0994 1240 stisvc - ok
17:28:31.0016 1240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:28:31.0018 1240 swenum - ok
17:28:31.0053 1240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:28:31.0076 1240 swprv - ok
17:28:31.0130 1240 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:28:31.0165 1240 SynTP - ok
17:28:31.0211 1240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:28:31.0251 1240 SysMain - ok
17:28:31.0264 1240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:28:31.0267 1240 TabletInputService - ok
17:28:31.0281 1240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:28:31.0287 1240 TapiSrv - ok
17:28:31.0299 1240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:28:31.0302 1240 TBS - ok
17:28:31.0376 1240 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:28:31.0434 1240 Tcpip - ok
17:28:31.0496 1240 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:28:31.0511 1240 TCPIP6 - ok
17:28:31.0539 1240 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:28:31.0541 1240 tcpipreg - ok
17:28:31.0557 1240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:28:31.0557 1240 TDPIPE - ok
17:28:31.0583 1240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:28:31.0583 1240 TDTCP - ok
17:28:31.0601 1240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:28:31.0602 1240 tdx - ok
17:28:31.0606 1240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:28:31.0608 1240 TermDD - ok
17:28:31.0644 1240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:28:31.0666 1240 TermService - ok
17:28:31.0673 1240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:28:31.0675 1240 Themes - ok
17:28:31.0692 1240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:28:31.0694 1240 THREADORDER - ok
17:28:31.0709 1240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:28:31.0713 1240 TrkWks - ok
17:28:31.0757 1240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:28:31.0759 1240 TrustedInstaller - ok
17:28:31.0779 1240 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:28:31.0781 1240 tssecsrv - ok
17:28:31.0812 1240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:28:31.0815 1240 TsUsbFlt - ok
17:28:31.0828 1240 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:28:31.0831 1240 TsUsbGD - ok
17:28:31.0858 1240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:28:31.0861 1240 tunnel - ok
17:28:31.0881 1240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:28:31.0884 1240 uagp35 - ok
17:28:31.0901 1240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:28:31.0906 1240 udfs - ok
17:28:31.0931 1240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:28:31.0934 1240 UI0Detect - ok
17:28:31.0948 1240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:28:31.0949 1240 uliagpkx - ok
17:28:31.0953 1240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:28:31.0955 1240 umbus - ok
17:28:31.0981 1240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:28:31.0982 1240 UmPass - ok
17:28:32.0098 1240 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:28:32.0112 1240 UNS - ok
17:28:32.0146 1240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:28:32.0152 1240 upnphost - ok
17:28:32.0177 1240 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:28:32.0178 1240 usbccgp - ok
17:28:32.0213 1240 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:28:32.0214 1240 usbcir - ok
17:28:32.0226 1240 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:28:32.0228 1240 usbehci - ok
17:28:32.0245 1240 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
17:28:32.0249 1240 usbhub - ok
17:28:32.0261 1240 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:28:32.0263 1240 usbohci - ok
17:28:32.0280 1240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:28:32.0282 1240 usbprint - ok
17:28:32.0301 1240 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:28:32.0304 1240 USBSTOR - ok
17:28:32.0316 1240 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:28:32.0317 1240 usbuhci - ok
17:28:32.0346 1240 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:28:32.0349 1240 usbvideo - ok
17:28:32.0371 1240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:28:32.0374 1240 UxSms - ok
17:28:32.0388 1240 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:28:32.0390 1240 VaultSvc - ok
17:28:32.0392 1240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:28:32.0394 1240 vdrvroot - ok
17:28:32.0419 1240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:28:32.0427 1240 vds - ok
17:28:32.0443 1240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:28:32.0445 1240 vga - ok
17:28:32.0448 1240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:28:32.0450 1240 VgaSave - ok
17:28:32.0465 1240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:28:32.0469 1240 vhdmp - ok
17:28:32.0486 1240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:28:32.0487 1240 viaide - ok
17:28:32.0502 1240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:28:32.0504 1240 volmgr - ok
17:28:32.0518 1240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:28:32.0540 1240 volmgrx - ok
17:28:32.0547 1240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:28:32.0552 1240 volsnap - ok
17:28:32.0597 1240 [ 1065A957523ED51AAFFF737CC63010A6 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
17:28:32.0609 1240 Vsdatant - ok
17:28:32.0720 1240 vsmon - ok
17:28:32.0752 1240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:28:32.0759 1240 vsmraid - ok
17:28:32.0837 1240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:28:32.0916 1240 VSS - ok
17:28:32.0942 1240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:28:32.0945 1240 vwifibus - ok
17:28:32.0966 1240 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:28:32.0968 1240 vwififlt - ok
17:28:32.0984 1240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:28:32.0991 1240 W32Time - ok
17:28:33.0010 1240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:28:33.0012 1240 WacomPen - ok
17:28:33.0043 1240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:28:33.0046 1240 WANARP - ok
17:28:33.0049 1240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:28:33.0051 1240 Wanarpv6 - ok
17:28:33.0118 1240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:28:33.0189 1240 wbengine - ok
17:28:33.0205 1240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:28:33.0209 1240 WbioSrvc - ok
17:28:33.0216 1240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:28:33.0222 1240 wcncsvc - ok
17:28:33.0231 1240 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:28:33.0234 1240 WcsPlugInService - ok
17:28:33.0266 1240 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:28:33.0269 1240 Wd - ok
17:28:33.0298 1240 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:28:33.0321 1240 Wdf01000 - ok
17:28:33.0332 1240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:28:33.0337 1240 WdiServiceHost - ok
17:28:33.0341 1240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:28:33.0345 1240 WdiSystemHost - ok
17:28:33.0378 1240 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:28:33.0385 1240 WebClient - ok
17:28:33.0400 1240 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:28:33.0408 1240 Wecsvc - ok
17:28:33.0421 1240 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:28:33.0424 1240 wercplsupport - ok
17:28:33.0437 1240 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:28:33.0440 1240 WerSvc - ok
17:28:33.0449 1240 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:28:33.0451 1240 WfpLwf - ok
17:28:33.0476 1240 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:28:33.0478 1240 WIMMount - ok
17:28:33.0493 1240 WinDefend - ok
17:28:33.0497 1240 WinHttpAutoProxySvc - ok
17:28:33.0556 1240 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:28:33.0564 1240 Winmgmt - ok
17:28:33.0628 1240 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:28:33.0688 1240 WinRM - ok
17:28:33.0737 1240 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:28:33.0759 1240 Wlansvc - ok
17:28:33.0806 1240 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:28:33.0810 1240 wlcrasvc - ok
17:28:33.0897 1240 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:28:33.0913 1240 wlidsvc - ok
17:28:33.0922 1240 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:28:33.0923 1240 WmiAcpi - ok
17:28:33.0950 1240 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:28:33.0955 1240 wmiApSrv - ok
17:28:33.0988 1240 WMPNetworkSvc - ok
17:28:34.0010 1240 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:28:34.0014 1240 WPCSvc - ok
17:28:34.0031 1240 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:28:34.0037 1240 WPDBusEnum - ok
17:28:34.0055 1240 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:28:34.0057 1240 ws2ifsl - ok
17:28:34.0071 1240 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:28:34.0075 1240 wscsvc - ok
17:28:34.0078 1240 WSearch - ok
17:28:34.0168 1240 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:28:34.0263 1240 wuauserv - ok
17:28:34.0279 1240 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:28:34.0282 1240 WudfPf - ok
17:28:34.0330 1240 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:28:34.0336 1240 WUDFRd - ok
17:28:34.0365 1240 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:28:34.0370 1240 wudfsvc - ok
17:28:34.0398 1240 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:28:34.0408 1240 WwanSvc - ok
17:28:34.0427 1240 ================ Scan global ===============================
17:28:34.0450 1240 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:28:34.0479 1240 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:28:34.0493 1240 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:28:34.0530 1240 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:28:34.0563 1240 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:28:34.0569 1240 [Global] - ok
17:28:34.0570 1240 ================ Scan MBR ==================================
17:28:34.0586 1240 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:28:35.0021 1240 \Device\Harddisk0\DR0 - ok
17:28:35.0022 1240 ================ Scan VBR ==================================
17:28:35.0036 1240 [ BF6532E2A29175BEC7E70391E878D95B ] \Device\Harddisk0\DR0\Partition1
17:28:35.0041 1240 \Device\Harddisk0\DR0\Partition1 - ok
17:28:35.0052 1240 [ 8DC6612BDE2D2C1F8B8DC71C4C3E949E ] \Device\Harddisk0\DR0\Partition2
17:28:35.0055 1240 \Device\Harddisk0\DR0\Partition2 - ok
17:28:35.0091 1240 [ 18BB3C35A377183C67FC059BC3491C54 ] \Device\Harddisk0\DR0\Partition3
17:28:35.0095 1240 \Device\Harddisk0\DR0\Partition3 - ok
17:28:35.0116 1240 [ 5B29C8EEB9366A14EFC9D0E1096D81E8 ] \Device\Harddisk0\DR0\Partition4
17:28:35.0118 1240 \Device\Harddisk0\DR0\Partition4 - ok
17:28:35.0121 1240 ============================================================
17:28:35.0121 1240 Scan finished
17:28:35.0121 1240 ============================================================
17:28:35.0146 1304 Detected object count: 0
17:28:35.0146 1304 Actual detected object count: 0
|
|
22.04.2013, 17:04
| #8 |
| | Trojaner DomaIQCode:
ATTFilter 17:28:52.0771 3788 ============================================================
17:28:52.0771 3788 Scan started
17:28:52.0771 3788 Mode: Manual;
17:28:52.0771 3788 ============================================================
17:28:53.0062 3788 ================ Scan system memory ========================
17:28:53.0062 3788 System memory - ok
17:28:53.0063 3788 ================ Scan services =============================
17:28:53.0220 3788 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:28:53.0224 3788 1394ohci - ok
17:28:53.0254 3788 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:28:53.0260 3788 ACPI - ok
17:28:53.0285 3788 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:28:53.0286 3788 AcpiPmi - ok
17:28:53.0315 3788 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:28:53.0324 3788 adp94xx - ok
17:28:53.0338 3788 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:28:53.0341 3788 adpahci - ok
17:28:53.0348 3788 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:28:53.0350 3788 adpu320 - ok
17:28:53.0380 3788 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:28:53.0381 3788 AeLookupSvc - ok
17:28:53.0416 3788 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:28:53.0420 3788 AFD - ok
17:28:53.0433 3788 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:28:53.0434 3788 agp440 - ok
17:28:53.0447 3788 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:28:53.0448 3788 ALG - ok
17:28:53.0463 3788 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:28:53.0464 3788 aliide - ok
17:28:53.0488 3788 [ 46052887A640397A834CFA61D607BFC5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:28:53.0489 3788 AMD External Events Utility - ok
17:28:53.0511 3788 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:28:53.0512 3788 amdide - ok
17:28:53.0527 3788 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:28:53.0528 3788 AmdK8 - ok
17:28:53.0728 3788 [ F419E5CC07DECDAB85E4E6ADAB1DBB49 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:28:53.0771 3788 amdkmdag - ok
17:28:53.0791 3788 [ A2F3F99349169D53E91A953A6F539635 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:28:53.0793 3788 amdkmdap - ok
17:28:53.0812 3788 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:28:53.0813 3788 AmdPPM - ok
17:28:53.0838 3788 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:28:53.0838 3788 amdsata - ok
17:28:53.0863 3788 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:28:53.0864 3788 amdsbs - ok
17:28:53.0876 3788 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:28:53.0877 3788 amdxata - ok
17:28:53.0893 3788 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:28:53.0894 3788 AppID - ok
17:28:53.0916 3788 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:28:53.0916 3788 AppIDSvc - ok
17:28:53.0930 3788 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:28:53.0931 3788 Appinfo - ok
17:28:53.0934 3788 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:28:53.0935 3788 arc - ok
17:28:53.0940 3788 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:28:53.0940 3788 arcsas - ok
17:28:53.0951 3788 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:28:53.0952 3788 AsyncMac - ok
17:28:53.0967 3788 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:28:53.0968 3788 atapi - ok
17:28:53.0990 3788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:28:53.0994 3788 AudioEndpointBuilder - ok
17:28:54.0012 3788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:28:54.0015 3788 AudioSrv - ok
17:28:54.0034 3788 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:28:54.0035 3788 AxInstSV - ok
17:28:54.0054 3788 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:28:54.0056 3788 b06bdrv - ok
17:28:54.0075 3788 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:28:54.0077 3788 b57nd60a - ok
17:28:54.0156 3788 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
17:28:54.0160 3788 BBSvc - ok
17:28:54.0182 3788 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
17:28:54.0186 3788 BBUpdate - ok
17:28:54.0236 3788 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:28:54.0248 3788 BCM43XX - ok
17:28:54.0284 3788 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:28:54.0285 3788 BDESVC - ok
17:28:54.0303 3788 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:28:54.0304 3788 Beep - ok
17:28:54.0332 3788 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:28:54.0339 3788 BFE - ok
17:28:54.0370 3788 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:28:54.0377 3788 BITS - ok
17:28:54.0399 3788 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:28:54.0400 3788 blbdrive - ok
17:28:54.0426 3788 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:28:54.0428 3788 bowser - ok
17:28:54.0445 3788 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:28:54.0446 3788 BrFiltLo - ok
17:28:54.0458 3788 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:28:54.0459 3788 BrFiltUp - ok
17:28:54.0488 3788 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:28:54.0489 3788 Browser - ok
17:28:54.0514 3788 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:28:54.0516 3788 Brserid - ok
17:28:54.0529 3788 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:28:54.0530 3788 BrSerWdm - ok
17:28:54.0544 3788 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:28:54.0545 3788 BrUsbMdm - ok
17:28:54.0560 3788 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:28:54.0561 3788 BrUsbSer - ok
17:28:54.0566 3788 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:28:54.0567 3788 BTHMODEM - ok
17:28:54.0602 3788 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:28:54.0632 3788 bthserv - ok
17:28:54.0676 3788 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:28:54.0679 3788 cdfs - ok
17:28:54.0689 3788 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:28:54.0691 3788 cdrom - ok
17:28:54.0707 3788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:28:54.0710 3788 CertPropSvc - ok
17:28:54.0729 3788 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:28:54.0731 3788 circlass - ok
17:28:54.0762 3788 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:28:54.0767 3788 CLFS - ok
17:28:54.0838 3788 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:28:54.0841 3788 clr_optimization_v2.0.50727_32 - ok
17:28:54.0878 3788 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:28:54.0881 3788 clr_optimization_v2.0.50727_64 - ok
17:28:54.0917 3788 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:28:54.0919 3788 clwvd - ok
17:28:54.0943 3788 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:28:54.0944 3788 CmBatt - ok
17:28:54.0967 3788 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:28:54.0968 3788 cmdide - ok
17:28:55.0007 3788 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:28:55.0011 3788 CNG - ok
17:28:55.0016 3788 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:28:55.0016 3788 Compbatt - ok
17:28:55.0021 3788 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:28:55.0022 3788 CompositeBus - ok
17:28:55.0026 3788 COMSysApp - ok
17:28:55.0043 3788 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:28:55.0044 3788 crcdisk - ok
17:28:55.0068 3788 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:28:55.0072 3788 CryptSvc - ok
17:28:55.0107 3788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:28:55.0112 3788 DcomLaunch - ok
17:28:55.0135 3788 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:28:55.0140 3788 defragsvc - ok
17:28:55.0172 3788 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:28:55.0173 3788 DfsC - ok
17:28:55.0188 3788 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:28:55.0194 3788 Dhcp - ok
17:28:55.0198 3788 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:28:55.0199 3788 discache - ok
17:28:55.0204 3788 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:28:55.0204 3788 Disk - ok
17:28:55.0231 3788 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:28:55.0236 3788 Dnscache - ok
17:28:55.0254 3788 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:28:55.0259 3788 dot3svc - ok
17:28:55.0269 3788 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:28:55.0273 3788 DPS - ok
17:28:55.0293 3788 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:28:55.0294 3788 drmkaud - ok
17:28:55.0324 3788 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:28:55.0331 3788 DXGKrnl - ok
17:28:55.0356 3788 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:28:55.0359 3788 EapHost - ok
17:28:55.0463 3788 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:28:55.0484 3788 ebdrv - ok
17:28:55.0528 3788 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:28:55.0533 3788 EFS - ok
17:28:55.0599 3788 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:28:55.0611 3788 ehRecvr - ok
17:28:55.0627 3788 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:28:55.0630 3788 ehSched - ok
17:28:55.0664 3788 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:28:55.0668 3788 elxstor - ok
17:28:55.0687 3788 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:28:55.0688 3788 ErrDev - ok
17:28:55.0723 3788 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:28:55.0730 3788 EventSystem - ok
17:28:55.0754 3788 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:28:55.0755 3788 exfat - ok
17:28:55.0759 3788 ezSharedSvc - ok
17:28:55.0776 3788 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:28:55.0779 3788 fastfat - ok
17:28:55.0809 3788 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:28:55.0831 3788 Fax - ok
17:28:55.0844 3788 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:28:55.0845 3788 fdc - ok
17:28:55.0857 3788 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:28:55.0859 3788 fdPHost - ok
17:28:55.0875 3788 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:28:55.0877 3788 FDResPub - ok
17:28:55.0897 3788 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:28:55.0898 3788 FileInfo - ok
17:28:55.0902 3788 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:28:55.0903 3788 Filetrace - ok
17:28:55.0920 3788 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:28:55.0921 3788 flpydisk - ok
17:28:55.0929 3788 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:28:55.0931 3788 FltMgr - ok
17:28:55.0989 3788 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:28:56.0035 3788 FontCache - ok
17:28:56.0082 3788 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:28:56.0084 3788 FontCache3.0.0.0 - ok
17:28:56.0140 3788 [ 26065327BB2AA358140381FC76520908 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
17:28:56.0148 3788 FPLService - ok
17:28:56.0167 3788 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:28:56.0169 3788 FsDepends - ok
17:28:56.0196 3788 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:28:56.0198 3788 Fs_Rec - ok
17:28:56.0220 3788 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:28:56.0225 3788 fvevol - ok
17:28:56.0245 3788 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:28:56.0247 3788 gagp30kx - ok
17:28:56.0308 3788 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:28:56.0315 3788 GamesAppService - ok
17:28:56.0364 3788 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:28:56.0378 3788 gpsvc - ok
17:28:56.0423 3788 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:28:56.0426 3788 gupdate - ok
17:28:56.0434 3788 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:28:56.0437 3788 gupdatem - ok
17:28:56.0472 3788 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:28:56.0473 3788 hcw85cir - ok
17:28:56.0492 3788 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:28:56.0495 3788 HdAudAddService - ok
17:28:56.0516 3788 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:28:56.0517 3788 HDAudBus - ok
17:28:56.0538 3788 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:28:56.0539 3788 HidBatt - ok
17:28:56.0544 3788 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:28:56.0546 3788 HidBth - ok
17:28:56.0566 3788 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:28:56.0567 3788 HidIr - ok
17:28:56.0587 3788 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:28:56.0590 3788 hidserv - ok
17:28:56.0608 3788 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:28:56.0634 3788 HidUsb - ok
17:28:56.0679 3788 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:28:56.0685 3788 hkmsvc - ok
17:28:56.0708 3788 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:28:56.0718 3788 HomeGroupListener - ok
17:28:56.0738 3788 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:28:56.0748 3788 HomeGroupProvider - ok
17:28:56.0796 3788 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:28:56.0798 3788 HP Support Assistant Service - ok
17:28:56.0876 3788 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
17:28:56.0904 3788 HPAuto - ok
17:28:56.0927 3788 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:28:56.0937 3788 HPClientSvc - ok
17:28:56.0969 3788 [ 9BFDA0BC109EB6D16F2CB862BB85E28C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:28:56.0974 3788 HPDrvMntSvc.exe - ok
17:28:57.0013 3788 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:28:57.0047 3788 hpqwmiex - ok
17:28:57.0067 3788 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:28:57.0068 3788 HpSAMD - ok
17:28:57.0108 3788 [ 28E15C3D39DCD27A79251BA0BF216A11 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:28:57.0110 3788 HPWMISVC - ok
17:28:57.0138 3788 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:28:57.0145 3788 HTTP - ok
17:28:57.0162 3788 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:28:57.0163 3788 hwpolicy - ok
17:28:57.0169 3788 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:28:57.0171 3788 i8042prt - ok
17:28:57.0202 3788 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:28:57.0205 3788 iaStor - ok
17:28:57.0251 3788 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:28:57.0252 3788 IAStorDataMgrSvc - ok
17:28:57.0273 3788 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:28:57.0276 3788 iaStorV - ok
17:28:57.0382 3788 [ D22D82D74FD1B6C77E7556DBDC3EA9D2 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:28:57.0471 3788 IconMan_R - ok
17:28:57.0529 3788 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:28:57.0563 3788 idsvc - ok
17:28:57.0589 3788 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:28:57.0590 3788 iirsp - ok
17:28:57.0626 3788 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:28:57.0632 3788 IKEEXT - ok
17:28:57.0663 3788 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:28:57.0666 3788 IntcDAud - ok
17:28:57.0679 3788 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:28:57.0680 3788 intelide - ok
17:28:57.0927 3788 [ 6383899C5F964D71B0F96B81FBE59BB8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
17:28:57.0983 3788 intelkmd - ok
17:28:58.0027 3788 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:28:58.0028 3788 intelppm - ok
17:28:58.0052 3788 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:28:58.0055 3788 IPBusEnum - ok
17:28:58.0076 3788 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:28:58.0078 3788 IpFilterDriver - ok
17:28:58.0112 3788 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:28:58.0135 3788 iphlpsvc - ok
17:28:58.0154 3788 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:28:58.0155 3788 IPMIDRV - ok
17:28:58.0164 3788 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:28:58.0165 3788 IPNAT - ok
17:28:58.0171 3788 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:28:58.0172 3788 IRENUM - ok
17:28:58.0182 3788 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:28:58.0183 3788 isapnp - ok
17:28:58.0202 3788 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:28:58.0205 3788 iScsiPrt - ok
17:28:58.0247 3788 [ BE72D2B3A99615F84E270C80F0A18448 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
17:28:58.0248 3788 ISWKL - ok
17:28:58.0280 3788 [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
17:28:58.0303 3788 IswSvc - ok
17:28:58.0354 3788 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
17:28:58.0360 3788 jhi_service - ok
17:28:58.0381 3788 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:28:58.0383 3788 kbdclass - ok
17:28:58.0399 3788 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:28:58.0401 3788 kbdhid - ok
17:28:58.0422 3788 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:28:58.0427 3788 KeyIso - ok
17:28:58.0475 3788 [ BDCDA87DD466867A8A7C405D52DD9260 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
17:28:58.0485 3788 KLIF - ok
17:28:58.0505 3788 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:28:58.0506 3788 KSecDD - ok
17:28:58.0517 3788 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:28:58.0519 3788 KSecPkg - ok
17:28:58.0540 3788 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:28:58.0541 3788 ksthunk - ok
17:28:58.0582 3788 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:28:58.0589 3788 KtmRm - ok
17:28:58.0649 3788 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:28:58.0657 3788 LanmanServer - ok
17:28:58.0689 3788 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:28:58.0692 3788 LanmanWorkstation - ok
17:28:58.0710 3788 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:28:58.0711 3788 lltdio - ok
17:28:58.0736 3788 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:28:58.0743 3788 lltdsvc - ok
17:28:58.0767 3788 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:28:58.0771 3788 lmhosts - ok
17:28:58.0805 3788 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:28:58.0808 3788 LMS - ok
17:28:58.0835 3788 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:28:58.0837 3788 LSI_FC - ok
17:28:58.0842 3788 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:28:58.0844 3788 LSI_SAS - ok
17:28:58.0849 3788 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:28:58.0851 3788 LSI_SAS2 - ok
17:28:58.0857 3788 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:28:58.0858 3788 LSI_SCSI - ok
17:28:58.0872 3788 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:28:58.0873 3788 luafv - ok
17:28:58.0900 3788 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:28:58.0904 3788 Mcx2Svc - ok
17:28:58.0914 3788 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:28:58.0916 3788 megasas - ok
17:28:58.0931 3788 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:28:58.0935 3788 MegaSR - ok
17:28:58.0965 3788 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:28:58.0965 3788 MEIx64 - ok
17:28:58.0980 3788 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:28:58.0983 3788 MMCSS - ok
17:28:58.0997 3788 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:28:58.0998 3788 Modem - ok
17:28:59.0015 3788 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:28:59.0015 3788 monitor - ok
17:28:59.0020 3788 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:28:59.0021 3788 mouclass - ok
17:28:59.0024 3788 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:28:59.0025 3788 mouhid - ok
17:28:59.0029 3788 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:28:59.0030 3788 mountmgr - ok
17:28:59.0053 3788 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:28:59.0054 3788 mpio - ok
17:28:59.0068 3788 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:28:59.0070 3788 mpsdrv - ok
17:28:59.0101 3788 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:28:59.0135 3788 MpsSvc - ok
17:28:59.0144 3788 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:28:59.0147 3788 MRxDAV - ok
17:28:59.0170 3788 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:28:59.0173 3788 mrxsmb - ok
17:28:59.0206 3788 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:28:59.0211 3788 mrxsmb10 - ok
17:28:59.0246 3788 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:28:59.0249 3788 mrxsmb20 - ok
17:28:59.0273 3788 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:28:59.0274 3788 msahci - ok
17:28:59.0298 3788 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:28:59.0300 3788 msdsm - ok
17:28:59.0326 3788 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:28:59.0333 3788 MSDTC - ok
17:28:59.0344 3788 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:28:59.0345 3788 Msfs - ok
17:28:59.0367 3788 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:28:59.0368 3788 mshidkmdf - ok
17:28:59.0375 3788 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:28:59.0376 3788 msisadrv - ok
17:28:59.0399 3788 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:28:59.0404 3788 MSiSCSI - ok
17:28:59.0407 3788 msiserver - ok
17:28:59.0430 3788 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:28:59.0431 3788 MSKSSRV - ok
17:28:59.0441 3788 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:28:59.0442 3788 MSPCLOCK - ok
17:28:59.0450 3788 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:28:59.0450 3788 MSPQM - ok
17:28:59.0460 3788 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:28:59.0463 3788 MsRPC - ok
17:28:59.0469 3788 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:28:59.0470 3788 mssmbios - ok
17:28:59.0485 3788 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:28:59.0486 3788 MSTEE - ok
17:28:59.0498 3788 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:28:59.0498 3788 MTConfig - ok
17:28:59.0503 3788 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:28:59.0504 3788 Mup - ok
17:28:59.0542 3788 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:28:59.0547 3788 napagent - ok
17:28:59.0574 3788 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:28:59.0577 3788 NativeWifiP - ok
17:28:59.0614 3788 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:28:59.0621 3788 NDIS - ok
17:28:59.0641 3788 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:28:59.0642 3788 NdisCap - ok
17:28:59.0663 3788 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:28:59.0664 3788 NdisTapi - ok
17:28:59.0672 3788 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:28:59.0673 3788 Ndisuio - ok
17:28:59.0679 3788 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:28:59.0681 3788 NdisWan - ok
17:28:59.0686 3788 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:28:59.0688 3788 NDProxy - ok
17:28:59.0692 3788 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:28:59.0693 3788 NetBIOS - ok
17:28:59.0704 3788 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:28:59.0706 3788 NetBT - ok
17:28:59.0726 3788 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:28:59.0727 3788 Netlogon - ok
17:28:59.0754 3788 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:28:59.0759 3788 Netman - ok
17:28:59.0778 3788 [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:28:59.0779 3788 NetMsmqActivator - ok
17:28:59.0783 3788 [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:28:59.0784 3788 NetPipeActivator - ok
17:28:59.0804 3788 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:28:59.0807 3788 netprofm - ok
17:28:59.0867 3788 [ 5758FD37BF31E759F8610311E4D08ECA ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
17:28:59.0886 3788 netr28x - ok
17:28:59.0895 3788 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:28:59.0897 3788 NetTcpActivator - ok
17:28:59.0905 3788 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:28:59.0906 3788 NetTcpPortSharing - ok
17:28:59.0939 3788 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:28:59.0940 3788 nfrd960 - ok
17:28:59.0947 3788 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:28:59.0952 3788 NlaSvc - ok
17:28:59.0972 3788 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:28:59.0973 3788 Npfs - ok
17:28:59.0976 3788 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:28:59.0978 3788 nsi - ok
17:28:59.0982 3788 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:28:59.0982 3788 nsiproxy - ok
17:29:00.0029 3788 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:29:00.0039 3788 Ntfs - ok
17:29:00.0090 3788 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:29:00.0091 3788 Null - ok
17:29:00.0126 3788 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
17:29:00.0133 3788 NVENETFD - ok
17:29:00.0163 3788 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:29:00.0164 3788 nvraid - ok
17:29:00.0173 3788 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:29:00.0175 3788 nvstor - ok
17:29:00.0180 3788 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:29:00.0182 3788 nv_agp - ok
17:29:00.0188 3788 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:29:00.0190 3788 ohci1394 - ok
17:29:00.0220 3788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:29:00.0223 3788 p2pimsvc - ok
17:29:00.0245 3788 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:29:00.0250 3788 p2psvc - ok
17:29:00.0266 3788 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:29:00.0267 3788 Parport - ok
17:29:00.0287 3788 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:29:00.0288 3788 partmgr - ok
17:29:00.0304 3788 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:29:00.0307 3788 PcaSvc - ok
17:29:00.0319 3788 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:29:00.0321 3788 pci - ok
17:29:00.0336 3788 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:29:00.0337 3788 pciide - ok
17:29:00.0351 3788 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:29:00.0353 3788 pcmcia - ok
17:29:00.0358 3788 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:29:00.0359 3788 pcw - ok
17:29:00.0387 3788 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:29:00.0392 3788 PEAUTH - ok
17:29:00.0463 3788 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:29:00.0466 3788 PerfHost - ok
17:29:00.0520 3788 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:29:00.0533 3788 pla - ok
17:29:00.0571 3788 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:29:00.0580 3788 PlugPlay - ok
17:29:00.0600 3788 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:29:00.0632 3788 PNRPAutoReg - ok
17:29:00.0671 3788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:29:00.0674 3788 PNRPsvc - ok
17:29:00.0708 3788 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:29:00.0717 3788 PolicyAgent - ok
17:29:00.0748 3788 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:29:00.0755 3788 Power - ok
17:29:00.0790 3788 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:29:00.0791 3788 PptpMiniport - ok
17:29:00.0807 3788 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:29:00.0808 3788 Processor - ok
17:29:00.0847 3788 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
17:29:00.0852 3788 ProfSvc - ok
17:29:00.0865 3788 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:29:00.0867 3788 ProtectedStorage - ok
17:29:00.0877 3788 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:29:00.0879 3788 Psched - ok
17:29:00.0947 3788 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:29:00.0963 3788 ql2300 - ok
17:29:00.0971 3788 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:29:00.0973 3788 ql40xx - ok
17:29:00.0996 3788 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:29:00.0998 3788 QWAVE - ok
17:29:01.0002 3788 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:29:01.0003 3788 QWAVEdrv - ok
17:29:01.0017 3788 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:29:01.0017 3788 RasAcd - ok
17:29:01.0042 3788 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:29:01.0043 3788 RasAgileVpn - ok
17:29:01.0066 3788 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:29:01.0068 3788 RasAuto - ok
17:29:01.0072 3788 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:29:01.0073 3788 Rasl2tp - ok
17:29:01.0088 3788 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:29:01.0091 3788 RasMan - ok
17:29:01.0107 3788 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:29:01.0108 3788 RasPppoe - ok
17:29:01.0126 3788 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:29:01.0127 3788 RasSstp - ok
17:29:01.0133 3788 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:29:01.0135 3788 rdbss - ok
17:29:01.0153 3788 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:29:01.0153 3788 rdpbus - ok
17:29:01.0170 3788 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:29:01.0171 3788 RDPCDD - ok
17:29:01.0189 3788 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:29:01.0190 3788 RDPENCDD - ok
17:29:01.0195 3788 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:29:01.0196 3788 RDPREFMP - ok
17:29:01.0228 3788 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:29:01.0229 3788 RDPWD - ok
17:29:01.0260 3788 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:29:01.0261 3788 rdyboost - ok
17:29:01.0290 3788 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:29:01.0293 3788 RemoteAccess - ok
17:29:01.0302 3788 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:29:01.0305 3788 RemoteRegistry - ok
17:29:01.0312 3788 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:29:01.0313 3788 RpcEptMapper - ok
17:29:01.0321 3788 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:29:01.0322 3788 RpcLocator - ok
17:29:01.0346 3788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:29:01.0349 3788 RpcSs - ok
17:29:01.0374 3788 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
17:29:01.0376 3788 RSPCIESTOR - ok
17:29:01.0402 3788 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:29:01.0402 3788 rspndr - ok
17:29:01.0429 3788 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:29:01.0431 3788 RTL8167 - ok
17:29:01.0448 3788 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:29:01.0449 3788 SamSs - ok
17:29:01.0463 3788 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:29:01.0464 3788 sbp2port - ok
17:29:01.0491 3788 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:29:01.0493 3788 SCardSvr - ok
17:29:01.0502 3788 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:29:01.0502 3788 scfilter - ok
17:29:01.0534 3788 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:29:01.0541 3788 Schedule - ok
17:29:01.0562 3788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:29:01.0564 3788 SCPolicySvc - ok
17:29:01.0578 3788 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:29:01.0579 3788 sdbus - ok
17:29:01.0590 3788 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:29:01.0592 3788 SDRSVC - ok
17:29:01.0608 3788 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:29:01.0609 3788 secdrv - ok
17:29:01.0625 3788 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:29:01.0626 3788 seclogon - ok
17:29:01.0635 3788 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:29:01.0637 3788 SENS - ok
17:29:01.0641 3788 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:29:01.0642 3788 SensrSvc - ok
17:29:01.0656 3788 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:29:01.0657 3788 Serenum - ok
17:29:01.0692 3788 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:29:01.0693 3788 Serial - ok
17:29:01.0708 3788 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:29:01.0710 3788 sermouse - ok
17:29:01.0762 3788 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:29:01.0765 3788 SessionEnv - ok
17:29:01.0778 3788 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:29:01.0778 3788 sffdisk - ok
17:29:01.0786 3788 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:29:01.0787 3788 sffp_mmc - ok
17:29:01.0797 3788 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:29:01.0798 3788 sffp_sd - ok
17:29:01.0814 3788 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:29:01.0814 3788 sfloppy - ok
17:29:01.0835 3788 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:29:01.0841 3788 SharedAccess - ok
17:29:01.0868 3788 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:29:01.0872 3788 ShellHWDetection - ok
17:29:01.0885 3788 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:29:01.0886 3788 SiSRaid2 - ok
17:29:01.0903 3788 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:29:01.0904 3788 SiSRaid4 - ok
17:29:01.0940 3788 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:29:01.0944 3788 SkypeUpdate - ok
17:29:01.0953 3788 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:29:01.0956 3788 Smb - ok
17:29:01.0979 3788 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:29:01.0981 3788 SNMPTRAP - ok
17:29:01.0997 3788 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:29:01.0998 3788 spldr - ok
17:29:02.0021 3788 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
17:29:02.0027 3788 Spooler - ok
17:29:02.0130 3788 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:29:02.0153 3788 sppsvc - ok
17:29:02.0182 3788 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:29:02.0184 3788 sppuinotify - ok
17:29:02.0201 3788 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:29:02.0204 3788 srv - ok
17:29:02.0210 3788 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:29:02.0213 3788 srv2 - ok
17:29:02.0249 3788 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:29:02.0255 3788 SrvHsfHDA - ok
17:29:02.0296 3788 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:29:02.0308 3788 SrvHsfV92 - ok
17:29:02.0343 3788 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:29:02.0347 3788 SrvHsfWinac - ok
17:29:02.0371 3788 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:29:02.0372 3788 srvnet - ok
17:29:02.0402 3788 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:29:02.0405 3788 SSDPSRV - ok
17:29:02.0409 3788 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:29:02.0411 3788 SstpSvc - ok
17:29:02.0465 3788 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:29:02.0474 3788 STacSV - ok
17:29:02.0502 3788 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:29:02.0503 3788 stexstor - ok
17:29:02.0531 3788 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:29:02.0538 3788 STHDA - ok
17:29:02.0584 3788 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:29:02.0598 3788 stisvc - ok
17:29:02.0629 3788 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:29:02.0629 3788 swenum - ok
17:29:02.0653 3788 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:29:02.0661 3788 swprv - ok
17:29:02.0718 3788 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:29:02.0732 3788 SynTP - ok
17:29:02.0823 3788 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:29:02.0848 3788 SysMain - ok
17:29:02.0876 3788 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:29:02.0879 3788 TabletInputService - ok
17:29:02.0894 3788 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:29:02.0898 3788 TapiSrv - ok
17:29:02.0903 3788 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:29:02.0905 3788 TBS - ok
17:29:02.0963 3788 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:29:02.0976 3788 Tcpip - ok
17:29:03.0077 3788 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:29:03.0094 3788 TCPIP6 - ok
17:29:03.0120 3788 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:29:03.0121 3788 tcpipreg - ok
17:29:03.0138 3788 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:29:03.0138 3788 TDPIPE - ok
17:29:03.0164 3788 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:29:03.0164 3788 TDTCP - ok
17:29:03.0183 3788 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:29:03.0186 3788 tdx - ok
17:29:03.0193 3788 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:29:03.0195 3788 TermDD - ok
17:29:03.0237 3788 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:29:03.0245 3788 TermService - ok
17:29:03.0254 3788 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:29:03.0257 3788 Themes - ok
17:29:03.0273 3788 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:29:03.0275 3788 THREADORDER - ok
17:29:03.0290 3788 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:29:03.0292 3788 TrkWks - ok
17:29:03.0340 3788 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:29:03.0346 3788 TrustedInstaller - ok
17:29:03.0372 3788 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:29:03.0373 3788 tssecsrv - ok
17:29:03.0393 3788 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:29:03.0395 3788 TsUsbFlt - ok
17:29:03.0409 3788 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:29:03.0410 3788 TsUsbGD - ok
17:29:03.0417 3788 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:29:03.0419 3788 tunnel - ok
17:29:03.0440 3788 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:29:03.0441 3788 uagp35 - ok
17:29:03.0452 3788 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:29:03.0456 3788 udfs - ok
17:29:03.0490 3788 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:29:03.0492 3788 UI0Detect - ok
17:29:03.0497 3788 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:29:03.0498 3788 uliagpkx - ok
17:29:03.0502 3788 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:29:03.0503 3788 umbus - ok
17:29:03.0518 3788 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:29:03.0518 3788 UmPass - ok
17:29:03.0628 3788 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:29:03.0644 3788 UNS - ok
17:29:03.0672 3788 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:29:03.0675 3788 upnphost - ok
17:29:03.0703 3788 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:29:03.0704 3788 usbccgp - ok
17:29:03.0727 3788 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:29:03.0729 3788 usbcir - ok
17:29:03.0732 3788 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:29:03.0733 3788 usbehci - ok
17:29:03.0740 3788 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
17:29:03.0742 3788 usbhub - ok
17:29:03.0765 3788 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:29:03.0765 3788 usbohci - ok
17:29:03.0784 3788 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:29:03.0785 3788 usbprint - ok
17:29:03.0805 3788 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:29:03.0806 3788 USBSTOR - ok
17:29:03.0810 3788 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:29:03.0810 3788 usbuhci - ok
17:29:03.0828 3788 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:29:03.0829 3788 usbvideo - ok
17:29:03.0853 3788 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:29:03.0855 3788 UxSms - ok
17:29:03.0870 3788 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:29:03.0871 3788 VaultSvc - ok
17:29:03.0875 3788 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:29:03.0875 3788 vdrvroot - ok
17:29:03.0900 3788 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:29:03.0904 3788 vds - ok
17:29:03.0925 3788 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:29:03.0925 3788 vga - ok
17:29:03.0928 3788 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:29:03.0929 3788 VgaSave - ok
17:29:03.0947 3788 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:29:03.0948 3788 vhdmp - ok
17:29:03.0967 3788 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:29:03.0968 3788 viaide - ok
17:29:03.0972 3788 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:29:03.0972 3788 volmgr - ok
17:29:03.0979 3788 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:29:03.0981 3788 volmgrx - ok
17:29:03.0996 3788 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:29:03.0998 3788 volsnap - ok
17:29:04.0023 3788 [ 1065A957523ED51AAFFF737CC63010A6 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
17:29:04.0026 3788 Vsdatant - ok
17:29:04.0058 3788 vsmon - ok
17:29:04.0079 3788 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:29:04.0080 3788 vsmraid - ok
17:29:04.0128 3788 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:29:04.0136 3788 VSS - ok
17:29:04.0160 3788 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:29:04.0161 3788 vwifibus - ok
17:29:04.0165 3788 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:29:04.0166 3788 vwififlt - ok
17:29:04.0173 3788 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:29:04.0176 3788 W32Time - ok
17:29:04.0195 3788 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:29:04.0196 3788 WacomPen - ok
17:29:04.0201 3788 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:29:04.0202 3788 WANARP - ok
17:29:04.0205 3788 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:29:04.0206 3788 Wanarpv6 - ok
17:29:04.0245 3788 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:29:04.0253 3788 wbengine - ok
17:29:04.0259 3788 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:29:04.0261 3788 WbioSrvc - ok
17:29:04.0269 3788 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:29:04.0272 3788 wcncsvc - ok
17:29:04.0276 3788 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:29:04.0278 3788 WcsPlugInService - ok
17:29:04.0297 3788 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:29:04.0297 3788 Wd - ok
17:29:04.0307 3788 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:29:04.0310 3788 Wdf01000 - ok
17:29:04.0330 3788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:29:04.0332 3788 WdiServiceHost - ok
17:29:04.0335 3788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:29:04.0337 3788 WdiSystemHost - ok
17:29:04.0353 3788 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:29:04.0356 3788 WebClient - ok
17:29:04.0375 3788 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:29:04.0378 3788 Wecsvc - ok
17:29:04.0386 3788 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:29:04.0388 3788 wercplsupport - ok
17:29:04.0392 3788 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:29:04.0394 3788 WerSvc - ok
17:29:04.0402 3788 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:29:04.0403 3788 WfpLwf - ok
17:29:04.0430 3788 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:29:04.0431 3788 WIMMount - ok
17:29:04.0446 3788 WinDefend - ok
17:29:04.0454 3788 WinHttpAutoProxySvc - ok
17:29:04.0520 3788 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:29:04.0525 3788 Winmgmt - ok
17:29:04.0602 3788 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:29:04.0624 3788 WinRM - ok
17:29:04.0697 3788 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:29:04.0711 3788 Wlansvc - ok
17:29:04.0782 3788 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:29:04.0786 3788 wlcrasvc - ok
17:29:04.0854 3788 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:29:04.0919 3788 wlidsvc - ok
17:29:04.0931 3788 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:29:04.0932 3788 WmiAcpi - ok
17:29:04.0959 3788 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:29:04.0961 3788 wmiApSrv - ok
17:29:04.0996 3788 WMPNetworkSvc - ok
17:29:05.0019 3788 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:29:05.0023 3788 WPCSvc - ok
17:29:05.0039 3788 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:29:05.0045 3788 WPDBusEnum - ok
17:29:05.0074 3788 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:29:05.0076 3788 ws2ifsl - ok
17:29:05.0091 3788 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:29:05.0096 3788 wscsvc - ok
17:29:05.0103 3788 WSearch - ok
17:29:05.0202 3788 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:29:05.0227 3788 wuauserv - ok
17:29:05.0244 3788 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:29:05.0246 3788 WudfPf - ok
17:29:05.0271 3788 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:29:05.0272 3788 WUDFRd - ok
17:29:05.0296 3788 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:29:05.0299 3788 wudfsvc - ok
17:29:05.0329 3788 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:29:05.0331 3788 WwanSvc - ok
17:29:05.0336 3788 ================ Scan global ===============================
17:29:05.0359 3788 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:29:05.0388 3788 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:29:05.0396 3788 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:29:05.0428 3788 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:29:05.0460 3788 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:29:05.0463 3788 [Global] - ok
17:29:05.0464 3788 ================ Scan MBR ==================================
17:29:05.0473 3788 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:29:05.0747 3788 \Device\Harddisk0\DR0 - ok
17:29:05.0748 3788 ================ Scan VBR ==================================
17:29:05.0759 3788 [ BF6532E2A29175BEC7E70391E878D95B ] \Device\Harddisk0\DR0\Partition1
17:29:05.0764 3788 \Device\Harddisk0\DR0\Partition1 - ok
17:29:05.0775 3788 [ 8DC6612BDE2D2C1F8B8DC71C4C3E949E ] \Device\Harddisk0\DR0\Partition2
17:29:05.0779 3788 \Device\Harddisk0\DR0\Partition2 - ok
17:29:05.0814 3788 [ 18BB3C35A377183C67FC059BC3491C54 ] \Device\Harddisk0\DR0\Partition3
17:29:05.0818 3788 \Device\Harddisk0\DR0\Partition3 - ok
17:29:05.0838 3788 [ 5B29C8EEB9366A14EFC9D0E1096D81E8 ] \Device\Harddisk0\DR0\Partition4
17:29:05.0841 3788 \Device\Harddisk0\DR0\Partition4 - ok
17:29:05.0842 3788 ============================================================
17:29:05.0842 3788 Scan finished
17:29:05.0842 3788 ============================================================
17:29:05.0853 2312 Detected object count: 0
17:29:05.0853 2312 Actual detected object count: 0
17:29:13.0512 2740 Deinitialize success
|
|
22.04.2013, 20:46
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner DomaIQZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.04.2013, 15:48
| #10 |
| | Trojaner DomaIQCode:
ATTFilter 16:39:46.0359 1964 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:39:46.0571 1964 ============================================================
16:39:46.0571 1964 Current date / time: 2013/04/23 16:39:46.0571
16:39:46.0571 1964 SystemInfo:
16:39:46.0571 1964
16:39:46.0571 1964 OS Version: 6.1.7601 ServicePack: 1.0
16:39:46.0572 1964 Product type: Workstation
16:39:46.0572 1964 ComputerName: KLATSCHE
16:39:46.0572 1964 UserName: Schneiderlein
16:39:46.0572 1964 Windows directory: C:\Windows
16:39:46.0572 1964 System windows directory: C:\Windows
16:39:46.0572 1964 Running under WOW64
16:39:46.0572 1964 Processor architecture: Intel x64
16:39:46.0572 1964 Number of processors: 4
16:39:46.0572 1964 Page size: 0x1000
16:39:46.0572 1964 Boot type: Normal boot
16:39:46.0572 1964 ============================================================
16:39:47.0335 1964 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:39:47.0340 1964 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:39:57.0372 1964 ============================================================
16:39:57.0372 1964 \Device\Harddisk0\DR0:
16:39:57.0396 1964 MBR partitions:
16:39:57.0396 1964 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:39:57.0396 1964 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37A7E000
16:39:57.0396 1964 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37AE2000, BlocksNum 0x20B4000
16:39:57.0396 1964 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
16:39:57.0396 1964 \Device\Harddisk1\DR1:
16:39:57.0404 1964 MBR partitions:
16:39:57.0404 1964 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705DB0
16:39:57.0404 1964 ============================================================
16:39:57.0427 1964 C: <-> \Device\Harddisk0\DR0\Partition2
16:39:57.0477 1964 D: <-> \Device\Harddisk0\DR0\Partition3
16:39:57.0552 1964 E: <-> \Device\Harddisk0\DR0\Partition4
16:39:57.0601 1964 H: <-> \Device\Harddisk1\DR1\Partition1
16:39:57.0602 1964 ============================================================
16:39:57.0602 1964 Initialize success
16:39:57.0602 1964 ============================================================
16:40:38.0082 1772 ============================================================
16:40:38.0082 1772 Scan started
16:40:38.0082 1772 Mode: Manual; SigCheck; TDLFS;
16:40:38.0082 1772 ============================================================
16:40:39.0860 1772 ================ Scan system memory ========================
16:40:39.0860 1772 System memory - ok
16:40:39.0860 1772 ================ Scan services =============================
16:40:40.0047 1772 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:40:40.0219 1772 1394ohci - ok
16:40:40.0250 1772 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:40:40.0297 1772 ACPI - ok
16:40:40.0344 1772 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:40:40.0453 1772 AcpiPmi - ok
16:40:40.0484 1772 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:40:40.0515 1772 adp94xx - ok
16:40:40.0547 1772 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:40:40.0562 1772 adpahci - ok
16:40:40.0578 1772 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:40:40.0593 1772 adpu320 - ok
16:40:40.0625 1772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:40:40.0781 1772 AeLookupSvc - ok
16:40:40.0827 1772 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:40:40.0874 1772 AFD - ok
16:40:40.0905 1772 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:40:40.0937 1772 agp440 - ok
16:40:40.0968 1772 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:40:41.0046 1772 ALG - ok
16:40:41.0124 1772 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:40:41.0171 1772 aliide - ok
16:40:41.0217 1772 [ 46052887A640397A834CFA61D607BFC5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:40:41.0311 1772 AMD External Events Utility - ok
16:40:41.0342 1772 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:40:41.0373 1772 amdide - ok
16:40:41.0420 1772 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:40:41.0451 1772 AmdK8 - ok
16:40:41.0701 1772 [ F419E5CC07DECDAB85E4E6ADAB1DBB49 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:40:41.0935 1772 amdkmdag - ok
16:40:41.0951 1772 [ A2F3F99349169D53E91A953A6F539635 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:40:41.0982 1772 amdkmdap - ok
16:40:41.0997 1772 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:40:42.0029 1772 AmdPPM - ok
16:40:42.0075 1772 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:40:42.0091 1772 amdsata - ok
16:40:42.0153 1772 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:40:42.0185 1772 amdsbs - ok
16:40:42.0200 1772 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:40:42.0216 1772 amdxata - ok
16:40:42.0309 1772 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:40:42.0465 1772 AppID - ok
16:40:42.0512 1772 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:40:42.0575 1772 AppIDSvc - ok
16:40:42.0606 1772 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:40:42.0637 1772 Appinfo - ok
16:40:42.0668 1772 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:40:42.0684 1772 arc - ok
16:40:42.0699 1772 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:40:42.0715 1772 arcsas - ok
16:40:42.0746 1772 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:40:42.0777 1772 AsyncMac - ok
16:40:42.0809 1772 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:40:42.0824 1772 atapi - ok
16:40:42.0855 1772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:40:42.0965 1772 AudioEndpointBuilder - ok
16:40:42.0980 1772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:40:43.0011 1772 AudioSrv - ok
16:40:43.0043 1772 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:40:43.0105 1772 AxInstSV - ok
16:40:43.0152 1772 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:40:43.0245 1772 b06bdrv - ok
16:40:43.0339 1772 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:40:43.0386 1772 b57nd60a - ok
16:40:43.0511 1772 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
16:40:43.0542 1772 BBSvc - ok
16:40:43.0573 1772 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
16:40:43.0589 1772 BBUpdate - ok
16:40:43.0635 1772 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:40:43.0698 1772 BCM43XX - ok
16:40:43.0729 1772 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:40:43.0807 1772 BDESVC - ok
16:40:43.0869 1772 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:40:43.0979 1772 Beep - ok
16:40:44.0041 1772 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:40:44.0150 1772 BFE - ok
16:40:44.0181 1772 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:40:44.0228 1772 BITS - ok
16:40:44.0275 1772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:40:44.0306 1772 blbdrive - ok
16:40:44.0353 1772 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:40:44.0384 1772 bowser - ok
16:40:44.0400 1772 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:40:44.0415 1772 BrFiltLo - ok
16:40:44.0462 1772 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:40:44.0509 1772 BrFiltUp - ok
16:40:44.0540 1772 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:40:44.0571 1772 Browser - ok
16:40:44.0618 1772 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:40:44.0665 1772 Brserid - ok
16:40:44.0681 1772 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:40:44.0696 1772 BrSerWdm - ok
16:40:44.0712 1772 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:40:44.0727 1772 BrUsbMdm - ok
16:40:44.0743 1772 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:40:44.0774 1772 BrUsbSer - ok
16:40:44.0774 1772 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:40:44.0790 1772 BTHMODEM - ok
16:40:44.0852 1772 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:40:44.0930 1772 bthserv - ok
16:40:44.0977 1772 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:40:45.0024 1772 cdfs - ok
16:40:45.0039 1772 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:40:45.0071 1772 cdrom - ok
16:40:45.0102 1772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:40:45.0133 1772 CertPropSvc - ok
16:40:45.0164 1772 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:40:45.0180 1772 circlass - ok
16:40:45.0211 1772 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:40:45.0242 1772 CLFS - ok
16:40:45.0305 1772 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:40:45.0351 1772 clr_optimization_v2.0.50727_32 - ok
16:40:45.0398 1772 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:40:45.0414 1772 clr_optimization_v2.0.50727_64 - ok
16:40:45.0476 1772 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
16:40:45.0523 1772 clwvd - ok
16:40:45.0554 1772 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:40:45.0570 1772 CmBatt - ok
16:40:45.0617 1772 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:40:45.0632 1772 cmdide - ok
16:40:45.0679 1772 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:40:45.0726 1772 CNG - ok
16:40:45.0757 1772 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:40:45.0804 1772 Compbatt - ok
16:40:45.0804 1772 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:40:45.0835 1772 CompositeBus - ok
16:40:45.0851 1772 COMSysApp - ok
16:40:45.0866 1772 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:40:45.0882 1772 crcdisk - ok
16:40:45.0929 1772 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:40:45.0991 1772 CryptSvc - ok
16:40:46.0022 1772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:40:46.0085 1772 DcomLaunch - ok
16:40:46.0116 1772 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:40:46.0163 1772 defragsvc - ok
16:40:46.0194 1772 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:40:46.0225 1772 DfsC - ok
16:40:46.0287 1772 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:40:46.0319 1772 Dhcp - ok
16:40:46.0319 1772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:40:46.0365 1772 discache - ok
16:40:46.0397 1772 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:40:46.0412 1772 Disk - ok
16:40:46.0443 1772 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:40:46.0475 1772 Dnscache - ok
16:40:46.0506 1772 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:40:46.0553 1772 dot3svc - ok
16:40:46.0568 1772 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:40:46.0599 1772 DPS - ok
16:40:46.0631 1772 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:40:46.0646 1772 drmkaud - ok
16:40:46.0677 1772 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:40:46.0724 1772 DXGKrnl - ok
16:40:46.0740 1772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:40:46.0787 1772 EapHost - ok
16:40:46.0880 1772 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:40:47.0067 1772 ebdrv - ok
16:40:47.0099 1772 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:40:47.0114 1772 EFS - ok
16:40:47.0192 1772 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:40:47.0286 1772 ehRecvr - ok
16:40:47.0317 1772 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:40:47.0364 1772 ehSched - ok
16:40:47.0411 1772 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:40:47.0457 1772 elxstor - ok
16:40:47.0457 1772 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:40:47.0473 1772 ErrDev - ok
16:40:47.0535 1772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:40:47.0645 1772 EventSystem - ok
16:40:47.0707 1772 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:40:47.0801 1772 exfat - ok
16:40:47.0801 1772 ezSharedSvc - ok
16:40:47.0832 1772 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:40:47.0879 1772 fastfat - ok
16:40:47.0941 1772 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:40:48.0019 1772 Fax - ok
16:40:48.0050 1772 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:40:48.0081 1772 fdc - ok
16:40:48.0097 1772 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:40:48.0144 1772 fdPHost - ok
16:40:48.0159 1772 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:40:48.0206 1772 FDResPub - ok
16:40:48.0237 1772 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:40:48.0253 1772 FileInfo - ok
16:40:48.0253 1772 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:40:48.0284 1772 Filetrace - ok
16:40:48.0300 1772 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:40:48.0315 1772 flpydisk - ok
16:40:48.0331 1772 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:40:48.0362 1772 FltMgr - ok
16:40:48.0409 1772 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:40:48.0534 1772 FontCache - ok
16:40:48.0612 1772 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:40:48.0627 1772 FontCache3.0.0.0 - ok
16:40:48.0690 1772 [ 26065327BB2AA358140381FC76520908 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
16:40:48.0721 1772 FPLService - ok
16:40:48.0737 1772 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:40:48.0752 1772 FsDepends - ok
16:40:48.0783 1772 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:40:48.0799 1772 Fs_Rec - ok
16:40:48.0830 1772 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:40:48.0846 1772 fvevol - ok
16:40:48.0861 1772 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:40:48.0877 1772 gagp30kx - ok
16:40:48.0955 1772 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:40:49.0017 1772 GamesAppService - ok
16:40:49.0064 1772 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:40:49.0142 1772 gpsvc - ok
16:40:49.0189 1772 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:40:49.0189 1772 gupdate - ok
16:40:49.0205 1772 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:40:49.0220 1772 gupdatem - ok
16:40:49.0267 1772 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:40:49.0314 1772 hcw85cir - ok
16:40:49.0345 1772 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:40:49.0392 1772 HdAudAddService - ok
16:40:49.0407 1772 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:40:49.0439 1772 HDAudBus - ok
16:40:49.0454 1772 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:40:49.0470 1772 HidBatt - ok
16:40:49.0485 1772 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:40:49.0501 1772 HidBth - ok
16:40:49.0517 1772 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:40:49.0532 1772 HidIr - ok
16:40:49.0579 1772 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:40:49.0610 1772 hidserv - ok
16:40:49.0626 1772 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:40:49.0641 1772 HidUsb - ok
16:40:49.0673 1772 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:40:49.0704 1772 hkmsvc - ok
16:40:49.0735 1772 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:40:49.0766 1772 HomeGroupListener - ok
16:40:49.0782 1772 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:40:49.0813 1772 HomeGroupProvider - ok
16:40:49.0875 1772 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:40:49.0891 1772 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
16:40:49.0891 1772 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
16:40:50.0016 1772 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
16:40:50.0031 1772 HPAuto - ok
16:40:50.0078 1772 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:40:50.0094 1772 HPClientSvc - ok
16:40:50.0172 1772 [ 9BFDA0BC109EB6D16F2CB862BB85E28C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:40:50.0203 1772 HPDrvMntSvc.exe - ok
16:40:50.0265 1772 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:40:50.0328 1772 hpqwmiex - ok
16:40:50.0375 1772 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:40:50.0421 1772 HpSAMD - ok
16:40:50.0484 1772 [ 28E15C3D39DCD27A79251BA0BF216A11 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:40:50.0515 1772 HPWMISVC - ok
16:40:50.0562 1772 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:40:50.0640 1772 HTTP - ok
16:40:50.0655 1772 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:40:50.0671 1772 hwpolicy - ok
16:40:50.0687 1772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:40:50.0702 1772 i8042prt - ok
16:40:50.0733 1772 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:40:50.0749 1772 iaStor - ok
16:40:50.0796 1772 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:40:50.0827 1772 IAStorDataMgrSvc - ok
16:40:50.0858 1772 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:40:50.0889 1772 iaStorV - ok
16:40:51.0014 1772 [ D22D82D74FD1B6C77E7556DBDC3EA9D2 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:40:51.0108 1772 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
16:40:51.0108 1772 IconMan_R - detected UnsignedFile.Multi.Generic (1)
16:40:51.0201 1772 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:40:51.0279 1772 idsvc - ok
16:40:51.0326 1772 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:40:51.0373 1772 iirsp - ok
16:40:51.0420 1772 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:40:51.0529 1772 IKEEXT - ok
16:40:51.0591 1772 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:40:51.0654 1772 IntcDAud - ok
16:40:51.0669 1772 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:40:51.0701 1772 intelide - ok
16:40:51.0950 1772 [ 6383899C5F964D71B0F96B81FBE59BB8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
16:40:52.0278 1772 intelkmd - ok
16:40:52.0293 1772 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:40:52.0325 1772 intelppm - ok
16:40:52.0340 1772 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:40:52.0387 1772 IPBusEnum - ok
16:40:52.0403 1772 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:40:52.0434 1772 IpFilterDriver - ok
16:40:52.0465 1772 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:40:52.0496 1772 iphlpsvc - ok
16:40:52.0496 1772 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:40:52.0527 1772 IPMIDRV - ok
16:40:52.0543 1772 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:40:52.0590 1772 IPNAT - ok
16:40:52.0621 1772 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:40:52.0637 1772 IRENUM - ok
16:40:52.0652 1772 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:40:52.0668 1772 isapnp - ok
16:40:52.0683 1772 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:40:52.0699 1772 iScsiPrt - ok
16:40:52.0777 1772 [ BE72D2B3A99615F84E270C80F0A18448 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
16:40:52.0793 1772 ISWKL - ok
16:40:52.0871 1772 [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
16:40:52.0917 1772 IswSvc - ok
16:40:52.0980 1772 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
16:40:53.0011 1772 jhi_service - ok
16:40:53.0042 1772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:40:53.0073 1772 kbdclass - ok
16:40:53.0105 1772 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:40:53.0136 1772 kbdhid - ok
16:40:53.0198 1772 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:40:53.0229 1772 KeyIso - ok
16:40:53.0292 1772 [ BDCDA87DD466867A8A7C405D52DD9260 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
16:40:53.0339 1772 KLIF - ok
16:40:53.0354 1772 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:40:53.0385 1772 KSecDD - ok
16:40:53.0401 1772 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:40:53.0401 1772 KSecPkg - ok
16:40:53.0432 1772 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:40:53.0479 1772 ksthunk - ok
16:40:53.0510 1772 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:40:53.0619 1772 KtmRm - ok
16:40:53.0666 1772 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:40:53.0775 1772 LanmanServer - ok
16:40:53.0822 1772 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:40:53.0900 1772 LanmanWorkstation - ok
16:40:53.0916 1772 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:40:53.0947 1772 lltdio - ok
16:40:53.0994 1772 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:40:54.0072 1772 lltdsvc - ok
16:40:54.0103 1772 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:40:54.0150 1772 lmhosts - ok
16:40:54.0197 1772 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:40:54.0228 1772 LMS - ok
16:40:54.0259 1772 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:40:54.0275 1772 LSI_FC - ok
16:40:54.0275 1772 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:40:54.0290 1772 LSI_SAS - ok
16:40:54.0290 1772 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:40:54.0321 1772 LSI_SAS2 - ok
16:40:54.0321 1772 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:40:54.0337 1772 LSI_SCSI - ok
16:40:54.0368 1772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:40:54.0399 1772 luafv - ok
16:40:54.0446 1772 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:40:54.0462 1772 Mcx2Svc - ok
16:40:54.0493 1772 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:40:54.0509 1772 megasas - ok
16:40:54.0524 1772 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:40:54.0555 1772 MegaSR - ok
16:40:54.0587 1772 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:40:54.0602 1772 MEIx64 - ok
16:40:54.0633 1772 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:40:54.0665 1772 MMCSS - ok
16:40:54.0696 1772 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:40:54.0727 1772 Modem - ok
16:40:54.0743 1772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:40:54.0758 1772 monitor - ok
16:40:54.0774 1772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:40:54.0789 1772 mouclass - ok
16:40:54.0805 1772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:40:54.0821 1772 mouhid - ok
16:40:54.0821 1772 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:40:54.0852 1772 mountmgr - ok
16:40:54.0867 1772 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:40:54.0883 1772 mpio - ok
16:40:54.0899 1772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:40:54.0945 1772 mpsdrv - ok
16:40:54.0992 1772 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:40:55.0055 1772 MpsSvc - ok
16:40:55.0070 1772 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:40:55.0101 1772 MRxDAV - ok
16:40:55.0117 1772 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:40:55.0148 1772 mrxsmb - ok
16:40:55.0179 1772 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:40:55.0195 1772 mrxsmb10 - ok
16:40:55.0226 1772 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:40:55.0242 1772 mrxsmb20 - ok
16:40:55.0257 1772 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:40:55.0273 1772 msahci - ok
16:40:55.0304 1772 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:40:55.0320 1772 msdsm - ok
16:40:55.0335 1772 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:40:55.0367 1772 MSDTC - ok
16:40:55.0367 1772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:40:55.0413 1772 Msfs - ok
16:40:55.0429 1772 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:40:55.0476 1772 mshidkmdf - ok
16:40:55.0476 1772 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:40:55.0507 1772 msisadrv - ok
16:40:55.0523 1772 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:40:55.0569 1772 MSiSCSI - ok
16:40:55.0569 1772 msiserver - ok
16:40:55.0601 1772 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:40:55.0632 1772 MSKSSRV - ok
16:40:55.0647 1772 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:40:55.0694 1772 MSPCLOCK - ok
16:40:55.0710 1772 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:40:55.0741 1772 MSPQM - ok
16:40:55.0757 1772 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:40:55.0788 1772 MsRPC - ok
16:40:55.0788 1772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:40:55.0819 1772 mssmbios - ok
16:40:55.0835 1772 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:40:55.0881 1772 MSTEE - ok
16:40:55.0897 1772 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:40:55.0913 1772 MTConfig - ok
16:40:55.0913 1772 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:40:55.0944 1772 Mup - ok
16:40:55.0975 1772 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:40:56.0022 1772 napagent - ok
16:40:56.0053 1772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:40:56.0084 1772 NativeWifiP - ok
16:40:56.0147 1772 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:40:56.0162 1772 NDIS - ok
16:40:56.0178 1772 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:40:56.0225 1772 NdisCap - ok
16:40:56.0256 1772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:40:56.0303 1772 NdisTapi - ok
16:40:56.0318 1772 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:40:56.0365 1772 Ndisuio - ok
16:40:56.0365 1772 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:40:56.0412 1772 NdisWan - ok
16:40:56.0412 1772 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:40:56.0443 1772 NDProxy - ok
16:40:56.0459 1772 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:40:56.0490 1772 NetBIOS - ok
16:40:56.0505 1772 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:40:56.0568 1772 NetBT - ok
16:40:56.0583 1772 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:40:56.0599 1772 Netlogon - ok
16:40:56.0630 1772 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:40:56.0693 1772 Netman - ok
16:40:56.0724 1772 [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:40:56.0739 1772 NetMsmqActivator - ok
16:40:56.0755 1772 [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:40:56.0755 1772 NetPipeActivator - ok
16:40:56.0786 1772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:40:56.0849 1772 netprofm - ok
16:40:56.0927 1772 [ 5758FD37BF31E759F8610311E4D08ECA ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
16:40:57.0020 1772 netr28x - ok
16:40:57.0051 1772 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:40:57.0067 1772 NetTcpActivator - ok
16:40:57.0067 1772 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:40:57.0083 1772 NetTcpPortSharing - ok
16:40:57.0145 1772 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:40:57.0176 1772 nfrd960 - ok
16:40:57.0254 1772 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:40:57.0301 1772 NlaSvc - ok
16:40:57.0332 1772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:40:57.0379 1772 Npfs - ok
16:40:57.0410 1772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:40:57.0488 1772 nsi - ok
16:40:57.0504 1772 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:40:57.0551 1772 nsiproxy - ok
16:40:57.0629 1772 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:40:57.0769 1772 Ntfs - ok
16:40:57.0831 1772 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:40:57.0925 1772 Null - ok
16:40:57.0956 1772 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
16:40:58.0003 1772 NVENETFD - ok
16:40:58.0050 1772 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:40:58.0097 1772 nvraid - ok
16:40:58.0097 1772 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:40:58.0128 1772 nvstor - ok
16:40:58.0128 1772 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:40:58.0143 1772 nv_agp - ok
16:40:58.0159 1772 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:40:58.0175 1772 ohci1394 - ok
16:40:58.0206 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:40:58.0253 1772 p2pimsvc - ok
16:40:58.0284 1772 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:40:58.0315 1772 p2psvc - ok
16:40:58.0331 1772 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:40:58.0362 1772 Parport - ok
16:40:58.0393 1772 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:40:58.0409 1772 partmgr - ok
16:40:58.0424 1772 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:40:58.0455 1772 PcaSvc - ok
16:40:58.0471 1772 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:40:58.0487 1772 pci - ok
16:40:58.0487 1772 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:40:58.0518 1772 pciide - ok
16:40:58.0533 1772 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:40:58.0549 1772 pcmcia - ok
16:40:58.0549 1772 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:40:58.0580 1772 pcw - ok
16:40:58.0596 1772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:40:58.0643 1772 PEAUTH - ok
16:40:58.0721 1772 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:40:58.0783 1772 PerfHost - ok
16:40:58.0845 1772 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:40:58.0955 1772 pla - ok
16:40:59.0017 1772 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:40:59.0095 1772 PlugPlay - ok
16:40:59.0111 1772 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:40:59.0126 1772 PNRPAutoReg - ok
16:40:59.0142 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:40:59.0157 1772 PNRPsvc - ok
16:40:59.0189 1772 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:40:59.0251 1772 PolicyAgent - ok
16:40:59.0282 1772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:40:59.0313 1772 Power - ok
16:40:59.0360 1772 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:40:59.0438 1772 PptpMiniport - ok
16:40:59.0454 1772 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:40:59.0501 1772 Processor - ok
16:40:59.0532 1772 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
16:40:59.0594 1772 ProfSvc - ok
16:40:59.0610 1772 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:40:59.0625 1772 ProtectedStorage - ok
16:40:59.0641 1772 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:40:59.0672 1772 Psched - ok
16:40:59.0735 1772 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:40:59.0859 1772 ql2300 - ok
16:40:59.0859 1772 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:40:59.0875 1772 ql40xx - ok
16:40:59.0906 1772 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:40:59.0937 1772 QWAVE - ok
16:40:59.0953 1772 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:41:00.0000 1772 QWAVEdrv - ok
16:41:00.0015 1772 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:41:00.0062 1772 RasAcd - ok
16:41:00.0109 1772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:41:00.0140 1772 RasAgileVpn - ok
16:41:00.0171 1772 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:41:00.0203 1772 RasAuto - ok
16:41:00.0234 1772 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:41:00.0265 1772 Rasl2tp - ok
16:41:00.0296 1772 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:41:00.0327 1772 RasMan - ok
16:41:00.0343 1772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:41:00.0374 1772 RasPppoe - ok
16:41:00.0390 1772 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:41:00.0421 1772 RasSstp - ok
16:41:00.0437 1772 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:41:00.0499 1772 rdbss - ok
16:41:00.0515 1772 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:41:00.0530 1772 rdpbus - ok
16:41:00.0546 1772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:41:00.0577 1772 RDPCDD - ok
16:41:00.0608 1772 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:41:00.0655 1772 RDPENCDD - ok
16:41:00.0671 1772 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:41:00.0702 1772 RDPREFMP - ok
16:41:00.0733 1772 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:41:00.0749 1772 RDPWD - ok
16:41:00.0780 1772 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:41:00.0827 1772 rdyboost - ok
16:41:00.0842 1772 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:41:00.0889 1772 RemoteAccess - ok
16:41:00.0905 1772 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:41:00.0936 1772 RemoteRegistry - ok
16:41:00.0951 1772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:41:00.0998 1772 RpcEptMapper - ok
16:41:01.0014 1772 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:41:01.0045 1772 RpcLocator - ok
16:41:01.0061 1772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:41:01.0092 1772 RpcSs - ok
16:41:01.0123 1772 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
16:41:01.0139 1772 RSPCIESTOR - ok
16:41:01.0170 1772 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:41:01.0217 1772 rspndr - ok
16:41:01.0263 1772 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:41:01.0326 1772 RTL8167 - ok
16:41:01.0341 1772 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:41:01.0341 1772 SamSs - ok
16:41:01.0357 1772 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:41:01.0373 1772 sbp2port - ok
16:41:01.0404 1772 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:41:01.0451 1772 SCardSvr - ok
16:41:01.0466 1772 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:41:01.0497 1772 scfilter - ok
16:41:01.0529 1772 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:41:01.0622 1772 Schedule - ok
16:41:01.0653 1772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:41:01.0669 1772 SCPolicySvc - ok
16:41:01.0716 1772 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:41:01.0731 1772 sdbus - ok
16:41:01.0747 1772 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:41:01.0778 1772 SDRSVC - ok
16:41:01.0809 1772 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:41:01.0856 1772 secdrv - ok
16:41:01.0856 1772 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:41:01.0903 1772 seclogon - ok
16:41:01.0903 1772 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:41:01.0950 1772 SENS - ok
16:41:01.0981 1772 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:41:02.0028 1772 SensrSvc - ok
16:41:02.0059 1772 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:41:02.0090 1772 Serenum - ok
16:41:02.0121 1772 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:41:02.0153 1772 Serial - ok
16:41:02.0184 1772 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:41:02.0199 1772 sermouse - ok
16:41:02.0231 1772 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:41:02.0277 1772 SessionEnv - ok
16:41:02.0293 1772 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:41:02.0309 1772 sffdisk - ok
16:41:02.0324 1772 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:41:02.0340 1772 sffp_mmc - ok
16:41:02.0355 1772 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:41:02.0371 1772 sffp_sd - ok
16:41:02.0387 1772 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:41:02.0418 1772 sfloppy - ok
16:41:02.0433 1772 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:41:02.0480 1772 SharedAccess - ok
16:41:02.0496 1772 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:41:02.0527 1772 ShellHWDetection - ok
16:41:02.0558 1772 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:41:02.0605 1772 SiSRaid2 - ok
16:41:02.0621 1772 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:41:02.0636 1772 SiSRaid4 - ok
16:41:02.0667 1772 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:41:02.0699 1772 SkypeUpdate - ok
16:41:02.0699 1772 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:41:02.0761 1772 Smb - ok
16:41:02.0792 1772 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:41:02.0823 1772 SNMPTRAP - ok
16:41:02.0823 1772 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:41:02.0839 1772 spldr - ok
16:41:02.0870 1772 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
16:41:02.0901 1772 Spooler - ok
16:41:02.0995 1772 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:41:03.0057 1772 sppsvc - ok
16:41:03.0073 1772 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:41:03.0104 1772 sppuinotify - ok
16:41:03.0120 1772 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:41:03.0151 1772 srv - ok
16:41:03.0151 1772 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:41:03.0167 1772 srv2 - ok
16:41:03.0229 1772 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:41:03.0260 1772 SrvHsfHDA - ok
16:41:03.0307 1772 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:41:03.0369 1772 SrvHsfV92 - ok
16:41:03.0401 1772 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:41:03.0432 1772 SrvHsfWinac - ok
16:41:03.0463 1772 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:41:03.0479 1772 srvnet - ok
16:41:03.0510 1772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:41:03.0588 1772 SSDPSRV - ok
16:41:03.0588 1772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:41:03.0635 1772 SstpSvc - ok
16:41:03.0681 1772 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:41:03.0759 1772 STacSV - ok
16:41:03.0791 1772 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:41:03.0806 1772 stexstor - ok
16:41:03.0837 1772 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:41:03.0884 1772 STHDA - ok
16:41:03.0931 1772 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:41:04.0025 1772 stisvc - ok
16:41:04.0040 1772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:41:04.0056 1772 swenum - ok
16:41:04.0087 1772 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:41:04.0134 1772 swprv - ok
16:41:04.0181 1772 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:41:04.0274 1772 SynTP - ok
16:41:04.0337 1772 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:41:04.0415 1772 SysMain - ok
16:41:04.0430 1772 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:41:04.0461 1772 TabletInputService - ok
16:41:04.0493 1772 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:41:04.0524 1772 TapiSrv - ok
16:41:04.0539 1772 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:41:04.0571 1772 TBS - ok
16:41:04.0633 1772 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:41:04.0711 1772 Tcpip - ok
16:41:04.0758 1772 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:41:04.0789 1772 TCPIP6 - ok
16:41:04.0820 1772 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:41:04.0883 1772 tcpipreg - ok
16:41:04.0898 1772 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:41:04.0961 1772 TDPIPE - ok
16:41:04.0992 1772 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:41:05.0007 1772 TDTCP - ok
16:41:05.0023 1772 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:41:05.0054 1772 tdx - ok
16:41:05.0054 1772 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:41:05.0070 1772 TermDD - ok
16:41:05.0117 1772 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:41:05.0195 1772 TermService - ok
16:41:05.0226 1772 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:41:05.0241 1772 Themes - ok
16:41:05.0257 1772 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:41:05.0273 1772 THREADORDER - ok
16:41:05.0304 1772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:41:05.0335 1772 TrkWks - ok
16:41:05.0397 1772 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:41:05.0460 1772 TrustedInstaller - ok
16:41:05.0475 1772 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:41:05.0522 1772 tssecsrv - ok
16:41:05.0569 1772 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:41:05.0616 1772 TsUsbFlt - ok
16:41:05.0631 1772 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:41:05.0663 1772 TsUsbGD - ok
16:41:05.0694 1772 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:41:05.0725 1772 tunnel - ok
16:41:05.0741 1772 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:41:05.0756 1772 uagp35 - ok
16:41:05.0772 1772 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:41:05.0819 1772 udfs - ok
16:41:05.0850 1772 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:41:05.0865 1772 UI0Detect - ok
16:41:05.0881 1772 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:41:05.0897 1772 uliagpkx - ok
16:41:05.0928 1772 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:41:05.0943 1772 umbus - ok
16:41:05.0959 1772 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:41:05.0975 1772 UmPass - ok
16:41:06.0084 1772 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:41:06.0146 1772 UNS - ok
16:41:06.0193 1772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:41:06.0224 1772 upnphost - ok
16:41:06.0255 1772 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:41:06.0287 1772 usbccgp - ok
16:41:06.0333 1772 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:41:06.0396 1772 usbcir - ok
16:41:06.0411 1772 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:41:06.0458 1772 usbehci - ok
16:41:06.0474 1772 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
16:41:06.0505 1772 usbhub - ok
16:41:06.0505 1772 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:41:06.0536 1772 usbohci - ok
16:41:06.0536 1772 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:41:06.0567 1772 usbprint - ok
16:41:06.0567 1772 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:41:06.0614 1772 USBSTOR - ok
16:41:06.0630 1772 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:41:06.0645 1772 usbuhci - ok
16:41:06.0677 1772 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:41:06.0692 1772 usbvideo - ok
16:41:06.0723 1772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:41:06.0755 1772 UxSms - ok
16:41:06.0770 1772 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:41:06.0786 1772 VaultSvc - ok
16:41:06.0786 1772 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:41:06.0801 1772 vdrvroot - ok
16:41:06.0817 1772 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:41:06.0864 1772 vds - ok
16:41:06.0879 1772 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:41:06.0895 1772 vga - ok
16:41:06.0895 1772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:41:06.0957 1772 VgaSave - ok
16:41:06.0973 1772 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:41:07.0004 1772 vhdmp - ok
16:41:07.0004 1772 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:41:07.0035 1772 viaide - ok
16:41:07.0035 1772 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:41:07.0051 1772 volmgr - ok
16:41:07.0067 1772 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:41:07.0082 1772 volmgrx - ok
16:41:07.0098 1772 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:41:07.0129 1772 volsnap - ok
16:41:07.0176 1772 [ 1065A957523ED51AAFFF737CC63010A6 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
16:41:07.0207 1772 Vsdatant - ok
16:41:07.0269 1772 vsmon - ok
16:41:07.0301 1772 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:41:07.0347 1772 vsmraid - ok
16:41:07.0410 1772 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:41:07.0535 1772 VSS - ok
16:41:07.0550 1772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:41:07.0597 1772 vwifibus - ok
16:41:07.0613 1772 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:41:07.0628 1772 vwififlt - ok
16:41:07.0644 1772 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:41:07.0691 1772 W32Time - ok
16:41:07.0706 1772 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:41:07.0722 1772 WacomPen - ok
16:41:07.0737 1772 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:41:07.0784 1772 WANARP - ok
16:41:07.0784 1772 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:41:07.0815 1772 Wanarpv6 - ok
16:41:07.0878 1772 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:41:08.0003 1772 wbengine - ok
16:41:08.0018 1772 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:41:08.0034 1772 WbioSrvc - ok
16:41:08.0049 1772 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:41:08.0081 1772 wcncsvc - ok
16:41:08.0081 1772 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:41:08.0127 1772 WcsPlugInService - ok
16:41:08.0159 1772 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:41:08.0174 1772 Wd - ok
16:41:08.0190 1772 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:41:08.0237 1772 Wdf01000 - ok
16:41:08.0252 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:41:08.0330 1772 WdiServiceHost - ok
16:41:08.0330 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:41:08.0346 1772 WdiSystemHost - ok
16:41:08.0377 1772 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:41:08.0408 1772 WebClient - ok
16:41:08.0424 1772 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:41:08.0471 1772 Wecsvc - ok
16:41:08.0486 1772 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:41:08.0533 1772 wercplsupport - ok
16:41:08.0549 1772 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:41:08.0580 1772 WerSvc - ok
16:41:08.0595 1772 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:41:08.0642 1772 WfpLwf - ok
16:41:08.0658 1772 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:41:08.0673 1772 WIMMount - ok
16:41:08.0705 1772 WinDefend - ok
16:41:08.0705 1772 WinHttpAutoProxySvc - ok
16:41:08.0767 1772 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:41:08.0845 1772 Winmgmt - ok
16:41:08.0892 1772 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:41:09.0017 1772 WinRM - ok
16:41:09.0063 1772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:41:09.0110 1772 Wlansvc - ok
16:41:09.0157 1772 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:41:09.0188 1772 wlcrasvc - ok
16:41:09.0266 1772 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:41:09.0360 1772 wlidsvc - ok
16:41:09.0375 1772 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:41:09.0391 1772 WmiAcpi - ok
16:41:09.0407 1772 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:41:09.0453 1772 wmiApSrv - ok
16:41:09.0485 1772 WMPNetworkSvc - ok
16:41:09.0500 1772 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:41:09.0547 1772 WPCSvc - ok
16:41:09.0563 1772 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:41:09.0594 1772 WPDBusEnum - ok
16:41:09.0609 1772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:41:09.0656 1772 ws2ifsl - ok
16:41:09.0672 1772 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:41:09.0687 1772 wscsvc - ok
16:41:09.0703 1772 WSearch - ok
16:41:09.0781 1772 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:41:09.0875 1772 wuauserv - ok
16:41:09.0890 1772 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:41:09.0937 1772 WudfPf - ok
16:41:09.0984 1772 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:41:10.0077 1772 WUDFRd - ok
16:41:10.0093 1772 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:41:10.0124 1772 wudfsvc - ok
16:41:10.0155 1772 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
16:41:10.0187 1772 WwanSvc - ok
16:41:10.0187 1772 ================ Scan global ===============================
16:41:10.0202 1772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:41:10.0233 1772 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:41:10.0249 1772 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:41:10.0265 1772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:41:10.0296 1772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:41:10.0311 1772 [Global] - ok
16:41:10.0311 1772 ================ Scan MBR ==================================
16:41:10.0327 1772 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:41:10.0795 1772 \Device\Harddisk0\DR0 - ok
16:41:10.0795 1772 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
16:41:11.0310 1772 \Device\Harddisk1\DR1 - ok
16:41:11.0310 1772 ================ Scan VBR ==================================
16:41:11.0341 1772 [ BF6532E2A29175BEC7E70391E878D95B ] \Device\Harddisk0\DR0\Partition1
16:41:11.0357 1772 \Device\Harddisk0\DR0\Partition1 - ok
16:41:11.0357 1772 [ 8DC6612BDE2D2C1F8B8DC71C4C3E949E ] \Device\Harddisk0\DR0\Partition2
16:41:11.0372 1772 \Device\Harddisk0\DR0\Partition2 - ok
16:41:11.0403 1772 [ 18BB3C35A377183C67FC059BC3491C54 ] \Device\Harddisk0\DR0\Partition3
16:41:11.0403 1772 \Device\Harddisk0\DR0\Partition3 - ok
16:41:11.0419 1772 [ 5B29C8EEB9366A14EFC9D0E1096D81E8 ] \Device\Harddisk0\DR0\Partition4
16:41:11.0419 1772 \Device\Harddisk0\DR0\Partition4 - ok
16:41:11.0435 1772 [ 2B78975B71DE02D2B5738215BAA93957 ] \Device\Harddisk1\DR1\Partition1
16:41:11.0435 1772 \Device\Harddisk1\DR1\Partition1 - ok
16:41:11.0435 1772 ============================================================
16:41:11.0435 1772 Scan finished
|
|
23.04.2013, 15:49
| #11 |
| | Trojaner DomaIQCode:
ATTFilter 16:41:11.0435 1772 ============================================================
16:41:11.0450 5612 Detected object count: 2
16:41:11.0450 5612 Actual detected object count: 2
16:41:20.0015 5612 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:20.0015 5612 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:20.0015 5612 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:20.0015 5612 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:12.0567 3744 ============================================================
16:42:12.0567 3744 Scan started
16:42:12.0567 3744 Mode: Manual; SigCheck; TDLFS;
16:42:12.0567 3744 ============================================================
16:42:13.0363 3744 ================ Scan system memory ========================
16:42:13.0363 3744 System memory - ok
16:42:13.0363 3744 ================ Scan services =============================
16:42:13.0503 3744 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:42:13.0535 3744 1394ohci - ok
16:42:13.0550 3744 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:42:13.0566 3744 ACPI - ok
16:42:13.0566 3744 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:42:13.0581 3744 AcpiPmi - ok
16:42:13.0613 3744 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:42:13.0628 3744 adp94xx - ok
16:42:13.0659 3744 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:42:13.0659 3744 adpahci - ok
16:42:13.0675 3744 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:42:13.0691 3744 adpu320 - ok
16:42:13.0737 3744 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:42:13.0784 3744 AeLookupSvc - ok
16:42:13.0815 3744 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:42:13.0831 3744 AFD - ok
16:42:13.0862 3744 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:42:13.0862 3744 agp440 - ok
16:42:13.0894 3744 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:42:13.0894 3744 ALG - ok
16:42:13.0909 3744 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:42:13.0909 3744 aliide - ok
16:42:13.0940 3744 [ 46052887A640397A834CFA61D607BFC5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:42:13.0956 3744 AMD External Events Utility - ok
16:42:13.0972 3744 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:42:13.0987 3744 amdide - ok
16:42:13.0987 3744 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:42:14.0003 3744 AmdK8 - ok
16:42:14.0206 3744 [ F419E5CC07DECDAB85E4E6ADAB1DBB49 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:42:14.0299 3744 amdkmdag - ok
16:42:14.0330 3744 [ A2F3F99349169D53E91A953A6F539635 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:42:14.0346 3744 amdkmdap - ok
16:42:14.0362 3744 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:42:14.0362 3744 AmdPPM - ok
16:42:14.0393 3744 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:42:14.0393 3744 amdsata - ok
16:42:14.0424 3744 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:42:14.0440 3744 amdsbs - ok
16:42:14.0440 3744 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:42:14.0455 3744 amdxata - ok
16:42:14.0455 3744 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:42:14.0486 3744 AppID - ok
16:42:14.0549 3744 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:42:14.0627 3744 AppIDSvc - ok
16:42:14.0627 3744 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:42:14.0658 3744 Appinfo - ok
16:42:14.0674 3744 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:42:14.0689 3744 arc - ok
16:42:14.0705 3744 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:42:14.0720 3744 arcsas - ok
16:42:14.0720 3744 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:14.0752 3744 AsyncMac - ok
16:42:14.0752 3744 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:42:14.0767 3744 atapi - ok
16:42:14.0798 3744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:42:14.0830 3744 AudioEndpointBuilder - ok
16:42:14.0861 3744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:42:14.0892 3744 AudioSrv - ok
16:42:14.0908 3744 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:42:14.0923 3744 AxInstSV - ok
16:42:14.0939 3744 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:42:14.0954 3744 b06bdrv - ok
16:42:14.0970 3744 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:42:14.0986 3744 b57nd60a - ok
16:42:15.0064 3744 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
16:42:15.0095 3744 BBSvc - ok
16:42:15.0110 3744 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
16:42:15.0142 3744 BBUpdate - ok
16:42:15.0188 3744 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:42:15.0220 3744 BCM43XX - ok
16:42:15.0251 3744 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:42:15.0266 3744 BDESVC - ok
16:42:15.0266 3744 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:42:15.0298 3744 Beep - ok
16:42:15.0313 3744 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:42:15.0360 3744 BFE - ok
16:42:15.0407 3744 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:42:15.0469 3744 BITS - ok
16:42:15.0500 3744 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:42:15.0516 3744 blbdrive - ok
16:42:15.0532 3744 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:42:15.0547 3744 bowser - ok
16:42:15.0563 3744 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:42:15.0578 3744 BrFiltLo - ok
16:42:15.0594 3744 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:42:15.0610 3744 BrFiltUp - ok
16:42:15.0625 3744 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:42:15.0641 3744 Browser - ok
16:42:15.0672 3744 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:42:15.0688 3744 Brserid - ok
16:42:15.0734 3744 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:15.0781 3744 BrSerWdm - ok
16:42:15.0797 3744 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:15.0828 3744 BrUsbMdm - ok
16:42:15.0844 3744 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:15.0859 3744 BrUsbSer - ok
16:42:15.0859 3744 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:42:15.0875 3744 BTHMODEM - ok
16:42:15.0906 3744 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:42:15.0922 3744 bthserv - ok
16:42:15.0937 3744 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:42:15.0968 3744 cdfs - ok
16:42:15.0968 3744 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:42:15.0984 3744 cdrom - ok
16:42:16.0000 3744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:42:16.0015 3744 CertPropSvc - ok
16:42:16.0031 3744 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:42:16.0046 3744 circlass - ok
16:42:16.0062 3744 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:42:16.0078 3744 CLFS - ok
16:42:16.0140 3744 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:42:16.0171 3744 clr_optimization_v2.0.50727_32 - ok
16:42:16.0234 3744 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:42:16.0280 3744 clr_optimization_v2.0.50727_64 - ok
16:42:16.0296 3744 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
16:42:16.0343 3744 clwvd - ok
16:42:16.0343 3744 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:42:16.0374 3744 CmBatt - ok
16:42:16.0390 3744 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:42:16.0405 3744 cmdide - ok
16:42:16.0436 3744 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:42:16.0483 3744 CNG - ok
16:42:16.0483 3744 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:42:16.0499 3744 Compbatt - ok
16:42:16.0499 3744 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:42:16.0514 3744 CompositeBus - ok
16:42:16.0514 3744 COMSysApp - ok
16:42:16.0530 3744 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:42:16.0530 3744 crcdisk - ok
16:42:16.0561 3744 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:42:16.0577 3744 CryptSvc - ok
16:42:16.0608 3744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:42:16.0639 3744 DcomLaunch - ok
16:42:16.0670 3744 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:42:16.0702 3744 defragsvc - ok
16:42:16.0717 3744 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:42:16.0748 3744 DfsC - ok
16:42:16.0764 3744 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:42:16.0780 3744 Dhcp - ok
16:42:16.0795 3744 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:42:16.0811 3744 discache - ok
16:42:16.0826 3744 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:42:16.0826 3744 Disk - ok
16:42:16.0858 3744 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:42:16.0873 3744 Dnscache - ok
16:42:16.0889 3744 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:42:16.0920 3744 dot3svc - ok
16:42:16.0936 3744 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:42:16.0967 3744 DPS - ok
16:42:16.0998 3744 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:42:17.0014 3744 drmkaud - ok
16:42:17.0045 3744 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:42:17.0060 3744 DXGKrnl - ok
16:42:17.0076 3744 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:42:17.0107 3744 EapHost - ok
16:42:17.0185 3744 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:42:17.0232 3744 ebdrv - ok
16:42:17.0263 3744 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:42:17.0279 3744 EFS - ok
16:42:17.0326 3744 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:42:17.0341 3744 ehRecvr - ok
16:42:17.0357 3744 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:42:17.0372 3744 ehSched - ok
16:42:17.0419 3744 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:42:17.0450 3744 elxstor - ok
16:42:17.0466 3744 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:42:17.0482 3744 ErrDev - ok
16:42:17.0513 3744 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:42:17.0560 3744 EventSystem - ok
16:42:17.0575 3744 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:42:17.0606 3744 exfat - ok
16:42:17.0606 3744 ezSharedSvc - ok
16:42:17.0638 3744 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:42:17.0669 3744 fastfat - ok
16:42:17.0700 3744 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:42:17.0716 3744 Fax - ok
16:42:17.0731 3744 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:42:17.0747 3744 fdc - ok
16:42:17.0762 3744 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:42:17.0794 3744 fdPHost - ok
16:42:17.0794 3744 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:42:17.0825 3744 FDResPub - ok
16:42:17.0856 3744 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:42:17.0872 3744 FileInfo - ok
16:42:17.0872 3744 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:42:17.0903 3744 Filetrace - ok
16:42:17.0918 3744 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:42:17.0918 3744 flpydisk - ok
16:42:17.0934 3744 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:42:17.0950 3744 FltMgr - ok
16:42:18.0028 3744 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:42:18.0059 3744 FontCache - ok
16:42:18.0090 3744 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:42:18.0121 3744 FontCache3.0.0.0 - ok
16:42:18.0168 3744 [ 26065327BB2AA358140381FC76520908 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
16:42:18.0168 3744 FPLService - ok
16:42:18.0184 3744 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:42:18.0199 3744 FsDepends - ok
16:42:18.0230 3744 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:42:18.0246 3744 Fs_Rec - ok
16:42:18.0246 3744 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:42:18.0277 3744 fvevol - ok
16:42:18.0293 3744 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:42:18.0308 3744 gagp30kx - ok
16:42:18.0371 3744 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:42:18.0402 3744 GamesAppService - ok
16:42:18.0433 3744 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:42:18.0480 3744 gpsvc - ok
16:42:18.0527 3744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:18.0527 3744 gupdate - ok
16:42:18.0542 3744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:18.0558 3744 gupdatem - ok
16:42:18.0589 3744 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:42:18.0620 3744 hcw85cir - ok
16:42:18.0636 3744 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:42:18.0667 3744 HdAudAddService - ok
16:42:18.0683 3744 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:42:18.0698 3744 HDAudBus - ok
16:42:18.0714 3744 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:42:18.0730 3744 HidBatt - ok
16:42:18.0730 3744 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:42:18.0745 3744 HidBth - ok
16:42:18.0761 3744 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:42:18.0761 3744 HidIr - ok
16:42:18.0792 3744 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:42:18.0823 3744 hidserv - ok
16:42:18.0823 3744 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:42:18.0839 3744 HidUsb - ok
16:42:18.0854 3744 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:42:18.0886 3744 hkmsvc - ok
16:42:18.0901 3744 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:42:18.0901 3744 HomeGroupListener - ok
16:42:18.0932 3744 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:42:18.0948 3744 HomeGroupProvider - ok
16:42:18.0995 3744 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:42:19.0010 3744 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
16:42:19.0010 3744 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
16:42:19.0088 3744 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
16:42:19.0135 3744 HPAuto - ok
16:42:19.0151 3744 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:42:19.0166 3744 HPClientSvc - ok
16:42:19.0198 3744 [ 9BFDA0BC109EB6D16F2CB862BB85E28C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:42:19.0213 3744 HPDrvMntSvc.exe - ok
16:42:19.0244 3744 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:42:19.0276 3744 hpqwmiex - ok
16:42:19.0291 3744 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:42:19.0291 3744 HpSAMD - ok
16:42:19.0338 3744 [ 28E15C3D39DCD27A79251BA0BF216A11 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:42:19.0354 3744 HPWMISVC - ok
16:42:19.0369 3744 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:42:19.0400 3744 HTTP - ok
16:42:19.0416 3744 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:42:19.0432 3744 hwpolicy - ok
16:42:19.0432 3744 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:42:19.0447 3744 i8042prt - ok
16:42:19.0463 3744 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:42:19.0478 3744 iaStor - ok
16:42:19.0525 3744 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:42:19.0556 3744 IAStorDataMgrSvc - ok
16:42:19.0588 3744 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:42:19.0603 3744 iaStorV - ok
16:42:19.0712 3744 [ D22D82D74FD1B6C77E7556DBDC3EA9D2 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:42:19.0744 3744 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
16:42:19.0744 3744 IconMan_R - detected UnsignedFile.Multi.Generic (1)
16:42:19.0790 3744 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:42:19.0837 3744 idsvc - ok
16:42:19.0853 3744 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:42:19.0868 3744 iirsp - ok
16:42:19.0900 3744 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:42:19.0931 3744 IKEEXT - ok
16:42:19.0978 3744 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:42:20.0009 3744 IntcDAud - ok
16:42:20.0024 3744 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:42:20.0024 3744 intelide - ok
16:42:20.0274 3744 [ 6383899C5F964D71B0F96B81FBE59BB8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
16:42:20.0383 3744 intelkmd - ok
16:42:20.0399 3744 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:42:20.0414 3744 intelppm - ok
16:42:20.0446 3744 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:42:20.0477 3744 IPBusEnum - ok
16:42:20.0477 3744 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:20.0508 3744 IpFilterDriver - ok
16:42:20.0539 3744 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:42:20.0570 3744 iphlpsvc - ok
16:42:20.0586 3744 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:42:20.0602 3744 IPMIDRV - ok
16:42:20.0602 3744 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:42:20.0633 3744 IPNAT - ok
16:42:20.0648 3744 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:42:20.0664 3744 IRENUM - ok
16:42:20.0680 3744 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:42:20.0695 3744 isapnp - ok
16:42:20.0711 3744 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:42:20.0726 3744 iScsiPrt - ok
16:42:20.0773 3744 [ BE72D2B3A99615F84E270C80F0A18448 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
16:42:20.0773 3744 ISWKL - ok
16:42:20.0804 3744 [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
16:42:20.0820 3744 IswSvc - ok
16:42:20.0867 3744 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
16:42:20.0898 3744 jhi_service - ok
16:42:20.0929 3744 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:42:20.0960 3744 kbdclass - ok
16:42:20.0992 3744 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:42:21.0023 3744 kbdhid - ok
16:42:21.0054 3744 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:42:21.0085 3744 KeyIso - ok
16:42:21.0148 3744 [ BDCDA87DD466867A8A7C405D52DD9260 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
16:42:21.0210 3744 KLIF - ok
16:42:21.0226 3744 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:42:21.0241 3744 KSecDD - ok
16:42:21.0257 3744 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:42:21.0272 3744 KSecPkg - ok
16:42:21.0304 3744 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:42:21.0350 3744 ksthunk - ok
16:42:21.0382 3744 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:42:21.0413 3744 KtmRm - ok
16:42:21.0460 3744 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:42:21.0491 3744 LanmanServer - ok
16:42:21.0506 3744 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:42:21.0538 3744 LanmanWorkstation - ok
16:42:21.0553 3744 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:42:21.0584 3744 lltdio - ok
16:42:21.0600 3744 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:42:21.0631 3744 lltdsvc - ok
16:42:21.0647 3744 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:42:21.0678 3744 lmhosts - ok
16:42:21.0709 3744 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:42:21.0740 3744 LMS - ok
16:42:21.0772 3744 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:42:21.0787 3744 LSI_FC - ok
16:42:21.0787 3744 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:42:21.0803 3744 LSI_SAS - ok
16:42:21.0803 3744 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:42:21.0818 3744 LSI_SAS2 - ok
16:42:21.0818 3744 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:42:21.0834 3744 LSI_SCSI - ok
16:42:21.0850 3744 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:42:21.0881 3744 luafv - ok
16:42:21.0896 3744 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:42:21.0912 3744 Mcx2Svc - ok
16:42:21.0928 3744 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:42:21.0943 3744 megasas - ok
16:42:21.0943 3744 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:42:21.0959 3744 MegaSR - ok
16:42:22.0006 3744 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:42:22.0006 3744 MEIx64 - ok
16:42:22.0021 3744 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:42:22.0052 3744 MMCSS - ok
16:42:22.0099 3744 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:42:22.0162 3744 Modem - ok
16:42:22.0177 3744 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:42:22.0193 3744 monitor - ok
16:42:22.0193 3744 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:42:22.0193 3744 mouclass - ok
16:42:22.0208 3744 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:42:22.0208 3744 mouhid - ok
16:42:22.0224 3744 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:42:22.0224 3744 mountmgr - ok
16:42:22.0240 3744 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:42:22.0255 3744 mpio - ok
16:42:22.0286 3744 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:42:22.0302 3744 mpsdrv - ok
16:42:22.0349 3744 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:42:22.0380 3744 MpsSvc - ok
16:42:22.0380 3744 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:42:22.0396 3744 MRxDAV - ok
16:42:22.0411 3744 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:42:22.0427 3744 mrxsmb - ok
16:42:22.0458 3744 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:42:22.0474 3744 mrxsmb10 - ok
16:42:22.0505 3744 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:42:22.0520 3744 mrxsmb20 - ok
16:42:22.0536 3744 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:42:22.0536 3744 msahci - ok
16:42:22.0552 3744 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:42:22.0567 3744 msdsm - ok
16:42:22.0583 3744 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:42:22.0598 3744 MSDTC - ok
16:42:22.0598 3744 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:42:22.0630 3744 Msfs - ok
16:42:22.0645 3744 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:42:22.0676 3744 mshidkmdf - ok
16:42:22.0676 3744 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:42:22.0692 3744 msisadrv - ok
16:42:22.0723 3744 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:42:22.0754 3744 MSiSCSI - ok
16:42:22.0754 3744 msiserver - ok
16:42:22.0770 3744 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:42:22.0801 3744 MSKSSRV - ok
16:42:22.0832 3744 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:42:22.0864 3744 MSPCLOCK - ok
16:42:22.0879 3744 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:42:22.0895 3744 MSPQM - ok
16:42:22.0926 3744 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:42:22.0926 3744 MsRPC - ok
16:42:22.0942 3744 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:42:22.0942 3744 mssmbios - ok
16:42:22.0957 3744 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:42:22.0988 3744 MSTEE - ok
16:42:23.0004 3744 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:42:23.0020 3744 MTConfig - ok
16:42:23.0020 3744 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:42:23.0035 3744 Mup - ok
16:42:23.0082 3744 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:42:23.0113 3744 napagent - ok
16:42:23.0144 3744 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:42:23.0160 3744 NativeWifiP - ok
16:42:23.0191 3744 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:42:23.0207 3744 NDIS - ok
16:42:23.0222 3744 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:42:23.0254 3744 NdisCap - ok
16:42:23.0285 3744 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:42:23.0316 3744 NdisTapi - ok
16:42:23.0332 3744 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:42:23.0347 3744 Ndisuio - ok
16:42:23.0363 3744 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:42:23.0394 3744 NdisWan - ok
16:42:23.0394 3744 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:42:23.0425 3744 NDProxy - ok
16:42:23.0425 3744 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:42:23.0456 3744 NetBIOS - ok
16:42:23.0456 3744 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:42:23.0488 3744 NetBT - ok
16:42:23.0488 3744 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:42:23.0503 3744 Netlogon - ok
16:42:23.0534 3744 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:42:23.0566 3744 Netman - ok
16:42:23.0597 3744 [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:42:23.0612 3744 NetMsmqActivator - ok
16:42:23.0612 3744 [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:42:23.0628 3744 NetPipeActivator - ok
16:42:23.0644 3744 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:42:23.0675 3744 netprofm - ok
16:42:23.0737 3744 [ 5758FD37BF31E759F8610311E4D08ECA ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
16:42:23.0784 3744 netr28x - ok
16:42:23.0800 3744 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:42:23.0800 3744 NetTcpActivator - ok
16:42:23.0815 3744 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:42:23.0831 3744 NetTcpPortSharing - ok
16:42:23.0862 3744 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:42:23.0862 3744 nfrd960 - ok
16:42:23.0909 3744 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:42:23.0956 3744 NlaSvc - ok
16:42:23.0971 3744 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:42:24.0002 3744 Npfs - ok
16:42:24.0018 3744 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:42:24.0049 3744 nsi - ok
16:42:24.0049 3744 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:42:24.0080 3744 nsiproxy - ok
16:42:24.0158 3744 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:42:24.0221 3744 Ntfs - ok
16:42:24.0236 3744 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:42:24.0268 3744 Null - ok
16:42:24.0299 3744 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
16:42:24.0314 3744 NVENETFD - ok
16:42:24.0330 3744 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:42:24.0346 3744 nvraid - ok
16:42:24.0346 3744 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:42:24.0361 3744 nvstor - ok
16:42:24.0361 3744 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:42:24.0377 3744 nv_agp - ok
16:42:24.0377 3744 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:42:24.0392 3744 ohci1394 - ok
16:42:24.0424 3744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:42:24.0439 3744 p2pimsvc - ok
16:42:24.0455 3744 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:42:24.0470 3744 p2psvc - ok
16:42:24.0486 3744 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:42:24.0502 3744 Parport - ok
16:42:24.0517 3744 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:42:24.0533 3744 partmgr - ok
16:42:24.0548 3744 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:42:24.0564 3744 PcaSvc - ok
16:42:24.0595 3744 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:42:24.0595 3744 pci - ok
16:42:24.0611 3744 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:42:24.0626 3744 pciide - ok
16:42:24.0642 3744 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:42:24.0658 3744 pcmcia - ok
16:42:24.0658 3744 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:42:24.0673 3744 pcw - ok
16:42:24.0689 3744 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:42:24.0720 3744 PEAUTH - ok
16:42:24.0798 3744 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:42:24.0814 3744 PerfHost - ok
16:42:24.0860 3744 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:42:24.0907 3744 pla - ok
16:42:24.0938 3744 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:42:24.0954 3744 PlugPlay - ok
16:42:24.0970 3744 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:42:24.0985 3744 PNRPAutoReg - ok
16:42:25.0001 3744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:42:25.0016 3744 PNRPsvc - ok
16:42:25.0048 3744 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:42:25.0079 3744 PolicyAgent - ok
16:42:25.0094 3744 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:42:25.0126 3744 Power - ok
16:42:25.0141 3744 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:42:25.0172 3744 PptpMiniport - ok
16:42:25.0204 3744 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:42:25.0204 3744 Processor - ok
16:42:25.0235 3744 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
16:42:25.0266 3744 ProfSvc - ok
16:42:25.0282 3744 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:42:25.0297 3744 ProtectedStorage - ok
16:42:25.0313 3744 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:42:25.0344 3744 Psched - ok
16:42:25.0406 3744 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:42:25.0453 3744 ql2300 - ok
16:42:25.0469 3744 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:42:25.0469 3744 ql40xx - ok
16:42:25.0500 3744 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:42:25.0516 3744 QWAVE - ok
16:42:25.0516 3744 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:42:25.0531 3744 QWAVEdrv - ok
16:42:25.0547 3744 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:42:25.0578 3744 RasAcd - ok
16:42:25.0594 3744 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:42:25.0625 3744 RasAgileVpn - ok
16:42:25.0656 3744 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:42:25.0687 3744 RasAuto - ok
16:42:25.0687 3744 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:42:25.0718 3744 Rasl2tp - ok
16:42:25.0750 3744 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:42:25.0781 3744 RasMan - ok
16:42:25.0781 3744 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:42:25.0812 3744 RasPppoe - ok
16:42:25.0828 3744 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:42:25.0859 3744 RasSstp - ok
16:42:25.0859 3744 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:42:25.0890 3744 rdbss - ok
16:42:25.0906 3744 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:42:25.0921 3744 rdpbus - ok
16:42:25.0937 3744 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:42:25.0968 3744 RDPCDD - ok
16:42:25.0968 3744 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:42:25.0999 3744 RDPENCDD - ok
16:42:26.0015 3744 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:42:26.0046 3744 RDPREFMP - ok
16:42:26.0062 3744 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:42:26.0077 3744 RDPWD - ok
16:42:26.0108 3744 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:42:26.0140 3744 rdyboost - ok
16:42:26.0171 3744 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:42:26.0202 3744 RemoteAccess - ok
16:42:26.0218 3744 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:42:26.0249 3744 RemoteRegistry - ok
16:42:26.0249 3744 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:42:26.0280 3744 RpcEptMapper - ok
16:42:26.0311 3744 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:42:26.0327 3744 RpcLocator - ok
16:42:26.0358 3744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:42:26.0389 3744 RpcSs - ok
16:42:26.0420 3744 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
16:42:26.0420 3744 RSPCIESTOR - ok
16:42:26.0452 3744 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:42:26.0483 3744 rspndr - ok
16:42:26.0514 3744 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:42:26.0530 3744 RTL8167 - ok
16:42:26.0545 3744 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:42:26.0561 3744 SamSs - ok
16:42:26.0576 3744 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:42:26.0576 3744 sbp2port - ok
16:42:26.0608 3744 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:42:26.0639 3744 SCardSvr - ok
16:42:26.0654 3744 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:42:26.0686 3744 scfilter - ok
16:42:26.0701 3744 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:42:26.0748 3744 Schedule - ok
16:42:26.0764 3744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:42:26.0795 3744 SCPolicySvc - ok
16:42:26.0826 3744 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:42:26.0826 3744 sdbus - ok
16:42:26.0857 3744 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:42:26.0873 3744 SDRSVC - ok
16:42:26.0888 3744 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:42:26.0920 3744 secdrv - ok
16:42:26.0935 3744 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:42:26.0951 3744 seclogon - ok
16:42:26.0966 3744 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:42:26.0998 3744 SENS - ok
16:42:27.0013 3744 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:42:27.0013 3744 SensrSvc - ok
16:42:27.0044 3744 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:42:27.0076 3744 Serenum - ok
16:42:27.0107 3744 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:42:27.0122 3744 Serial - ok
16:42:27.0138 3744 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:42:27.0154 3744 sermouse - ok
16:42:27.0200 3744 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:42:27.0232 3744 SessionEnv - ok
16:42:27.0247 3744 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:42:27.0263 3744 sffdisk - ok
16:42:27.0263 3744 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:42:27.0278 3744 sffp_mmc - ok
16:42:27.0294 3744 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:42:27.0294 3744 sffp_sd - ok
16:42:27.0310 3744 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:42:27.0325 3744 sfloppy - ok
16:42:27.0341 3744 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:42:27.0372 3744 SharedAccess - ok
16:42:27.0403 3744 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:42:27.0434 3744 ShellHWDetection - ok
16:42:27.0466 3744 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:42:27.0481 3744 SiSRaid2 - ok
16:42:27.0497 3744 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:42:27.0497 3744 SiSRaid4 - ok
16:42:27.0544 3744 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:42:27.0559 3744 SkypeUpdate - ok
16:42:27.0575 3744 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:42:27.0606 3744 Smb - ok
16:42:27.0606 3744 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:42:27.0622 3744 SNMPTRAP - ok
16:42:27.0637 3744 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:42:27.0653 3744 spldr - ok
16:42:27.0668 3744 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
16:42:27.0715 3744 Spooler - ok
16:42:27.0809 3744 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:42:27.0856 3744 sppsvc - ok
16:42:27.0887 3744 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:42:27.0918 3744 sppuinotify - ok
16:42:27.0934 3744 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:42:27.0949 3744 srv - ok
16:42:27.0949 3744 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:42:27.0965 3744 srv2 - ok
16:42:27.0996 3744 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:42:28.0012 3744 SrvHsfHDA - ok
16:42:28.0043 3744 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:42:28.0074 3744 SrvHsfV92 - ok
16:42:28.0105 3744 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:42:28.0121 3744 SrvHsfWinac - ok
16:42:28.0136 3744 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:42:28.0152 3744 srvnet - ok
16:42:28.0183 3744 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:42:28.0214 3744 SSDPSRV - ok
16:42:28.0214 3744 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:42:28.0246 3744 SstpSvc - ok
16:42:28.0292 3744 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:42:28.0339 3744 STacSV - ok
16:42:28.0355 3744 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:42:28.0370 3744 stexstor - ok
16:42:28.0386 3744 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:42:28.0417 3744 STHDA - ok
16:42:28.0448 3744 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:42:28.0464 3744 stisvc - ok
16:42:28.0480 3744 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:42:28.0480 3744 swenum - ok
16:42:28.0511 3744 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:42:28.0542 3744 swprv - ok
16:42:28.0573 3744 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:42:28.0604 3744 SynTP - ok
16:42:28.0667 3744 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:42:28.0714 3744 SysMain - ok
16:42:28.0714 3744 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:42:28.0729 3744 TabletInputService - ok
16:42:28.0745 3744 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:42:28.0776 3744 TapiSrv - ok
16:42:28.0792 3744 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:42:28.0807 3744 TBS - ok
16:42:28.0885 3744 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:42:28.0932 3744 Tcpip - ok
16:42:28.0963 3744 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:42:28.0994 3744 TCPIP6 - ok
16:42:29.0026 3744 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:42:29.0057 3744 tcpipreg - ok
16:42:29.0072 3744 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:42:29.0072 3744 TDPIPE - ok
16:42:29.0104 3744 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:42:29.0119 3744 TDTCP - ok
16:42:29.0135 3744 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:42:29.0166 3744 tdx - ok
16:42:29.0166 3744 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:42:29.0182 3744 TermDD - ok
16:42:29.0213 3744 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:42:29.0244 3744 TermService - ok
16:42:29.0244 3744 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:42:29.0260 3744 Themes - ok
16:42:29.0275 3744 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:42:29.0306 3744 THREADORDER - ok
16:42:29.0322 3744 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:42:29.0353 3744 TrkWks - ok
16:42:29.0400 3744 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:42:29.0462 3744 TrustedInstaller - ok
16:42:29.0478 3744 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:42:29.0509 3744 tssecsrv - ok
16:42:29.0525 3744 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:42:29.0540 3744 TsUsbFlt - ok
16:42:29.0556 3744 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:42:29.0556 3744 TsUsbGD - ok
16:42:29.0587 3744 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:42:29.0603 3744 tunnel - ok
16:42:29.0618 3744 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:42:29.0634 3744 uagp35 - ok
16:42:29.0634 3744 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:42:29.0665 3744 udfs - ok
16:42:29.0712 3744 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:42:29.0728 3744 UI0Detect - ok
16:42:29.0728 3744 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:42:29.0728 3744 uliagpkx - ok
16:42:29.0743 3744 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:42:29.0743 3744 umbus - ok
16:42:29.0774 3744 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:42:29.0774 3744 UmPass - ok
16:42:29.0899 3744 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:42:29.0946 3744 UNS - ok
16:42:29.0962 3744 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:42:29.0993 3744 upnphost - ok
16:42:30.0024 3744 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:42:30.0024 3744 usbccgp - ok
16:42:30.0055 3744 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:42:30.0071 3744 usbcir - ok
16:42:30.0071 3744 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:42:30.0086 3744 usbehci - ok
16:42:30.0086 3744 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
16:42:30.0102 3744 usbhub - ok
16:42:30.0118 3744 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:42:30.0118 3744 usbohci - ok
16:42:30.0149 3744 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:42:30.0164 3744 usbprint - ok
16:42:30.0180 3744 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:42:30.0180 3744 USBSTOR - ok
16:42:30.0196 3744 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:42:30.0196 3744 usbuhci - ok
16:42:30.0227 3744 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:42:30.0242 3744 usbvideo - ok
16:42:30.0274 3744 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:42:30.0305 3744 UxSms - ok
16:42:30.0336 3744 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:42:30.0336 3744 VaultSvc - ok
16:42:30.0336 3744 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:42:30.0352 3744 vdrvroot - ok
16:42:30.0367 3744 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:42:30.0398 3744 vds - ok
16:42:30.0430 3744 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:42:30.0445 3744 vga - ok
16:42:30.0445 3744 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:42:30.0476 3744 VgaSave - ok
16:42:30.0492 3744 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:42:30.0508 3744 vhdmp - ok
16:42:30.0508 3744 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:42:30.0523 3744 viaide - ok
16:42:30.0523 3744 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:42:30.0539 3744 volmgr - ok
16:42:30.0539 3744 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:42:30.0554 3744 volmgrx - ok
16:42:30.0586 3744 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:42:30.0601 3744 volsnap - ok
16:42:30.0632 3744 [ 1065A957523ED51AAFFF737CC63010A6 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
16:42:30.0632 3744 Vsdatant - ok
16:42:30.0664 3744 vsmon - ok
16:42:30.0695 3744 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:42:30.0726 3744 vsmraid - ok
16:42:30.0788 3744 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:42:30.0835 3744 VSS - ok
16:42:30.0866 3744 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:42:30.0866 3744 vwifibus - ok
16:42:30.0882 3744 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:42:30.0898 3744 vwififlt - ok
16:42:30.0898 3744 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:42:30.0929 3744 W32Time - ok
16:42:30.0944 3744 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:42:30.0960 3744 WacomPen - ok
16:42:30.0960 3744 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:42:30.0991 3744 WANARP - ok
16:42:30.0991 3744 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:42:31.0022 3744 Wanarpv6 - ok
16:42:31.0054 3744 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:42:31.0085 3744 wbengine - ok
16:42:31.0085 3744 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:42:31.0100 3744 WbioSrvc - ok
16:42:31.0116 3744 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:42:31.0132 3744 wcncsvc - ok
16:42:31.0132 3744 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:42:31.0147 3744 WcsPlugInService - ok
16:42:31.0163 3744 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:42:31.0178 3744 Wd - ok
16:42:31.0210 3744 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:42:31.0225 3744 Wdf01000 - ok
16:42:31.0256 3744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:42:31.0272 3744 WdiServiceHost - ok
16:42:31.0288 3744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:42:31.0303 3744 WdiSystemHost - ok
16:42:31.0319 3744 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:42:31.0334 3744 WebClient - ok
16:42:31.0366 3744 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:42:31.0397 3744 Wecsvc - ok
16:42:31.0412 3744 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:42:31.0444 3744 wercplsupport - ok
16:42:31.0444 3744 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:42:31.0475 3744 WerSvc - ok
16:42:31.0475 3744 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:42:31.0506 3744 WfpLwf - ok
16:42:31.0522 3744 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:42:31.0537 3744 WIMMount - ok
16:42:31.0553 3744 WinDefend - ok
16:42:31.0553 3744 WinHttpAutoProxySvc - ok
16:42:31.0615 3744 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:42:31.0662 3744 Winmgmt - ok
16:42:31.0740 3744 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:42:31.0802 3744 WinRM - ok
16:42:31.0818 3744 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:42:31.0849 3744 Wlansvc - ok
16:42:31.0896 3744 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:42:31.0912 3744 wlcrasvc - ok
16:42:31.0974 3744 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:42:32.0021 3744 wlidsvc - ok
16:42:32.0021 3744 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:42:32.0036 3744 WmiAcpi - ok
16:42:32.0068 3744 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:42:32.0083 3744 wmiApSrv - ok
16:42:32.0099 3744 WMPNetworkSvc - ok
16:42:32.0130 3744 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:42:32.0161 3744 WPCSvc - ok
16:42:32.0161 3744 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:42:32.0192 3744 WPDBusEnum - ok
16:42:32.0208 3744 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:42:32.0239 3744 ws2ifsl - ok
16:42:32.0255 3744 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:42:32.0270 3744 wscsvc - ok
16:42:32.0270 3744 WSearch - ok
16:42:32.0364 3744 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:42:32.0426 3744 wuauserv - ok
16:42:32.0442 3744 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:42:32.0473 3744 WudfPf - ok
16:42:32.0504 3744 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:42:32.0536 3744 WUDFRd - ok
16:42:32.0551 3744 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:42:32.0582 3744 wudfsvc - ok
16:42:32.0598 3744 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
16:42:32.0614 3744 WwanSvc - ok
16:42:32.0614 3744 ================ Scan global ===============================
16:42:32.0645 3744 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:42:32.0676 3744 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:42:32.0692 3744 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:42:32.0738 3744 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:42:32.0770 3744 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:42:32.0785 3744 [Global] - ok
16:42:32.0785 3744 ================ Scan MBR ==================================
16:42:32.0785 3744 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:42:33.0128 3744 \Device\Harddisk0\DR0 - ok
16:42:33.0144 3744 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
16:42:33.0643 3744 \Device\Harddisk1\DR1 - ok
16:42:33.0643 3744 ================ Scan VBR ==================================
16:42:33.0674 3744 [ BF6532E2A29175BEC7E70391E878D95B ] \Device\Harddisk0\DR0\Partition1
16:42:33.0690 3744 \Device\Harddisk0\DR0\Partition1 - ok
16:42:33.0690 3744 [ 8DC6612BDE2D2C1F8B8DC71C4C3E949E ] \Device\Harddisk0\DR0\Partition2
16:42:33.0706 3744 \Device\Harddisk0\DR0\Partition2 - ok
16:42:33.0737 3744 [ 18BB3C35A377183C67FC059BC3491C54 ] \Device\Harddisk0\DR0\Partition3
16:42:33.0737 3744 \Device\Harddisk0\DR0\Partition3 - ok
16:42:33.0768 3744 [ 5B29C8EEB9366A14EFC9D0E1096D81E8 ] \Device\Harddisk0\DR0\Partition4
16:42:33.0768 3744 \Device\Harddisk0\DR0\Partition4 - ok
16:42:33.0877 3744 [ 2B78975B71DE02D2B5738215BAA93957 ] \Device\Harddisk1\DR1\Partition1
16:42:33.0877 3744 \Device\Harddisk1\DR1\Partition1 - ok
16:42:33.0877 3744 ============================================================
16:42:33.0877 3744 Scan finished
16:42:33.0877 3744 ============================================================
16:42:33.0893 2888 Detected object count: 2
16:42:33.0893 2888 Actual detected object count: 2
16:42:47.0137 2888 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:47.0137 2888 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:47.0153 2888 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:47.0153 2888 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:51.0474 5144 Deinitialize success
|
|
23.04.2013, 22:45
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner DomaIQ Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.04.2013, 19:19
| #13 |
| | Trojaner DomaIQ Hallo Cosinus, wo finde ich den die von combofix erstellte Log? |
|
25.04.2013, 22:33
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner DomaIQ Steht in der Anleitung....
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner DomaIQ |
| autorun, bho, bingbar, domaiq, downloader, error, explorer, failed, firefox, flash player, format, helper, home, homepage, igdpmd64.sys, install.exe, internet, kaspersky, launch, logfile, nvidia, object, pando media booster, plug-in, realtek, registry, rundll, scan, security, services.exe, software, tarma, trojaner, unbemerkt, werkseinstellungen, wildtangent games |
Linear-Darstellung
