| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU Trojaner - Start im Abgesicherten Modus nicht möglichWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.05.2013, 21:12
| #16 |
 |  GVU Trojaner - Start im Abgesicherten Modus nicht möglich Ereldigt  Code:
ATTFilter 05:08:03.0014 6392 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
05:08:03.0178 6392 ============================================================
05:08:03.0178 6392 Current date / time: 2013/05/21 05:08:03.0178
05:08:03.0178 6392 SystemInfo:
05:08:03.0178 6392
05:08:03.0178 6392 OS Version: 6.1.7601 ServicePack: 1.0
05:08:03.0178 6392 Product type: Workstation
05:08:03.0179 6392 ComputerName: LAPILALA-PC
05:08:03.0179 6392 UserName: Lapilala
05:08:03.0179 6392 Windows directory: C:\Windows
05:08:03.0179 6392 System windows directory: C:\Windows
05:08:03.0179 6392 Running under WOW64
05:08:03.0179 6392 Processor architecture: Intel x64
05:08:03.0179 6392 Number of processors: 4
05:08:03.0179 6392 Page size: 0x1000
05:08:03.0179 6392 Boot type: Normal boot
05:08:03.0179 6392 ============================================================
05:08:09.0205 6392 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
05:08:09.0222 6392 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:08:09.0226 6392 ============================================================
05:08:09.0226 6392 \Device\Harddisk0\DR0:
05:08:09.0230 6392 MBR partitions:
05:08:09.0230 6392 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
05:08:09.0230 6392 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x26DE800
05:08:09.0240 6392 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x1AAAF00B
05:08:09.0240 6392 \Device\Harddisk1\DR1:
05:08:09.0240 6392 MBR partitions:
05:08:09.0240 6392 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
05:08:09.0240 6392 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31E000
05:08:09.0240 6392 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x683B5800
05:08:09.0240 6392 ============================================================
05:08:09.0249 6392 C: <-> \Device\Harddisk1\DR1\Partition2
05:08:09.0265 6392 E: <-> \Device\Harddisk0\DR0\Partition3
05:08:09.0302 6392 F: <-> \Device\Harddisk1\DR1\Partition3
05:08:09.0331 6392 G: <-> \Device\Harddisk0\DR0\Partition2
05:08:09.0360 6392 H: <-> \Device\Harddisk1\DR1\Partition1
05:08:09.0360 6392 ============================================================
05:08:09.0360 6392 Initialize success
05:08:09.0360 6392 ============================================================
05:08:40.0174 6408 ============================================================
05:08:40.0174 6408 Scan started
05:08:40.0174 6408 Mode: Manual; SigCheck; TDLFS;
05:08:40.0174 6408 ============================================================
05:08:40.0579 6408 ================ Scan system memory ========================
05:08:40.0579 6408 System memory - ok
05:08:40.0579 6408 ================ Scan services =============================
05:08:40.0696 6408 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
05:08:40.0743 6408 1394ohci - ok
05:08:40.0776 6408 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
05:08:40.0788 6408 ACPI - ok
05:08:40.0831 6408 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
05:08:40.0914 6408 AcpiPmi - ok
05:08:41.0054 6408 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
05:08:41.0063 6408 AdobeARMservice - ok
05:08:41.0259 6408 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
05:08:41.0267 6408 AdobeFlashPlayerUpdateSvc - ok
05:08:41.0287 6408 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
05:08:41.0301 6408 adp94xx - ok
05:08:41.0319 6408 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
05:08:41.0330 6408 adpahci - ok
05:08:41.0339 6408 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
05:08:41.0349 6408 adpu320 - ok
05:08:41.0374 6408 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
05:08:41.0463 6408 AeLookupSvc - ok
05:08:41.0654 6408 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
05:08:41.0721 6408 AFD - ok
05:08:41.0728 6408 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
05:08:41.0737 6408 agp440 - ok
05:08:41.0750 6408 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
05:08:41.0791 6408 ALG - ok
05:08:41.0802 6408 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
05:08:41.0810 6408 aliide - ok
05:08:41.0862 6408 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
05:08:41.0937 6408 AMD External Events Utility - ok
05:08:41.0965 6408 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
05:08:41.0973 6408 amdide - ok
05:08:41.0987 6408 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
05:08:42.0014 6408 AmdK8 - ok
05:08:42.0560 6408 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
05:08:42.0803 6408 amdkmdag - ok
05:08:42.0835 6408 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
05:08:42.0878 6408 amdkmdap - ok
05:08:42.0881 6408 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
05:08:42.0890 6408 AmdPPM - ok
05:08:42.0929 6408 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
05:08:42.0939 6408 amdsata - ok
05:08:42.0969 6408 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
05:08:42.0978 6408 amdsbs - ok
05:08:42.0997 6408 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
05:08:43.0005 6408 amdxata - ok
05:08:43.0044 6408 [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb C:\Windows\system32\Drivers\androidusb.sys
05:08:43.0078 6408 androidusb - ok
05:08:43.0120 6408 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
05:08:44.0512 6408 AppID - ok
05:08:44.0535 6408 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
05:08:44.0559 6408 AppIDSvc - ok
05:08:44.0751 6408 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
05:08:44.0805 6408 Appinfo - ok
05:08:44.0909 6408 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:08:44.0916 6408 Apple Mobile Device - ok
05:08:44.0948 6408 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
05:08:45.0040 6408 AppMgmt - ok
05:08:45.0043 6408 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
05:08:45.0051 6408 arc - ok
05:08:45.0058 6408 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
05:08:45.0066 6408 arcsas - ok
05:08:45.0175 6408 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:08:45.0183 6408 aspnet_state - ok
05:08:45.0214 6408 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
05:08:45.0260 6408 AsyncMac - ok
05:08:45.0282 6408 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
05:08:45.0289 6408 atapi - ok
05:08:45.0322 6408 [ AAAE03F8EDA817EC28C5445193EA8BF3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
05:08:45.0327 6408 AthBTPort - ok
05:08:45.0358 6408 [ 4ECC791539F23982411864037D1AC8FC ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
05:08:45.0369 6408 ATHDFU - ok
05:08:45.0387 6408 [ C34B28D6285EAD94B3A2FABA84E90DA5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
05:08:45.0411 6408 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
05:08:45.0411 6408 AtherosSvc - detected UnsignedFile.Multi.Generic (1)
05:08:45.0439 6408 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
05:08:45.0485 6408 AtiHDAudioService - ok
05:08:45.0522 6408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
05:08:45.0584 6408 AudioEndpointBuilder - ok
05:08:45.0593 6408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
05:08:45.0620 6408 AudioSrv - ok
05:08:45.0697 6408 [ 6C9D5BADC8F83D410A278717C2EEA6F6 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
05:08:45.0705 6408 AVP - ok
05:08:45.0739 6408 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
05:08:45.0823 6408 AxInstSV - ok
05:08:45.0840 6408 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
05:08:45.0886 6408 b06bdrv - ok
05:08:45.0946 6408 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
05:08:45.0973 6408 b57nd60a - ok
05:08:46.0011 6408 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
05:08:46.0032 6408 BDESVC - ok
05:08:46.0040 6408 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
05:08:46.0075 6408 Beep - ok
05:08:46.0148 6408 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
05:08:46.0178 6408 BFE - ok
05:08:46.0200 6408 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
05:08:46.0244 6408 BITS - ok
05:08:46.0283 6408 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
05:08:46.0312 6408 blbdrive - ok
05:08:46.0415 6408 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
05:08:46.0424 6408 Bonjour Service - ok
05:08:46.0466 6408 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
05:08:46.0481 6408 bowser - ok
05:08:46.0484 6408 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:08:46.0531 6408 BrFiltLo - ok
05:08:46.0538 6408 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:08:46.0548 6408 BrFiltUp - ok
05:08:46.0575 6408 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
05:08:46.0587 6408 Browser - ok
05:08:46.0592 6408 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
05:08:46.0647 6408 Brserid - ok
05:08:46.0650 6408 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
05:08:46.0676 6408 BrSerWdm - ok
05:08:46.0680 6408 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
05:08:46.0736 6408 BrUsbMdm - ok
05:08:46.0740 6408 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
05:08:46.0748 6408 BrUsbSer - ok
05:08:46.0798 6408 [ 3B1B573371B206D1D5F25E0EF5FCD6D6 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
05:08:46.0807 6408 BTATH_A2DP - ok
05:08:46.0839 6408 [ 2D0446336D9DB55A742B999EC16ADF15 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
05:08:46.0844 6408 BTATH_BUS - ok
05:08:46.0857 6408 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
05:08:46.0864 6408 BTATH_HCRP - ok
05:08:46.0871 6408 [ FC0A8075DDF2E9C66267AEC91E0676F9 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
05:08:46.0877 6408 BTATH_LWFLT - ok
05:08:46.0899 6408 [ 5EB4815CBDDBA4541F2380DAE6E269AB ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
05:08:46.0905 6408 BTATH_RCP - ok
05:08:46.0947 6408 [ 0ECEDE7B33CFD9A52A61220ABBD09A50 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
05:08:46.0955 6408 BtFilter - ok
05:08:46.0997 6408 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
05:08:47.0058 6408 BthEnum - ok
05:08:47.0061 6408 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
05:08:47.0081 6408 BTHMODEM - ok
05:08:47.0101 6408 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
05:08:47.0121 6408 BthPan - ok
05:08:47.0154 6408 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
05:08:47.0195 6408 BTHPORT - ok
05:08:47.0240 6408 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
05:08:47.0279 6408 bthserv - ok
05:08:47.0316 6408 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
05:08:47.0335 6408 BTHUSB - ok
05:08:47.0338 6408 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
05:08:47.0363 6408 cdfs - ok
05:08:47.0431 6408 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
05:08:47.0442 6408 cdrom - ok
05:08:47.0480 6408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
05:08:47.0503 6408 CertPropSvc - ok
05:08:47.0506 6408 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
05:08:47.0636 6408 circlass - ok
05:08:47.0673 6408 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
05:08:47.0685 6408 CLFS - ok
05:08:47.0728 6408 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:08:47.0735 6408 clr_optimization_v2.0.50727_32 - ok
05:08:47.0765 6408 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:08:47.0774 6408 clr_optimization_v2.0.50727_64 - ok
05:08:47.0824 6408 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:08:47.0832 6408 clr_optimization_v4.0.30319_32 - ok
05:08:47.0842 6408 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:08:47.0849 6408 clr_optimization_v4.0.30319_64 - ok
05:08:47.0853 6408 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
05:08:47.0871 6408 CmBatt - ok
05:08:47.0902 6408 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
05:08:47.0910 6408 cmdide - ok
05:08:47.0964 6408 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
05:08:47.0986 6408 CNG - ok
05:08:48.0000 6408 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
05:08:48.0007 6408 Compbatt - ok
05:08:48.0045 6408 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
05:08:48.0068 6408 CompositeBus - ok
05:08:48.0075 6408 COMSysApp - ok
05:08:48.0106 6408 cpuz135 - ok
05:08:48.0110 6408 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
05:08:48.0117 6408 crcdisk - ok
05:08:48.0164 6408 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
05:08:48.0191 6408 CryptSvc - ok
05:08:48.0232 6408 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
05:08:48.0289 6408 CSC - ok
05:08:48.0330 6408 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
05:08:48.0362 6408 CscService - ok
05:08:48.0387 6408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
05:08:48.0425 6408 DcomLaunch - ok
05:08:48.0464 6408 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
05:08:48.0493 6408 defragsvc - ok
05:08:48.0538 6408 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
05:08:48.0582 6408 DfsC - ok
05:08:48.0615 6408 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
05:08:48.0638 6408 Dhcp - ok
05:08:48.0655 6408 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
05:08:48.0692 6408 discache - ok
05:08:48.0753 6408 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
05:08:48.0761 6408 Disk - ok
05:08:48.0804 6408 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
05:08:48.0838 6408 Dnscache - ok
05:08:48.0868 6408 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
05:08:48.0893 6408 dot3svc - ok
05:08:48.0944 6408 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
05:08:48.0969 6408 DPS - ok
05:08:49.0004 6408 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
05:08:49.0030 6408 drmkaud - ok
05:08:49.0067 6408 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
05:08:49.0075 6408 dtsoftbus01 - ok
05:08:49.0104 6408 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
05:08:49.0121 6408 DXGKrnl - ok
05:08:49.0157 6408 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
05:08:49.0183 6408 EapHost - ok
05:08:49.0258 6408 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
05:08:49.0338 6408 ebdrv - ok
05:08:49.0387 6408 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
05:08:49.0405 6408 EFS - ok
05:08:49.0447 6408 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
05:08:49.0499 6408 ehRecvr - ok
05:08:49.0513 6408 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
05:08:49.0550 6408 ehSched - ok
05:08:49.0563 6408 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
05:08:49.0577 6408 elxstor - ok
05:08:49.0602 6408 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
05:08:49.0624 6408 ErrDev - ok
05:08:49.0691 6408 [ ABC24F129C616E5DEE5CE58683606C84 ] ESLWireAC C:\Windows\system32\drivers\ESLWireACD.sys
05:08:49.0699 6408 ESLWireAC - ok
05:08:49.0713 6408 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
05:08:49.0741 6408 EventSystem - ok
05:08:49.0770 6408 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
05:08:49.0796 6408 exfat - ok
05:08:49.0811 6408 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
05:08:49.0852 6408 fastfat - ok
05:08:49.0889 6408 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
05:08:49.0931 6408 Fax - ok
05:08:49.0934 6408 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
05:08:49.0942 6408 fdc - ok
05:08:49.0950 6408 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
05:08:49.0987 6408 fdPHost - ok
05:08:50.0005 6408 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
05:08:50.0030 6408 FDResPub - ok
05:08:50.0041 6408 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
05:08:50.0049 6408 FileInfo - ok
05:08:50.0056 6408 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
05:08:50.0119 6408 Filetrace - ok
05:08:50.0122 6408 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
05:08:50.0130 6408 flpydisk - ok
05:08:50.0163 6408 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
05:08:50.0173 6408 FltMgr - ok
05:08:50.0204 6408 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
05:08:50.0269 6408 FontCache - ok
05:08:50.0323 6408 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:08:50.0330 6408 FontCache3.0.0.0 - ok
05:08:50.0343 6408 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
05:08:50.0351 6408 FsDepends - ok
05:08:50.0376 6408 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
05:08:50.0383 6408 Fs_Rec - ok
05:08:50.0449 6408 [ C5A4A998EEA6297A235169CCD1F2D93F ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
05:08:50.0459 6408 Futuremark SystemInfo Service - ok
05:08:50.0495 6408 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
05:08:50.0507 6408 fvevol - ok
05:08:50.0510 6408 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
05:08:50.0517 6408 gagp30kx - ok
05:08:50.0553 6408 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:08:50.0558 6408 GEARAspiWDM - ok
05:08:50.0598 6408 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
05:08:50.0640 6408 gpsvc - ok
05:08:50.0712 6408 [ ADB4348DA1345877B04E22203AFC8993 ] hcmon C:\Windows\system32\drivers\hcmon.sys
05:08:50.0719 6408 hcmon - ok
05:08:50.0726 6408 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
05:08:50.0740 6408 hcw85cir - ok
05:08:50.0791 6408 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
05:08:50.0804 6408 HdAudAddService - ok
05:08:50.0813 6408 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
05:08:50.0838 6408 HDAudBus - ok
05:08:50.0840 6408 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
05:08:50.0875 6408 HidBatt - ok
05:08:50.0889 6408 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
05:08:50.0900 6408 HidBth - ok
05:08:50.0917 6408 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
05:08:50.0937 6408 HidIr - ok
05:08:50.0966 6408 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
05:08:51.0009 6408 hidserv - ok
05:08:51.0209 6408 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
05:08:51.0218 6408 HidUsb - ok
05:08:51.0241 6408 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
05:08:51.0282 6408 hkmsvc - ok
05:08:51.0310 6408 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
05:08:51.0355 6408 HomeGroupListener - ok
05:08:51.0392 6408 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
05:08:51.0424 6408 HomeGroupProvider - ok
05:08:51.0446 6408 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
05:08:51.0454 6408 HpSAMD - ok
05:08:51.0551 6408 [ 8B4D1FDD3F31F2DD39B3C658A22208EE ] hshld C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
05:08:51.0562 6408 hshld - ok
05:08:51.0596 6408 [ A57FF4C6A3CC4AA2F0C0E15E29259A8B ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
05:08:51.0603 6408 HssDRV6 - ok
05:08:51.0623 6408 [ FDA5E88BE1333B69BED57AADAA16991F ] HssSrv C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
05:08:51.0633 6408 HssSrv - ok
05:08:51.0673 6408 [ F74A9985264504E905B696CFEADCBAC4 ] HssTrayService C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
05:08:51.0680 6408 HssTrayService - ok
05:08:51.0732 6408 [ EDFE7B17B537397DF184E8D7AD55378B ] HssWd C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
05:08:51.0742 6408 HssWd - ok
05:08:51.0774 6408 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
05:08:51.0815 6408 HTTP - ok
05:08:51.0877 6408 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
05:08:51.0885 6408 hwpolicy - ok
05:08:51.0920 6408 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
05:08:51.0930 6408 i8042prt - ok
05:08:51.0954 6408 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
05:08:51.0965 6408 iaStor - ok
05:08:52.0015 6408 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
05:08:52.0020 6408 IAStorDataMgrSvc - ok
05:08:52.0041 6408 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
05:08:52.0053 6408 iaStorV - ok
05:08:52.0081 6408 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:08:52.0098 6408 idsvc - ok
05:08:52.0120 6408 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
05:08:52.0127 6408 iirsp - ok
05:08:52.0147 6408 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
05:08:52.0179 6408 IKEEXT - ok
05:08:52.0297 6408 [ DAB7318CCFA8081200D5B7B486793F74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
05:08:52.0329 6408 IntcAzAudAddService - ok
05:08:52.0374 6408 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
05:08:52.0383 6408 intelide - ok
05:08:52.0398 6408 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
05:08:52.0420 6408 intelppm - ok
05:08:52.0452 6408 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
05:08:52.0496 6408 IPBusEnum - ok
05:08:52.0531 6408 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:08:52.0564 6408 IpFilterDriver - ok
05:08:52.0606 6408 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
05:08:52.0630 6408 iphlpsvc - ok
05:08:52.0641 6408 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
05:08:52.0651 6408 IPMIDRV - ok
05:08:52.0675 6408 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
05:08:52.0713 6408 IPNAT - ok
05:08:52.0772 6408 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
05:08:52.0786 6408 iPod Service - ok
05:08:52.0799 6408 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
05:08:52.0825 6408 IRENUM - ok
05:08:52.0844 6408 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
05:08:52.0851 6408 isapnp - ok
05:08:52.0867 6408 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
05:08:52.0878 6408 iScsiPrt - ok
05:08:52.0889 6408 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
05:08:52.0896 6408 kbdclass - ok
05:08:52.0929 6408 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
05:08:52.0938 6408 kbdhid - ok
05:08:52.0966 6408 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
05:08:52.0975 6408 KeyIso - ok
05:08:53.0027 6408 [ E656FE10D6D27794AFA08136685A69E8 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
05:08:53.0040 6408 KL1 - ok
05:08:53.0052 6408 [ D865DD8B0448E3F963D68C04C532858F ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
05:08:53.0057 6408 kl2 - ok
05:08:53.0129 6408 [ 8490798365236B6C8E54DEDD27A42D07 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
05:08:53.0142 6408 KLIF - ok
05:08:53.0148 6408 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
05:08:53.0154 6408 KLIM6 - ok
05:08:53.0187 6408 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
05:08:53.0193 6408 klmouflt - ok
05:08:53.0196 6408 KMService - ok
05:08:53.0243 6408 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
05:08:53.0250 6408 KSecDD - ok
05:08:53.0280 6408 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
05:08:53.0295 6408 KSecPkg - ok
05:08:53.0310 6408 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
05:08:53.0341 6408 ksthunk - ok
05:08:53.0382 6408 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
05:08:53.0433 6408 KtmRm - ok
05:08:53.0471 6408 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
05:08:53.0510 6408 LanmanServer - ok
05:08:53.0669 6408 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
05:08:53.0714 6408 LanmanWorkstation - ok
05:08:53.0741 6408 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
05:08:53.0747 6408 LGBusEnum - ok
05:08:53.0775 6408 [ F705A641C18DF31B48B5DBDA94B425E4 ] LGPBTDD C:\Windows\system32\Drivers\LGPBTDD.sys
05:08:53.0782 6408 LGPBTDD - ok
05:08:53.0814 6408 [ 14179E7B64F8A17AEA464D4E2D271FAA ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
05:08:53.0821 6408 LGSHidFilt - ok
05:08:53.0834 6408 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
05:08:53.0839 6408 LGVirHid - ok
05:08:53.0869 6408 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
05:08:53.0907 6408 lltdio - ok
05:08:53.0939 6408 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
05:08:53.0975 6408 lltdsvc - ok
05:08:53.0995 6408 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
05:08:54.0019 6408 lmhosts - ok
05:08:54.0054 6408 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
05:08:54.0063 6408 LSI_FC - ok
05:08:54.0066 6408 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
05:08:54.0075 6408 LSI_SAS - ok
05:08:54.0081 6408 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:08:54.0090 6408 LSI_SAS2 - ok
05:08:54.0094 6408 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:08:54.0103 6408 LSI_SCSI - ok
05:08:54.0116 6408 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
05:08:54.0156 6408 luafv - ok
05:08:54.0184 6408 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
05:08:54.0203 6408 Mcx2Svc - ok
05:08:54.0223 6408 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
05:08:54.0230 6408 megasas - ok
05:08:54.0242 6408 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
05:08:54.0253 6408 MegaSR - ok
05:08:54.0269 6408 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
05:08:54.0275 6408 MEIx64 - ok
05:08:54.0353 6408 Microsoft SharePoint Workspace Audit Service - ok
05:08:54.0377 6408 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
05:08:54.0530 6408 MMCSS - ok
05:08:54.0533 6408 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
05:08:54.0588 6408 Modem - ok
05:08:54.0643 6408 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
05:08:54.0664 6408 monitor - ok
05:08:54.0681 6408 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
05:08:54.0689 6408 mouclass - ok
05:08:54.0718 6408 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
05:08:54.0727 6408 mouhid - ok
05:08:54.0756 6408 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
05:08:54.0764 6408 mountmgr - ok
05:08:54.0859 6408 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
05:08:54.0873 6408 MozillaMaintenance - ok
05:08:54.0914 6408 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
05:08:54.0923 6408 mpio - ok
05:08:54.0937 6408 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
05:08:54.0990 6408 mpsdrv - ok
05:08:55.0029 6408 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
05:08:55.0061 6408 MpsSvc - ok
05:08:55.0098 6408 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
05:08:55.0111 6408 MRxDAV - ok
05:08:55.0145 6408 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
05:08:55.0174 6408 mrxsmb - ok
05:08:55.0192 6408 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:08:55.0223 6408 mrxsmb10 - ok
05:08:55.0251 6408 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:08:55.0268 6408 mrxsmb20 - ok
05:08:55.0295 6408 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
05:08:55.0302 6408 msahci - ok
05:08:55.0337 6408 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
05:08:55.0345 6408 msdsm - ok
05:08:55.0360 6408 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
05:08:55.0378 6408 MSDTC - ok
05:08:55.0382 6408 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
05:08:55.0405 6408 Msfs - ok
05:08:55.0510 6408 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
05:08:55.0546 6408 mshidkmdf - ok
05:08:55.0578 6408 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
05:08:55.0584 6408 msisadrv - ok
05:08:55.0611 6408 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
05:08:55.0636 6408 MSiSCSI - ok
05:08:55.0638 6408 msiserver - ok
05:08:55.0664 6408 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
05:08:55.0697 6408 MSKSSRV - ok
05:08:55.0699 6408 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
05:08:55.0746 6408 MSPCLOCK - ok
05:08:55.0780 6408 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
05:08:55.0814 6408 MSPQM - ok
05:08:55.0855 6408 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
05:08:55.0866 6408 MsRPC - ok
05:08:55.0878 6408 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
05:08:55.0885 6408 mssmbios - ok
05:08:55.0888 6408 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
05:08:55.0927 6408 MSTEE - ok
05:08:55.0930 6408 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
05:08:55.0938 6408 MTConfig - ok
05:08:55.0963 6408 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
05:08:55.0970 6408 Mup - ok
05:08:56.0005 6408 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
05:08:56.0032 6408 napagent - ok
05:08:56.0059 6408 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
05:08:56.0084 6408 NativeWifiP - ok
05:08:56.0136 6408 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
05:08:56.0156 6408 NDIS - ok
05:08:56.0159 6408 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
05:08:56.0183 6408 NdisCap - ok
05:08:56.0206 6408 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
05:08:56.0230 6408 NdisTapi - ok
05:08:56.0271 6408 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
05:08:56.0295 6408 Ndisuio - ok
05:08:56.0319 6408 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
05:08:56.0356 6408 NdisWan - ok
05:08:56.0380 6408 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
05:08:56.0417 6408 NDProxy - ok
05:08:56.0442 6408 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
05:08:56.0479 6408 NetBIOS - ok
05:08:56.0505 6408 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
05:08:56.0530 6408 NetBT - ok
05:08:56.0538 6408 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
05:08:56.0546 6408 Netlogon - ok
05:08:56.0587 6408 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
05:08:56.0626 6408 Netman - ok
05:08:56.0680 6408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:08:56.0688 6408 NetMsmqActivator - ok
05:08:56.0691 6408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:08:56.0697 6408 NetPipeActivator - ok
05:08:56.0703 6408 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
05:08:56.0745 6408 netprofm - ok
05:08:56.0749 6408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:08:56.0755 6408 NetTcpActivator - ok
05:08:56.0758 6408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:08:56.0764 6408 NetTcpPortSharing - ok
05:08:56.0799 6408 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
05:08:56.0807 6408 nfrd960 - ok
05:08:56.0822 6408 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
05:08:56.0853 6408 NlaSvc - ok
05:08:56.0871 6408 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
05:08:56.0895 6408 Npfs - ok
05:08:56.0903 6408 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
05:08:56.0936 6408 nsi - ok
05:08:56.0948 6408 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
05:08:56.0984 6408 nsiproxy - ok
05:08:57.0075 6408 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
05:08:57.0125 6408 Ntfs - ok
05:08:57.0139 6408 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
05:08:57.0162 6408 Null - ok
05:08:57.0209 6408 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
05:08:57.0224 6408 nusb3hub - ok
05:08:57.0252 6408 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
05:08:57.0280 6408 nusb3xhc - ok
05:08:57.0330 6408 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
05:08:57.0339 6408 NVHDA - ok
05:08:57.0352 6408 nvlddmkm - ok
05:08:57.0383 6408 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
05:08:57.0391 6408 nvraid - ok
05:08:57.0432 6408 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
05:08:57.0441 6408 nvstor - ok
05:08:57.0470 6408 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
05:08:57.0479 6408 nv_agp - ok
05:08:57.0503 6408 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
05:08:57.0512 6408 ohci1394 - ok
05:08:57.0605 6408 [ 34B98278B3C9F0F53088A360B63B0A97 ] OpenVPNService F:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
05:08:57.0614 6408 OpenVPNService - ok
05:08:57.0661 6408 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:08:57.0669 6408 ose64 - ok
05:08:57.0801 6408 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
05:08:57.0906 6408 osppsvc - ok
05:08:57.0935 6408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
05:08:57.0956 6408 p2pimsvc - ok
05:08:57.0983 6408 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
05:08:57.0996 6408 p2psvc - ok
05:08:58.0010 6408 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
05:08:58.0020 6408 Parport - ok
05:08:58.0048 6408 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
05:08:58.0057 6408 partmgr - ok
05:08:58.0070 6408 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
05:08:58.0098 6408 PcaSvc - ok
05:08:58.0124 6408 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
05:08:58.0132 6408 pci - ok
05:08:58.0142 6408 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
05:08:58.0149 6408 pciide - ok
05:08:58.0163 6408 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
05:08:58.0173 6408 pcmcia - ok
05:08:58.0182 6408 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
05:08:58.0189 6408 pcw - ok
05:08:58.0207 6408 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
05:08:58.0243 6408 PEAUTH - ok
05:08:58.0279 6408 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
05:08:58.0349 6408 PeerDistSvc - ok
05:08:58.0396 6408 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
05:08:58.0415 6408 PerfHost - ok
05:08:58.0509 6408 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
05:08:58.0568 6408 pla - ok
05:08:58.0617 6408 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
05:08:58.0638 6408 PlugPlay - ok
05:08:58.0668 6408 PnkBstrA - ok
05:08:58.0696 6408 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
05:08:58.0724 6408 PNRPAutoReg - ok
05:08:58.0784 6408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
05:08:58.0795 6408 PNRPsvc - ok
05:08:58.0843 6408 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
05:08:58.0898 6408 PolicyAgent - ok
05:08:59.0046 6408 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
05:08:59.0088 6408 Power - ok
05:08:59.0179 6408 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
05:08:59.0222 6408 PptpMiniport - ok
05:08:59.0247 6408 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
05:08:59.0270 6408 Processor - ok
05:08:59.0303 6408 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
05:08:59.0345 6408 ProfSvc - ok
05:08:59.0351 6408 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
05:08:59.0358 6408 ProtectedStorage - ok
05:08:59.0387 6408 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
05:08:59.0427 6408 Psched - ok
05:08:59.0467 6408 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
05:08:59.0508 6408 ql2300 - ok
05:08:59.0522 6408 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
05:08:59.0531 6408 ql40xx - ok
05:08:59.0548 6408 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
05:08:59.0562 6408 QWAVE - ok
05:08:59.0571 6408 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
05:08:59.0603 6408 QWAVEdrv - ok
05:08:59.0617 6408 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
05:08:59.0641 6408 RasAcd - ok
05:08:59.0654 6408 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
05:08:59.0677 6408 RasAgileVpn - ok
05:08:59.0698 6408 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
05:08:59.0744 6408 RasAuto - ok
05:08:59.0768 6408 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
05:08:59.0810 6408 Rasl2tp - ok
05:08:59.0854 6408 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
05:08:59.0890 6408 RasMan - ok
05:08:59.0910 6408 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
05:08:59.0946 6408 RasPppoe - ok
05:08:59.0959 6408 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
05:08:59.0985 6408 RasSstp - ok
05:09:00.0027 6408 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
05:09:00.0068 6408 rdbss - ok
05:09:00.0085 6408 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
05:09:00.0096 6408 rdpbus - ok
05:09:00.0120 6408 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
05:09:00.0143 6408 RDPCDD - ok
05:09:00.0172 6408 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
05:09:00.0193 6408 RDPDR - ok
05:09:00.0205 6408 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
05:09:00.0248 6408 RDPENCDD - ok
05:09:00.0269 6408 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
05:09:00.0292 6408 RDPREFMP - ok
05:09:00.0339 6408 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
05:09:00.0373 6408 RdpVideoMiniport - ok
05:09:00.0401 6408 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
05:09:00.0421 6408 RDPWD - ok
05:09:00.0449 6408 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
05:09:00.0458 6408 rdyboost - ok
05:09:00.0476 6408 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
05:09:00.0517 6408 RemoteAccess - ok
05:09:00.0530 6408 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
05:09:00.0568 6408 RemoteRegistry - ok
05:09:00.0602 6408 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
05:09:00.0613 6408 RFCOMM - ok
05:09:00.0625 6408 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
05:09:00.0666 6408 RpcEptMapper - ok
05:09:00.0679 6408 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
05:09:00.0689 6408 RpcLocator - ok
05:09:00.0715 6408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
05:09:00.0741 6408 RpcSs - ok
05:09:00.0753 6408 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
05:09:00.0778 6408 rspndr - ok
05:09:00.0859 6408 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
05:09:00.0869 6408 RTL8167 - ok
05:09:00.0914 6408 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
05:09:00.0931 6408 s3cap - ok
05:09:00.0941 6408 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
05:09:00.0949 6408 SamSs - ok
05:09:00.0982 6408 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
05:09:00.0991 6408 sbp2port - ok
05:09:01.0003 6408 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
05:09:01.0048 6408 SCardSvr - ok
05:09:01.0075 6408 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
05:09:01.0132 6408 scfilter - ok
05:09:01.0221 6408 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
05:09:01.0270 6408 Schedule - ok
05:09:01.0298 6408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
05:09:01.0321 6408 SCPolicySvc - ok
05:09:01.0328 6408 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
05:09:01.0342 6408 SDRSVC - ok
05:09:01.0384 6408 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
05:09:01.0430 6408 secdrv - ok
05:09:01.0446 6408 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
05:09:01.0471 6408 seclogon - ok
05:09:01.0503 6408 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
05:09:01.0542 6408 SENS - ok
05:09:01.0560 6408 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
05:09:01.0596 6408 SensrSvc - ok
05:09:01.0632 6408 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
05:09:01.0659 6408 Serenum - ok
05:09:01.0672 6408 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
05:09:01.0693 6408 Serial - ok
05:09:01.0791 6408 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
05:09:01.0802 6408 sermouse - ok
05:09:01.0854 6408 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
05:09:01.0914 6408 SessionEnv - ok
05:09:01.0948 6408 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
05:09:01.0986 6408 sffdisk - ok
05:09:02.0024 6408 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
05:09:02.0034 6408 sffp_mmc - ok
05:09:02.0080 6408 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
05:09:02.0128 6408 sffp_sd - ok
05:09:02.0181 6408 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
05:09:02.0190 6408 sfloppy - ok
05:09:02.0209 6408 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
05:09:02.0257 6408 SharedAccess - ok
05:09:02.0285 6408 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
05:09:02.0325 6408 ShellHWDetection - ok
05:09:02.0336 6408 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:09:02.0344 6408 SiSRaid2 - ok
05:09:02.0347 6408 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
05:09:02.0355 6408 SiSRaid4 - ok
05:09:02.0470 6408 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
05:09:02.0478 6408 SkypeUpdate - ok
05:09:02.0490 6408 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
05:09:02.0515 6408 Smb - ok
05:09:02.0618 6408 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
05:09:02.0678 6408 SNMPTRAP - ok
05:09:02.0725 6408 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
05:09:02.0732 6408 spldr - ok
05:09:02.0773 6408 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
05:09:02.0814 6408 Spooler - ok
05:09:02.0883 6408 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
05:09:02.0972 6408 sppsvc - ok
05:09:03.0004 6408 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
05:09:03.0051 6408 sppuinotify - ok
05:09:03.0082 6408 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
05:09:03.0132 6408 srv - ok
05:09:03.0175 6408 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
05:09:03.0195 6408 srv2 - ok
05:09:03.0226 6408 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
05:09:03.0259 6408 srvnet - ok
05:09:03.0291 6408 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
05:09:03.0340 6408 SSDPSRV - ok
05:09:03.0360 6408 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
05:09:03.0385 6408 SstpSvc - ok
05:09:03.0437 6408 Steam Client Service - ok
05:09:03.0456 6408 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
05:09:03.0463 6408 stexstor - ok
05:09:03.0501 6408 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
05:09:03.0532 6408 stisvc - ok
05:09:03.0552 6408 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
05:09:03.0559 6408 storflt - ok
05:09:03.0572 6408 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
05:09:03.0580 6408 storvsc - ok
05:09:03.0608 6408 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
05:09:03.0615 6408 swenum - ok
05:09:03.0634 6408 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
05:09:03.0679 6408 swprv - ok
05:09:03.0711 6408 Synth3dVsc - ok
05:09:03.0785 6408 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
05:09:03.0848 6408 SysMain - ok
05:09:03.0880 6408 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
05:09:03.0893 6408 TabletInputService - ok
05:09:03.0926 6408 [ 8502BFC9C990567E4049358EC063D621 ] tap0801 C:\Windows\system32\DRIVERS\tap0801.sys
05:09:03.0941 6408 tap0801 ( UnsignedFile.Multi.Generic ) - warning
05:09:03.0941 6408 tap0801 - detected UnsignedFile.Multi.Generic (1)
05:09:03.0967 6408 [ 2C1686795B9307265F649249AD11D629 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
05:09:03.0974 6408 tap0901 - ok
05:09:04.0001 6408 [ B70DF208E97536CA9F29289E609F5B16 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
05:09:04.0009 6408 taphss - ok
05:09:04.0060 6408 [ 83C57F165F0216E5CE40D7E4E00DC76D ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
05:09:04.0066 6408 taphss6 - ok
05:09:04.0081 6408 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
05:09:04.0121 6408 TapiSrv - ok
05:09:04.0143 6408 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
05:09:04.0176 6408 TBS - ok
05:09:04.0357 6408 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
05:09:04.0401 6408 Tcpip - ok
05:09:04.0447 6408 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
05:09:04.0473 6408 TCPIP6 - ok
05:09:04.0504 6408 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
05:09:04.0535 6408 tcpipreg - ok
05:09:04.0560 6408 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
05:09:04.0590 6408 TDPIPE - ok
05:09:04.0620 6408 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
05:09:04.0628 6408 TDTCP - ok
05:09:04.0650 6408 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
05:09:04.0673 6408 tdx - ok
05:09:04.0790 6408 [ 7C8DD5576695B3362202EF09B20C425E ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
05:09:04.0830 6408 TeamViewer8 - ok
05:09:04.0877 6408 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
05:09:04.0884 6408 TermDD - ok
05:09:04.0901 6408 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
05:09:04.0940 6408 TermService - ok
05:09:04.0963 6408 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
05:09:04.0988 6408 Themes - ok
05:09:05.0008 6408 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
05:09:05.0031 6408 THREADORDER - ok
05:09:05.0039 6408 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
05:09:05.0065 6408 TrkWks - ok
05:09:05.0114 6408 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
05:09:05.0154 6408 TrustedInstaller - ok
05:09:05.0186 6408 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
05:09:05.0221 6408 tssecsrv - ok
05:09:05.0250 6408 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
05:09:05.0268 6408 TsUsbFlt - ok
05:09:05.0270 6408 tsusbhub - ok
05:09:05.0307 6408 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
05:09:05.0331 6408 tunnel - ok
05:09:05.0346 6408 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
05:09:05.0354 6408 uagp35 - ok
05:09:05.0366 6408 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
05:09:05.0400 6408 udfs - ok
05:09:05.0420 6408 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
05:09:05.0446 6408 UI0Detect - ok
05:09:05.0464 6408 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
05:09:05.0472 6408 uliagpkx - ok
05:09:05.0506 6408 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
05:09:05.0527 6408 umbus - ok
05:09:05.0537 6408 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
05:09:05.0545 6408 UmPass - ok
05:09:05.0562 6408 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
05:09:05.0580 6408 UmRdpService - ok
05:09:05.0603 6408 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
05:09:05.0631 6408 upnphost - ok
05:09:05.0671 6408 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
05:09:05.0674 6408 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
05:09:05.0674 6408 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
05:09:05.0686 6408 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
05:09:05.0707 6408 usbccgp - ok
05:09:05.0757 6408 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
05:09:05.0768 6408 usbcir - ok
05:09:05.0792 6408 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
05:09:05.0800 6408 usbehci - ok
05:09:05.0815 6408 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
05:09:05.0835 6408 usbhub - ok
05:09:05.0855 6408 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
05:09:05.0874 6408 usbohci - ok
05:09:05.0892 6408 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
05:09:05.0902 6408 usbprint - ok
05:09:05.0911 6408 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:09:05.0946 6408 USBSTOR - ok
05:09:05.0958 6408 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
05:09:05.0975 6408 usbuhci - ok
05:09:05.0991 6408 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
05:09:06.0028 6408 UxSms - ok
05:09:06.0045 6408 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
05:09:06.0052 6408 VaultSvc - ok
05:09:06.0064 6408 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
05:09:06.0071 6408 vdrvroot - ok
05:09:06.0086 6408 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
05:09:06.0115 6408 vds - ok
05:09:06.0118 6408 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
05:09:06.0128 6408 vga - ok
05:09:06.0140 6408 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
05:09:06.0183 6408 VgaSave - ok
05:09:06.0203 6408 VGPU - ok
05:09:06.0229 6408 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
05:09:06.0240 6408 vhdmp - ok
05:09:06.0252 6408 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
05:09:06.0259 6408 viaide - ok
05:09:06.0307 6408 [ 1562A089B46C821487AFF8D01EE5547E ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
05:09:06.0310 6408 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
05:09:06.0310 6408 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
05:09:06.0322 6408 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
05:09:06.0331 6408 vmbus - ok
05:09:06.0340 6408 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
05:09:06.0357 6408 VMBusHID - ok
05:09:06.0406 6408 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
05:09:06.0413 6408 vmci - ok
05:09:06.0435 6408 [ DE41918B7ABAE9056EB1E62540D229D3 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
05:09:06.0441 6408 vmkbd - ok
05:09:06.0451 6408 [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
05:09:06.0457 6408 VMnetAdapter - ok
05:09:06.0466 6408 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
05:09:06.0472 6408 VMnetBridge - ok
05:09:06.0474 6408 VMnetDHCP - ok
05:09:06.0476 6408 [ 41F8BFC7A658FF4FA27AC10E9C5D14A7 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
05:09:06.0482 6408 VMnetuserif - ok
05:09:06.0520 6408 [ 18903CA7936912C337C9D28858880CF2 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
05:09:06.0536 6408 VMUSBArbService - ok
05:09:06.0553 6408 VMware NAT Service - ok
05:09:06.0705 6408 [ 09895634295862AE7087C08BBF17B346 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
05:09:07.0203 6408 VMwareHostd ( UnsignedFile.Multi.Generic ) - warning
05:09:07.0203 6408 VMwareHostd - detected UnsignedFile.Multi.Generic (1)
05:09:07.0245 6408 [ 61B270C2437EE87455864E4EEDD8867D ] vmx86 C:\Windows\system32\drivers\vmx86.sys
05:09:07.0250 6408 vmx86 - ok
05:09:07.0261 6408 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
05:09:07.0269 6408 volmgr - ok
05:09:07.0304 6408 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
05:09:07.0315 6408 volmgrx - ok
05:09:07.0332 6408 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
05:09:07.0342 6408 volsnap - ok
05:09:07.0382 6408 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
05:09:07.0392 6408 vsmraid - ok
05:09:07.0442 6408 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
05:09:07.0503 6408 VSS - ok
05:09:07.0539 6408 [ 6107E33A30C0B923F31C872E1980D2D1 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
05:09:07.0544 6408 vstor2-mntapi10-shared - ok
05:09:07.0550 6408 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
05:09:07.0576 6408 vwifibus - ok
05:09:07.0615 6408 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
05:09:07.0667 6408 W32Time - ok
05:09:07.0719 6408 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
05:09:07.0747 6408 WacomPen - ok
05:09:07.0786 6408 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
05:09:07.0824 6408 WANARP - ok
05:09:07.0843 6408 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
05:09:07.0865 6408 Wanarpv6 - ok
05:09:07.0935 6408 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
05:09:07.0977 6408 wbengine - ok
05:09:08.0015 6408 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
05:09:08.0030 6408 WbioSrvc - ok
05:09:08.0062 6408 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
05:09:08.0079 6408 wcncsvc - ok
05:09:08.0081 6408 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
05:09:08.0125 6408 WcsPlugInService - ok
05:09:08.0127 6408 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
05:09:08.0135 6408 Wd - ok
05:09:08.0171 6408 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
05:09:08.0189 6408 Wdf01000 - ok
05:09:08.0453 6408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
05:09:08.0523 6408 WdiServiceHost - ok
05:09:08.0525 6408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
05:09:08.0538 6408 WdiSystemHost - ok
05:09:08.0569 6408 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
05:09:08.0593 6408 WebClient - ok
05:09:08.0612 6408 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
05:09:08.0652 6408 Wecsvc - ok
05:09:08.0675 6408 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
05:09:08.0712 6408 wercplsupport - ok
05:09:08.0740 6408 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
05:09:08.0765 6408 WerSvc - ok
05:09:08.0778 6408 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
05:09:08.0825 6408 WfpLwf - ok
05:09:08.0827 6408 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
05:09:08.0834 6408 WIMMount - ok
05:09:08.0915 6408 WinDefend - ok
05:09:08.0919 6408 WinHttpAutoProxySvc - ok
05:09:08.0956 6408 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
05:09:08.0998 6408 Winmgmt - ok
05:09:09.0068 6408 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
05:09:09.0130 6408 WinRM - ok
05:09:09.0188 6408 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
05:09:09.0214 6408 WinUsb - ok
05:09:09.0289 6408 [ EE5619C43CB3940A4471BD7596B04B7A ] WireHelpSvc C:\Program Files\Common Files\WireHelpSvc.exe
05:09:09.0298 6408 WireHelpSvc - ok
05:09:09.0312 6408 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
05:09:09.0334 6408 Wlansvc - ok
05:09:09.0387 6408 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
05:09:09.0395 6408 WmiAcpi - ok
05:09:09.0406 6408 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
05:09:09.0427 6408 wmiApSrv - ok
05:09:09.0448 6408 WMPNetworkSvc - ok
05:09:09.0457 6408 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
05:09:09.0467 6408 WPCSvc - ok
05:09:09.0478 6408 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
05:09:09.0491 6408 WPDBusEnum - ok
05:09:09.0518 6408 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
05:09:09.0541 6408 ws2ifsl - ok
05:09:09.0568 6408 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
05:09:09.0589 6408 wscsvc - ok
05:09:09.0618 6408 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
05:09:09.0650 6408 WSDPrintDevice - ok
05:09:09.0693 6408 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
05:09:09.0703 6408 WSDScan - ok
05:09:09.0705 6408 WSearch - ok
05:09:09.0752 6408 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
05:09:09.0823 6408 wuauserv - ok
05:09:09.0849 6408 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
05:09:09.0927 6408 WudfPf - ok
05:09:09.0979 6408 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
05:09:09.0990 6408 WUDFRd - ok
05:09:10.0082 6408 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
05:09:10.0107 6408 wudfsvc - ok
05:09:10.0132 6408 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
05:09:10.0171 6408 WwanSvc - ok
05:09:10.0216 6408 ================ Scan global ===============================
05:09:10.0234 6408 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
05:09:10.0258 6408 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
05:09:10.0265 6408 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
05:09:10.0294 6408 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
05:09:10.0312 6408 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
05:09:10.0314 6408 [Global] - ok
05:09:10.0314 6408 ================ Scan MBR ==================================
05:09:10.0326 6408 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
05:09:10.0537 6408 \Device\Harddisk0\DR0 - ok
05:09:10.0543 6408 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
05:09:10.0991 6408 \Device\Harddisk1\DR1 - ok
05:09:10.0991 6408 ================ Scan VBR ==================================
05:09:10.0993 6408 [ 7A8F8DB3EE0024EE69525B27CE8A0600 ] \Device\Harddisk0\DR0\Partition1
05:09:10.0994 6408 \Device\Harddisk0\DR0\Partition1 - ok
05:09:11.0017 6408 [ C7C3F46018511AEC78640CCE001DE094 ] \Device\Harddisk0\DR0\Partition2
05:09:11.0018 6408 \Device\Harddisk0\DR0\Partition2 - ok
05:09:11.0027 6408 [ 10E58431CA96664A76C67F4717D14763 ] \Device\Harddisk0\DR0\Partition3
05:09:11.0028 6408 \Device\Harddisk0\DR0\Partition3 - ok
05:09:11.0061 6408 [ FE814BA5F2318652FB76507B39B71701 ] \Device\Harddisk1\DR1\Partition1
05:09:11.0063 6408 \Device\Harddisk1\DR1\Partition1 - ok
05:09:11.0089 6408 [ 496628293BF55E961A819E72E10CA404 ] \Device\Harddisk1\DR1\Partition2
05:09:11.0091 6408 \Device\Harddisk1\DR1\Partition2 - ok
05:09:11.0104 6408 [ AF6588E74257C08B4AD094AB10C1FA1F ] \Device\Harddisk1\DR1\Partition3
05:09:11.0105 6408 \Device\Harddisk1\DR1\Partition3 - ok
05:09:11.0105 6408 ============================================================
05:09:11.0105 6408 Scan finished
05:09:11.0105 6408 ============================================================
05:09:11.0111 6996 Detected object count: 5
05:09:11.0111 6996 Actual detected object count: 5
05:09:47.0779 6996 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
05:09:47.0779 6996 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:09:47.0779 6996 tap0801 ( UnsignedFile.Multi.Generic ) - skipped by user
05:09:47.0779 6996 tap0801 ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:09:47.0780 6996 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
05:09:47.0780 6996 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:09:47.0786 6996 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
05:09:47.0786 6996 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:09:47.0787 6996 VMwareHostd ( UnsignedFile.Multi.Generic ) - skipped by user
05:09:47.0787 6996 VMwareHostd ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.05.2013, 21:13
| #17 |
| /// Malware-holic   | GVU Trojaner - Start im Abgesicherten Modus nicht möglich Hi,
__________________passt Scan mit Combofix
__________________ |
|
20.05.2013, 21:44
| #18 |
| | GVU Trojaner - Start im Abgesicherten Modus nicht möglich ComboFix ist durch
__________________Code:
ATTFilter ComboFix 13-05-20.01 - Lapilala 21.05.2013 5:23.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8172.6097 [GMT 2:00]
ausgeführt von:: c:\users\Lapilala\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lapilala\AppData\Roaming\dclogs
c:\users\Lapilala\AppData\Roaming\dclogs\2012-06-22-6.dc
c:\users\Lapilala\AppData\Roaming\dclogs\2012-06-23-7.dc
c:\users\Lapilala\AppData\Roaming\Help\coredb\storage
c:\windows\MSDCSC\msdcsc.exe
c:\windows\SysWow64\DEBUG.log
c:\windows\windupdate
c:\windows\windupdate\WinSocks.sw
E:\install.exe
F:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-04-21 bis 2013-05-21 ))))))))))))))))))))))))))))))
.
.
2013-05-21 08:24 . 2013-05-21 02:35 -------- d-----w- C:\_OTL
2013-05-21 03:32 . 2013-05-21 03:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-21 03:27 . 2013-05-21 03:27 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89FC2E40-578C-43F4-9C2D-02E12BA9A060}\offreg.dll
2013-05-21 02:37 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89FC2E40-578C-43F4-9C2D-02E12BA9A060}\mpengine.dll
2013-05-15 21:07 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-15 21:07 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 21:07 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-15 21:03 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 15:19 . 2013-05-15 15:19 9195912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-08 23:27 . 2013-05-08 23:27 -------- d-----w- c:\users\Lapilala\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2013-05-07 22:22 . 2013-05-08 23:31 -------- d-----w- c:\users\Lapilala\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
2013-05-06 12:01 . 2013-05-06 12:31 -------- d-----w- c:\programdata\Hotspot Shield
2013-05-06 12:01 . 2013-05-06 16:42 -------- d-----w- c:\program files (x86)\Hotspot Shield
2013-05-06 12:00 . 2013-05-06 12:00 -------- d-----w- c:\users\Lapilala\AppData\Roaming\Hotspot Shield
2013-05-03 17:16 . 2013-05-03 17:16 -------- d-----w- c:\users\Lapilala\.thumbnails
2013-04-24 19:28 . 2013-04-24 19:28 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-04-24 19:18 . 2013-04-24 19:18 46792 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-04-24 11:01 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-23 15:39 . 2013-04-23 15:39 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 21:11 . 2012-02-03 06:02 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 15:19 . 2012-04-07 12:30 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 15:19 . 2011-12-27 17:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-02 00:06 . 2011-12-27 16:20 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-15 21:03 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 21:03 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 21:03 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 21:03 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 21:03 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 21:03 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-03-19 06:04 . 2013-04-10 08:33 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 08:33 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 08:33 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 08:33 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 08:33 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 08:33 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-06 14:08 . 2013-03-06 14:08 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-06 14:08 . 2012-08-31 10:06 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-06 14:08 . 2012-06-25 14:25 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-05-02 13:39 . 2012-06-19 14:38 168864 ----a-w- c:\program files\Common Files\WireHelpSvc.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2013-04-22 19:11 233288 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="f:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2012-12-10 206448]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\Lapilala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Produktregistrierung.lnk - c:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-28 517384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-06-08 11839488]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 32768]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-10-27 55336]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-09-20 136896]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 116336]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-10 283200]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2013-04-24 46792]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
S2 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys [2012-05-02 147472]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2013-04-26 570664]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2013-04-26 390440]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-29 13592]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
S2 WireHelpSvc;WireHelpSvc;c:\program files\Common Files\WireHelpSvc.exe [2012-05-02 168864]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys [2009-07-01 30728]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys [2012-02-07 66328]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-29 412776]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2013-04-24 42184]
S3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 96849900
*Deregistered* - 96849900
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 15:19]
.
2013-05-21 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-05-30 10:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-10-27 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-10-27 379040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-02 11545192]
"BCSSync"="f:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-07-24 6900024]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xcel exportieren - f:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Lapilala\AppData\Roaming\Mozilla\Firefox\Profiles\onxh8qyq.default\
FF - ExtSQL: 2013-05-06 14:01; afurladvisor@anchorfree.com; c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-iCloudServices - c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Wow6432Node-HKCU-Run-ApplePhotoStreams - c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-21 05:42:12
ComboFix-quarantined-files.txt 2013-05-21 03:42
.
Vor Suchlauf: 1.732.558.848 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 11.436.806.144 Bytes frei
.
- - End Of File - - 9FC438CE58206626F17A6109B214C847
|
|
20.05.2013, 21:48
| #19 |
| /// Malware-holic | GVU Trojaner - Start im Abgesicherten Modus nicht möglich Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu GVU Trojaner - Start im Abgesicherten Modus nicht möglich |
| abgesicherte, abgesicherten, abgesicherter, arten, compu, computer, dasselbe, einfach, falle, gvu trojaner, hacker, hoffe, konnte, löschen, modus, momentan, neues, nicht möglich, problem, sofort, start, starte, starten, systemwiederherstellung, tan, troja, trojaner, versuche |
WARNUNG an die MITLESER: 
Linear-Darstellung
